1. simon Avatar simon
  2. Untitled project
  3. thinbus-srp-js
  4. Issues

Java client `computeX` is not `mod(N)`

Issue #15 resolved
simon repo owner created an issue

The JavaScript client code does:

this.x = this.fromHex(hash).mod(this.N());

Which is consistent with the original demo at http://srp.stanford.edu/demo/demo.html. The Java verifier generator got this correct but the Java HexHashedXRoutine dropped the final mod(N). This means that programs attempting to login from the Java code could potentially have a problem.

Comments (2)

  2. simon reporter

    The class TestJavaClient main method will run 10,000 mutual authentications which check the java session can login. This didn't show up the bug suggesting that the lack of the mod(N) wasn't actually breaking anything before it was corrected.

  3. Log in to comment
Assignee
Type
bug
Priority
minor
Status
resolved
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!