OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ | 5 #ifndef REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ |
6 #define REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ | 6 #define REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/callback.h" | 10 #include "base/callback.h" |
11 #include "base/memory/ref_counted.h" | 11 #include "base/memory/ref_counted.h" |
12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
13 #include "base/threading/non_thread_safe.h" | 13 #include "base/threading/non_thread_safe.h" |
14 #include "remoting/protocol/channel_authenticator.h" | 14 #include "remoting/protocol/channel_authenticator.h" |
15 | 15 |
16 namespace crypto { | |
17 class RSAPrivateKey; | |
18 } // namespace crypto | |
19 | |
20 namespace net { | 16 namespace net { |
21 class CertVerifier; | 17 class CertVerifier; |
22 class DrainableIOBuffer; | 18 class DrainableIOBuffer; |
23 class GrowableIOBuffer; | 19 class GrowableIOBuffer; |
24 class SSLSocket; | 20 class SSLSocket; |
25 } // namespace net | 21 } // namespace net |
26 | 22 |
27 namespace remoting { | 23 namespace remoting { |
28 namespace protocol { | 24 namespace protocol { |
29 | 25 |
| 26 class KeyPair; |
| 27 |
30 // SslHmacChannelAuthenticator implements ChannelAuthenticator that | 28 // SslHmacChannelAuthenticator implements ChannelAuthenticator that |
31 // secures channels using SSL and authenticates them with a shared | 29 // secures channels using SSL and authenticates them with a shared |
32 // secret HMAC. | 30 // secret HMAC. |
33 class SslHmacChannelAuthenticator : public ChannelAuthenticator, | 31 class SslHmacChannelAuthenticator : public ChannelAuthenticator, |
34 public base::NonThreadSafe { | 32 public base::NonThreadSafe { |
35 public: | 33 public: |
36 enum LegacyMode { | 34 enum LegacyMode { |
37 NONE, | 35 NONE, |
38 SEND_ONLY, | 36 SEND_ONLY, |
39 RECEIVE_ONLY, | 37 RECEIVE_ONLY, |
40 }; | 38 }; |
41 | 39 |
42 // CreateForClient() and CreateForHost() create an authenticator | 40 // CreateForClient() and CreateForHost() create an authenticator |
43 // instances for client and host. |auth_key| specifies shared key | 41 // instances for client and host. |auth_key| specifies shared key |
44 // known by both host and client. In case of V1Authenticator the | 42 // known by both host and client. In case of V1Authenticator the |
45 // |auth_key| is set to access code. For EKE-based authentication | 43 // |auth_key| is set to access code. For EKE-based authentication |
46 // |auth_key| is the key established using EKE over the signaling | 44 // |auth_key| is the key established using EKE over the signaling |
47 // channel. | 45 // channel. |
48 static scoped_ptr<SslHmacChannelAuthenticator> CreateForClient( | 46 static scoped_ptr<SslHmacChannelAuthenticator> CreateForClient( |
49 const std::string& remote_cert, | 47 const std::string& remote_cert, |
50 const std::string& auth_key); | 48 const std::string& auth_key); |
51 | 49 |
52 static scoped_ptr<SslHmacChannelAuthenticator> CreateForHost( | 50 static scoped_ptr<SslHmacChannelAuthenticator> CreateForHost( |
53 const std::string& local_cert, | 51 const std::string& local_cert, |
54 crypto::RSAPrivateKey* local_private_key, | 52 scoped_ptr<KeyPair> key_pair, |
55 const std::string& auth_key); | 53 const std::string& auth_key); |
56 | 54 |
57 virtual ~SslHmacChannelAuthenticator(); | 55 virtual ~SslHmacChannelAuthenticator(); |
58 | 56 |
59 // ChannelAuthenticator interface. | 57 // ChannelAuthenticator interface. |
60 virtual void SecureAndAuthenticate( | 58 virtual void SecureAndAuthenticate( |
61 scoped_ptr<net::StreamSocket> socket, | 59 scoped_ptr<net::StreamSocket> socket, |
62 const DoneCallback& done_callback) OVERRIDE; | 60 const DoneCallback& done_callback) OVERRIDE; |
63 | 61 |
64 private: | 62 private: |
(...skipping 13 matching lines...) Expand all Loading... |
78 bool VerifyAuthBytes(const std::string& received_auth_bytes); | 76 bool VerifyAuthBytes(const std::string& received_auth_bytes); |
79 | 77 |
80 void CheckDone(bool* callback_called); | 78 void CheckDone(bool* callback_called); |
81 void NotifyError(int error); | 79 void NotifyError(int error); |
82 | 80 |
83 // The mutual secret used for authentication. | 81 // The mutual secret used for authentication. |
84 std::string auth_key_; | 82 std::string auth_key_; |
85 | 83 |
86 // Used in the SERVER mode only. | 84 // Used in the SERVER mode only. |
87 std::string local_cert_; | 85 std::string local_cert_; |
88 crypto::RSAPrivateKey* local_private_key_; | 86 scoped_ptr<KeyPair> key_pair_; |
89 | 87 |
90 // Used in the CLIENT mode only. | 88 // Used in the CLIENT mode only. |
91 std::string remote_cert_; | 89 std::string remote_cert_; |
92 scoped_ptr<net::CertVerifier> cert_verifier_; | 90 scoped_ptr<net::CertVerifier> cert_verifier_; |
93 | 91 |
94 scoped_ptr<net::SSLSocket> socket_; | 92 scoped_ptr<net::SSLSocket> socket_; |
95 DoneCallback done_callback_; | 93 DoneCallback done_callback_; |
96 | 94 |
97 scoped_refptr<net::DrainableIOBuffer> auth_write_buf_; | 95 scoped_refptr<net::DrainableIOBuffer> auth_write_buf_; |
98 scoped_refptr<net::GrowableIOBuffer> auth_read_buf_; | 96 scoped_refptr<net::GrowableIOBuffer> auth_read_buf_; |
99 | 97 |
100 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticator); | 98 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticator); |
101 }; | 99 }; |
102 | 100 |
103 } // namespace protocol | 101 } // namespace protocol |
104 } // namespace remoting | 102 } // namespace remoting |
105 | 103 |
106 #endif // REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ | 104 #endif // REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ |
OLD | NEW |