From f542ef8f9e645bf30e11e196dd768fac4f957eac Mon Sep 17 00:00:00 2001
From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 19 Dec 2009 22:17:39 +0100
Subject: [PATCH] Fix alignment of results of RSA operations when using
 libgcrypt.

If the result of an RSA encryption or decryption operation can be represented
in less bytes than given, gcry_mpi_print() will not add leading zero bytes. Fix
this by adding those ourself.
---
 src/gcrypt/rsa.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/gcrypt/rsa.c b/src/gcrypt/rsa.c
index 5e4ba41f..a729591d 100644
--- a/src/gcrypt/rsa.c
+++ b/src/gcrypt/rsa.c
@@ -276,6 +276,10 @@ bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) {
 	gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
 	gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n);
 
+	int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+	while(pad--)
+		*(char *)out++ = 0;
+
 	check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
 
 	return true;
@@ -288,6 +292,10 @@ bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) {
 	gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
 	gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n);
 
+	int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+	while(pad--)
+		*(char *)out++ = 0;
+
 	check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
 
 	return true;
-- 
2.39.5