tarcieri
commented
5 months ago See also #153 and #163, as well as RFC5054
Open zadlg opened 7 months ago
tarcieri
commented
5 months ago See also #153 and #163, as well as RFC5054
zadlg
commented
4 months ago up
tarcieri
commented
4 months ago @zadlg your opinion on the existing PRs and any overlap and existing discussion would be appreciated
zadlg
commented
4 months ago Sorry, I didn't understand you were waiting for an answer from me.
I think the specification is quite clear, isn't it ?
tarcieri
commented
4 months ago Let me be a little more explicit:
srp: compute
K = H(S)correctly.According to the specification section The SRP protocol,
K(which corresponds to the session key) is computed as follows:where
His the digest algorithm, andSis the common exponential value.In the current implementation,
Kis equal toS, which does not follow the SRP protocol specification.This commit fixes this issue by computing the right value for
K.