X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=dh.c;h=261209aafedcfaa7077143e43fa27b268a507d10;hb=49b56eafcd147185c28848a7c04e31a32c49a82e;hp=54d3102e00163bebf9b45d581dbcbfee2e32766f;hpb=b7886fd46ab05c97b8a072e497903622bd1d5290;p=secnet.git

diff --git a/dh.c b/dh.c
index 54d3102..261209a 100644
--- a/dh.c
+++ b/dh.c
@@ -1,3 +1,32 @@
+/*
+ * dh.c
+ */
+/*
+ * This file is Free Software.  It was originally written for secnet.
+ *
+ * Copyright 1995-2003 Stephen Early
+ * Copyright 2002-2014 Ian Jackson
+ *
+ * You may redistribute secnet as a whole and/or modify it under the
+ * terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 3, or (at your option) any
+ * later version.
+ *
+ * You may redistribute this file and/or modify it under the terms of
+ * the GNU General Public License as published by the Free Software
+ * Foundation; either version 2, or (at your option) any later
+ * version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, see
+ * https://www.gnu.org/licenses/gpl.html.
+ */
+
 #include <stdio.h>
 #include <gmp.h>
 #include <limits.h>
@@ -23,7 +52,7 @@ static string_t dh_makepublic(void *sst, uint8_t *secret, int32_t secretlen)
 
     read_mpbin(&a, secret, secretlen);
 
-    mpz_powm(&b, &st->g, &a, &st->p);
+    mpz_powm_sec(&b, &st->g, &a, &st->p);
 
     r=write_mpstring(&b);
 
@@ -32,6 +61,18 @@ static string_t dh_makepublic(void *sst, uint8_t *secret, int32_t secretlen)
     return r;
 }
 
+static void write_mpbin_anomalous(MP_INT *a, uint8_t *buffer,
+				  int32_t buflen)
+    /* If the BN is smaller than buflen, pads it *at the wrong end* */
+{
+    char *hb = write_mpstring(a);
+    int32_t len;
+    hex_decode(buffer, buflen, &len, hb, True);
+    if (len<buflen)
+	memset(buffer+len,0,buflen-len);
+    free(hb);
+}
+
 static dh_makeshared_fn dh_makeshared;
 static void dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen,
 			  cstring_t rempublic, uint8_t *sharedsecret,
@@ -47,9 +88,9 @@ static void dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen,
     read_mpbin(&a, secret, secretlen);
     mpz_set_str(&b, rempublic, 16);
 
-    mpz_powm(&c, &b, &a, &st->p);
+    mpz_powm_sec(&c, &b, &a, &st->p);
 
-    write_mpbin(&c,sharedsecret,buflen);
+    write_mpbin_anomalous(&c,sharedsecret,buflen);
 
     mpz_clear(&a);
     mpz_clear(&b);