|
|
b46b7f |
From 998065599c66055dcffa1ef1ddebb947ccd68248 Mon Sep 17 00:00:00 2001
|
|
|
b46b7f |
From: =?UTF-8?q?Tomasz=20Mi=C4=85sko?= <tomasz.miasko@gmail.com>
|
|
|
b46b7f |
Date: Thu, 9 Feb 2017 09:45:01 +0100
|
|
|
b46b7f |
Subject: DH: Ensure that generated secret occupies the same number of bytes as
|
|
|
b46b7f |
prime.
|
|
|
b46b7f |
|
|
|
b46b7f |
https://bugzilla.gnome.org/show_bug.cgi?id=778357
|
|
|
b46b7f |
---
|
|
|
b46b7f |
egg/egg-dh.c | 15 +++++++++++----
|
|
|
b46b7f |
1 file changed, 11 insertions(+), 4 deletions(-)
|
|
|
b46b7f |
|
|
|
b46b7f |
diff --git a/egg/egg-dh.c b/egg/egg-dh.c
|
|
|
b46b7f |
index e869c99..b190488 100644
|
|
|
b46b7f |
--- a/egg/egg-dh.c
|
|
|
b46b7f |
+++ b/egg/egg-dh.c
|
|
|
b46b7f |
@@ -314,6 +314,7 @@ egg_dh_gen_secret (gcry_mpi_t peer, gcry_mpi_t priv,
|
|
|
b46b7f |
{
|
|
|
b46b7f |
gcry_error_t gcry;
|
|
|
b46b7f |
guchar *value;
|
|
|
b46b7f |
+ gsize n_prime;
|
|
|
b46b7f |
gsize n_value;
|
|
|
b46b7f |
gcry_mpi_t k;
|
|
|
b46b7f |
gint bits;
|
|
|
b46b7f |
@@ -330,19 +331,25 @@ egg_dh_gen_secret (gcry_mpi_t peer, gcry_mpi_t priv,
|
|
|
b46b7f |
gcry_mpi_powm (k, peer, priv, prime);
|
|
|
b46b7f |
|
|
|
b46b7f |
/* Write out the secret */
|
|
|
b46b7f |
- gcry = gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n_value, k);
|
|
|
b46b7f |
+ gcry = gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n_prime, prime);
|
|
|
b46b7f |
g_return_val_if_fail (gcry == 0, NULL);
|
|
|
b46b7f |
- value = egg_secure_alloc (n_value);
|
|
|
b46b7f |
- gcry = gcry_mpi_print (GCRYMPI_FMT_USG, value, n_value, &n_value, k);
|
|
|
b46b7f |
+ value = egg_secure_alloc (n_prime);
|
|
|
b46b7f |
+ gcry = gcry_mpi_print (GCRYMPI_FMT_USG, value, n_prime, &n_value, k);
|
|
|
b46b7f |
g_return_val_if_fail (gcry == 0, NULL);
|
|
|
b46b7f |
|
|
|
b46b7f |
+ /* Pad the secret with zero bytes to match length of prime in bytes. */
|
|
|
b46b7f |
+ if (n_value < n_prime) {
|
|
|
b46b7f |
+ memmove (value + (n_prime - n_value), value, n_value);
|
|
|
b46b7f |
+ memset (value, 0, (n_prime - n_value));
|
|
|
b46b7f |
+ }
|
|
|
b46b7f |
+
|
|
|
b46b7f |
#if DEBUG_DH_SECRET
|
|
|
b46b7f |
g_printerr ("DH SECRET: ");
|
|
|
b46b7f |
gcry_mpi_dump (k);
|
|
|
b46b7f |
#endif
|
|
|
b46b7f |
gcry_mpi_release (k);
|
|
|
b46b7f |
|
|
|
b46b7f |
- *bytes = n_value;
|
|
|
b46b7f |
+ *bytes = n_prime;
|
|
|
b46b7f |
|
|
|
b46b7f |
#if DEBUG_DH_SECRET
|
|
|
b46b7f |
gcry_mpi_scan (&k, GCRYMPI_FMT_USG, value, bytes, NULL);
|
|
|
b46b7f |
--
|
|
|
b46b7f |
cgit v0.12
|
|
|
b46b7f |
|