summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/dh.c
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/isakmpd/dh.c')
-rw-r--r--sbin/isakmpd/dh.c26
1 files changed, 22 insertions, 4 deletions
diff --git a/sbin/isakmpd/dh.c b/sbin/isakmpd/dh.c
index 9998b0b550e..645e5c1ff95 100644
--- a/sbin/isakmpd/dh.c
+++ b/sbin/isakmpd/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.13 2010/11/29 22:49:26 markus Exp $ */
+/* $OpenBSD: dh.c,v 1.14 2011/06/15 10:35:47 mikeb Exp $ */
/* $vantronix: dh.c,v 1.13 2010/05/28 15:34:35 reyk Exp $ */
/*
@@ -402,12 +402,22 @@ int
modp_create_exchange(struct group *group, u_int8_t *buf)
{
DH *dh = group->dh;
+ int len, ret;
if (!DH_generate_key(dh))
return (-1);
- if (!BN_bn2bin(dh->pub_key, buf))
+ ret = BN_bn2bin(dh->pub_key, buf);
+ if (!ret)
return (-1);
+ len = dh_getlen(group);
+
+ /* add zero padding */
+ if (ret < len) {
+ bcopy(buf, buf + (len - ret), ret);
+ bzero(buf, len - ret);
+ }
+
return (0);
}
@@ -415,9 +425,11 @@ int
modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
{
BIGNUM *ex;
- int ret;
+ int len, ret;
- if ((ex = BN_bin2bn(exchange, dh_getlen(group), NULL)) == NULL)
+ len = dh_getlen(group);
+
+ if ((ex = BN_bin2bn(exchange, len, NULL)) == NULL)
return (-1);
ret = DH_compute_key(secret, ex, group->dh);
@@ -425,6 +437,12 @@ modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
if (!ret)
return (-1);
+ /* add zero padding */
+ if (ret < len) {
+ bcopy(secret, secret + (len - ret), ret);
+ bzero(secret, len - ret);
+ }
+
return (0);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-04 11:07:55 +0000