[Pkg-privacy-commits] [libotr] 187/225: Fix: use gcrypt secure memory allocation

Sat Aug 22 12:45:29 UTC 2015

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch master
in repository libotr.

commit bed0449fc41047268a1e8280a2353b471777fdb4
Author: Julien Voisin <julien.voisin at dustri.org>
Date:   Sun May 4 10:30:42 2014 -0400

    Fix: use gcrypt secure memory allocation
    
    Fixes #5
    
    Acked-by: Nikita Borisov <me+otr.im at nikita.ca>
    Acked-by: David Goulet <dgoulet at ev0ke.net>
    Signed-off-by: Julien Voisin <julien.voisin at dustri.org>
---
 src/dh.c           | 6 +++---
 src/sm.c           | 4 ++--
 toolkit/sesskeys.c | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/dh.c b/src/dh.c
index c5425a4..b92a0a8 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -138,7 +138,7 @@ gcry_error_t otrl_dh_session(DH_sesskeys *sess, const DH_keypair *kp,
     }
 
     /* Calculate the shared secret MPI */
-    gab = gcry_mpi_new(DH1536_MOD_LEN_BITS);
+    gab = gcry_mpi_snew(DH1536_MOD_LEN_BITS);
     gcry_mpi_powm(gab, y, kp->priv, DH1536_MODULUS);
 
     /* Output it in the right format */
@@ -256,7 +256,7 @@ gcry_error_t otrl_dh_compute_v2_auth_keys(const DH_keypair *our_dh,
     }
 
     /* Calculate the shared secret MPI */
-    s = gcry_mpi_new(DH1536_MOD_LEN_BITS);
+    s = gcry_mpi_snew(DH1536_MOD_LEN_BITS);
     gcry_mpi_powm(s, their_pub, our_dh->priv, DH1536_MODULUS);
 
     /* Output it in the right format */
@@ -381,7 +381,7 @@ gcry_error_t otrl_dh_compute_v1_session_id(const DH_keypair *our_dh,
     }
 
     /* Calculate the shared secret MPI */
-    s = gcry_mpi_new(DH1536_MOD_LEN_BITS);
+    s = gcry_mpi_snew(DH1536_MOD_LEN_BITS);
     gcry_mpi_powm(s, their_pub, our_dh->priv, DH1536_MODULUS);
 
     /* Output it in the right format */
diff --git a/src/sm.c b/src/sm.c
index 4d72825..e8d853f 100644
--- a/src/sm.c
+++ b/src/sm.c
@@ -133,7 +133,7 @@ void otrl_sm_state_new(OtrlSMState *smst)
 void otrl_sm_state_init(OtrlSMState *smst)
 {
     otrl_sm_state_free(smst);
-    smst->secret = gcry_mpi_new(SM_MOD_LEN_BITS);
+    smst->secret = gcry_mpi_snew(SM_MOD_LEN_BITS);
     smst->x2 = NULL;
     smst->x3 = NULL;
     smst->g1 = gcry_mpi_copy(SM_GENERATOR);
@@ -431,7 +431,7 @@ static gcry_error_t otrl_sm_proof_know_log(gcry_mpi_t *c, gcry_mpi_t *d,
 	const gcry_mpi_t g, const gcry_mpi_t x, int version)
 {
     gcry_mpi_t r = randomExponent();
-    gcry_mpi_t temp = gcry_mpi_new(SM_MOD_LEN_BITS);
+    gcry_mpi_t temp = gcry_mpi_snew(SM_MOD_LEN_BITS);
     gcry_mpi_powm(temp, g, r, SM_MODULUS);
     otrl_sm_hash(c, version, temp, NULL);
     gcry_mpi_mulm(temp, x, *c, SM_ORDER);
diff --git a/toolkit/sesskeys.c b/toolkit/sesskeys.c
index d416cde..59c5541 100644
--- a/toolkit/sesskeys.c
+++ b/toolkit/sesskeys.c
@@ -53,9 +53,9 @@ void sesskeys_gen(unsigned char sessionid[20], unsigned char sendenc[16],
 	(const unsigned char *)DH1536_MODULUS_S, 0, NULL);
     gcry_mpi_scan(&generator, GCRYMPI_FMT_HEX,
 	(const unsigned char *)DH1536_GENERATOR_S, 0, NULL);
-    *our_yp = gcry_mpi_new(DH1536_MOD_LEN_BITS);
+    *our_yp = gcry_mpi_snew(DH1536_MOD_LEN_BITS);
     gcry_mpi_powm(*our_yp, generator, our_x, modulus);
-    secretv = gcry_mpi_new(DH1536_MOD_LEN_BITS);
+    secretv = gcry_mpi_snew(DH1536_MOD_LEN_BITS);
     gcry_mpi_powm(secretv, their_y, our_x, modulus);
     gcry_mpi_release(generator);
     gcry_mpi_release(modulus);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/libotr.git

