OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/negotiating_authenticator.h" | 5 #include "remoting/protocol/negotiating_authenticator.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <sstream> | 8 #include <sstream> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/callback.h" |
11 #include "base/logging.h" | 12 #include "base/logging.h" |
12 #include "base/strings/string_split.h" | 13 #include "base/strings/string_split.h" |
13 #include "crypto/rsa_private_key.h" | 14 #include "remoting/base/rsa_key_pair.h" |
14 #include "remoting/protocol/channel_authenticator.h" | 15 #include "remoting/protocol/channel_authenticator.h" |
15 #include "remoting/protocol/v2_authenticator.h" | 16 #include "remoting/protocol/v2_authenticator.h" |
16 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" | 17 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
17 | 18 |
18 namespace remoting { | 19 namespace remoting { |
19 namespace protocol { | 20 namespace protocol { |
20 | 21 |
21 namespace { | 22 namespace { |
22 | 23 |
23 const buzz::StaticQName kMethodAttributeQName = { "", "method" }; | 24 const buzz::StaticQName kMethodAttributeQName = { "", "method" }; |
(...skipping 25 matching lines...) Expand all Loading... |
49 it != methods.end(); ++it) { | 50 it != methods.end(); ++it) { |
50 result->AddMethod(*it); | 51 result->AddMethod(*it); |
51 } | 52 } |
52 | 53 |
53 return scoped_ptr<Authenticator>(result.Pass()); | 54 return scoped_ptr<Authenticator>(result.Pass()); |
54 } | 55 } |
55 | 56 |
56 // static | 57 // static |
57 scoped_ptr<Authenticator> NegotiatingAuthenticator::CreateForHost( | 58 scoped_ptr<Authenticator> NegotiatingAuthenticator::CreateForHost( |
58 const std::string& local_cert, | 59 const std::string& local_cert, |
59 const crypto::RSAPrivateKey& local_private_key, | 60 scoped_refptr<RsaKeyPair> key_pair, |
60 const std::string& shared_secret_hash, | 61 const std::string& shared_secret_hash, |
61 AuthenticationMethod::HashFunction hash_function) { | 62 AuthenticationMethod::HashFunction hash_function) { |
62 scoped_ptr<NegotiatingAuthenticator> result( | 63 scoped_ptr<NegotiatingAuthenticator> result( |
63 new NegotiatingAuthenticator(WAITING_MESSAGE)); | 64 new NegotiatingAuthenticator(WAITING_MESSAGE)); |
64 result->local_cert_ = local_cert; | 65 result->local_cert_ = local_cert; |
65 result->local_private_key_.reset(local_private_key.Copy()); | 66 result->local_key_pair_ = key_pair; |
66 result->shared_secret_hash_ = shared_secret_hash; | 67 result->shared_secret_hash_ = shared_secret_hash; |
67 | 68 |
68 result->AddMethod(AuthenticationMethod::Spake2(hash_function)); | 69 result->AddMethod(AuthenticationMethod::Spake2(hash_function)); |
69 | 70 |
70 return scoped_ptr<Authenticator>(result.Pass()); | 71 return scoped_ptr<Authenticator>(result.Pass()); |
71 } | 72 } |
72 | 73 |
73 | |
74 NegotiatingAuthenticator::NegotiatingAuthenticator( | 74 NegotiatingAuthenticator::NegotiatingAuthenticator( |
75 Authenticator::State initial_state) | 75 Authenticator::State initial_state) |
76 : certificate_sent_(false), | 76 : current_method_(AuthenticationMethod::Invalid()), |
77 current_method_(AuthenticationMethod::Invalid()), | |
78 state_(initial_state), | 77 state_(initial_state), |
79 rejection_reason_(INVALID_CREDENTIALS) { | 78 rejection_reason_(INVALID_CREDENTIALS) { |
80 } | 79 } |
81 | 80 |
82 NegotiatingAuthenticator::~NegotiatingAuthenticator() { | 81 NegotiatingAuthenticator::~NegotiatingAuthenticator() { |
83 } | 82 } |
84 | 83 |
85 Authenticator::State NegotiatingAuthenticator::state() const { | 84 Authenticator::State NegotiatingAuthenticator::state() const { |
86 return state_; | 85 return state_; |
87 } | 86 } |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
219 methods_.push_back(method); | 218 methods_.push_back(method); |
220 } | 219 } |
221 | 220 |
222 scoped_ptr<ChannelAuthenticator> | 221 scoped_ptr<ChannelAuthenticator> |
223 NegotiatingAuthenticator::CreateChannelAuthenticator() const { | 222 NegotiatingAuthenticator::CreateChannelAuthenticator() const { |
224 DCHECK_EQ(state(), ACCEPTED); | 223 DCHECK_EQ(state(), ACCEPTED); |
225 return current_authenticator_->CreateChannelAuthenticator(); | 224 return current_authenticator_->CreateChannelAuthenticator(); |
226 } | 225 } |
227 | 226 |
228 bool NegotiatingAuthenticator::is_host_side() const { | 227 bool NegotiatingAuthenticator::is_host_side() const { |
229 return local_private_key_.get() != NULL; | 228 return local_key_pair_.get() != NULL; |
230 } | 229 } |
231 | 230 |
232 void NegotiatingAuthenticator::CreateAuthenticator(State initial_state) { | 231 void NegotiatingAuthenticator::CreateAuthenticator(State initial_state) { |
233 if (is_host_side()) { | 232 if (is_host_side()) { |
234 current_authenticator_ = V2Authenticator::CreateForHost( | 233 current_authenticator_ = V2Authenticator::CreateForHost( |
235 local_cert_, *local_private_key_.get(), | 234 local_cert_, local_key_pair_, shared_secret_hash_, initial_state); |
236 shared_secret_hash_, initial_state); | |
237 } else { | 235 } else { |
238 current_authenticator_ = V2Authenticator::CreateForClient( | 236 current_authenticator_ = V2Authenticator::CreateForClient( |
239 AuthenticationMethod::ApplyHashFunction( | 237 AuthenticationMethod::ApplyHashFunction( |
240 current_method_.hash_function(), | 238 current_method_.hash_function(), |
241 authentication_tag_, shared_secret_), | 239 authentication_tag_, shared_secret_), initial_state); |
242 initial_state); | |
243 } | 240 } |
244 } | 241 } |
245 | 242 |
246 } // namespace protocol | 243 } // namespace protocol |
247 } // namespace remoting | 244 } // namespace remoting |
OLD | NEW |