ECDH there should be no negative bigint

Since the hash is over the canonical values of the agreed parameters
when the shared secret was encoded as a negative biginteger, the two
sides didn't agree. Make sure this doesn't occur by setting the bigint
signum to 1.

Change-Id: Ib0581cd7dc280dcce8cc3309d7102f8f5a444158

2 files changed, 3 insertions, 3 deletions

diff --git a/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java b/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java
index 43d31ad..870a3b4 100644
--- a/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java
+++ b/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java
@@ -96,7 +96,7 @@ public class EcDhExchange extends GenericDhExchange {
 			throw (IOException) new IOException("Invalid ECDH key").initCause(e);
 		}
 
-		sharedSecret = new BigInteger(ka.generateSecret());
+		sharedSecret = new BigInteger(1, ka.generateSecret());
 	}
 
 	@Override
diff --git a/lib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java b/lib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java
index f139cdf..7d8dd3e 100644
--- a/lib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java
+++ b/lib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java
@@ -294,8 +294,8 @@ public class ECDSASHA2Verify {
 		System.arraycopy(sig, 4, rArray, 0, rLength);
 		System.arraycopy(sig, 6 + rLength, sArray, 0, sLength);
 
-		BigInteger r = new BigInteger(rArray);
-		BigInteger s = new BigInteger(sArray);
+		BigInteger r = new BigInteger(1, rArray);
+		BigInteger s = new BigInteger(1, sArray);
 
 		// Write the <r,s> to its own types writer.
 		TypesWriter rsWriter = new TypesWriter();