X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fgcrypt%2Frsa.c;h=e38b50b0a3911fac6c9d292f8594cdd5135da371;hb=refs%2Fheads%2F1.1-threads;hp=5e4ba41fdedba7e6102e378e092c2559909cfff2;hpb=0bfd69a2736cb98470b47c1f6cba617b58bb86ef;p=tinc

diff --git a/src/gcrypt/rsa.c b/src/gcrypt/rsa.c
index 5e4ba41f..e38b50b0 100644
--- a/src/gcrypt/rsa.c
+++ b/src/gcrypt/rsa.c
@@ -276,6 +276,10 @@ bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) {
 	gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
 	gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n);
 
+	int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+	while(pad--)
+		*(char *)out++ = 0;
+
 	check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
 
 	return true;
@@ -288,7 +292,17 @@ bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) {
 	gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
 	gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n);
 
+	int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+	while(pad--)
+		*(char *)out++ = 0;
+
 	check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi));
 
 	return true;
 }
+
+void rsa_free(rsa_t *rsa) {
+	gcry_mpi_release(rsa->n);
+	gcry_mpi_release(rsa->e);
+	gcry_mpi_release(rsa->d);
+}