OLD | NEW |
1 // Copyright 2012 The Go Authors. All rights reserved. | 1 // Copyright 2012 The Go Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style | 2 // Use of this source code is governed by a BSD-style |
3 // license that can be found in the LICENSE file. | 3 // license that can be found in the LICENSE file. |
4 | 4 |
5 // Package otr implements the Off The Record protocol as specified in | 5 // Package otr implements the Off The Record protocol as specified in |
6 // http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html | 6 // http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html |
7 package otr | 7 package otr |
8 | 8 |
9 import ( | 9 import ( |
10 "bytes" | 10 "bytes" |
(...skipping 259 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
270 in, err = c.processFragment(in) | 270 in, err = c.processFragment(in) |
271 if in == nil || err != nil { | 271 if in == nil || err != nil { |
272 return | 272 return |
273 } | 273 } |
274 } | 274 } |
275 | 275 |
276 if bytes.HasPrefix(in, msgPrefix) && in[len(in)-1] == '.' { | 276 if bytes.HasPrefix(in, msgPrefix) && in[len(in)-1] == '.' { |
277 in = in[len(msgPrefix) : len(in)-1] | 277 in = in[len(msgPrefix) : len(in)-1] |
278 } else if version := isQuery(in); version > 0 { | 278 } else if version := isQuery(in); version > 0 { |
279 c.authState = authStateAwaitingDHKey | 279 c.authState = authStateAwaitingDHKey |
| 280 c.myKeyId = 0 |
280 toSend = c.encode(c.generateDHCommit()) | 281 toSend = c.encode(c.generateDHCommit()) |
281 return | 282 return |
282 } else { | 283 } else { |
283 // plaintext message | 284 // plaintext message |
284 out = in | 285 out = in |
285 return | 286 return |
286 } | 287 } |
287 | 288 |
288 msg := make([]byte, base64.StdEncoding.DecodedLen(len(in))) | 289 msg := make([]byte, base64.StdEncoding.DecodedLen(len(in))) |
289 msgLen, err := base64.StdEncoding.Decode(msg, in) | 290 msgLen, err := base64.StdEncoding.Decode(msg, in) |
(...skipping 13 matching lines...) Expand all Loading... |
303 msg = msg[3:] | 304 msg = msg[3:] |
304 | 305 |
305 switch msgType { | 306 switch msgType { |
306 case msgTypeDHCommit: | 307 case msgTypeDHCommit: |
307 switch c.authState { | 308 switch c.authState { |
308 case authStateNone: | 309 case authStateNone: |
309 c.authState = authStateAwaitingRevealSig | 310 c.authState = authStateAwaitingRevealSig |
310 if err = c.processDHCommit(msg); err != nil { | 311 if err = c.processDHCommit(msg); err != nil { |
311 return | 312 return |
312 } | 313 } |
| 314 c.myKeyId = 0 |
313 toSend = c.encode(c.generateDHKey()) | 315 toSend = c.encode(c.generateDHKey()) |
314 return | 316 return |
315 case authStateAwaitingDHKey: | 317 case authStateAwaitingDHKey: |
316 // This is a 'SYN-crossing'. The greater digest wins. | 318 // This is a 'SYN-crossing'. The greater digest wins. |
317 var cmp int | 319 var cmp int |
318 if cmp, err = c.compareToDHCommit(msg); err != nil { | 320 if cmp, err = c.compareToDHCommit(msg); err != nil { |
319 return | 321 return |
320 } | 322 } |
321 if cmp > 0 { | 323 if cmp > 0 { |
322 // We win. Retransmit DH commit. | 324 // We win. Retransmit DH commit. |
323 toSend = c.encode(c.serializeDHCommit()) | 325 toSend = c.encode(c.serializeDHCommit()) |
324 return | 326 return |
325 } else { | 327 } else { |
326 // They win. We forget about our DH commit. | 328 // They win. We forget about our DH commit. |
327 c.authState = authStateAwaitingRevealSig | 329 c.authState = authStateAwaitingRevealSig |
328 if err = c.processDHCommit(msg); err != nil { | 330 if err = c.processDHCommit(msg); err != nil { |
329 return | 331 return |
330 } | 332 } |
| 333 c.myKeyId = 0 |
331 toSend = c.encode(c.generateDHKey()) | 334 toSend = c.encode(c.generateDHKey()) |
332 return | 335 return |
333 } | 336 } |
334 case authStateAwaitingRevealSig: | 337 case authStateAwaitingRevealSig: |
335 if err = c.processDHCommit(msg); err != nil { | 338 if err = c.processDHCommit(msg); err != nil { |
336 return | 339 return |
337 } | 340 } |
338 toSend = c.encode(c.serializeDHKey()) | 341 toSend = c.encode(c.serializeDHKey()) |
339 case authStateAwaitingSig: | 342 case authStateAwaitingSig: |
340 if err = c.processDHCommit(msg); err != nil { | 343 if err = c.processDHCommit(msg); err != nil { |
341 return | 344 return |
342 } | 345 } |
| 346 c.myKeyId = 0 |
343 toSend = c.encode(c.generateDHKey()) | 347 toSend = c.encode(c.generateDHKey()) |
344 c.authState = authStateAwaitingRevealSig | 348 c.authState = authStateAwaitingRevealSig |
345 default: | 349 default: |
346 panic("bad state") | 350 panic("bad state") |
347 } | 351 } |
348 case msgTypeDHKey: | 352 case msgTypeDHKey: |
349 switch c.authState { | 353 switch c.authState { |
350 case authStateAwaitingDHKey: | 354 case authStateAwaitingDHKey: |
351 var isSame bool | 355 var isSame bool |
352 if isSame, err = c.processDHKey(msg); err != nil { | 356 if isSame, err = c.processDHKey(msg); err != nil { |
(...skipping 1034 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1387 out = appendMPI(out, mpi) | 1391 out = appendMPI(out, mpi) |
1388 } | 1392 } |
1389 return out | 1393 return out |
1390 } | 1394 } |
1391 | 1395 |
1392 func zero(b []byte) { | 1396 func zero(b []byte) { |
1393 for i := range b { | 1397 for i := range b { |
1394 b[i] = 0 | 1398 b[i] = 0 |
1395 } | 1399 } |
1396 } | 1400 } |
OLD | NEW |