| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/authentication_method.h" | 5 #include "remoting/protocol/authentication_method.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "crypto/hmac.h" | 9 #include "crypto/hmac.h" |
| 10 #include "remoting/protocol/auth_util.h" | 10 #include "remoting/protocol/auth_util.h" |
| 11 | 11 |
| 12 namespace remoting { | 12 namespace remoting { |
| 13 namespace protocol { | 13 namespace protocol { |
| 14 | 14 |
| 15 // static | 15 // static |
| 16 AuthenticationMethod AuthenticationMethod::Invalid() { | 16 AuthenticationMethod AuthenticationMethod::Invalid() { |
| 17 return AuthenticationMethod(); | 17 return AuthenticationMethod(); |
| 18 } | 18 } |
| 19 | 19 |
| 20 // static | 20 // static |
| 21 AuthenticationMethod AuthenticationMethod::Spake2(HashFunction hash_function) { | 21 AuthenticationMethod AuthenticationMethod::Spake2(HashFunction hash_function) { |
| 22 return AuthenticationMethod(hash_function); | 22 return AuthenticationMethod(SPAKE2, hash_function); |
| 23 } | 23 } |
| 24 | 24 |
| 25 // static | 25 // static |
| 26 AuthenticationMethod AuthenticationMethod::ThirdParty() { |
| 27 return AuthenticationMethod(THIRD_PARTY, NONE); |
| 28 } |
| 29 |
| 30 // static |
| 26 AuthenticationMethod AuthenticationMethod::FromString( | 31 AuthenticationMethod AuthenticationMethod::FromString( |
| 27 const std::string& value) { | 32 const std::string& value) { |
| 28 if (value == "spake2_plain") { | 33 if (value == "spake2_plain") { |
| 29 return Spake2(NONE); | 34 return Spake2(NONE); |
| 30 } else if (value == "spake2_hmac") { | 35 } else if (value == "spake2_hmac") { |
| 31 return Spake2(HMAC_SHA256); | 36 return Spake2(HMAC_SHA256); |
| 37 } else if (value == "third_party") { |
| 38 return ThirdParty(); |
| 32 } else { | 39 } else { |
| 33 return AuthenticationMethod::Invalid(); | 40 return AuthenticationMethod::Invalid(); |
| 34 } | 41 } |
| 35 } | 42 } |
| 36 | 43 |
| 37 // static | 44 // static |
| 38 std::string AuthenticationMethod::ApplyHashFunction( | 45 std::string AuthenticationMethod::ApplyHashFunction( |
| 39 HashFunction hash_function, | 46 HashFunction hash_function, |
| 40 const std::string& tag, | 47 const std::string& tag, |
| 41 const std::string& shared_secret) { | 48 const std::string& shared_secret) { |
| (...skipping 15 matching lines...) Expand all Loading... |
| 57 | 64 |
| 58 return std::string(out_bytes, out_bytes + sizeof(out_bytes)); | 65 return std::string(out_bytes, out_bytes + sizeof(out_bytes)); |
| 59 } | 66 } |
| 60 } | 67 } |
| 61 | 68 |
| 62 NOTREACHED(); | 69 NOTREACHED(); |
| 63 return shared_secret; | 70 return shared_secret; |
| 64 } | 71 } |
| 65 | 72 |
| 66 AuthenticationMethod::AuthenticationMethod() | 73 AuthenticationMethod::AuthenticationMethod() |
| 67 : invalid_(true), | 74 : type_(INVALID), |
| 68 hash_function_(NONE) { | 75 hash_function_(NONE) { |
| 69 } | 76 } |
| 70 | 77 |
| 71 AuthenticationMethod::AuthenticationMethod(HashFunction hash_function) | 78 AuthenticationMethod::AuthenticationMethod(MethodType type, |
| 72 : invalid_(false), | 79 HashFunction hash_function) |
| 80 : type_(type), |
| 73 hash_function_(hash_function) { | 81 hash_function_(hash_function) { |
| 82 DCHECK_NE(type_, INVALID); |
| 74 } | 83 } |
| 75 | 84 |
| 76 AuthenticationMethod::HashFunction AuthenticationMethod::hash_function() const { | 85 AuthenticationMethod::HashFunction AuthenticationMethod::hash_function() const { |
| 77 DCHECK(is_valid()); | 86 DCHECK(is_valid()); |
| 78 return hash_function_; | 87 return hash_function_; |
| 79 } | 88 } |
| 80 | 89 |
| 81 const std::string AuthenticationMethod::ToString() const { | 90 const std::string AuthenticationMethod::ToString() const { |
| 82 DCHECK(is_valid()); | 91 DCHECK(is_valid()); |
| 83 | 92 |
| 93 if (type_ == THIRD_PARTY) |
| 94 return "third_party"; |
| 95 |
| 96 DCHECK_EQ(type_, SPAKE2); |
| 97 |
| 84 switch (hash_function_) { | 98 switch (hash_function_) { |
| 85 case NONE: | 99 case NONE: |
| 86 return "spake2_plain"; | 100 return "spake2_plain"; |
| 87 case HMAC_SHA256: | 101 case HMAC_SHA256: |
| 88 return "spake2_hmac"; | 102 return "spake2_hmac"; |
| 89 } | 103 } |
| 90 | 104 |
| 91 NOTREACHED(); | 105 return "invalid"; |
| 92 return ""; | |
| 93 } | 106 } |
| 94 | 107 |
| 95 bool AuthenticationMethod::operator ==( | 108 bool AuthenticationMethod::operator ==( |
| 96 const AuthenticationMethod& other) const { | 109 const AuthenticationMethod& other) const { |
| 97 if (!is_valid()) | 110 return type_ == other.type_ && |
| 98 return !other.is_valid(); | 111 hash_function_ == other.hash_function_; |
| 99 if (!other.is_valid()) | |
| 100 return false; | |
| 101 return hash_function_ == other.hash_function_; | |
| 102 } | 112 } |
| 103 | 113 |
| 104 bool SharedSecretHash::Parse(const std::string& as_string) { | 114 bool SharedSecretHash::Parse(const std::string& as_string) { |
| 105 size_t separator = as_string.find(':'); | 115 size_t separator = as_string.find(':'); |
| 106 if (separator == std::string::npos) | 116 if (separator == std::string::npos) |
| 107 return false; | 117 return false; |
| 108 | 118 |
| 109 std::string function_name = as_string.substr(0, separator); | 119 std::string function_name = as_string.substr(0, separator); |
| 110 if (function_name == "plain") { | 120 if (function_name == "plain") { |
| 111 hash_function = AuthenticationMethod::NONE; | 121 hash_function = AuthenticationMethod::NONE; |
| 112 } else if (function_name == "hmac") { | 122 } else if (function_name == "hmac") { |
| 113 hash_function = AuthenticationMethod::HMAC_SHA256; | 123 hash_function = AuthenticationMethod::HMAC_SHA256; |
| 114 } else { | 124 } else { |
| 115 return false; | 125 return false; |
| 116 } | 126 } |
| 117 | 127 |
| 118 if (!base::Base64Decode(as_string.substr(separator + 1), &value)) { | 128 if (!base::Base64Decode(as_string.substr(separator + 1), &value)) { |
| 119 return false; | 129 return false; |
| 120 } | 130 } |
| 121 | 131 |
| 122 return true; | 132 return true; |
| 123 } | 133 } |
| 124 | 134 |
| 125 } // namespace protocol | 135 } // namespace protocol |
| 126 } // namespace remoting | 136 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12326090:
Third Party authentication protocol. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@host_key_pair