diff options
author | lloyd <[email protected]> | 2012-08-11 23:49:41 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-08-11 23:49:41 +0000 |
commit | b3226586f6e0b48afb90fef41a07e47d6d70c721 (patch) | |
tree | 59a07bd1dd845a5a23950842c8bcdae7629941d0 /src | |
parent | 934f3e5e53d091806244913a3bb9ff8a75f00f59 (diff) |
Reject SRP6 values which are negative or larger than p since these are
likely totally bogus.
Diffstat (limited to 'src')
-rw-r--r-- | src/constructs/srp6/srp6.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/constructs/srp6/srp6.cpp b/src/constructs/srp6/srp6.cpp index f1927b648..7bc879350 100644 --- a/src/constructs/srp6/srp6.cpp +++ b/src/constructs/srp6/srp6.cpp @@ -91,7 +91,7 @@ srp6_client_agree(const std::string& identifier, const size_t p_bytes = group.get_p().bytes(); - if(B % p == 0) + if(B <= 0 || B >= p) throw std::runtime_error("Invalid SRP parameter from server"); BigInt k = hash_seq(hash_id, p_bytes, p, g); @@ -150,7 +150,7 @@ BigInt SRP6_Server_Session::step1(const BigInt& v, SymmetricKey SRP6_Server_Session::step2(const BigInt& A) { - if(A % p == 0) + if(A <= 0 || A >= p) throw std::runtime_error("Invalid SRP parameter from client"); BigInt u = hash_seq(hash_id, p_bytes, A, B); |