openssh unix dev - Apr 2014 - buffer_put_bignum2_from_string question

Hello,
I have question about buffer_put_bignum2_from_string
function used in kexc25519.c in (OpenSSH >= 6.5)

Is it 1:1 replacement for formating bignums from OpenSSL?

If yes, then buffer_put_bignum2_from_string
has different results for numbers starting with zeros.

How to reproduce:

shared_key[CURVE25519_SIZE] =
"\0\0\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1";
buffer_put_bignum2_from_string(out, shared_key, CURVE25519_SIZE);

and than same number format into bignum and than into wire format.


Best regards,
Jan

On Tue, 8 Apr 2014, Jan Moj??? wrote:
> Hello,
> I have question about buffer_put_bignum2_from_string
> function used in kexc25519.c in (OpenSSH >= 6.5)
> 
> Is it 1:1 replacement for formating bignums from OpenSSL?
It is intended to be.
> If yes, then buffer_put_bignum2_from_string
> has different results for numbers starting with zeros.
Yes, there is a bug. I think this fixes it:

Index: bufaux.c
==================================================================RCS file:
/cvs/src/usr.bin/ssh/bufaux.c,v
retrieving revision 1.56
diff -u -p -r1.56 bufaux.c
--- bufaux.c	2 Feb 2014 03:44:31 -0000	1.56
+++ bufaux.c	8 Apr 2014 23:04:11 -0000
@@ -370,6 +370,8 @@ buffer_put_bignum2_from_string(Buffer *b
 
 	if (l > 8 * 1024)
 		fatal("%s: length %u too long", __func__, l);
+	for (; l > 0 && *s == 0; l--, s++)
+		;
 	p = buf = xmalloc(l + 1);
 	/*
 	 * If most significant bit is set then prepend a zero byte to