From c44a78a2e66b666696a944a389c00b1cf0fa49ca Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Tue, 10 Feb 2015 21:46:19 +0800
Subject: Tighten validation of DH values. Odds of x==0 being generated are
 improbable, roughly 2**-1023 Regression in 0.49

---
 dbrandom.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'dbrandom.c')

diff --git a/dbrandom.c b/dbrandom.c
index e2f55c2..cf280f4 100644
--- a/dbrandom.c
+++ b/dbrandom.c
@@ -306,7 +306,7 @@ void gen_random_mpint(mp_int *max, mp_int *rand) {
 
 		/* keep regenerating until we get one satisfying
 		 * 0 < rand < max    */
-	} while (mp_cmp(rand, max) != MP_LT);
+	} while (!(mp_cmp(rand, max) == MP_LT && mp_cmp_d(rand, 0) == MP_GT));
 	m_burn(randbuf, len);
 	m_free(randbuf);
 }
-- 
cgit v1.2.3