From 87845fef3ac66876cbbbb60cb6efa1a38522ee57 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Sat, 6 May 2006 07:12:51 +0000
Subject: [PATCH] (DH_check_pubkey): describe what the function do

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17469 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/des/dh.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/lib/des/dh.c b/lib/des/dh.c
index 017713dd7..45223f6d6 100644
--- a/lib/des/dh.c
+++ b/lib/des/dh.c
@@ -149,6 +149,14 @@ DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb)
     return 0;
 }
 
+/*
+ * Check that
+ *
+ * 	pub_key > 1    and    pub_key < p - 1
+ *
+ * to avoid small subgroups attack.
+ */
+
 int
 DH_check_pubkey(const DH *dh, const BIGNUM *pub_key, int *codes)
 {
@@ -167,9 +175,6 @@ DH_check_pubkey(const DH *dh, const BIGNUM *pub_key, int *codes)
     if (BN_cmp(bn, pub_key) >= 0)
 	*codes |= DH_CHECK_PUBKEY_TOO_SMALL;
 
-    if (!BN_set_word(bn, 2))
-	goto out;
-
     sum = BN_new();
     if (sum == NULL)
 	goto out;