[Cryptography Team] Re: SSL Error

Chris Muller chris at funkyobjects.org
Wed Jan 3 03:41:26 UTC 2007 

Happy Holidays Ron!  Looking at the differences between Cryptography-Core-rww.17 and Cryptography-Core-cmm.18, one possibility might be sharing the same vector of a BlockCipher with another place?  Its real easy to do (particularly in test code) but since it's a ByteArray that, for many modes, modified in place, it cannot be shared.

Which primitives is your code using; for example if you're not using CTR mode then we could probably eliminate all 23 changes on that class.

I reviewed all of the changes once again between those two versions and they all look good.

That leaves the differences between Cryptography-RandomAndPrime-rww.2.mcz and Cryptography-RandomAndPrime-RJT.10.mcz.  That was all the SecureRandom refactoring, do you think it might be the cause?

 - Chris



----- Original Message ----
From: Ron Teitelbaum <Ron at USMedRec.com>
To: Cryptography Team Development List <cryptography at lists.squeakfoundation.org>; chris at funkyobjects.org
Sent: Tuesday, January 2, 2007 9:39:04 PM
Subject: SSL Error

Chris and All,

It appears that the changes to

Cryptography-RandomAndPrime and Cryptography-Core break the SSL Code.

If you load

Cryptography-RandomAndPrime-rww.2.mcz
Cryptography-Core-rww.17.mcz

Then run our SSL example code:

'https://tls.secg.org:40023' asUrl retrieveContents.

You will get back the proper contents.

Loading

Cryptography-RandomAndPrime-RJT.10.mcz
Cryptography-Core-cmm.18

It breaks with a return message from the server Bad Record Mac.

I tried loading each method individually and thought I'd isolated it, but I
got inconsistent results.  The RJT version of RandomAndPrime was my change
to ensure the initial vector had the proper number of bytes.

Test to Mac with the new code appears to still be working.

I have not been able to isolate the error yet, but I thought I'd mention it
incase anyone has an idea about which change is causing the error.

Any help would be appreciated.

Thanks,

Ron Teitelbaum
Cryptography Team Leader

Happy New Year to everyone!

More information about the Cryptography mailing list