3 files changed, 10 insertions, 5 deletions

diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index 809a354..406e877 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -129,14 +129,11 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key,
   Mpi salt = Mpi(salt_.getBuf(), salt_.getLength());
   iv = key_id ^ salt;
 
-  std::cout << "KeyDerivation::generate: r_len: "<< r.getLen() << std::endl;
-  std::cout << "KeyDerivation::generate: key_id_len: "<< key_id.getLen() << std::endl;
-  std::cout << "KeyDerivation::generate: salt_len: "<< salt.getLen() << std::endl;
-  std::cout << "KeyDerivation::generate: iv_len: "<< iv.getLen() << std::endl;
-
   err = gcry_cipher_reset( cipher_ );
   if( err ) 
     cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << gpg_strerror( err );
+
+  iv.clearHighBit(129);  
   
   err = gcry_cipher_setiv( cipher_ , iv.getBuf().getBuf(), iv.getBuf().getLength());
   if( err )
diff --git a/mpi.cpp b/mpi.cpp
index 8d35bb8..b8a4b6c 100644
--- a/mpi.cpp
+++ b/mpi.cpp
@@ -108,6 +108,8 @@ Mpi Mpi::operator^(const Mpi &b) const
   return res;
 }
 
+// bit manipulation
+
 void Mpi::rShift(u_int8_t n)
 {
   gcry_mpi_rshift(val_, val_, n);
@@ -120,6 +122,11 @@ Mpi Mpi::mul2exp(u_int32_t e) const
   return res;
 }
 
+void Mpi::clearHighBit(u_int32_t n)
+{
+  gcry_mpi_clear_highbit( val_, n );
+}
+
 Buffer Mpi::getBuf() const
 {
   u_int32_t len = 0, written = 0;
diff --git a/mpi.h b/mpi.h
index 12079c5..b423d7c 100644
--- a/mpi.h
+++ b/mpi.h
@@ -54,6 +54,7 @@ public:
 
   void rShift(u_int8_t n);            // LSB on the right side!
   Mpi mul2exp(u_int32_t e) const;     // value * 2^e
+  void clearHighBit(u_int32_t n);
   Buffer getBuf() const;
   u_int32_t getLen() const;