diff options
| -rw-r--r-- | common-kex.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/common-kex.c b/common-kex.c index e2b4f8e..b233819 100644 --- a/common-kex.c +++ b/common-kex.c @@ -760,6 +760,7 @@ void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_ unsigned char out[CURVE25519_LEN]; const unsigned char* Q_C = NULL; const unsigned char* Q_S = NULL; + char zeroes[CURVE25519_LEN] = {0}; if (buf_pub_them->len != CURVE25519_LEN) { @@ -767,6 +768,11 @@ void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_ } curve25519_donna(out, param->priv, buf_pub_them->data); + + if (constant_time_memcmp(zeroes, out, CURVE25519_LEN) == 0) { + dropbear_exit("Bad curve25519"); + } + m_mp_alloc_init_multi(&ses.dh_K, NULL); bytes_to_mp(ses.dh_K, out, CURVE25519_LEN); m_burn(out, sizeof(out)); |