mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-28 00:21:48 +03:00
Don't use DH blinding for ephemeral DH
This commit is contained in:
@ -1711,10 +1711,11 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
||||
|
||||
ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len;
|
||||
|
||||
/* No blinding needed for DHE, but will be needed for fixed DH! */
|
||||
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
|
||||
ssl->handshake->premaster,
|
||||
&ssl->handshake->pmslen,
|
||||
ssl->f_rng, ssl->p_rng ) ) != 0 )
|
||||
NULL, NULL ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "dhm_calc_secret", ret );
|
||||
return( ret );
|
||||
@ -1842,8 +1843,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
||||
|
||||
*(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len >> 8 );
|
||||
*(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len );
|
||||
/* No blinding needed since this is ephemeral DHM */
|
||||
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
|
||||
p, &n, ssl->f_rng, ssl->p_rng ) ) != 0 )
|
||||
p, &n, NULL, NULL ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "dhm_calc_secret", ret );
|
||||
return( ret );
|
||||
|
Reference in New Issue
Block a user