diff options
author | Vitaly Buka <vitalybuka@chromium.org> | 2014-12-04 09:15:20 -0800 |
---|---|---|
committer | Vitaly Buka <vitalybuka@chromium.org> | 2014-12-04 17:17:35 +0000 |
commit | fb2ccf63152e415e5bb1243b1284ef496cf45c03 (patch) | |
tree | c28b73f14c039f883cfdcc5bba3db71e6be68998 /crypto | |
parent | 82badefaf779ac2baaf67217213a576c06ff0062 (diff) | |
download | chromium_src-fb2ccf63152e415e5bb1243b1284ef496cf45c03.zip chromium_src-fb2ccf63152e415e5bb1243b1284ef496cf45c03.tar.gz chromium_src-fb2ccf63152e415e5bb1243b1284ef496cf45c03.tar.bz2 |
Allow to get key from SPAKE2 after the first round trip.
The second round trip is optional and is not the part of SPAKE2 algorithm.
Application may want to get key and do verification with usefull payload.
BUG=438470
R=agl@chromium.org
Review URL: https://codereview.chromium.org/761663004
Cr-Commit-Position: refs/heads/master@{#306844}
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/p224_spake.cc | 10 | ||||
-rw-r--r-- | crypto/p224_spake.h | 6 | ||||
-rw-r--r-- | crypto/p224_spake_unittest.cc | 20 |
3 files changed, 25 insertions, 11 deletions
diff --git a/crypto/p224_spake.cc b/crypto/p224_spake.cc index 31109a4..f20b10c 100644 --- a/crypto/p224_spake.cc +++ b/crypto/p224_spake.cc @@ -240,8 +240,16 @@ const std::string& P224EncryptedKeyExchange::error() const { return error_; } -const std::string& P224EncryptedKeyExchange::GetKey() { +const std::string& P224EncryptedKeyExchange::GetKey() const { DCHECK_EQ(state_, kStateDone); + return GetUnverifiedKey(); +} + +const std::string& P224EncryptedKeyExchange::GetUnverifiedKey() const { + // Key is already final when state is kStateSendHash. Subsequent states are + // used only for verification of the key. Some users may combine verification + // with sending verifiable data instead of |expected_authenticator_|. + DCHECK_GE(state_, kStateSendHash); return key_; } diff --git a/crypto/p224_spake.h b/crypto/p224_spake.h index 6905ef2..61451a3 100644 --- a/crypto/p224_spake.h +++ b/crypto/p224_spake.h @@ -68,7 +68,11 @@ class CRYPTO_EXPORT P224EncryptedKeyExchange { // The key established as result of the key exchange. Must be called // at then end after ProcessMessage() returns kResultSuccess. - const std::string& GetKey(); + const std::string& GetKey() const; + + // The key established as result of the key exchange. Can be called after + // the first ProcessMessage() + const std::string& GetUnverifiedKey() const; private: // The authentication state machine is very simple and each party proceeds diff --git a/crypto/p224_spake_unittest.cc b/crypto/p224_spake_unittest.cc index 589cdbf..6651c8d 100644 --- a/crypto/p224_spake_unittest.cc +++ b/crypto/p224_spake_unittest.cc @@ -13,7 +13,8 @@ namespace crypto { namespace { bool RunExchange(P224EncryptedKeyExchange* client, - P224EncryptedKeyExchange* server) { + P224EncryptedKeyExchange* server, + bool is_password_same) { for (;;) { std::string client_message, server_message; client_message = client->GetMessage(); @@ -24,23 +25,24 @@ bool RunExchange(P224EncryptedKeyExchange* client, server_result = server->ProcessMessage(client_message); // Check that we never hit the case where only one succeeds. - if ((client_result == P224EncryptedKeyExchange::kResultSuccess) ^ - (server_result == P224EncryptedKeyExchange::kResultSuccess)) { - CHECK(false) << "Parties differ on whether authentication was successful"; - } + EXPECT_EQ(client_result == P224EncryptedKeyExchange::kResultSuccess, + server_result == P224EncryptedKeyExchange::kResultSuccess); if (client_result == P224EncryptedKeyExchange::kResultFailed || server_result == P224EncryptedKeyExchange::kResultFailed) { return false; } + EXPECT_EQ(is_password_same, + client->GetUnverifiedKey() == server->GetUnverifiedKey()); + if (client_result == P224EncryptedKeyExchange::kResultSuccess && server_result == P224EncryptedKeyExchange::kResultSuccess) { return true; } - CHECK_EQ(P224EncryptedKeyExchange::kResultPending, client_result); - CHECK_EQ(P224EncryptedKeyExchange::kResultPending, server_result); + EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, client_result); + EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, server_result); } } @@ -54,7 +56,7 @@ TEST(MutualAuth, CorrectAuth) { P224EncryptedKeyExchange server( P224EncryptedKeyExchange::kPeerTypeServer, kPassword); - EXPECT_TRUE(RunExchange(&client, &server)); + EXPECT_TRUE(RunExchange(&client, &server, true)); EXPECT_EQ(client.GetKey(), server.GetKey()); } @@ -66,7 +68,7 @@ TEST(MutualAuth, IncorrectPassword) { P224EncryptedKeyExchange::kPeerTypeServer, "wrongpassword"); - EXPECT_FALSE(RunExchange(&client, &server)); + EXPECT_FALSE(RunExchange(&client, &server, false)); } TEST(MutualAuth, Fuzz) { |