From: Daniel Kahn Gillmor Date: Wed, 9 Apr 2008 05:30:02 +0000 (-0400) Subject: When outputting MPIs for OpenSSH format, ensure that the leading bit of the first... X-Git-Tag: monkeysphere_0.1-1~84 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e64a37b7ee2e4f91171f3893934b325858f5f6ce;p=monkeysphere.git When outputting MPIs for OpenSSH format, ensure that the leading bit of the first byte is not 1 (so that ssh does not get confused by a "negative" MPI). --- diff --git a/gnutls-helpers.c b/gnutls-helpers.c index ce77d0c..50b6114 100644 --- a/gnutls-helpers.c +++ b/gnutls-helpers.c @@ -210,11 +210,29 @@ int write_datum_fd(int fd, const gnutls_datum_t* d) { int write_datum_fd_with_length(int fd, const gnutls_datum_t* d) { - uint32_t len = htonl(d->size); + uint32_t len; + int looks_negative = (d->data[0] & 0x80); + unsigned char zero = 0; + + /* if the first bit is 1, then the datum will appear negative in the + MPI encoding style used by OpenSSH. In that case, we'll increase + the length by one, and dump out one more byte */ + + if (looks_negative) { + len = htonl(d->size + 1); + } else { + len = htonl(d->size); + } if (write(fd, &len, sizeof(len)) != sizeof(len)) { err("failed to write size of datum.\n"); return -2; } + if (looks_negative) { + if (write(fd, &zero, 1) != 1) { + err("failed to write padding byte for MPI.\n"); + return -2; + } + } return write_datum_fd(fd, d); }