send key-confirmation message upon receipt of PAKE

This will allow the first peer to detect a wrong password even though the second peer bails before sending something encrypted.
2015-11-16 16:56:19 -08:00 · 2015-11-16 16:56:19 -08:00 · 3220014605
commit 3220014605
parent 4ad7342459
2 changed files with 6 additions and 1 deletions
--- a/src/wormhole/blocking/transcribe.py
+++ b/src/wormhole/blocking/transcribe.py
@ -314,6 +314,8 @@ class Wormhole:
            pake_msg = self._channel.get(u"pake")
            self.key = self.sp.finish(pake_msg)
            self.verifier = self.derive_key(u"wormhole:verifier")
+            conf = self.derive_key(u"wormhole:confirmation")
+            self._channel.send(u"_confirm", conf)

    @close_on_error
    def get_verifier(self):
--- a/src/wormhole/twisted/transcribe.py
+++ b/src/wormhole/twisted/transcribe.py
@ -332,7 +332,10 @@ class Wormhole:
            key = self.sp.finish(pake_msg)
            self.key = key
            self.verifier = self.derive_key(u"wormhole:verifier")
-            return key
+            conf = self.derive_key(u"wormhole:confirmation")
+            d1 = self._channel.send(u"_confirm", conf)
+            d1.addCallback(lambda _: key)
+            return d1
        d.addCallback(_got_pake)
        return d