Re: [openssl-dev] [openssl.org #4410] [PATCH] add calculation of M1, M2 in srp, based on 1_0_2g(Internet mail)

[taochen via RT]

Sorry for no documentation.

In SRP6a, after the client and server calculate a common session key, they must 
prove to each other that their keys are idential to finish authentication.
That is client send the M1, and server verifies M1 and responses with M2, then 
client verifies M2.
I notice that both the 1.0.2 and the master are not provide the method of 
calculate M1, M2, that is what the patch does.

 Hopefully, the patch will be added to the next release.
Thank you.

From: Salz, Rich via RT<mailto:r...@openssl.org>
Date: 2016-03-10 23:01
To: taochen(陈涛)<mailto:taoc...@tencent.com>
CC: openssl-dev@openssl.org<mailto:openssl-dev@openssl.org>
Subject: RE: [openssl-dev] [openssl.org #4410] [PATCH] add calculation of M1, 
M2 in srp, based on 1_0_2g(Internet mail)

We need a little more explanation.

Is this a new feature?  Being added to 1.0.2? (That won't be accepted, only 
fixes go into released branches.)  Or is this something that was dropped and 
should be restored?

Unfortunately, the 1.1 freeze deadline is in 24 hours.  This won't make it into 
1.1 unless it is a bug-fix.

I also noticed that there is no documentation of these new functions.


--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4410
Please log in as guest with password guest if prompted

����


-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4410
Please log in as guest with password guest if prompted

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev