From 6c6b0283cbc24f2d3d3bb7139e1cbeb5a35cfedd Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 18 Dec 2008 16:11:16 +0000
Subject: Ben confirms that the MUST in rfc2631 is only for compatibility with
 X9.42, and isn't actually a security thing.

svn:r17685
---
 src/common/crypto.c | 7 -------
 1 file changed, 7 deletions(-)

(limited to 'src')

diff --git a/src/common/crypto.c b/src/common/crypto.c
index f35620a7a6..fdccfe1d7b 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1643,13 +1643,6 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
     goto error;
   }
   secret_len = result;
-  /* sometimes secret_len might be less than 128, e.g., 127. that's ok. -RD */
-  /* Actually, http://www.faqs.org/rfcs/rfc2631.html says:
-   *   Leading zeros MUST be preserved, so that ZZ occupies as many
-   *   octets as p. For instance, if p is 1024 bits, ZZ should be 128
-   *   bytes long.
-   * XXX021 What are the security implications here? -NM
-   */
   if (crypto_expand_key_material(secret_tmp, secret_len,
                                  secret_out, secret_bytes_out)<0)
     goto error;
-- 
cgit v1.2.3-54-g00ecf