Uploaded image for project: 'FreeSWITCH'
  1. FreeSWITCH
  2. FS-9387

Incorrect calculation of auxiliary secret hash in libZRTP

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.6.9
    • Fix Version/s: 1.8
    • Component/s: core
    • Security Level: public
    • Labels:
      None
    • Environment:
      all
    • Compiler Version:
      all
    • FreeSWITCH GIT Revision:
      1.6.9
    • GIT Master Revision hash::
      -

      Description

      libZRTP implements an incorrect calculation of the auxiliary secret hash that is not compliant with the ZRTP standard (RFC 6189 chapter 4.1.3).

      RFC 6189 chapter 4.1.3 (https://tools.ietf.org/html/rfc6189#section-4.3.1):
      * auxsecretIDr = MAC(auxsecret, Responder's H3)
      * auxsecretIDi = MAC(auxsecret, Initiator's H3)

      libZRTP implementation in zrtp_protocol.c:_zrtp_protocol_init() and _attach_secret():
      * auxsecretIDr = MAC(auxsecret, "Responder")
      * auxsecretIDi = MAC(auxsecret, "Initiator")

      The current implementation does not work together with a compliant ZRTP implementation like e.g. ZRTPCPP (https://github.com/wernerd/ZRTPCPP).

      I implemented a bugfix for libZRTP that is compliant to RFC 6189. I'll create a pull request for the 1.6.9 code base. My bugfix is tested and works together with the latest version of ZRTPCPP.

      Apart from accepting that pull request, it might be good idea to plan to migrate from the old unmaintained libZRTP to the current and well maintained ZRTPCPP library in the middle-term future.

        Attachments

          Activity

            People

            • Assignee:
              anthm Anthony Minessale II
              Reporter:
              mkvonarx Markus von Arx
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: