go-srp icon indicating copy to clipboard operation
go-srp copied to clipboard

verified publisher icon Kong

Metadata

Secure Remote Password library for Go

Results 4 go-srp issues
Sort by recently updated
recently updated
newest added

The usage in README is not very clear and has some errors.

This is my sample code for reference. ```go package main import ( _ "crypto/sha256" "encoding/base64" "fmt" "github.com/kong/go-srp" ) func main() { params := srp.GetParams(2048) salt := []byte("salty") identity := []byte("alice")...

jiatower avatar jiatower

Constant time compare would be safer

https://github.com/Kong/go-srp/blob/master/server.go#L55 should probably use crypto/subtle's ConstantTimeCompare. I'm guessing leaking timing is not exploitable in most contexts but you never know.

alokmenghrajani avatar alokmenghrajani

panic: crypto: requested hash function #5 is unavailable

6 comment

I get the following error when I create a new Client ``` panic: crypto: requested hash function #5 is unavailable goroutine 1 [running]: crypto.Hash.New(0x5, 0x0, 0x0) C:/Go/src/crypto/crypto.go:89 +0x117 github.com/getinsomnia/go-srp.getMultiplier(0xc0420464a0, 0x20)...

alwindoss avatar alwindoss

Bug fix: Add padding during bigInt to []byte conversion

While debugging intermittent failure during SRP based login flow, we discovered that the library was not adding correct padding at certain places.

ua741 avatar ua741

Metadata

38
Stars
9
Forks
Watchers

Owner

verified publisher icon Kong

Metadata

Secure Remote Password library for Go

Back