From: lizhi <lizhi206@huawei.com> To ensure consistency with the results of openssl software calculations, pad the high bits of shared keys that are shorter than the standard length with 0. Signed-off-by: lizhi <lizhi206@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_ecdh_exch.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/uadk_prov_ecdh_exch.c b/src/uadk_prov_ecdh_exch.c index f3b2e68..f508b9f 100644 --- a/src/uadk_prov_ecdh_exch.c +++ b/src/uadk_prov_ecdh_exch.c @@ -275,6 +275,7 @@ static int ecdh_get_shared_key(unsigned char *secret, struct wd_ecc_req *req) { struct wd_ecc_point *shared_key = NULL; + size_t len; wd_ecxdh_get_out_params(req->dst, &shared_key); if (!shared_key) { @@ -282,10 +283,12 @@ static int ecdh_get_shared_key(unsigned char *secret, return UADK_P_FAIL; } - size = size < shared_key->x.dsize ? size : shared_key->x.dsize; - *psecretlen = size; + len = size < shared_key->x.dsize ? size : shared_key->x.dsize; + + memset(secret, 0, size - len); + memcpy(secret + size - len, (unsigned char *)shared_key->x.data, len); - memcpy(secret, (unsigned char *)shared_key->x.data, size); + *psecretlen = size; return UADK_P_SUCCESS; } -- 2.33.0