iked requires the same dh diff as isakmpd:

When BN_bn2bin converts a bignum to the binary representation
it skips leading zeroes if there are any.  To accommodate the
difference with the protocol we need to prepend those zeroes
ourselves.

1 files changed, 22 insertions, 4 deletions

diff --git a/sbin/iked/dh.c b/sbin/iked/dh.c
index dc8b6fe5b66..5b38f417440 100644
--- a/sbin/iked/dh.c
+++ b/sbin/iked/dh.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: dh.c,v 1.5 2010/11/29 22:49:26 markus Exp $	*/
+/*	$OpenBSD: dh.c,v 1.6 2011/07/03 20:20:23 mikeb Exp $	*/
 /*	$vantronix: dh.c,v 1.13 2010/05/28 15:34:35 reyk Exp $	*/
 
 /*
@@ -402,12 +402,22 @@ int
 modp_create_exchange(struct group *group, u_int8_t *buf)
 {
 	DH	*dh = group->dh;
+	int	 len, ret;
 
 	if (!DH_generate_key(dh))
 		return (-1);
-	if (!BN_bn2bin(dh->pub_key, buf))
+	ret = BN_bn2bin(dh->pub_key, buf);
+	if (!ret)
 		return (-1);
 
+	len = dh_getlen(group);
+
+	/* add zero padding */
+	if (ret < len) {
+		bcopy(buf, buf + (len - ret), ret);
+		bzero(buf, len - ret);
+	}
+
 	return (0);
 }
 
@@ -415,9 +425,11 @@ int
 modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
 {
 	BIGNUM	*ex;
-	int	 ret;
+	int	 len, ret;
 
-	if ((ex = BN_bin2bn(exchange, dh_getlen(group), NULL)) == NULL)
+	len = dh_getlen(group);
+
+	if ((ex = BN_bin2bn(exchange, len, NULL)) == NULL)
 		return (-1);
 
 	ret = DH_compute_key(secret, ex, group->dh);
@@ -425,6 +437,12 @@ modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
 	if (!ret)
 		return (-1);
 
+	/* add zero padding */
+	if (ret < len) {
+		bcopy(secret, secret + (len - ret), ret);
+		bzero(secret, len - ret);
+	}
+
 	return (0);
 }