server/dh.c: Set the correct scalar size when loading XDH keys.

This was left hardcoded as 32 bytes, which means that X448 could never
work.  (The `x448_stsc' function always fails because the buffer size
doesn't match its expectation.)

diff --git a/server/dh.c b/server/dh.c
index 5c27a079abe4c5abef1c3853b414fe5339a37b5c..014446e006c41e75fdab600d81bbeb3ec7d6224f 100644 (file)
--- a/server/dh.c
+++ b/server/dh.c
@@ -702,7 +702,9 @@ static void ecdh_freege(const dhgrp *gg, dhge *YY)
   }                                                                    \
                                                                        \
   KLOAD(xdh, xdh, XDH,                                                 \
   }                                                                    \
                                                                        \
   KLOAD(xdh, xdh, XDH,                                                 \

-       { kd->grp = CREATE(dhgrp); kd->grp->scsz = 32; },               \
+       { kd->grp = CREATE(dhgrp);                                      \
+         kd->grp->scsz = XDH##_KEYSZ;                                  \
+       },                                                              \

        { if ((kd->k = xdh##_bintosc(&p.priv)) == 0) {                  \
            a_format(e, "bad-private-key", A_END);                      \
            goto fail;                                                  \
        { if ((kd->k = xdh##_bintosc(&p.priv)) == 0) {                  \
            a_format(e, "bad-private-key", A_END);                      \
            goto fail;                                                  \