Initial merge attempt with gnutls_with_ext_mpi

1 files changed, 8 insertions, 22 deletions

diff --git a/lib/gnutls_dh.c b/lib/gnutls_dh.c
index 5bf5ec2774..1ceb8f203f 100644
--- a/lib/gnutls_dh.c
+++ b/lib/gnutls_dh.c
@@ -46,10 +46,10 @@
 
 /* returns the public value (X), and the secret (ret_x).
  */
-mpi_t
-gnutls_calc_dh_secret (mpi_t * ret_x, mpi_t g, mpi_t prime)
+bigint_t
+gnutls_calc_dh_secret (bigint_t * ret_x, bigint_t g, bigint_t prime)
 {
-  mpi_t e, x;
+  bigint_t e, x = NULL;
   int x_size = _gnutls_mpi_get_nbits (prime) - 1;
   /* The size of the secret key is less than
    * prime/2
@@ -61,27 +61,13 @@ gnutls_calc_dh_secret (mpi_t * ret_x, mpi_t g, mpi_t prime)
       return NULL;
     }
 
-  x = _gnutls_mpi_new (x_size);
+  x = _gnutls_mpi_randomize( NULL, x_size, GNUTLS_RND_RANDOM);
   if (x == NULL)
     {
-      gnutls_assert ();
-      if (ret_x)
-	*ret_x = NULL;
-
+      gnutls_assert();
       return NULL;
     }
 
-  /* FIXME: (x_size/8)*8 is there to overcome a bug in libgcrypt
-   * which does not really check the bits given but the bytes.
-   */
-  do
-    {
-      _gnutls_mpi_randomize (x, (x_size / 8) * 8, GCRY_STRONG_RANDOM);
-      /* Check whether x is zero. 
-       */
-    }
-  while (_gnutls_mpi_cmp_ui (x, 0) == 0);
-
   e = _gnutls_mpi_alloc_like (prime);
   if (e == NULL)
     {
@@ -103,10 +89,10 @@ gnutls_calc_dh_secret (mpi_t * ret_x, mpi_t g, mpi_t prime)
 }
 
 
-mpi_t
-gnutls_calc_dh_key (mpi_t f, mpi_t x, mpi_t prime)
+bigint_t
+gnutls_calc_dh_key (bigint_t f, bigint_t x, bigint_t prime)
 {
-  mpi_t k;
+  bigint_t k;
   int bits;
 
   bits = _gnutls_mpi_get_nbits (prime);