Added unittest to make sure future changes in P224EncryptedKeyExchange don't change output.
External implementations already expect this values.
BUG=438470
[email protected], [email protected]
Review URL: https://codereview.chromium.org/789743002
Cr-Commit-Position: refs/heads/master@{#307654}
diff --git a/crypto/p224_spake.h b/crypto/p224_spake.h
index 61451a3..08769b7 100644
--- a/crypto/p224_spake.h
+++ b/crypto/p224_spake.h
@@ -5,6 +5,7 @@
#ifndef CRYPTO_P224_SPAKE_H_
#define CRYPTO_P224_SPAKE_H_
+#include <base/gtest_prod_util.h>
#include <base/strings/string_piece.h>
#include <crypto/p224.h>
#include <crypto/sha2.h>
@@ -14,7 +15,7 @@
// P224EncryptedKeyExchange implements SPAKE2, a variant of Encrypted
// Key Exchange. It allows two parties that have a secret common
// password to establish a common secure key by exchanging messages
-// over unsecure channel without disclosing the password.
+// over an insecure channel without disclosing the password.
//
// The password can be low entropy as authenticating with an attacker only
// gives the attacker a one-shot password oracle. No other information about
@@ -85,6 +86,13 @@
kStateDone,
};
+ FRIEND_TEST_ALL_PREFIXES(MutualAuth, ExpectedValues);
+
+ void Init();
+
+ // Sets internal random scalar. Should be used by tests only.
+ void SetXForTesting(const std::string& x);
+
State state_;
const bool is_server_;
// next_message_ contains a value for GetMessage() to return.
@@ -104,7 +112,7 @@
// file).
uint8 x_[p224::kScalarBytes];
// pw_ is SHA256(P(password), P(session))[:28] where P() prepends a uint32,
- // big-endian length prefix (see paper refereneced in .cc file).
+ // big-endian length prefix (see paper referenced in .cc file).
uint8 pw_[p224::kScalarBytes];
// expected_authenticator_ is used to store the hash value expected from the
// other party.
