summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@riseup.net>2012-10-16 17:24:12 +0200
committerAzul <azul@riseup.net>2012-10-16 17:24:12 +0200
commitd21474a0290edab1c765741d484335d83f50be75 (patch)
tree95390f6736f5d08fcfd9e50242f95d76e7825f43
parentaeab3e93f45d2d8882d93ec20531aafd3cd9df45 (diff)
use M2 as the key for the server auth
Diffstat
-rw-r--r--spec/restful/login.js2
-rw-r--r--src/srp.js2
-rw-r--r--src/srp_session.js3
3 files changed, 4 insertions, 3 deletions
diff --git a/spec/restful/login.js b/spec/restful/login.js
index d84112a..1bc6108 100644
--- a/spec/restful/login.js
+++ b/spec/restful/login.js
@@ -55,7 +55,7 @@ describe("Login", function() {
this.expectRequest('sessions', 'login=' +login+ '&A=' +A, 'POST');
this.respondJSON({salt: salt, B: B});
this.expectRequest('sessions/'+login, 'client_auth='+M, 'PUT');
- this.respondJSON({M: M2});
+ this.respondJSON({M2: M2});
expect(this.srp.success).toHaveBeenCalled();
});
diff --git a/src/srp.js b/src/srp.js
index b348e69..e66c2fa 100644
--- a/src/srp.js
+++ b/src/srp.js
@@ -35,7 +35,7 @@ function SRP(remote, session)
// If an error occurs, raise it as an alert.
function confirm_authentication(response)
{
- if (session.validate(response.M))
+ if (session.validate(response.M2))
srp.success();
else
srp.error("Server key does not match");
diff --git a/src/srp_session.js b/src/srp_session.js
index cbb95d8..8f45a44 100644
--- a/src/srp_session.js
+++ b/src/srp_session.js
@@ -7,7 +7,8 @@ SRP.prototype.Session = function(login, password) {
var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16);
var rng = new SecureRandom();
- var a = new BigInteger(32, rng);
+// var a = new BigInteger(32, rng);
+ var a = new BigInteger("d498c3d024ec17689b5320e33fc349a3f3f91320384155b3043fa410c90eab71", 16);
var A = g.modPow(a, N);
while(A.mod(N) == 0)
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-15 18:10:17 +0000