Hello openSSL devs, I have found an issue in the computation of the SRP session key on the client side. When computing *K = (B − kg^x**)^(a+ux) mod N*, the computations in the exponent should not be mod N. Meaning that *(a+ux)* should not go through *mod N* . It rarely happens that *(a+ux) > N *but when it is, the key computed on the client side is different from the server's one.
There is a pull request pending to delete the mod operation in the exponent computation (PR #1017). Best regards, Leo Logeart -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4525 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev