Please confirm if your code is correct below: Should it be a agreements.push or agreements.concat ?

joebandenburg / libaxolotl-javascript

A JavaScript implementation of axolotl. Axolotl is a ratcheting forward secrecy protocol.

GNU Lesser General Public License v3.0

75 stars 13 forks source link

Please confirm if your code is correct below: Should it be a agreements.push or agreements.concat ? #7

Closed CharlesOkwuagwu closed 9 years ago

CharlesOkwuagwu commented 9 years ago

SessionFactory line 151:

    if (parameters.sessionVersion >= 3 && parameters.theirOneTimePreKey) {
        agreements.push(crypto.calculateAgreement(parameters.theirOneTimePreKey,
            parameters.ourBaseKeyPair.private));
    }

Should it be a agreements.push or agreements.concat ?

Are you adding to the end of agreements or the beginning?

Please compare with other implementations.

joebandenburg commented 9 years ago

I believe this is correct. We're pushing onto the array of agreements. It is an array of ArrayBuffers. The one time pre key is the 4th and final agreement.

See https://github.com/WhisperSystems/libaxolotl-android/blob/master/java/src/main/java/org/whispersystems/libaxolotl/ratchet/RatchetingSession.java#L89 for comparison.

I have confirmed that my implementation does indeed establish a session correctly with other implementations.

CharlesOkwuagwu commented 9 years ago

ok cool