added a check to test whether the DH secret is zero.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2005-03-06 10:56:49 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2005-03-06 10:56:49 +0000
commit: e38d55a5b43aa7dc55969947858d2804af5c4f6b (patch)
tree: 800b19b0cb9f405c1242e7830dfb767832cf95df /lib/gnutls_dh.c
parent: 6d4950f38400e7b388037a4a36d44e113330d398 (diff)
download: gnutls-e38d55a5b43aa7dc55969947858d2804af5c4f6b.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/gnutls_dh.c b/lib/gnutls_dh.c
index 02f1580605..f33aa47aef 100644
--- a/lib/gnutls_dh.c
+++ b/lib/gnutls_dh.c
@@ -68,10 +68,14 @@ mpi_t gnutls_calc_dh_secret(mpi_t * ret_x, mpi_t g, mpi_t prime)
 	return NULL;
     }
 
-    /* (x_size/8)*8 is there to overcome a bug in libgcrypt
+    /* FIXME: (x_size/8)*8 is there to overcome a bug in libgcrypt
      * which does not really check the bits given but the bytes.
      */
-    _gnutls_mpi_randomize(x, (x_size / 8) * 8, GCRY_STRONG_RANDOM);
+    do {
+        _gnutls_mpi_randomize(x, (x_size / 8) * 8, GCRY_STRONG_RANDOM);
+        /* Check whether x is zero. 
+         */
+    } while( _gnutls_mpi_cmp_ui( x, 0)==0);
 
     e = _gnutls_mpi_alloc_like(prime);
     if (e == NULL) {
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2005-03-06 10:56:49 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2005-03-06 10:56:49 +0000
commit	e38d55a5b43aa7dc55969947858d2804af5c4f6b (patch)
tree	800b19b0cb9f405c1242e7830dfb767832cf95df /lib/gnutls_dh.c
parent	6d4950f38400e7b388037a4a36d44e113330d398 (diff)
download	gnutls-e38d55a5b43aa7dc55969947858d2804af5c4f6b.tar.gz