Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(535)

Side by Side Diff: otr/otr.go

Issue 13823043: go.crypto/otr: Reset Conversation.myKeyId for each AKE. (Closed)
Patch Set: diff -r a55cb07dff16 https://code.google.com/p/go.crypto Created 10 years, 6 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 The Go Authors. All rights reserved. 1 // Copyright 2012 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style 2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file. 3 // license that can be found in the LICENSE file.
4 4
5 // Package otr implements the Off The Record protocol as specified in 5 // Package otr implements the Off The Record protocol as specified in
6 // http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html 6 // http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html
7 package otr 7 package otr
8 8
9 import ( 9 import (
10 "bytes" 10 "bytes"
(...skipping 259 matching lines...) Expand 10 before | Expand all | Expand 10 after
270 in, err = c.processFragment(in) 270 in, err = c.processFragment(in)
271 if in == nil || err != nil { 271 if in == nil || err != nil {
272 return 272 return
273 } 273 }
274 } 274 }
275 275
276 if bytes.HasPrefix(in, msgPrefix) && in[len(in)-1] == '.' { 276 if bytes.HasPrefix(in, msgPrefix) && in[len(in)-1] == '.' {
277 in = in[len(msgPrefix) : len(in)-1] 277 in = in[len(msgPrefix) : len(in)-1]
278 } else if version := isQuery(in); version > 0 { 278 } else if version := isQuery(in); version > 0 {
279 c.authState = authStateAwaitingDHKey 279 c.authState = authStateAwaitingDHKey
280 c.myKeyId = 0
280 toSend = c.encode(c.generateDHCommit()) 281 toSend = c.encode(c.generateDHCommit())
281 return 282 return
282 } else { 283 } else {
283 // plaintext message 284 // plaintext message
284 out = in 285 out = in
285 return 286 return
286 } 287 }
287 288
288 msg := make([]byte, base64.StdEncoding.DecodedLen(len(in))) 289 msg := make([]byte, base64.StdEncoding.DecodedLen(len(in)))
289 msgLen, err := base64.StdEncoding.Decode(msg, in) 290 msgLen, err := base64.StdEncoding.Decode(msg, in)
(...skipping 13 matching lines...) Expand all
303 msg = msg[3:] 304 msg = msg[3:]
304 305
305 switch msgType { 306 switch msgType {
306 case msgTypeDHCommit: 307 case msgTypeDHCommit:
307 switch c.authState { 308 switch c.authState {
308 case authStateNone: 309 case authStateNone:
309 c.authState = authStateAwaitingRevealSig 310 c.authState = authStateAwaitingRevealSig
310 if err = c.processDHCommit(msg); err != nil { 311 if err = c.processDHCommit(msg); err != nil {
311 return 312 return
312 } 313 }
314 c.myKeyId = 0
313 toSend = c.encode(c.generateDHKey()) 315 toSend = c.encode(c.generateDHKey())
314 return 316 return
315 case authStateAwaitingDHKey: 317 case authStateAwaitingDHKey:
316 // This is a 'SYN-crossing'. The greater digest wins. 318 // This is a 'SYN-crossing'. The greater digest wins.
317 var cmp int 319 var cmp int
318 if cmp, err = c.compareToDHCommit(msg); err != nil { 320 if cmp, err = c.compareToDHCommit(msg); err != nil {
319 return 321 return
320 } 322 }
321 if cmp > 0 { 323 if cmp > 0 {
322 // We win. Retransmit DH commit. 324 // We win. Retransmit DH commit.
323 toSend = c.encode(c.serializeDHCommit()) 325 toSend = c.encode(c.serializeDHCommit())
324 return 326 return
325 } else { 327 } else {
326 // They win. We forget about our DH commit. 328 // They win. We forget about our DH commit.
327 c.authState = authStateAwaitingRevealSig 329 c.authState = authStateAwaitingRevealSig
328 if err = c.processDHCommit(msg); err != nil { 330 if err = c.processDHCommit(msg); err != nil {
329 return 331 return
330 } 332 }
333 c.myKeyId = 0
331 toSend = c.encode(c.generateDHKey()) 334 toSend = c.encode(c.generateDHKey())
332 return 335 return
333 } 336 }
334 case authStateAwaitingRevealSig: 337 case authStateAwaitingRevealSig:
335 if err = c.processDHCommit(msg); err != nil { 338 if err = c.processDHCommit(msg); err != nil {
336 return 339 return
337 } 340 }
338 toSend = c.encode(c.serializeDHKey()) 341 toSend = c.encode(c.serializeDHKey())
339 case authStateAwaitingSig: 342 case authStateAwaitingSig:
340 if err = c.processDHCommit(msg); err != nil { 343 if err = c.processDHCommit(msg); err != nil {
341 return 344 return
342 } 345 }
346 c.myKeyId = 0
343 toSend = c.encode(c.generateDHKey()) 347 toSend = c.encode(c.generateDHKey())
344 c.authState = authStateAwaitingRevealSig 348 c.authState = authStateAwaitingRevealSig
345 default: 349 default:
346 panic("bad state") 350 panic("bad state")
347 } 351 }
348 case msgTypeDHKey: 352 case msgTypeDHKey:
349 switch c.authState { 353 switch c.authState {
350 case authStateAwaitingDHKey: 354 case authStateAwaitingDHKey:
351 var isSame bool 355 var isSame bool
352 if isSame, err = c.processDHKey(msg); err != nil { 356 if isSame, err = c.processDHKey(msg); err != nil {
(...skipping 1034 matching lines...) Expand 10 before | Expand all | Expand 10 after
1387 out = appendMPI(out, mpi) 1391 out = appendMPI(out, mpi)
1388 } 1392 }
1389 return out 1393 return out
1390 } 1394 }
1391 1395
1392 func zero(b []byte) { 1396 func zero(b []byte) {
1393 for i := range b { 1397 for i := range b {
1394 b[i] = 0 1398 b[i] = 0
1395 } 1399 }
1396 } 1400 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b