OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This code implements SPAKE2, a variant of EKE: | 5 // This code implements SPAKE2, a variant of EKE: |
6 // http://www.di.ens.fr/~pointche/pub.php?reference=AbPo04 | 6 // http://www.di.ens.fr/~pointche/pub.php?reference=AbPo04 |
7 | 7 |
8 #include <crypto/p224_spake.h> | 8 #include <crypto/p224_spake.h> |
9 | 9 |
10 #include <algorithm> | 10 #include <algorithm> |
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
196 if (is_server_) { | 196 if (is_server_) { |
197 client_masked_dh = message.as_string(); | 197 client_masked_dh = message.as_string(); |
198 server_masked_dh = next_message_; | 198 server_masked_dh = next_message_; |
199 } else { | 199 } else { |
200 client_masked_dh = next_message_; | 200 client_masked_dh = next_message_; |
201 server_masked_dh = message.as_string(); | 201 server_masked_dh = message.as_string(); |
202 } | 202 } |
203 | 203 |
204 // Now we calculate the hashes that each side will use to prove to the other | 204 // Now we calculate the hashes that each side will use to prove to the other |
205 // that they derived the correct value for K. | 205 // that they derived the correct value for K. |
206 uint8 client_hash[kSHA256Length], server_hash[kSHA256Length]; | 206 uint8_t client_hash[kSHA256Length], server_hash[kSHA256Length]; |
207 CalculateHash(kPeerTypeClient, client_masked_dh, server_masked_dh, key_, | 207 CalculateHash(kPeerTypeClient, client_masked_dh, server_masked_dh, key_, |
208 client_hash); | 208 client_hash); |
209 CalculateHash(kPeerTypeServer, client_masked_dh, server_masked_dh, key_, | 209 CalculateHash(kPeerTypeServer, client_masked_dh, server_masked_dh, key_, |
210 server_hash); | 210 server_hash); |
211 | 211 |
212 const uint8* my_hash = is_server_ ? server_hash : client_hash; | 212 const uint8_t* my_hash = is_server_ ? server_hash : client_hash; |
213 const uint8* their_hash = is_server_ ? client_hash : server_hash; | 213 const uint8_t* their_hash = is_server_ ? client_hash : server_hash; |
214 | 214 |
215 next_message_ = | 215 next_message_ = |
216 std::string(reinterpret_cast<const char*>(my_hash), kSHA256Length); | 216 std::string(reinterpret_cast<const char*>(my_hash), kSHA256Length); |
217 memcpy(expected_authenticator_, their_hash, kSHA256Length); | 217 memcpy(expected_authenticator_, their_hash, kSHA256Length); |
218 state_ = kStateSendHash; | 218 state_ = kStateSendHash; |
219 return kResultPending; | 219 return kResultPending; |
220 } | 220 } |
221 | 221 |
222 void P224EncryptedKeyExchange::CalculateHash( | 222 void P224EncryptedKeyExchange::CalculateHash( |
223 PeerType peer_type, | 223 PeerType peer_type, |
224 const std::string& client_masked_dh, | 224 const std::string& client_masked_dh, |
225 const std::string& server_masked_dh, | 225 const std::string& server_masked_dh, |
226 const std::string& k, | 226 const std::string& k, |
227 uint8* out_digest) { | 227 uint8_t* out_digest) { |
228 std::string hash_contents; | 228 std::string hash_contents; |
229 | 229 |
230 if (peer_type == kPeerTypeServer) { | 230 if (peer_type == kPeerTypeServer) { |
231 hash_contents = "server"; | 231 hash_contents = "server"; |
232 } else { | 232 } else { |
233 hash_contents = "client"; | 233 hash_contents = "client"; |
234 } | 234 } |
235 | 235 |
236 hash_contents += client_masked_dh; | 236 hash_contents += client_masked_dh; |
237 hash_contents += server_masked_dh; | 237 hash_contents += server_masked_dh; |
(...skipping 21 matching lines...) Expand all Loading... |
259 return key_; | 259 return key_; |
260 } | 260 } |
261 | 261 |
262 void P224EncryptedKeyExchange::SetXForTesting(const std::string& x) { | 262 void P224EncryptedKeyExchange::SetXForTesting(const std::string& x) { |
263 memset(&x_, 0, sizeof(x_)); | 263 memset(&x_, 0, sizeof(x_)); |
264 memcpy(&x_, x.data(), std::min(x.size(), sizeof(x_))); | 264 memcpy(&x_, x.data(), std::min(x.size(), sizeof(x_))); |
265 Init(); | 265 Init(); |
266 } | 266 } |
267 | 267 |
268 } // namespace crypto | 268 } // namespace crypto |
OLD | NEW |