Commit b2967960 authored by Ian Goldberg's avatar Ian Goldberg
Browse files

Workaround for a crash bug in libgcrypt affecting otr_sesskeys

Passing a private key value of 0 to otr_sesskeys would cause libgcrypt
to crash in gcry_mpi_powm.  We reported this libgcrypt bug and it was
then fixed in
but the workaround is simply to use gcry_mpi_new(DH1536_MOD_LEN_BITS)
instead of gcry_mpi_new(0).

Note that this only affected the otr_sesskeys toolkit program, and not
libotr itself.

Thanks to the Mayhem Team at CMU (Alexandre Rebert, Thanassis Avgerinos,
Sang Kil Cha, David Brumley, Manuel Egele) for the report.
parent d748757e
......@@ -32,6 +32,7 @@ static const char* DH1536_MODULUS_S = "0x"
static const int DH1536_MOD_LEN_BITS = 1536;
static const char *DH1536_GENERATOR_S = "0x02";
/* Generate the session id and the two encryption keys from our private
......@@ -52,9 +53,9 @@ void sesskeys_gen(unsigned char sessionid[20], unsigned char sendenc[16],
(const unsigned char *)DH1536_MODULUS_S, 0, NULL);
gcry_mpi_scan(&generator, GCRYMPI_FMT_HEX,
(const unsigned char *)DH1536_GENERATOR_S, 0, NULL);
*our_yp = gcry_mpi_new(0);
*our_yp = gcry_mpi_new(DH1536_MOD_LEN_BITS);
gcry_mpi_powm(*our_yp, generator, our_x, modulus);
secretv = gcry_mpi_new(0);
secretv = gcry_mpi_new(DH1536_MOD_LEN_BITS);
gcry_mpi_powm(secretv, their_y, our_x, modulus);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment