reject server response with error message if B=0

author: Azul <azul@leap.se> 2012-07-02 17:50:33 +0200
committer: Azul <azul@leap.se> 2012-07-02 17:50:33 +0200
commit: 07fe2d8976db0ec267bd57ded90778f0d7695478 (patch)
tree: e68f4f73b300e78854bca781f3accb2341390d77 /javascript/srp.js
parent: 337df30b51d2c1bdddcb7fbd05f0ccf46a7a31b3 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/javascript/srp.js b/javascript/srp.js
index b84786e..b04a350 100644
--- a/javascript/srp.js
+++ b/javascript/srp.js
@@ -185,6 +185,11 @@ function SRP()
     if(response.error) {
       that.error_message(response.error);
     }
+    // B = 0 will make the algorithm always succeed - refuse such a server
+    // answer
+    else if(response.B == 0) {
+      that.error_message("Server send random number 0 - this is not allowed");
+    }
     // If there is no algorithm specified, calculate M given s, B, and P
     else if(!response.a)
     {
author	Azul <azul@leap.se>	2012-07-02 17:50:33 +0200
committer	Azul <azul@leap.se>	2012-07-02 17:50:33 +0200
commit	07fe2d8976db0ec267bd57ded90778f0d7695478 (patch)
tree	e68f4f73b300e78854bca781f3accb2341390d77 /javascript/srp.js
parent	337df30b51d2c1bdddcb7fbd05f0ccf46a7a31b3 (diff)