Open zadlg opened 7 months ago
See also #153 and #163, as well as RFC5054
up
@zadlg your opinion on the existing PRs and any overlap and existing discussion would be appreciated
Sorry, I didn't understand you were waiting for an answer from me.
I think the specification is quite clear, isn't it ?
Let me be a little more explicit:
srp: compute
K = H(S)
correctly.According to the specification section The SRP protocol,
K
(which corresponds to the session key) is computed as follows:where
H
is the digest algorithm, andS
is the common exponential value.In the current implementation,
K
is equal toS
, which does not follow the SRP protocol specification.This commit fixes this issue by computing the right value for
K
.