From d37fd1440d6e2f535982e60b5c76ae0e1a173042 Mon Sep 17 00:00:00 2001 From: Alejandro Leiva Date: Thu, 23 Jan 2014 10:47:45 +0100 Subject: [PATCH 1/2] Fixed typo in linux lib install instructions in README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 03aca69..0397964 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Install libs: readline openssl and (if you want to use config) libconfig and lub If you do not want to use them pass options --disable-libconfig and --disable-liblua respectively On ubuntu use: - $ sudo apt-get install libreadline-dev libconfig-dev libssl-dev lua5.2 lublua5.2-dev + $ sudo apt-get install libreadline-dev libconfig-dev libssl-dev lua5.2 liblua5.2-dev On gentoo: $ sudo emerge -av sys-libs/readline dev-libs/libconfig dev-libs/openssl dev-lang/lua From 8b4085ff933bfb73819ab62564fa57fd3d1b21c2 Mon Sep 17 00:00:00 2001 From: antma Date: Tue, 21 Jan 2014 20:02:34 +0400 Subject: [PATCH 2/2] AES_KEY structure clean up --- mtproto-common.c | 2 ++ queries.c | 9 +++++---- structures.c | 1 + 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/mtproto-common.c b/mtproto-common.c index 7ca8bee..ceeb5c5 100644 --- a/mtproto-common.c +++ b/mtproto-common.c @@ -348,6 +348,7 @@ void init_aes_unauth (const char server_nonce[16], const char hidden_client_nonc } else { AES_set_decrypt_key (aes_key_raw, 32*8, &aes_key); } + memset (aes_key_raw, 0, sizeof (aes_key_raw)); } void init_aes_auth (char auth_key[192], char msg_key[16], int encrypt) { @@ -387,6 +388,7 @@ void init_aes_auth (char auth_key[192], char msg_key[16], int encrypt) { } else { AES_set_decrypt_key (aes_key_raw, 32*8, &aes_key); } + memset (aes_key_raw, 0, sizeof (aes_key_raw)); } int pad_aes_encrypt (char *from, int from_len, char *to, int size) { diff --git a/queries.c b/queries.c index 53bfdcd..fddc565 100644 --- a/queries.c +++ b/queries.c @@ -746,6 +746,7 @@ char *encrypt_decrypted_message (struct secret_chat *E) { AES_KEY aes_key; AES_set_encrypt_key (key, 256, &aes_key); AES_ige_encrypt ((void *)encr_ptr, (void *)encr_ptr, 4 * (encr_end - encr_ptr), &aes_key, iv, 1); + memset (&aes_key, 0, sizeof (aes_key)); return (void *)msg_key; } @@ -1290,15 +1291,14 @@ void send_part (struct send_file *f) { if (f->encr) { if (x & 15) { assert (f->offset == f->size); - if (x & 15) { - secure_random (buf + x, (-x) & 15); - x = (x + 15) & ~15; - } + secure_random (buf + x, (-x) & 15); + x = (x + 15) & ~15; } AES_KEY aes_key; AES_set_encrypt_key (f->key, 256, &aes_key); AES_ige_encrypt ((void *)buf, (void *)buf, x, &aes_key, f->iv, 1); + memset (&aes_key, 0, sizeof (aes_key)); } out_cstring (buf, x); if (verbosity >= 2) { @@ -1803,6 +1803,7 @@ int download_on_answer (struct query *q) { AES_KEY aes_key; AES_set_decrypt_key (D->key, 256, &aes_key); AES_ige_encrypt (ptr, ptr, len, &aes_key, D->iv, 0); + memset (&aes_key, 0, sizeof (aes_key)); if (len > D->size - D->offset) { len = D->size - D->offset; } diff --git a/structures.c b/structures.c index 47eb941..ddb8f1f 100644 --- a/structures.c +++ b/structures.c @@ -1376,6 +1376,7 @@ int decrypt_encrypted_message (struct secret_chat *E) { AES_KEY aes_key; AES_set_decrypt_key (key, 256, &aes_key); AES_ige_encrypt ((void *)decr_ptr, (void *)decr_ptr, 4 * (decr_end - decr_ptr), &aes_key, iv, 0); + memset (&aes_key, 0, sizeof (aes_key)); int x = *(decr_ptr); if (x < 0 || (x & 3)) {