Closed promovicz closed 9 years ago
Note that the second patch with the modulo fixes might very well be a fix for an information leak.
Thanks for the patches Ingo. I hadn't originally intended the implementation to be fully RFC5054 compliant but if those are all of the changes that are required, I suppose it's worth the effort. Honestly, I have no idea how many users csrp has but I suspect there's enough to merit a compatibility mechanism. I'll probably add a "backward compatibility" flag to the client/server structs and leave it up to the user to set as needed. I'll have to make the same set of changes to the pysrp library as well since I'm trying to keep them in sync.
They're relatively easy additions to your patch set but my free time at the moment is pretty sparse. I'll get around to it eventually though. If you have a particular need for sooner rather than later, e-mail me.
+1
@cocagne thanks so much for creating this library. people are definitely using it, at least I am and it has been a big help for me. Any work you continue to do on it is appreciated! Thanks!
Regarding the patch with the modulo fixes: in srp_user_process_challenge()
there are also some calculations that I think should be changed.
Took a while, but I finally got around to it. A variant of this patch set has been merged into the rfc5054_compat branch. I'll merge it into the mainline once I complete an equivalent pysrp implementation.
Hi!
I'm a colleague of the guy who did the last pull request to your nice little library.
While verifying your library for use with our own SRP implementation (which is based on Bouncy Castle), we found that your library is actually not compliant to RFC5054.
These two patches fix this, however they make csrp incompatible with older versions of itself, so you might want to introduce some sort of compatibility hack.
The patches have been verified against our implementation. I have also verified them against the RFC5054 test vectors manually. Note that these vectors only cover the first phase (key negotiation), not the verification phase. This is because TLS-SRP, specified in said RFC, does not require a verification phase.
Greetings from Berlin Ingo