commit 032c34e206730f7c7cede6909724c8f73db83637
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Sat Sep 07 13:06:27 2013 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Sat Sep 07 13:06:27 2013 +0200
tree b74a3fad620cab23d51f1169f6687634c4e52345
parent ce6352a791f5e4ce04fbaca60fc99514aab79cf0

Don't use DH blinding for ephemeral DH

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f0936b4..21ceaf1 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2384,10 +2384,11 @@
 
         ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len;
 
+        /* No blinding needed for DHE, but will be needed for fixed DH! */
         if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
                                       ssl->handshake->premaster,
                                      &ssl->handshake->pmslen,
-                                      ssl->f_rng, ssl->p_rng ) ) != 0 )
+                                      NULL, NULL ) ) != 0 )
         {
             SSL_DEBUG_RET( 1, "dhm_calc_secret", ret );
             return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
@@ -2472,8 +2473,9 @@
 
         n = ssl->handshake->dhm_ctx.len;
 
+        /* No blinding needed since this is ephemeral DHM */
         if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
-                                      p, &n, ssl->f_rng, ssl->p_rng ) ) != 0 )
+                                      p, &n, NULL, NULL ) ) != 0 )
         {
             SSL_DEBUG_RET( 1, "dhm_calc_secret", ret );
             return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );