diff options
| author | sergeyu@chromium.org <sergeyu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-13 07:00:19 +0000 |
|---|---|---|
| committer | sergeyu@chromium.org <sergeyu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-13 07:00:19 +0000 |
| commit | 78df46aceb47bbb91eb1c4fed658c87a366129dc (patch) | |
| tree | f157058a51d424447a3e6ed39ab2ab14456d1b46 /crypto/p224_spake.h | |
| parent | 291d774464e6532e32d95e5d7b58fd4fe9c0ab40 (diff) | |
| download | chromium_src-78df46aceb47bbb91eb1c4fed658c87a366129dc.zip chromium_src-78df46aceb47bbb91eb1c4fed658c87a366129dc.tar.gz chromium_src-78df46aceb47bbb91eb1c4fed658c87a366129dc.tar.bz2 | |
Simplify SPAKE2 implementation.
Currently P224EncryptedKeyExchange uses two pieces of secret: password
and session-specific key. They are combined and used together as one
password. It is not really needed and the calling code can do
it when neccessary.
BUG=105214
Review URL: http://codereview.chromium.org/8903001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@114189 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto/p224_spake.h')
| -rw-r--r-- | crypto/p224_spake.h | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/crypto/p224_spake.h b/crypto/p224_spake.h index 0441efb..01507c9 100644 --- a/crypto/p224_spake.h +++ b/crypto/p224_spake.h @@ -12,12 +12,10 @@ namespace crypto { -// P224EncryptedKeyExchange provides a means to authenticate an -// encrypted transport using a low-entropy, shared secret. -// -// You need a value derived from the master secret of the connection in order -// to bind the authentication to the encrypted channel. It's the |session| -// argument to the constructor and can be of any length. +// P224EncryptedKeyExchange implements SPAKE2, a variant of Encrypted +// Key Exchange. It allows two parties that have a secret common +// password to establish a common secure key by exchanging messages +// over unsecure channel without disclosing the password. // // The password can be low entropy as authenticating with an attacker only // gives the attacker a one-shot password oracle. No other information about @@ -51,13 +49,11 @@ class CRYPTO_EXPORT P224EncryptedKeyExchange { }; // peer_type: the type of the local authentication party. - // password: a, possibly low-entropy, mutually known password. - // session: a value securely derived from the connection's master secret. - // Both parties to the authentication must pass the same value. For the - // case of a TLS connection, see RFC 5705. + // password: secret session password. Both parties to the + // authentication must pass the same value. For the case of a + // TLS connection, see RFC 5705. P224EncryptedKeyExchange(PeerType peer_type, - const base::StringPiece& password, - const base::StringPiece& session); + const base::StringPiece& password); // GetMessage returns a byte string which must be passed to the other party // in the authentication. @@ -71,6 +67,10 @@ class CRYPTO_EXPORT P224EncryptedKeyExchange { // return a human readable error message. const std::string& error() const; + // The key established as result of the key exchange. Must be called + // at then end after ProcessMessage() returns kResultSuccess. + const std::string& GetKey(); + private: // The authentication state machine is very simple and each party proceeds // through each of these states, in order. @@ -106,6 +106,8 @@ class CRYPTO_EXPORT P224EncryptedKeyExchange { // expected_authenticator_ is used to store the hash value expected from the // other party. uint8 expected_authenticator_[kSHA256Length]; + + std::string key_; }; } // namespace crypto |