From 63e123738a9636618421d35ff97a278c06b69703 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Wed, 28 Mar 2012 23:11:02 +0200
Subject: Stop handshake when key is identity

---
 src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c')

diff --git a/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c b/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c
index 6d7e652..9d7eaa7 100644
--- a/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c
+++ b/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c
@@ -336,6 +336,9 @@ static void respond_handshake(fastd_context *ctx, fastd_peer *peer) {
 	ecc_25519_add(&work, &workX, &work);
 	ecc_25519_scalarmult(&work, &s, &work);
 
+	if (ecc_25519_is_identity(&work))
+		return;
+
 	ecc_25519_store(&peer->protocol_state->accepting_handshake->sigma, &work);
 
 	memcpy(hashinput+4*PUBLICKEYBYTES, peer->protocol_state->accepting_handshake->sigma.p, PUBLICKEYBYTES);
@@ -419,6 +422,9 @@ static void finish_handshake(fastd_context *ctx, fastd_peer *peer, uint8_t t[HMA
 	ecc_25519_add(&work, &workY, &work);
 	ecc_25519_scalarmult(&work, &s, &work);
 
+	if (ecc_25519_is_identity(&work))
+		return;
+
 	ecc_25519_store(&peer->protocol_state->initiating_handshake->sigma, &work);
 
 	memcpy(hashinput+4*PUBLICKEYBYTES, peer->protocol_state->initiating_handshake->sigma.p, PUBLICKEYBYTES);
-- 
cgit v1.2.3