|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
commit b2967960e594d9e2c84edc5fe331bba531e0def5
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
Author: Ian Goldberg <iang@cs.uwaterloo.ca>
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
Date: Wed Jul 17 09:30:52 2013 -0400
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
Workaround for a crash bug in libgcrypt affecting otr_sesskeys
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
Passing a private key value of 0 to otr_sesskeys would cause libgcrypt
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
to crash in gcry_mpi_powm. We reported this libgcrypt bug and it was
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
then fixed in
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
http://lists.gnupg.org/pipermail/gcrypt-devel/2013-July/002251.html
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
but the workaround is simply to use gcry_mpi_new(DH1536_MOD_LEN_BITS)
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
instead of gcry_mpi_new(0).
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
Note that this only affected the otr_sesskeys toolkit program, and not
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
libotr itself.
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
Thanks to the Mayhem Team at CMU (Alexandre Rebert, Thanassis Avgerinos,
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
Sang Kil Cha, David Brumley, Manuel Egele) for the report.
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
diff --git a/toolkit/sesskeys.c b/toolkit/sesskeys.c
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
index 575e984..d416cde 100644
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
--- a/toolkit/sesskeys.c
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
+++ b/toolkit/sesskeys.c
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
@@ -32,6 +32,7 @@ static const char* DH1536_MODULUS_S = "0x"
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
"83655D23DCA3AD961C62F356208552BB9ED529077096966D"
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
"670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
+static const int DH1536_MOD_LEN_BITS = 1536;
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
static const char *DH1536_GENERATOR_S = "0x02";
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
/* Generate the session id and the two encryption keys from our private
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
@@ -52,9 +53,9 @@ void sesskeys_gen(unsigned char sessionid[20], unsigned char sendenc[16],
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
(const unsigned char *)DH1536_MODULUS_S, 0, NULL);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
gcry_mpi_scan(&generator, GCRYMPI_FMT_HEX,
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
(const unsigned char *)DH1536_GENERATOR_S, 0, NULL);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
- *our_yp = gcry_mpi_new(0);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
+ *our_yp = gcry_mpi_new(DH1536_MOD_LEN_BITS);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
gcry_mpi_powm(*our_yp, generator, our_x, modulus);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
- secretv = gcry_mpi_new(0);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
+ secretv = gcry_mpi_new(DH1536_MOD_LEN_BITS);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
gcry_mpi_powm(secretv, their_y, our_x, modulus);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
gcry_mpi_release(generator);
|
|
![](https://seccdn.libravatar.org/avatar/8baa18bd3f784ebc78a53e1f043a80413ddd5b0615728445ae90c138acdd13da?s=16&d=retro) |
176b6be |
gcry_mpi_release(modulus);
|