INCOMPATIBILITY: send pake message as dict, not raw bytes

This gives us room in the future to put other keys there, like one which says we want to use Noise for the phase-message encryption instead of our current HKDF scheme.
2016-05-28 18:30:36 -07:00 · 2016-05-28 18:30:36 -07:00 · 0b53094927
commit 0b53094927
parent 6a108f93e6
2 changed files with 20 additions and 9 deletions
--- a/src/wormhole/test/test_wormhole.py
+++ b/src/wormhole/test/test_wormhole.py
@ -10,6 +10,8 @@ from .. import wormhole
 from ..errors import WrongPasswordError, WelcomeError, UsageError
 from spake2 import SPAKE2_Symmetric
 from ..timing import DebugTiming
+from ..util import (bytes_to_dict, dict_to_bytes,
+                    hexstr_to_bytes, bytes_to_hexstr)
 from nacl.secret import SecretBox

 APPID = u"appid"
@ -149,9 +151,8 @@ class Basic(unittest.TestCase):
        sp2 = SPAKE2_Symmetric(wormhole.to_bytes(code),
                               idSymmetric=wormhole.to_bytes(APPID))
        msg2 = sp2.start()
-        msg2_hex = hexlify(msg2).decode("ascii")
        key = sp2.finish(msg1)
-        return key, msg2_hex
+        return key, msg2

    def test_create(self):
        wormhole._Wormhole(APPID, u"relay_url", reactor, None, None)
@ -219,11 +220,16 @@ class Basic(unittest.TestCase):
                 side=w._side)
        self.assertNoResult(v)

+        # extract our outbound PAKE message
+        body = bytes_to_dict(hexstr_to_bytes(out[1][u"body"]))
+        msg1 = hexstr_to_bytes(body[u"pake_v1"])
+
        # next we build the simulated peer's PAKE operation
        side2 = w._side + u"other"
-        msg1 = unhexlify(out[1][u"body"].encode("ascii"))
-        key, msg2_hex = self.make_pake(CODE, side2, msg1)
-        response(w, type=u"message", phase=u"pake", body=msg2_hex, side=side2)
+        key, msg2 = self.make_pake(CODE, side2, msg1)
+        payload = {u"pake_v1": bytes_to_hexstr(msg2)}
+        body_hex = bytes_to_hexstr(dict_to_bytes(payload))
+        response(w, type=u"message", phase=u"pake", body=body_hex, side=side2)

        # hearing the peer's PAKE (msg2) makes us release the nameplate, send
        # the confirmation message, and sends any queued phase messages. It
@ -638,8 +644,9 @@ class Basic(unittest.TestCase):

        sp2 = SPAKE2_Symmetric(b"", idSymmetric=wormhole.to_bytes(APPID))
        msg2 = sp2.start()
-        msg2_hex = hexlify(msg2).decode("ascii")
-        response(w, type=u"message", phase=u"pake", body=msg2_hex, side=u"s2")
+        payload = {u"pake_v1": bytes_to_hexstr(msg2)}
+        body_hex = bytes_to_hexstr(dict_to_bytes(payload))
+        response(w, type=u"message", phase=u"pake", body=body_hex, side=u"s2")
        self.assertNoResult(d1)
        self.assertNoResult(d2) # verify() waits for confirmation

--- a/src/wormhole/wormhole.py
+++ b/src/wormhole/wormhole.py
@ -538,12 +538,16 @@ class _Wormhole:
                and self._mailbox_state == OPEN
                and self._flag_need_to_send_PAKE):
            return
-        self._msg_send(u"pake", self._msg1)
+        body = {u"pake_v1": bytes_to_hexstr(self._msg1)}
+        payload = dict_to_bytes(body)
+        self._msg_send(u"pake", payload)
        self._flag_need_to_send_PAKE = False

    def _event_received_pake(self, pake_msg):
+        payload = bytes_to_dict(pake_msg)
+        msg2 = hexstr_to_bytes(payload[u"pake_v1"])
        with self._timing.add("pake2", waiting="crypto"):
-            self._key = self._sp.finish(pake_msg)
+            self._key = self._sp.finish(msg2)
        self._event_established_key()

    def _event_established_key(self):