From d1e7a8d480ccc2d0b2313cef22ccf80b4797d129 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun, 5 Sep 2010 12:21:11 +0200
Subject: DH key generation moved to a while loop... Just in case.

---
 ncr-dh.c | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/ncr-dh.c b/ncr-dh.c
index bc45723fe3e..501eaa399cb 100644
--- a/ncr-dh.c
+++ b/ncr-dh.c
@@ -92,20 +92,22 @@ int dh_generate_key(dh_key * key)
 		return -ENOMEM;
 	}
 
-	get_random_bytes(buf, size);
+	do {
+		get_random_bytes(buf, size);
 
-	if ((err = mp_read_unsigned_bin(&key->x, buf, size)) != CRYPT_OK) {
-		err();
-		ret = _ncr_tomerr(err);
-		goto fail;
-	}
+		if ((err = mp_read_unsigned_bin(&key->x, buf, size)) != CRYPT_OK) {
+			err();
+			ret = _ncr_tomerr(err);
+			goto fail;
+		}
 
-	err = mp_mod(&key->x, &key->p, &key->x);
-	if (err != CRYPT_OK) {
-		err();
-		ret = _ncr_tomerr(err);
-		goto fail;
-	}
+		err = mp_mod(&key->x, &key->p, &key->x);
+		if (err != CRYPT_OK) {
+			err();
+			ret = _ncr_tomerr(err);
+			goto fail;
+		}
+	} while(mp_cmp_d(&key->x, 0) == MP_EQ || mp_cmp_d(&key->x, 1) == MP_EQ);
 
 	key->type = PK_PRIVATE;
 
-- 
cgit