When outputting MPIs for OpenSSH format, ensure that the leading bit of the first...

author Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Wed, 9 Apr 2008 05:30:02 +0000 (01:30 -0400)

committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Wed, 9 Apr 2008 05:30:02 +0000 (01:30 -0400)
author Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Wed, 9 Apr 2008 05:30:02 +0000 (01:30 -0400)
committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Wed, 9 Apr 2008 05:30:02 +0000 (01:30 -0400)
diff --git a/gnutls-helpers.c b/gnutls-helpers.c

index ce77d0cbdd4ad9ad81093a3e2b3e946c32457a26..50b611446a32145c12edb5ba91bc149a93968705 100644 (file)
--- a/gnutls-helpers.c
+++ b/gnutls-helpers.c
@@ -210,11 +210,29 @@ int write_datum_fd(int fd, const gnutls_datum_t* d) {
  
  
  int write_datum_fd_with_length(int fd, const gnutls_datum_t* d) {
-  uint32_t len = htonl(d->size);
+  uint32_t len;
+  int looks_negative = (d->data[0] & 0x80);
+  unsigned char zero = 0;
+
+  /* if the first bit is 1, then the datum will appear negative in the
+     MPI encoding style used by OpenSSH.  In that case, we'll increase
+     the length by one, and dump out one more byte */
+
+  if (looks_negative) {
+    len = htonl(d->size + 1);
+  } else {
+    len = htonl(d->size);
+  }
    if (write(fd, &len, sizeof(len)) != sizeof(len)) {
      err("failed to write size of datum.\n");
      return -2;
    }
+  if (looks_negative) {
+    if (write(fd, &zero, 1) != 1) {
+      err("failed to write padding byte for MPI.\n");
+      return -2;
+    }
+  }
    return write_datum_fd(fd, d);
  }
author	Daniel Kahn Gillmor <dkg@fifthhorseman.net>
	Wed, 9 Apr 2008 05:30:02 +0000 (01:30 -0400)
committer	Daniel Kahn Gillmor <dkg@fifthhorseman.net>
	Wed, 9 Apr 2008 05:30:02 +0000 (01:30 -0400)