- changed status to resolved
server session object holds more memory that needed
Issue #4
resolved
The server session object holds $salt, $verifier and other protected state yet has no getters for them. Anyone wanting to use it for follow up cryptography can only get $userID, $M, $M2, and $K the session key. If they are keeping the object around to use the $K then they will be using up memory for $verifier, $B, $A etc. So the object should delete variables that it no longer needs to keep the memory down.
Comments (1)
-
reporter - Log in to comment