Chromium Code Reviews Chromium Code Reviews
Issue 12326090:
Third Party authentication protocol. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@host_key_pair| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/authentication_method.h" | 5 #include "remoting/protocol/authentication_method.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "crypto/hmac.h" | 9 #include "crypto/hmac.h" |
| 10 #include "remoting/protocol/auth_util.h" | 10 #include "remoting/protocol/auth_util.h" |
| 11 | 11 |
| 12 namespace remoting { | 12 namespace remoting { |
| 13 namespace protocol { | 13 namespace protocol { |
| 14 | 14 |
| 15 // static | 15 // static |
| 16 AuthenticationMethod AuthenticationMethod::Invalid() { | 16 AuthenticationMethod AuthenticationMethod::Invalid() { |
| 17 return AuthenticationMethod(); | 17 return AuthenticationMethod(); |
| 18 } | 18 } |
| 19 | 19 |
| 20 // static | 20 // static |
| 21 AuthenticationMethod AuthenticationMethod::Spake2(HashFunction hash_function) { | 21 AuthenticationMethod AuthenticationMethod::Spake2(HashFunction hash_function) { |
| 22 return AuthenticationMethod(hash_function); | 22 return AuthenticationMethod(SPAKE2, hash_function); |
| 23 } | 23 } |
| 24 | 24 |
| 25 // static | 25 // static |
| 26 AuthenticationMethod AuthenticationMethod::ThirdParty() { | |
| 27 return AuthenticationMethod(THIRD_PARTY, NONE); | |
| 28 } | |
| 29 | |
| 30 // static | |
| 26 AuthenticationMethod AuthenticationMethod::FromString( | 31 AuthenticationMethod AuthenticationMethod::FromString( |
| 27 const std::string& value) { | 32 const std::string& value) { |
| 28 if (value == "spake2_plain") { | 33 if (value == "spake2_plain") { |
| 29 return Spake2(NONE); | 34 return Spake2(NONE); |
| 30 } else if (value == "spake2_hmac") { | 35 } else if (value == "spake2_hmac") { |
| 31 return Spake2(HMAC_SHA256); | 36 return Spake2(HMAC_SHA256); |
| 37 } else if (value == "third_party") { | |
| 38 return ThirdParty(); | |
| 32 } else { | 39 } else { |
| 33 return AuthenticationMethod::Invalid(); | 40 return AuthenticationMethod::Invalid(); |
| 34 } | 41 } |
| 35 } | 42 } |
| 36 | 43 |
| 37 // static | 44 // static |
| 38 std::string AuthenticationMethod::ApplyHashFunction( | 45 std::string AuthenticationMethod::ApplyHashFunction( |
| 39 HashFunction hash_function, | 46 HashFunction hash_function, |
| 40 const std::string& tag, | 47 const std::string& tag, |
| 41 const std::string& shared_secret) { | 48 const std::string& shared_secret) { |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 57 | 64 |
| 58 return std::string(out_bytes, out_bytes + sizeof(out_bytes)); | 65 return std::string(out_bytes, out_bytes + sizeof(out_bytes)); |
| 59 } | 66 } |
| 60 } | 67 } |
| 61 | 68 |
| 62 NOTREACHED(); | 69 NOTREACHED(); |
| 63 return shared_secret; | 70 return shared_secret; |
| 64 } | 71 } |
| 65 | 72 |
| 66 AuthenticationMethod::AuthenticationMethod() | 73 AuthenticationMethod::AuthenticationMethod() |
| 67 : invalid_(true), | 74 : method_type_(INVALID), |
| 68 hash_function_(NONE) { | 75 hash_function_(NONE) { |
| 69 } | 76 } |
| 70 | 77 |
| 71 AuthenticationMethod::AuthenticationMethod(HashFunction hash_function) | 78 AuthenticationMethod::AuthenticationMethod(MethodType method_type, |
| 72 : invalid_(false), | 79 HashFunction hash_function) |
| 80 : method_type_(method_type), | |
| 73 hash_function_(hash_function) { | 81 hash_function_(hash_function) { |
| 74 } | 82 } |
|
Sergey Ulanov
2013/03/22 05:58:43
DCHECK_NE(type_, INVALID);
rmsousa
2013/03/22 21:19:05
Done.
| |
| 75 | 83 |
| 76 AuthenticationMethod::HashFunction AuthenticationMethod::hash_function() const { | 84 AuthenticationMethod::HashFunction AuthenticationMethod::hash_function() const { |
| 77 DCHECK(is_valid()); | 85 DCHECK(is_valid()); |
| 78 return hash_function_; | 86 return hash_function_; |
| 79 } | 87 } |
| 80 | 88 |
| 81 const std::string AuthenticationMethod::ToString() const { | 89 const std::string AuthenticationMethod::ToString() const { |
| 82 DCHECK(is_valid()); | 90 DCHECK(is_valid()); |
| 83 | 91 |
| 92 if (method_type_ == THIRD_PARTY) | |
| 93 return "third_party"; | |
| 94 | |
| 95 DCHECK(method_type_ == SPAKE2); | |
|
Sergey Ulanov
2013/03/22 05:58:43
nit: DCHECK_EQ
rmsousa
2013/03/22 21:19:05
Done.
| |
| 96 | |
| 84 switch (hash_function_) { | 97 switch (hash_function_) { |
| 85 case NONE: | 98 case NONE: |
| 86 return "spake2_plain"; | 99 return "spake2_plain"; |
| 87 case HMAC_SHA256: | 100 case HMAC_SHA256: |
| 88 return "spake2_hmac"; | 101 return "spake2_hmac"; |
| 102 default: | |
|
Sergey Ulanov
2013/03/22 05:58:43
You should not have default case when there is a c
rmsousa
2013/03/22 21:19:05
Done.
| |
| 103 NOTREACHED(); | |
| 89 } | 104 } |
| 90 | 105 |
| 91 NOTREACHED(); | 106 return "invalid"; |
|
Sergey Ulanov
2013/03/22 05:58:43
Why do we need to return non-empty string here?
rmsousa
2013/03/22 21:19:05
No functional reason, it just makes it slightly ea
| |
| 92 return ""; | |
| 93 } | 107 } |
| 94 | 108 |
| 95 bool AuthenticationMethod::operator ==( | 109 bool AuthenticationMethod::operator ==( |
| 96 const AuthenticationMethod& other) const { | 110 const AuthenticationMethod& other) const { |
| 97 if (!is_valid()) | 111 return method_type_ == other.method_type_ && |
| 98 return !other.is_valid(); | 112 hash_function_ == other.hash_function_; |
| 99 if (!other.is_valid()) | |
| 100 return false; | |
| 101 return hash_function_ == other.hash_function_; | |
| 102 } | 113 } |
| 103 | 114 |
| 104 bool SharedSecretHash::Parse(const std::string& as_string) { | 115 bool SharedSecretHash::Parse(const std::string& as_string) { |
| 105 size_t separator = as_string.find(':'); | 116 size_t separator = as_string.find(':'); |
| 106 if (separator == std::string::npos) | 117 if (separator == std::string::npos) |
| 107 return false; | 118 return false; |
| 108 | 119 |
| 109 std::string function_name = as_string.substr(0, separator); | 120 std::string function_name = as_string.substr(0, separator); |
| 110 if (function_name == "plain") { | 121 if (function_name == "plain") { |
| 111 hash_function = AuthenticationMethod::NONE; | 122 hash_function = AuthenticationMethod::NONE; |
| 112 } else if (function_name == "hmac") { | 123 } else if (function_name == "hmac") { |
| 113 hash_function = AuthenticationMethod::HMAC_SHA256; | 124 hash_function = AuthenticationMethod::HMAC_SHA256; |
| 114 } else { | 125 } else { |
| 115 return false; | 126 return false; |
| 116 } | 127 } |
| 117 | 128 |
| 118 if (!base::Base64Decode(as_string.substr(separator + 1), &value)) { | 129 if (!base::Base64Decode(as_string.substr(separator + 1), &value)) { |
| 119 return false; | 130 return false; |
| 120 } | 131 } |
| 121 | 132 |
| 122 return true; | 133 return true; |
| 123 } | 134 } |
| 124 | 135 |
| 125 } // namespace protocol | 136 } // namespace protocol |
| 126 } // namespace remoting | 137 } // namespace remoting |
| OLD | NEW |
