Fix EC-SRP5 server: use lift_x not redp1 for verification

Server-side shared secret used redp1(x_gamma) which is the hash-to-curve blinding function, but verification needs lift_x(x_gamma) — the raw validator public key point. Also fixed prime_mod_sqrt for p ≡ 5 (mod 8) using Atkin's algorithm instead of Tonelli-Shanks. Removed unused password parameter from server_authenticate. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 17:10:31 +04:00
parent 58274da859
commit b28c553e10
2 changed files with 34 additions and 15 deletions
--- a/src/server.rs
+++ b/src/server.rs
@@ -211,7 +211,6 @@ async fn handle_client(
        crate::ecsrp5::server_authenticate(
            &mut stream,
            auth_user.as_deref().unwrap_or("admin"),
-            auth_pass.as_deref().unwrap_or(""),
            creds,
        )
        .await?;