Chromium Code Reviews Chromium Code Reviews
Issue 8647001:
Add implementation for current IT2Me auth. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: remoting/protocol/simple_host_authenticator.cc |
| diff --git a/remoting/protocol/simple_host_authenticator.cc b/remoting/protocol/simple_host_authenticator.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..4efc0f58513d522843db445f6f5b5ddc9a296ef9 |
| --- /dev/null |
| +++ b/remoting/protocol/simple_host_authenticator.cc |
| @@ -0,0 +1,113 @@ |
| +// Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "remoting/protocol/simple_host_authenticator.h" |
| + |
| +#include "base/base64.h" |
| +#include "base/logging.h" |
| +#include "crypto/rsa_private_key.h" |
| +#include "remoting/base/constants.h" |
| +#include "remoting/protocol/auth_util.h" |
| +#include "remoting/protocol/simple_host_channel_authenticator.h" |
| +#include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
| + |
| +using buzz::QName; |
| +using buzz::XmlElement; |
| + |
| +namespace remoting { |
| +namespace protocol { |
| + |
| +namespace { |
| +const char kAuthenticationTag[] = "authentication"; |
| +const char kAuthTokenTag[] = "auth-token"; |
| +const char kCertificateTag[] = "certificate"; |
| +} // namespace |
| + |
| +SimpleHostAuthenticator::SimpleHostAuthenticator( |
| + const std::string& local_cert, |
| + crypto::RSAPrivateKey* local_private_key, |
| + const std::string& shared_secret, |
| + const std::string& remote_jid) |
| + : local_cert_(local_cert), |
| + local_private_key_(local_private_key), |
| + shared_secret_(shared_secret), |
| + remote_jid_(remote_jid), |
| + state_(WAITING_MESSAGE) { |
| +} |
| + |
| +SimpleHostAuthenticator::~SimpleHostAuthenticator() { |
| +} |
| + |
| +Authenticator::State SimpleHostAuthenticator::state() const { |
| + return state_; |
| +} |
| + |
| +void SimpleHostAuthenticator::ProcessMessage(const XmlElement* message) { |
| + DCHECK_EQ(state_, WAITING_MESSAGE); |
| + |
| + std::string auth_token = |
| + message->TextNamed(buzz::QName(kChromotingXmlNamespace, kAuthTokenTag)); |
| + |
| + if (!protocol::VerifySupportAuthToken( |
| + remote_jid_, shared_secret_, auth_token)) { |
| + state_ = REJECTED; |
| + } else { |
| + state_ = MESSAGE_READY; |
| + } |
| +} |
| + |
| +XmlElement* SimpleHostAuthenticator::GetNextMessage() { |
| + DCHECK_EQ(state_, MESSAGE_READY); |
| + |
| + XmlElement* message = new XmlElement( |
| + QName(kChromotingXmlNamespace, kAuthenticationTag)); |
|
Wez
2011/11/22 22:58:05
nit: Create |message| lower down, where it's actua
Sergey Ulanov
2011/11/23 02:02:25
We create XML tree here, and I think it's easier t
|
| + |
| + buzz::XmlElement* certificate_tag = new XmlElement( |
| + buzz::QName(kChromotingXmlNamespace, kCertificateTag)); |
| + std::string base64_cert; |
| + if (!base::Base64Encode(local_cert_, &base64_cert)) { |
| + LOG(DFATAL) << "Cannot perform base64 encode on certificate"; |
| + } |
| + certificate_tag->SetBodyText(base64_cert); |
| + message->AddElement(certificate_tag); |
| + |
| + state_ = ACCEPTED; |
| + return message; |
| +} |
| + |
| +ChannelAuthenticator* |
| +SimpleHostAuthenticator::CreateChannelAuthenticator() const { |
| + DCHECK_EQ(state_, ACCEPTED); |
| + return new SimpleHostChannelAuthenticator( |
| + local_cert_, local_private_key_, shared_secret_); |
| +}; |
| + |
| +SimpleHostAuthenticatorFactory::SimpleHostAuthenticatorFactory( |
| + const std::string& local_cert, |
| + crypto::RSAPrivateKey* local_private_key, |
| + const std::string& shared_secret) |
| + : local_cert_(local_cert), |
| + shared_secret_(shared_secret) { |
| + DCHECK(local_private_key); |
| + |
| + // TODO(hclam): Need a better way to clone a key. |
|
Wez
2011/11/22 22:58:05
nit: We should just create a bug for that, referen
Sergey Ulanov
2011/11/23 02:02:25
Opened crbug.com/105220
|
| + std::vector<uint8> key_bytes; |
| + CHECK(local_private_key->ExportPrivateKey(&key_bytes)); |
| + local_private_key_.reset( |
| + crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); |
| + CHECK(local_private_key_.get()); |
| +} |
| + |
| +SimpleHostAuthenticatorFactory::~SimpleHostAuthenticatorFactory() { |
| +} |
| + |
| +Authenticator* SimpleHostAuthenticatorFactory::CreateAuthenticator( |
| + const std::string& remote_jid, |
| + const buzz::XmlElement* first_message) { |
| + return new SimpleHostAuthenticator(local_cert_, local_private_key_.get(), |
| + shared_secret_, remote_jid); |
| +} |
| + |
| +} // namespace remoting |
| +} // namespace protocol |
