Ah yes, thanks. I will cross-reference the tor spec with openssl and submit a patch for consideration.
On Mon, Oct 28, 2013 at 9:57 AM, Nick Mathewson <[email protected]> wrote: > On Mon, Oct 28, 2013 at 11:46 AM, Joshua Datko <[email protected]> wrote: > > Why is there a limited set of OpenSSL engine algorithms chosen in > crypto.c > > (code below)? > > > > log_engine("RSA", ENGINE_get_default_RSA()); > > log_engine("DH", ENGINE_get_default_DH()); > > log_engine("RAND", ENGINE_get_default_RAND()); > > log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1)); > > log_engine("3DES", ENGINE_get_cipher_engine(NID_des_ede3_ecb)); > > log_engine("AES", ENGINE_get_cipher_engine(NID_aes_128_ecb)); > > > I think you're misunderstanding that code. That function is called > "log_engine", not "load_engine." The actual loading and registering > of engines happens earlier in the crypto_global_init() function. All > that the log_engine function does is to log a short message about > which engine was chosen. > > That said, it would sure be nice to have a more up-to-date list of > engines logged. I'd be happy to take a patch for that. > > [...] > > Also, I was a bit surprised to see ECB mode. Is it true that ECB, when > used > > as a stream generator, is equal to CTR mode? ECB mode is not mentioned > in > > the spec and after some digging, I found a reference to it [1] for > > encrypting at most one block length of data in the header. > > Yup. It's used to implement counter mode. "ECB" in this case is an > alias for "Just the raw AES block function." Nobody should ever use > ECB except as a building block for something that isn't ECB. > > > best wishes, > -- > Nick > _______________________________________________ > tor-dev mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev >
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
