remoting/protocol/authentication_method.cc - Issue 12326090: Third Party authentication protocol.

Side by Side Diff: remoting/protocol/authentication_method.cc

Issue 12326090: Third Party authentication protocol. (Closed) Base URL: http://git.chromium.org/chromium/src.git@host_key_pair

Patch Set: Missing moved file. Created 7 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« remoting/protocol/authentication_method.h ('K') | « remoting/protocol/authentication_method.h ('k') | remoting/protocol/authenticator_test_base.h » ('j') | remoting/protocol/third_party_authenticator_base.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "remoting/protocol/authentication_method.h"	5 #include "remoting/protocol/authentication_method.h"

6	6

7 #include "base/base64.h"	7 #include "base/base64.h"

8 #include "base/logging.h"	8 #include "base/logging.h"

9 #include "crypto/hmac.h"	9 #include "crypto/hmac.h"

10 #include "remoting/protocol/auth_util.h"	10 #include "remoting/protocol/auth_util.h"

11	11

12 namespace remoting {	12 namespace remoting {

13 namespace protocol {	13 namespace protocol {

14	14

15 // static	15 // static

16 AuthenticationMethod AuthenticationMethod::Invalid() {	16 AuthenticationMethod AuthenticationMethod::Invalid() {

17 return AuthenticationMethod();	17 return AuthenticationMethod();

18 }	18 }

19	19

20 // static	20 // static

21 AuthenticationMethod AuthenticationMethod::Spake2(HashFunction hash_function) {	21 AuthenticationMethod AuthenticationMethod::Spake2(HashFunction hash_function) {

22 return AuthenticationMethod(hash_function);	22 return AuthenticationMethod(hash_function, false);

23 }	23 }

24	24

25 // static	25 // static

	26 AuthenticationMethod AuthenticationMethod::ThirdParty() {

	27 return AuthenticationMethod(NONE, true);

	28 }

	29

	30 // static

26 AuthenticationMethod AuthenticationMethod::FromString(	31 AuthenticationMethod AuthenticationMethod::FromString(

27 const std::string& value) {	32 const std::string& value) {

28 if (value == "spake2_plain") {	33 if (value == "spake2_plain") {

29 return Spake2(NONE);	34 return Spake2(NONE);

30 } else if (value == "spake2_hmac") {	35 } else if (value == "spake2_hmac") {

31 return Spake2(HMAC_SHA256);	36 return Spake2(HMAC_SHA256);

	37 } else if (value == "third_party") {

	38 return ThirdParty();

32 } else {	39 } else {

33 return AuthenticationMethod::Invalid();	40 return AuthenticationMethod::Invalid();

34 }	41 }

35 }	42 }

36	43

37 // static	44 // static

38 std::string AuthenticationMethod::ApplyHashFunction(	45 std::string AuthenticationMethod::ApplyHashFunction(

39 HashFunction hash_function,	46 HashFunction hash_function,

40 const std::string& tag,	47 const std::string& tag,

41 const std::string& shared_secret) {	48 const std::string& shared_secret) {

(...skipping 16 matching lines...) Expand all Loading...
58 return std::string(out_bytes, out_bytes + sizeof(out_bytes));	65 return std::string(out_bytes, out_bytes + sizeof(out_bytes));

59 }	66 }

60 }	67 }

61	68

62 NOTREACHED();	69 NOTREACHED();

63 return shared_secret;	70 return shared_secret;

64 }	71 }

65	72

66 AuthenticationMethod::AuthenticationMethod()	73 AuthenticationMethod::AuthenticationMethod()

67 : invalid_(true),	74 : invalid_(true),

	75 requires_token_(false),

68 hash_function_(NONE) {	76 hash_function_(NONE) {

69 }	77 }

70	78

71 AuthenticationMethod::AuthenticationMethod(HashFunction hash_function)	79 AuthenticationMethod::AuthenticationMethod(HashFunction hash_function,

	80 bool requires_token)

72 : invalid_(false),	81 : invalid_(false),

	82 requires_token_(requires_token),

73 hash_function_(hash_function) {	83 hash_function_(hash_function) {

74 }	84 }

75	85

76 AuthenticationMethod::HashFunction AuthenticationMethod::hash_function() const {	86 AuthenticationMethod::HashFunction AuthenticationMethod::hash_function() const {

77 DCHECK(is_valid());	87 DCHECK(is_valid());

78 return hash_function_;	88 return hash_function_;

79 }	89 }

80	90

81 const std::string AuthenticationMethod::ToString() const {	91 const std::string AuthenticationMethod::ToString() const {

82 DCHECK(is_valid());	92 DCHECK(is_valid());

83	93

	94 if (requires_token_) {
	Sergey Ulanov 2013/03/20 07:24:12 nit: drop {} nit: drop {} rmsousa 2013/03/21 01:23:25 Done. Show quoted text On 2013/03/20 07:24:12, sergeyu wrote: > nit: drop {} Done.
	95 return "third_party";

	96 }

	97

84 switch (hash_function_) {	98 switch (hash_function_) {

85 case NONE:	99 case NONE:

86 return "spake2_plain";	100 return "spake2_plain";

87 case HMAC_SHA256:	101 case HMAC_SHA256:

88 return "spake2_hmac";	102 return "spake2_hmac";

	103 default:

	104 NOTREACHED();

89 }	105 }

90	106

91 NOTREACHED();	107 return "invalid";

92 return "";

93 }	108 }

94	109

95 bool AuthenticationMethod::operator ==(	110 bool AuthenticationMethod::operator ==(

96 const AuthenticationMethod& other) const {	111 const AuthenticationMethod& other) const {

97 if (!is_valid())	112 if (!is_valid())

98 return !other.is_valid();	113 return !other.is_valid();

99 if (!other.is_valid())	114 if (!other.is_valid())

100 return false;	115 return false;

101 return hash_function_ == other.hash_function_;	116 return ToString() == other.ToString();
	Sergey Ulanov 2013/03/20 07:24:12 It's bad enough that we have this operator at all. It's bad enough that we have this operator at all. It would be even worse if we make it slow. AuthenticationMethod() is a simple value class - comparing all members will give do what we need here. If you type member as I suggested this function can look as follows: return type_ == other.type_ && hash_function_ == other.hash_function_; No need to have ifs above. rmsousa 2013/03/21 01:23:25 Done. Show quoted text On 2013/03/20 07:24:12, sergeyu wrote: > It's bad enough that we have this operator at all. It would be even worse if we > make it slow. AuthenticationMethod() is a simple value class - comparing all > members will give do what we need here. If you type member as I suggested this > function can look as follows: > return type_ == other.type_ && > hash_function_ == other.hash_function_; > No need to have ifs above. Done.
102 }	117 }

103	118

104 bool SharedSecretHash::Parse(const std::string& as_string) {	119 bool SharedSecretHash::Parse(const std::string& as_string) {

105 size_t separator = as_string.find(':');	120 size_t separator = as_string.find(':');

106 if (separator == std::string::npos)	121 if (separator == std::string::npos)

107 return false;	122 return false;

108	123

109 std::string function_name = as_string.substr(0, separator);	124 std::string function_name = as_string.substr(0, separator);

110 if (function_name == "plain") {	125 if (function_name == "plain") {

111 hash_function = AuthenticationMethod::NONE;	126 hash_function = AuthenticationMethod::NONE;

112 } else if (function_name == "hmac") {	127 } else if (function_name == "hmac") {

113 hash_function = AuthenticationMethod::HMAC_SHA256;	128 hash_function = AuthenticationMethod::HMAC_SHA256;

114 } else {	129 } else {

115 return false;	130 return false;

116 }	131 }

117	132

118 if (!base::Base64Decode(as_string.substr(separator + 1), &value)) {	133 if (!base::Base64Decode(as_string.substr(separator + 1), &value)) {

119 return false;	134 return false;

120 }	135 }

121	136

122 return true;	137 return true;

123 }	138 }

124	139

125 } // namespace protocol	140 } // namespace protocol

126 } // namespace remoting	141 } // namespace remoting

OLD	NEW