[Pkg-voip-commits] [bctoolbox] 43/60: backport of Fix DHM secret extraction to polarssl1.2

Bernhard Schmidt berni at moszumanska.debian.org
Sun Oct 15 22:42:28 UTC 2017 

This is an automated email from the git hooks/post-receive script.

berni pushed a commit to branch debian/sid
in repository bctoolbox.

commit 6fd63808ae0be8caa52a94e065d325ba5844b3ed
Author: Jehan Monnier <jehan.monnier at linphone.org>
Date:   Fri Jun 9 15:27:01 2017 +0200

    backport of Fix DHM secret extraction to polarssl1.2
---
 src/crypto/polarssl1.2.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/crypto/polarssl1.2.c b/src/crypto/polarssl1.2.c
index 3698f07..4b91688 100644
--- a/src/crypto/polarssl1.2.c
+++ b/src/crypto/polarssl1.2.c
@@ -388,14 +388,20 @@ void bctbx_DHMCreatePublic(bctbx_DHMContext_t *context, int (*rngFunction)(void
 /* compute secret - the ->peer field of context must have been set before calling this function */
 void bctbx_DHMComputeSecret(bctbx_DHMContext_t *context, int (*rngFunction)(void *, uint8_t *, size_t), void *rngContext) {
 	size_t keyLength;
-
+	uint8_t sharedSecretBuffer[384]; /* longest shared secret available in these mode */
+	
 	/* import the peer public value G^Y mod P in the polar ssl context */
 	dhm_read_public((dhm_context *)(context->cryptoModuleData), context->peer, context->primeLength);
 
 	/* compute the secret key */
 	keyLength = context->primeLength; /* undocumented but this value seems to be in/out, so we must set it to the expected key length */
-	context->key = (uint8_t *)malloc(keyLength*sizeof(uint8_t)); /* allocate key buffer */
-	dhm_calc_secret((dhm_context *)(context->cryptoModuleData), context->key, &keyLength);
+	context->key = (uint8_t *)malloc(keyLength*sizeof(uint8_t)); /* allocate and reset the key buffer */
+	memset(context->key,0, keyLength);
+	
+	dhm_calc_secret((dhm_context *)(context->cryptoModuleData), sharedSecretBuffer, &keyLength);
+	/* now copy the resulting secret in the correct place in buffer(result may actually miss some front zero bytes, real length of output is now in keyLength but we want primeLength bytes) */
+	memcpy(context->key+(context->primeLength-keyLength), sharedSecretBuffer, keyLength);
+	memset(sharedSecretBuffer, 0, 384); /* purge secret from temporary buffer */
 }
 
 /* clean DHM context */

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/bctoolbox.git

More information about the Pkg-voip-commits mailing list