Mailing List Archive

On Tue, 20 Jul 2004 18:08:15 +0200, salvatore said:

> Here is how i trade publics key... might be this wrong?!7

Yes.


> /* KEY_LENTGH is 1024 */
> memset(my_pub,0,KEY_LENTGH);

Why using a macro at all if you state above that it is 1024 byte? Are
you sure about the 1024 byte? It is not the key length (we usually
count by bits) but the maximum length of the S-expression (in bytes).

gcry_sexp_sprint(key.my_public_key, GCRYSEXP_FMT_CANON, my_pub, sizeof(my_pub));

No error checking done.

> /* Send my public */
> while( (write(sockt, (char *) my_pub, sizeof(my_pub)) ) < 0 )
> ;

This will leand to an endless loop as soon as there is a write error -
don't do this. Casting to char* is unneeded: ist is already a char*
and write takes a void* anyway.


> if( (read(sockt, (char *) his_pub, KEY_LENTGH ) ) < 0 )
> return 0;

Same remarks as above.

Why do you use KEY_LENGH here but above sizeof? Actuall

In general you should send the actual length of the key and not a
fixed buffer. However your approach works as long as you don't
enlarge the key size. The actual length is returned by
gcry_sexp_sprint; encode it in network byte order; ie.


unsigned char length_buffer[4];
size_t length;

length = gcry_sexp_sprint (....);
if (!length)
die ();

length_buffer[0] = length >> 24;
length_buffer[1] = length >> 16;
length_buffer[2] = length >> 8;
length_buffer[3] = length;

if (writen (sock, length_buffer, 4))
die ();
if (writen (sock, my_pub, sizeof my_pub))
die ();


writen() is the usual write wrapper, making sure that all bytes are
written and protects against INTR. See Steven's APUE for example
(This is a must read for everyone doing network stuff or serious Unix
hacking).




Salam-Shalom,

Werner

Thanks a lot Werner
I've applied some changes as you said

int trade_publics(void)
{
char my_pub[KEY_LENTGH], his_pub[KEY_LENTGH];
gcry_error_t rc,error_code;
size_t lentgh_buffer;

memset(my_pub,0,sizeof(my_pub));
memset(his_pub,0,sizeof(his_pub));

/* Converto la mia pubblica in un formato opportuno per l'invio */
lentgh_buffer = gcry_sexp_sprint(key.my_public_key, GCRYSEXP_FMT_CANON, my_pub, sizeof(my_pub));

if(!lentgh_buffer)
{
fprintf(stderr,"\nError returned by sprint()\n");
return 0;
}

/* Invio la chiave (ritento finche non la manda */
if( (write(sockt, my_pub, lentgh_buffer)) < 0 )
return 0;


/* Ricevo la sua chiave pubblica */
if( (read(sockt, his_pub, sizeof(his_pub))) < 0 )
return 0;

/* Converto la chiave ricevuta e la salvo nella struttura */
rc = gcry_sexp_sscan(&key.his_public_key, &error_code, his_pub, sizeof(his_pub));
if( rc )
{
fprintf(stderr,"Errore durante la conversione della sua pubblica");
return 0;
}

return 1;
}

Anyway once the program starts key are traded ok (apparently ),but when i send the first message with one client i get this from the other one that
actually try to decrypt

Program received signal SIGSEGV, Segmentation fault.0x40030733 in sexp_sscan (retsexp=0xbffff27c, erroff=0xbffff280,
buffer=0xbffff3b0 "(7:enc-val(3:rsa(1:a128:\032N\215JbÎ%\177æ\002\002n\001wa¯*k\221\001&='!\020Ú\207A\221òÁãt \206\223~\030)\206qG%\027õ­+ãº", length=0, argflag=0, arg_ptr=0xbffff7a4 "Åøÿ¿çøÿ¿", arg_list=0x0) at sexp.c:1022
1022 else if (*p == '\\')
(gdb) bt
#0 0x40030733 in sexp_sscan (retsexp=0xbffff27c, erroff=0xbffff280,
buffer=0xbffff3b0 "(7:enc-val(3:rsa(1:a128:\032N\215JbÎ%\177æ\002\002n\001wa¯*k\221\001&='!\020Ú\207A\221òÁãt \206\223~\030)\206qG%\027õ­+ãº", length=0, argflag=0, arg_ptr=0xbffff7a4 "Åøÿ¿çøÿ¿", arg_list=0x0) at sexp.c:1022
#1 0x400310d3 in gcry_sexp_sscan (retsexp=0xbffff27c, erroff=0xbffff280,
buffer=0xbffff3b0 "(7:enc-val(3:rsa(1:a128:\032N\215JbÎ%\177æ\002\002n\001wa¯*k\221\001&='!\020Ú\207A\221òÁãt \206\223~\030)\206qG%\027õ­+ãº", length=4) at sexp.c:1397
#2 0x0804bb4a in decrypt_buffer (
b_to_decrypt=0xbffff3b0 "(7:enc-val(3:rsa(1:a128:\032N\215JbÎ%\177æ\002\002n\001wa¯*k\221\001&='!\020Ú\207A\221òÁãt \206\223~\030)\206qG%\027õ­+ãº", b_decrypted=0xbffff5b0 "") at crypto.c:72
#3 0x0804b44b in talk () at io.c:142
#4 0x0804b7d8 in main (argc=2, argv=0xbffff7a4) at talk.c:74
(gdb) q
emitrax@freek:~/lab_project$ cat errors.text
Program received signal SIGSEGV, Segmentation fault.0x40030f96 in sexp_sscan (retsexp=0xbffff27c, erroff=0xbffff280, buffer=0xbffff3b0 "(7:enc-val(3:rsa(1:a129:",
length=3221225432, argflag=0, arg_ptr=0xbffff7a4 "Åøÿ¿çøÿ¿", arg_list=0x0) at sexp.c:942
942 if (strchr (tokenchars, *p))
(gdb) bt full
#0 0x40030f96 in sexp_sscan (retsexp=0xbffff27c, erroff=0xbffff280, buffer=0xbffff3b0 "(7:enc-val(3:rsa(1:a129:",
length=3221225432, argflag=0, arg_ptr=0xbffff7a4 "Åøÿ¿çøÿ¿", arg_list=0x0) at sexp.c:942
err = GPG_ERR_SEXP_BAD_CHARACTER
tokenchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-./_:*+="
p = 0xc0000000 <Address 0xc0000000 out of bounds>
n = 4294964148
digptr = 0x0
quoted = 0x0
tokenp = 0xbfffffd8 "s"
hexfmt = 0x0
base64 = 0x0
disphint = 0xbffff4d5 "[.\001@5M\031@G\233\004\b õÿ¿ õÿ¿\t"
percent = 0x0
hexcount = 0
quoted_esc = 0
datalen = 0
dummy_erroff = 1074663610
c = {sexp = 0x8065518, allocated = 334, pos = 0x806564d "\a"}
arg_counter = 0
level = 0
#1 0x400310d3 in gcry_sexp_sscan (retsexp=0xbffff27c, erroff=0xbffff280, buffer=0xbffff3b0 "(7:enc-val(3:rsa(1:a129:",
length=4) at sexp.c:1397
dummy_arg_ptr = 0xbffff7a4 "Åøÿ¿çøÿ¿"
#2 0x0804bb4a in decrypt_buffer (b_to_decrypt=0xbffff3b0 "(7:enc-val(3:rsa(1:a129:", b_decrypted=0xbffff5b0 "") at crypto.c:72
data_to_decrypt = 0x804b2e6
data_decrypted = 0xbffff730
mpi_decrypted = 0xbffff5b0
written = 3221223088
rc = 1074157606
error_code = 3111
#3 0x0804b44b in talk () at io.c:142
i = -1073744464
read_set = {__fds_bits = {1024, 0 <repeats 31 times>}}
nb = 1074157606
k = -1073744464
num_of_chars = 0
buffer_to_read = '\0' <repeats 255 times>
buf_tmp = "\020@"
buffer_to_send = '\0' <repeats 16 times>, "Ðôÿ¿\000\000\000@\000\000\000\000.±\r@\000À\v@°[.\001@5M\031@G\233\004\b õÿ¿ õÿ¿\t\000\000\000\036Û\f@\t\000\000\000\f6\036@höÿ¿\f6\036@\030õÿ¿ðöÿ¿\000\000\000\000\002\000\000\000`¶\004\b\t", '\0' <repeats
12 times>, "\001", '\0' <repeats 41 times>, "nl[\001@põÿ¿\001|\000@\233\214\004\bx[\001@\000\000\000\000\200M\001@\000\000\000\000\214\004\000\000°õÿ¿\031{\000@ò\216\f@\225\216\004\b\000\000\000\000\000\000\000\000 \000\000\000\234\217\f@°=\f@г\v@°[\001@\b\000\000"...
enc_buffer = "(7:enc-val(3:rsa(1:a129:\000\227\204 \003\211\223\031ßÒ\0059\234\\$\031\000±àÞS\206(j\214\2036ÏÊ\030p!/»\t\201âç.]îÿ¬fBå±os\005C=ÆÐz\024ÄÛ0u\200\215L~\231Òàh\aücB\f\211u0\206[.Q\b\227ù\201\\\021~O+Ö¥ôvÙ\215²'\204\016ÎRú\002\020Ñ\206\035Û\\Z\224\233V \024\n\032\227ü\210F5¢c\\eÿ·})))", '\0' <repeats 99 times>
dec_buffer = "E@\006\bB\006\bØòÿ¿Èj\v@B\006\bÈj\v@\210óÿ¿â?\n@E@\006\bB\006\b\001\000\000\000$\000\000\000[.\000\000\0---Type <return> to continue, or q <return> to quit---
00\203óÿ¿\bóÿ¿³B\n@[\000\000\000\200\r\036@hõ\000\000®\234\021@\020\000\000\000\f6\036@Xóÿ¿\000\027\022@\200\r\036@\001\000\000\000ü\001\000\000\021C\n@\200óÿ¿ßø\004\bõÿ¿\000\000\000\000ßø\004\000\001\000\000\000õ\000\000Èj\v@", '\0' <repeats 12 times>,
"Èj\v@d\000\000\000õóÿ¿xóÿ¿³B\n@d\000\000\000\200\r\036@\233\214\004n\200õÿ¿4\000\000\000Èj\v@ó"...
#4 0x0804b7d8 in main (argc=2, argv=0xbffff7a4) at talk.c:74
No locals.


------------------------------------
while on the other client
------------------------------------


Program received signal SIGINT, Interrupt.0x4018dc62 in select () from /lib/libc.so.6
(gdb) bt full
#0 0x4018dc62 in select () from /lib/libc.so.6
No symbol table info available.
#1 0xbffff2b0 in ?? ()
No symbol table info available.
#2 0xbffff6b0 in ?? ()
No symbol table info available.
#3 0xbffff730 in ?? ()
No symbol table info available.
#4 0x0804b2e6 in talk () at io.c:108
read_set = {__fds_bits = {513, 0 <repeats 31 times>}}
nb = -514
k = 11
num_of_chars = 0
buffer_to_read = "`öÿ¿ok\000@\234\215\004\bt\213\a\000\204\212\004\b\020öÿ¿àP\001@\004\000\000\000Ðu\036@\000\000\000\000\001", '\0' <repeats 15 times>, "\020öÿ¿", '\0' <repeats 16 times>, "t\213\a\000 öÿ¿\220O\001@\000\000\000\000\000\000\000\000\220ü\v@°[.\001@", '\0' <repeats 20 times>, "®\217\v\fÐöÿ¿\220O\001@höÿ¿\203\236\004\b@)\f@°[.\001@\000÷ÿ¿\000\000\000\000PÐ\v@\200M\001@ø\002\000\000\220O\001@°öÿ¿¢\000@,Q\001@Ðu\036@\001\000\000\000\000\000\000\000Èöÿ¿÷Æ\030@ñöÿ¿¡öÿ¿\023\000\000\000\200"...
buf_tmp = "\n@"
buffer_to_send = "lillo che succede?\n\000ÌÕ\004\bZ\000\000\000®\214\004\b\000À\v@ õÿ¿\001\000\000\000 öÿ¿ õÿ¿ õÿ¿\t\000\000\000\036Û\f@\t\000\000\000\f6\036@höÿ¿\f6\036@\030õÿ¿\000÷ÿ¿", '\0' <repeats 12 times>, "\t", '\0' <repeats 12 times>, "\001", '\0' <repeats 41 times>, "nl[.\001@põÿ¿\001|\000@\233\214\004\bx[.\001@\000\000\000\000\200M\001@\000\000\000\000\214\004\000\000°õÿ¿\031{\000@ò\216\f@\225\216\004\b õÿ¿\001|\000@ \000\000\000\234\217\f@°=\f@г\v@°[.\001"...
enc_buffer = "°=\f@г\v@ \000\000\000\234\217\f@°=\f@г\v@°[.\001@\b\000\000\000\214u\036@\200M\001@,Q\001@®\214\004\b\220ôÿ¿ok\000@®\214\004\b\213\a\000\004\212\004\b@ôÿ¿àP\001@\004\000\000\000Ðu\036@\000\000\000\000\001\000\000\000D\234\a\000°ôÿ¿\220O\001@@ôÿ¿+\234\aÀôÿ¿\220O\001@\000\000\000\000\213\a\000Ðôÿ¿\220O\001@\000\000\000\000\002\000\000\000\000À\v@°[.\001@x \005@\036Û\f@\000\000\000\000\f6\036@Èõÿ¿\f6\036@\000\000\000\000\200M\001@\217\002\000\000\220O\001@Àôÿ¿\200M\001@"...
(this is what it sends)
dec_buffer = "(7:enc-val(3:rsa(1:a129:\000\227\204 \003\211\223\031ßÒ\0059\234\\$\031\000±àÞS\206(j\214\2036ÏÊ\030p!/»\t\201âç.]îÿ¬fBå±os\005C=ÆÐz\024ÄÛ0u\200\215L~\231Òàh\aücB\f\211u0\206[Q\b\227ù\201\\\021~O+Ö¥ôvÙ\215²'\204\016ÎRú\002\020Ñ\206\035Û\\Z\224\233V \024\n\032\227ü\210F5¢c\\eÿ·})))", '\0' <repeats 99 times>
#5 0x0804b7d8 in main (argc=2, argv=0xbffff7a4) at talk.c:74
No locals.


Sorry about the size of the mail.
By the way i'm reading steven's UNP vol II but not APUN.

Regards
Salvo