Move SSL layer initialization into ChannelAuthenticator implementations.

remoting/protocol/auth_util.cc

Index: remoting/protocol/auth_util.cc
diff --git a/remoting/protocol/auth_util.cc b/remoting/protocol/auth_util.cc
new file mode 100644
index 0000000000000000000000000000000000000000..1daa6007da7fc50c155be43dbaac9d98bf0a63c5
--- /dev/null
+++ b/remoting/protocol/auth_util.cc
@@ -0,0 +1,60 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "remoting/protocol/auth_util.h"
+
+#include "base/base64.h"
+#include "base/logging.h"
+#include "base/string_util.h"
+#include "crypto/sha2.h"

[Wez, 2011/11/22 22:29:48]

This should come after crypto/hmac.h

[Sergey Ulanov, 2011/11/23 01:23:42]

Done.

+#include "crypto/hmac.h"
+
+namespace remoting {
+namespace protocol {
+
+const char kClientAuthSslExporterLabel[] =
+    "EXPORTER-remoting-channel-auth-client";
+
+const char kSslFakeHostName[] = "chromoting";
+
+std::string GenerateSupportAuthToken(const std::string& jid,
+                                     const std::string& access_code) {
+  std::string sha256 = crypto::SHA256HashString(jid + " " + access_code);
+  std::string sha256_base64;
+  if (!base::Base64Encode(sha256, &sha256_base64)) {
+    LOG(FATAL) << "Failed to encode auth token";

[Wez, 2011/11/22 22:29:48]

Out of interest, how on earth can that ever fail??

[Sergey Ulanov, 2011/11/23 01:23:42]

It should not, that's why we have LOG(FATAL) here, but there may be cases when
we get error from the library (e.g. out of memory). Ignoring possible error is
not a good idea.

+  }
+  return sha256_base64;
+}
+
+bool VerifySupportAuthToken(const std::string& jid,
+                            const std::string& access_code,
+                            const std::string& auth_token) {
+  std::string expected_token =
+      GenerateSupportAuthToken(jid, access_code);
+  return expected_token == auth_token;
+}
+
+// static
+bool GetAuthBytes(const std::string& shared_secret,
+                  const std::string& key_material,
+                  std::string* auth_bytes) {
+  // Generate auth digest based on the keying material and shared secret.
+  crypto::HMAC response(crypto::HMAC::SHA256);
+  if (!response.Init(key_material)) {
+    NOTREACHED() << "HMAC::Init failed";

[Wez, 2011/11/22 22:29:48]

Would it be cleaner to get rid of the return code and CHECK() these?

[Sergey Ulanov, 2011/11/23 01:23:42]

This method may fail, for example, if key_material has invalid length. Also
current code yields smaller binary, so I think it's better to keep it as it is.

+    return false;
+  }
+  unsigned char out_bytes[kAuthDigestLength];
+  if (!response.Sign(shared_secret, out_bytes, kAuthDigestLength)) {
+    NOTREACHED() << "HMAC::Sign failed";
+    return false;
+  }
+
+  auth_bytes->assign(out_bytes, out_bytes + kAuthDigestLength);
+  return true;
+}
+
+}  // namespace protocol
+}  // namespace remoting