|
@@ -211,6 +211,7 @@ BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g
|
|
|
OSSL_LIB_CTX *libctx, const char *propq)
|
|
|
{
|
|
|
BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
|
|
|
+ BIGNUM *xtmp = NULL;
|
|
|
BN_CTX *bn_ctx;
|
|
|
|
|
|
if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL
|
|
@@ -219,10 +220,13 @@ BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g
|
|
|
|
|
|
if ((tmp = BN_new()) == NULL ||
|
|
|
(tmp2 = BN_new()) == NULL ||
|
|
|
- (tmp3 = BN_new()) == NULL)
|
|
|
+ (tmp3 = BN_new()) == NULL ||
|
|
|
+ (xtmp = BN_new()) == NULL)
|
|
|
goto err;
|
|
|
|
|
|
- if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
|
|
|
+ BN_with_flags(xtmp, x, BN_FLG_CONSTTIME);
|
|
|
+ BN_set_flags(tmp, BN_FLG_CONSTTIME);
|
|
|
+ if (!BN_mod_exp(tmp, g, xtmp, N, bn_ctx))
|
|
|
goto err;
|
|
|
if ((k = srp_Calc_k(N, g, libctx, propq)) == NULL)
|
|
|
goto err;
|
|
@@ -230,7 +234,7 @@ BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g
|
|
|
goto err;
|
|
|
if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
|
|
|
goto err;
|
|
|
- if (!BN_mul(tmp3, u, x, bn_ctx))
|
|
|
+ if (!BN_mul(tmp3, u, xtmp, bn_ctx))
|
|
|
goto err;
|
|
|
if (!BN_add(tmp2, a, tmp3))
|
|
|
goto err;
|
|
@@ -242,6 +246,7 @@ BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g
|
|
|
|
|
|
err:
|
|
|
BN_CTX_free(bn_ctx);
|
|
|
+ BN_free(xtmp);
|
|
|
BN_clear_free(tmp);
|
|
|
BN_clear_free(tmp2);
|
|
|
BN_clear_free(tmp3);
|