1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
https://github.com/LibVNC/libvncserver/commit/b686f379c34114cf938fe88291f58014337558f6
https://bugs.gentoo.org/893608
From b686f379c34114cf938fe88291f58014337558f6 Mon Sep 17 00:00:00 2001
From: Gaurav Ujjwal <gujjwal00@gmail.com>
Date: Mon, 23 Jan 2023 00:03:03 +0530
Subject: [PATCH] common/crypto_openssl: pad DH key buffers with leading zeros
for smaller keys
Re: https://github.com/LibVNC/libvncserver/issues/493
Re: https://github.com/bk138/multivnc/issues/202
--- a/common/crypto_openssl.c
+++ b/common/crypto_openssl.c
@@ -156,6 +156,15 @@ int encrypt_aes128ecb(void *out, int *out_len, const unsigned char key[16], cons
return result;
}
+static void pad_leading_zeros(uint8_t *out, const size_t current_len, const size_t expected_len) {
+ if (current_len >= expected_len || expected_len < 1)
+ return;
+
+ size_t diff = expected_len - current_len;
+ memmove(out + diff, out, current_len);
+ memset(out, 0, diff);
+}
+
int dh_generate_keypair(uint8_t *priv_out, uint8_t *pub_out, const uint8_t *gen, const size_t gen_len, const uint8_t *prime, const size_t keylen)
{
int result = 0;
@@ -184,6 +193,9 @@ int dh_generate_keypair(uint8_t *priv_out, uint8_t *pub_out, const uint8_t *gen,
goto out;
if(BN_bn2bin(dh->pub_key, pub_out) == 0)
goto out;
+
+ pad_leading_zeros(priv_out, BN_num_bytes(dh->priv_key), keylen);
+ pad_leading_zeros(pub_out, BN_num_bytes(dh->pub_key), keylen);
#else
DH_get0_key(dh, &pub_key, &priv_key);
if(BN_bn2binpad(priv_key, priv_out, keylen) == -1)
@@ -216,9 +228,11 @@ int dh_compute_shared_key(uint8_t *shared_out, const uint8_t *priv, const uint8_
if(!DH_set0_key(dh, NULL, BN_bin2bn(priv, keylen, NULL)))
goto out;
#endif
- if(DH_compute_key(shared_out, BN_bin2bn(pub, keylen, NULL), dh) == -1)
- goto out;
+ int shared_len = DH_compute_key(shared_out, BN_bin2bn(pub, keylen, NULL), dh);
+ if(shared_len == -1)
+ goto out;
+ pad_leading_zeros(shared_out, shared_len, keylen);
result = 1;
out:
--
2.39.2
|
GitWeb
