Open tanx opened 10 years ago
Yeah, I think it's in scope considering various other similar crypto libraries provide it (not only OpenSSL). A PR for SRP support would likely be accepted.
It looks like the implementation of SRP you linked to is very tightly integrated with XMLHttpRequest and the DOM. A PR for this should really try to make sure there are good enough abstractions so that code can be easily reused by other future additions like TLS-SRP. It would be best if people could easily plug SRP in wherever they wanted.
Yeah that makes sense. It's way down the road, but at least we know know where to send our PR when the time comes ^^
It look like Stanford Javascript Crypto Library now support SRP6a together with RFC5054 test vectors https://github.com/bitwiseshiftleft/sjcl/issues/214 .
Considering the TLSLite pure-python TLS-SRP server-side implementation (https://github.com/sqs/tlslite/issues/4), it would be super to see a fully working integration of the 3 components:
Hi,
we are looking into the possibility of using the SRP protocol in our application. I wanted to ask if it is in the scope of this library to provide such functionality since, OpenSSL 1.0.1 also supports this: http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol#Real_world_implementations
Here is a js implementation that could potentially be integrated: https://code.google.com/p/srp-js/source/browse/#svn%2Ftrunk%2Fjavascript
Thanks