OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef REMOTING_PROTOCOL_PAIRING_CLIENT_AUTHENTICATOR_H_ | |
6 #define REMOTING_PROTOCOL_PAIRING_CLIENT_AUTHENTICATOR_H_ | |
7 | |
8 #include "base/memory/weak_ptr.h" | |
9 #include "remoting/protocol/authenticator.h" | |
10 | |
11 namespace remoting { | |
12 | |
13 class RsaKeyPair; | |
Sergey Ulanov
2013/05/17 01:57:17
nit: Not used.
Jamie
2013/05/21 01:24:33
Done.
| |
14 | |
15 namespace protocol { | |
16 | |
17 class Authenticator; | |
18 | |
19 typedef base::Callback<void(const std::string& secret)> SecretFetchedCallback; | |
Sergey Ulanov
2013/05/17 01:57:17
These are also declared in negotiating_client_auth
rmsousa
2013/05/17 20:09:03
They are actually the same function as the regular
Jamie
2013/05/21 01:24:33
I've moved them to authenticator, but I've left th
| |
20 typedef base::Callback<void( | |
21 const SecretFetchedCallback& secret_fetched_callback)> FetchSecretCallback; | |
22 | |
23 // PairingClientAuthenticator builds on top of V2Authenticator to add | |
24 // support for PIN-less authentication via device pairing: | |
25 // | |
26 // * If a client device is already paired, it includes a client id in | |
27 // the initial authentication message. | |
28 // * If the host recognizes the id, it looks up the corresponding | |
29 // paired secret and initiates a SPAKE with HMAC_SHA256. | |
30 // * If it does not recognize the id, it initiates a SPAKE exchange | |
31 // with HMAC_SHA256 using the PIN as the shared secret. The initial | |
32 // message of this exchange includes an an error message, which | |
33 // informs the client that the PIN-less connection failed and causes | |
34 // it to prompt the user for a PIN to use for authentication | |
35 // instead. | |
36 // | |
37 // If a client device is not already paired, but supports pairing, it | |
38 // sends an empty initial authentication message. In this case, the | |
39 // authenticator behaves exactly like the V2Authenticator with | |
40 // HMAC_SHA256--only the method name differs, which the client uses to | |
41 // detect that pairing should be offered to the user. | |
42 class PairingClientAuthenticator : public Authenticator { | |
Sergey Ulanov
2013/05/17 01:57:17
Can you please add some unittests for the new auth
Jamie
2013/05/21 01:24:33
The tests in negotiating_authenticator_unittests a
| |
43 public: | |
44 PairingClientAuthenticator( | |
45 const std::string& client_id, | |
46 const std::string& paired_secret, | |
47 const FetchSecretCallback& fetch_pin_callback, | |
48 const std::string& authentication_tag); | |
49 virtual ~PairingClientAuthenticator() {} | |
50 | |
51 // Authenticator interface. | |
52 virtual State state() const OVERRIDE; | |
53 virtual RejectionReason rejection_reason() const OVERRIDE; | |
54 virtual void ProcessMessage(const buzz::XmlElement* message, | |
55 const base::Closure& resume_callback) OVERRIDE; | |
56 virtual scoped_ptr<buzz::XmlElement> GetNextMessage() OVERRIDE; | |
57 virtual scoped_ptr<ChannelAuthenticator> | |
58 CreateChannelAuthenticator() const OVERRIDE; | |
59 | |
60 private: | |
61 void CreateV2AuthenticatorWithPIN(const buzz::XmlElement* message, | |
62 const base::Closure& resume_callback, | |
63 const std::string& pin); | |
64 | |
65 // |pairing_state_| indicates the progress of the initial pairing client | |
66 // id exchange. MESSAGE_READY, WAITING_MESSAGE and PROCESSING_MESSAGE map | |
67 // directly to the corresponding return value from the |state| method (the | |
68 // latter means that the user is being prompted for the PIN). ACCEPTED and | |
69 // REJECTED mean that the client id exchange is complete and succeeded or | |
70 // failed, respectively. Currently, no distinction is made between these | |
71 // two states--in either case the underlying v2 authenticator has been | |
72 // created and holds the state of the overall auth exchange. | |
73 State pairing_state_; | |
74 | |
75 std::string client_id_; | |
76 const std::string& paired_secret_; | |
77 FetchSecretCallback fetch_pin_callback_; | |
78 std::string authentication_tag_; | |
79 State initial_state_; | |
80 scoped_ptr<Authenticator> v2_authenticator_; | |
81 base::WeakPtrFactory<PairingClientAuthenticator> weak_factory_; | |
82 | |
83 DISALLOW_COPY_AND_ASSIGN(PairingClientAuthenticator); | |
84 }; | |
85 | |
86 } // namespace protocol | |
87 } // namespace remoting | |
88 | |
89 #endif // REMOTING_PROTOCOL_PAIRING_AUTHENTICATOR_H_ | |
OLD | NEW |