From 294bb3977441b5b8727b82f4453d12892a248e44 Mon Sep 17 00:00:00 2001
From: Kenny Root <kenny@the-b.org>
Date: Sun, 5 Apr 2015 23:34:54 -0700
Subject: ECDH there should be no negative bigint

Since the hash is over the canonical values of the agreed parameters
when the shared secret was encoded as a negative biginteger, the two
sides didn't agree. Make sure this doesn't occur by setting the bigint
signum to 1.

Change-Id: Ib0581cd7dc280dcce8cc3309d7102f8f5a444158
---
 lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/src/main/java/com/trilead/ssh2/crypto')

diff --git a/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java b/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java
index 43d31ad..870a3b4 100644
--- a/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java
+++ b/lib/src/main/java/com/trilead/ssh2/crypto/dh/EcDhExchange.java
@@ -96,7 +96,7 @@ public class EcDhExchange extends GenericDhExchange {
 			throw (IOException) new IOException("Invalid ECDH key").initCause(e);
 		}
 
-		sharedSecret = new BigInteger(ka.generateSecret());
+		sharedSecret = new BigInteger(1, ka.generateSecret());
 	}
 
 	@Override
-- 
cgit v1.2.3