Fixed random on sensible parts (generation auth_key, session_id and keys for secret chats)
This commit is contained in:
parent
d94786957b
commit
b2ba81e761
4
main.c
4
main.c
@ -78,6 +78,7 @@ char *binlog_file_name;
|
|||||||
int binlog_enabled;
|
int binlog_enabled;
|
||||||
extern int log_level;
|
extern int log_level;
|
||||||
int sync_from_start;
|
int sync_from_start;
|
||||||
|
int allow_weak_random;
|
||||||
|
|
||||||
void set_default_username (const char *s) {
|
void set_default_username (const char *s) {
|
||||||
if (default_username) {
|
if (default_username) {
|
||||||
@ -375,6 +376,9 @@ void args_parse (int argc, char **argv) {
|
|||||||
case 'E':
|
case 'E':
|
||||||
disable_auto_accept = 1;
|
disable_auto_accept = 1;
|
||||||
break;
|
break;
|
||||||
|
case 'w':
|
||||||
|
allow_weak_random = 1;
|
||||||
|
break;
|
||||||
case 'h':
|
case 'h':
|
||||||
default:
|
default:
|
||||||
usage ();
|
usage ();
|
||||||
|
@ -69,7 +69,7 @@ char new_nonce[256];
|
|||||||
char server_nonce[256];
|
char server_nonce[256];
|
||||||
extern int binlog_enabled;
|
extern int binlog_enabled;
|
||||||
extern int disable_auto_accept;
|
extern int disable_auto_accept;
|
||||||
|
extern int allow_weak_random;
|
||||||
|
|
||||||
int total_packets_sent;
|
int total_packets_sent;
|
||||||
long long total_data_sent;
|
long long total_data_sent;
|
||||||
@ -98,6 +98,15 @@ double get_utime (int clock_id) {
|
|||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void do_rand (void *s, int l) {
|
||||||
|
if (RAND_bytes (s, l) < 0) {
|
||||||
|
if (allow_weak_random) {
|
||||||
|
RAND_pseudo_bytes (s, l);
|
||||||
|
} else {
|
||||||
|
assert (0 && "End of random. If you want, you can start with -w");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#define STATS_BUFF_SIZE (64 << 10)
|
#define STATS_BUFF_SIZE (64 << 10)
|
||||||
@ -223,7 +232,7 @@ int rpc_send_message (struct connection *c, void *data, int len) {
|
|||||||
|
|
||||||
int send_req_pq_packet (struct connection *c) {
|
int send_req_pq_packet (struct connection *c) {
|
||||||
assert (c_state == st_init);
|
assert (c_state == st_init);
|
||||||
assert (RAND_pseudo_bytes ((unsigned char *) nonce, 16) >= 0);
|
do_rand (nonce, 16);
|
||||||
unenc_msg_header.out_msg_id = 0;
|
unenc_msg_header.out_msg_id = 0;
|
||||||
clear_packet ();
|
clear_packet ();
|
||||||
out_int (CODE_req_pq);
|
out_int (CODE_req_pq);
|
||||||
@ -371,7 +380,7 @@ int process_respq_answer (struct connection *c, char *packet, int len) {
|
|||||||
//out_int (0x0501); // q=5
|
//out_int (0x0501); // q=5
|
||||||
out_ints ((int *) nonce, 4);
|
out_ints ((int *) nonce, 4);
|
||||||
out_ints ((int *) server_nonce, 4);
|
out_ints ((int *) server_nonce, 4);
|
||||||
assert (RAND_pseudo_bytes ((unsigned char *) new_nonce, 32) >= 0);
|
do_rand (new_nonce, 32);
|
||||||
out_ints ((int *) new_nonce, 8);
|
out_ints ((int *) new_nonce, 8);
|
||||||
sha1 ((unsigned char *) (packet_buffer + 5), (packet_ptr - packet_buffer - 5) * 4, (unsigned char *) packet_buffer);
|
sha1 ((unsigned char *) (packet_buffer + 5), (packet_ptr - packet_buffer - 5) * 4, (unsigned char *) packet_buffer);
|
||||||
|
|
||||||
@ -564,7 +573,7 @@ int process_dh_answer (struct connection *c, char *packet, int len) {
|
|||||||
BN_init (&dh_g);
|
BN_init (&dh_g);
|
||||||
BN_set_word (&dh_g, g);
|
BN_set_word (&dh_g, g);
|
||||||
|
|
||||||
assert (RAND_pseudo_bytes ((unsigned char *)s_power, 256) >= 0);
|
do_rand (s_power, 256);
|
||||||
BIGNUM *dh_power = BN_new ();
|
BIGNUM *dh_power = BN_new ();
|
||||||
assert (BN_bin2bn ((unsigned char *)s_power, 256, dh_power) == dh_power);
|
assert (BN_bin2bn ((unsigned char *)s_power, 256, dh_power) == dh_power);
|
||||||
|
|
||||||
@ -683,7 +692,7 @@ void init_enc_msg (struct session *S, int useful) {
|
|||||||
// assert (DC->server_salt);
|
// assert (DC->server_salt);
|
||||||
enc_msg.server_salt = DC->server_salt;
|
enc_msg.server_salt = DC->server_salt;
|
||||||
if (!S->session_id) {
|
if (!S->session_id) {
|
||||||
assert (RAND_pseudo_bytes ((unsigned char *) &S->session_id, 8) >= 0);
|
do_rand (&S->session_id, 8);
|
||||||
}
|
}
|
||||||
enc_msg.session_id = S->session_id;
|
enc_msg.session_id = S->session_id;
|
||||||
//enc_msg.auth_key_id2 = auth_key_id;
|
//enc_msg.auth_key_id2 = auth_key_id;
|
||||||
|
@ -29,4 +29,5 @@ void work_update_binlog (void);
|
|||||||
int check_g (unsigned char p[256], BIGNUM *g);
|
int check_g (unsigned char p[256], BIGNUM *g);
|
||||||
int check_g_bn (BIGNUM *p, BIGNUM *g);
|
int check_g_bn (BIGNUM *p, BIGNUM *g);
|
||||||
int check_DH_params (BIGNUM *p, int g);
|
int check_DH_params (BIGNUM *p, int g);
|
||||||
|
void do_rand (void *s, int l);
|
||||||
#endif
|
#endif
|
||||||
|
@ -2263,8 +2263,10 @@ void do_send_accept_encr_chat (struct secret_chat *E, unsigned char *random) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (ok) { return; } // Already generated key for this chat
|
if (ok) { return; } // Already generated key for this chat
|
||||||
for (i = 0; i < 64; i++) {
|
unsigned char random_here[256];
|
||||||
*(((int *)random) + i) ^= mrand48 ();
|
do_rand (random_here, 256);
|
||||||
|
for (i = 0; i < 256; i++) {
|
||||||
|
random[i] ^= random_here[i];
|
||||||
}
|
}
|
||||||
BIGNUM *b = BN_bin2bn (random, 256, 0);
|
BIGNUM *b = BN_bin2bn (random, 256, 0);
|
||||||
assert (b);
|
assert (b);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user