Empty string for shared secret/answer is acceptable

arlolra / ctypes-otr

js-ctypes wrapper for libotr

Mozilla Public License 2.0

29 stars 7 forks source link

Empty string for shared secret/answer is acceptable #40

Closed azadi closed 9 years ago

azadi commented 9 years ago

Leaving the text box blank for shared secret/answer works and the authentication is successful. This should probably be not allowed.

azadi commented 9 years ago

I tested this again and another related issue will be the notification to the user that an empty answer/secret is not acceptable. Since we are avoiding modal dialogues, should we say this using a notification bar or ...?

arlolra commented 9 years ago

See 638c48b8b87dbc980e7d06c4564811a1701de1e3.

azadi commented 9 years ago

That's ... weird. So I am guessing the protocol says nothing about this?

arlolra commented 9 years ago

SMP is verifying two strings are the same without revealing any knowledge about them. It shouldn't matter for the security of the protocol.

However, usability is another issue altogether. We should be encouraging safer behaviour.