diff options
| author | Jack Lloyd <[email protected]> | 2018-12-09 06:45:46 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2018-12-09 06:45:46 -0500 |
| commit | ef16300624c1f5883f7185eb4316ab7efbed6118 (patch) | |
| tree | 6a2ed310b9497288eade7fd1a2301671e5158bcf /src/lib/misc | |
| parent | e5be97da0c2039fefe4f81ff40c86ae3b88622eb (diff) | |
Avoid doing a variable time division during Montgomery setup
Instead require the inputs be reduced already. For RSA-CRT use
Barrett which is const time already. For SRP6 inputs were not reduced,
use the Barrett hook available in DL_Group.
Diffstat (limited to 'src/lib/misc')
| -rw-r--r-- | src/lib/misc/srp6/srp6.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/misc/srp6/srp6.cpp b/src/lib/misc/srp6/srp6.cpp index 0ec4fd2bb..825c38589 100644 --- a/src/lib/misc/srp6/srp6.cpp +++ b/src/lib/misc/srp6/srp6.cpp @@ -103,7 +103,8 @@ srp6_client_agree(const std::string& identifier, const BigInt x = compute_x(hash_id, identifier, password, salt); - const BigInt S = power_mod((B - (k * power_mod(g, x, p))) % p, (a + (u * x)), p); + const BigInt S = power_mod(group.mod_p(B - (k * power_mod(g, x, p))), + group.mod_p(a + (u * x)), p); const SymmetricKey Sk(BigInt::encode_1363(S, p_bytes)); |