From d21474a0290edab1c765741d484335d83f50be75 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Tue, 16 Oct 2012 17:24:12 +0200
Subject: use M2 as the key for the server auth

---
 src/srp.js         | 2 +-
 src/srp_session.js | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/srp.js b/src/srp.js
index b348e69..e66c2fa 100644
--- a/src/srp.js
+++ b/src/srp.js
@@ -35,7 +35,7 @@ function SRP(remote, session)
     // If an error occurs, raise it as an alert.
     function confirm_authentication(response)
     {
-      if (session.validate(response.M))
+      if (session.validate(response.M2))
         srp.success();
       else
         srp.error("Server key does not match");
diff --git a/src/srp_session.js b/src/srp_session.js
index cbb95d8..8f45a44 100644
--- a/src/srp_session.js
+++ b/src/srp_session.js
@@ -7,7 +7,8 @@ SRP.prototype.Session = function(login, password) {
   var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16);
 
   var rng = new SecureRandom();
-  var a = new BigInteger(32, rng);
+//  var a = new BigInteger(32, rng);
+  var a = new BigInteger("d498c3d024ec17689b5320e33fc349a3f3f91320384155b3043fa410c90eab71", 16);
   var A = g.modPow(a, N);
   while(A.mod(N) == 0)
   {
-- 
cgit v1.2.3