[OTR-dev] A C# lib

Ian Goldberg ian at cypherpunks.ca
Sat Jan 15 16:57:37 EST 2005


On Sat, Jan 15, 2005 at 01:19:20PM -0500, alex323 wrote:
> Hmmm.. i'm having some problems. My friend keeps telling me that there 
> was a malformed key exchange. Maybe one of you can look at what my 
> program is generating? Thanks
> 
> To reply to a key exchange (reply=1):
> ?OTR:AAEKAG8IXHYaE01IBR0bB31gHgFwM1QlXUgUCgh3InJIKj5PKQkSLHgiDFwTeBkhbTUWUk0sZ2FJWlAyfnwySjdWIHYjRmxgEAxxU1NbJ1JIX0w2I2guZxFmGCF5R2AQQUgCSi88E2NeWRtcfRMtfVgJVWkbdzJ+GjR5DkkbeGFpfidvBgYPAGl/NARaACNyXz5AOhQxOSM4MwNOGncXCGE9LUM+djx3IR0IdxMaLHFvdCABDT9zJk1IfAMkZT1QYQkhGjMPJEEcegUcG2RKKDpicnMFHlsKVmdAIXk+aFcvTHZrPVV4b28lexFiKUMsJxwgSzdvfWM3IztVbXEiZRM9YA5aCA0PMy1QLFN7aB8TRR5xQGpmJzwRLEE3AggMOn1qcFNuXnkeUxdjQ1FVTWAQNHsPAz8xKkQjRCQYWEhCAzlNU01DJDVXGWMPNhpYFwp0JwlWQDITLwl/BiYCfjc6Fl04Th96eDEkWW1pICYeRUs+JV0ANip3FXJZBQ9DPzsLZBN+YzhUHxplHXlcFi0TTyllPGg0UxYGE0c3bwFrVVUheFNDE2VDOSxKF2gnAgpvCWU5E3BZTAIQWEwEMSp6ey4VBjcpOQ8+QhgFUFNCe0FHFHFkFWJsBVlEPVA1BksdLBc5Kj9pJXltNQ9VeDURPSAvSGY/PE50EE94ZlkPMjxdX1hjFyZaZko/cyUoIWJ6PRFqEjYRQndoNwcwYklGJg12TXlcG11ieBBAEFZQfwlGLGUANgBIG0sZQSs1ZHRhaiJsRFpnSFo/BlIsThl4SQp/FQhvAhAnSng1b3wcfQ40VyQDF1Q3UCkufnUZInVEeVtrWQwgWBQCL3ViaQ==.

You know about otr_parse in the toolkit, right?  Indeed, it says your
message is malformed.  So let's take it apart.

iang at warren:~$ echo 'AAEKAG8IXHYaE01IBR0bB31gHgFwM1QlXUgUCgh3InJIKj5PKQkSLHgiDFwTeBkhbTUWUk0sZ2FJWlAyfnwySjdWIHYjRmxgEAxxU1NbJ1JIX0w2I2guZxFmGCF5R2AQQUgCSi88E2NeWRtcfRMtfVgJVWkbdzJ+GjR5DkkbeGFpfidvBgYPAGl/NARaACNyXz5AOhQxOSM4MwNOGncXCGE9LUM+djx3IR0IdxMaLHFvdCABDT9zJk1IfAMkZT1QYQkhGjMPJEEcegUcG2RKKDpicnMFHlsKVmdAIXk+aFcvTHZrPVV4b28lexFiKUMsJxwgSzdvfWM3IztVbXEiZRM9YA5aCA0PMy1QLFN7aB8TRR5xQGpmJzwRLEE3AggMOn1qcFNuXnkeUxdjQ1FVTWAQNHsPAz8xKkQjRCQYWEhCAzlNU01DJDVXGWMPNhpYFwp0JwlWQDITLwl/BiYCfjc6Fl04Th96eDEkWW1pICYeRUs+JV0ANip3FXJZBQ9DPzsLZBN+YzhUHxplHXlcFi0TTyllPGg0UxYGE0c3bwFrVVUheFNDE2VDOSxKF2gnAgpvCWU5E3BZTAIQWEwEMSp6ey4VBjcpOQ8+QhgFUFNCe0FHFHFkFWJsBVlEPVA1BksdLBc5Kj9pJXltNQ9VeDURPSAvSGY/PE50EE94ZlkPMjxdX1hjFyZaZko/cyUoIWJ6PRFqEjYRQndoNwcwYklGJg12TXlcG11ieBBAEFZQfwlGLGUANgBIG0sZQSs1ZHRhaiJsRFpnSFo/BlIsThl4SQp/FQhvAhAnSng1b3wcfQ40VyQDF1Q3UCkufnUZInVEeVtrWQwgWBQCL3ViaQ==' | perl -MMIME::Base64 -pe '$_=&decode_base64($_)' | od -tx1
0000000 00 01 0a 00 6f 08 5c 76 1a 13 4d 48 05 1d 1b 07
0000020 7d 60 1e 01 70 33 54 25 5d 48 14 0a 08 77 22 72
[snip]

You start with:
  00 01 (Protocol version 1)
  0a    (Key Exchange Message)
  00    (reply == 0, unlike what you said)
  6f 08 5c 76  <- nonsense

An MPI is expected here.  From the Protocol document:

> Multi-precision integers (MPI):
>   4 byte unsigned len, big-endian
>   len byte unsigned value, big-endian
>   (MPIs must use the minimum-length encoding; i.e. no leading 0x00
>   bytes.  This is important when calculating public key fingerprints.)

You seem to be missing the MPI length field.

   - Ian



More information about the OTR-dev mailing list