Chromium Code Reviews Chromium Code Reviews
Issue 14793021:
PairingAuthenticator implementation and plumbing. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef REMOTING_PROTOCOL_PAIRING_AUTHENTICATOR_BASE_H_ | |
| 6 #define REMOTING_PROTOCOL_PAIRING_AUTHENTICATOR_BASE_H_ | |
| 7 | |
| 8 #include "base/memory/weak_ptr.h" | |
| 9 #include "remoting/protocol/authenticator.h" | |
| 10 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" | |
| 11 | |
| 12 namespace remoting { | |
| 13 namespace protocol { | |
| 14 | |
| 15 // The pairing authenticator builds on top of V2Authenticator to add | |
| 16 // support for PIN-less authentication via device pairing: | |
| 17 // | |
| 18 // * If a client device is already paired, it includes in the initial | |
| 19 // authentication message a Client Id and the first SPAKE message | |
| 20 // using the Paired Secret and HMAC_SHA256. | |
| 21 // * If the host recognizes the Client Id, it looks up the corresponding | |
| 22 // Paired Secret and continue the SPAKE exchange. | |
| 23 // * If it does not recognize the Client Id, it initiates a SPAKE exchange | |
| 24 // with HMAC_SHA256 using the PIN as the shared secret. The initial | |
| 25 // message of this exchange includes an an error message, which | |
| 26 // informs the client that the PIN-less connection failed and causes | |
| 27 // it to prompt the user for a PIN to use for authentication | |
| 28 // instead. | |
| 29 // * If, at any point, the SPAKE exchange fails with the Paired Secret, | |
| 30 // the endpoint that detects the failure initiates a new SPAKE exchange | |
| 31 // using the PIN, and includes an error message to instruct the peer | |
| 32 // to do likewise. | |
| 33 // | |
| 34 // If a client device is not already paired, but supports pairing, then | |
| 35 // the V2Authenticator is used instead of this class. Only the method name | |
| 36 // differs, which the client uses to determine that pairing should be offered | |
| 37 // to the user (see NegotiatingHostAuthenticator::CreateAuthenticator and | |
| 38 // NegotiatingClientAuthenticator::CreateAuthenticatorForCurrentMethod). | |
| 39 class PairingAuthenticatorBase : public Authenticator { | |
| 40 public: | |
| 41 PairingAuthenticatorBase(); | |
| 42 virtual ~PairingAuthenticatorBase() {} | |
| 43 | |
| 44 // Authenticator interface. | |
| 45 virtual State state() const OVERRIDE; | |
| 46 virtual RejectionReason rejection_reason() const OVERRIDE; | |
| 47 virtual void ProcessMessage(const buzz::XmlElement* message, | |
| 48 const base::Closure& resume_callback) OVERRIDE; | |
| 49 virtual scoped_ptr<buzz::XmlElement> GetNextMessage() OVERRIDE; | |
| 50 virtual scoped_ptr<ChannelAuthenticator> | |
| 51 CreateChannelAuthenticator() const OVERRIDE; | |
| 52 | |
| 53 typedef base::Callback<void(scoped_ptr<Authenticator> authenticator)> | |
| 54 SetAuthenticatorCallback; | |
|
Wez
2013/05/22 00:51:45
Does this need to be public?
Jamie
2013/05/22 01:16:46
No, I've changed it to protected.
| |
| 55 | |
| 56 protected: | |
| 57 // Create a V2 authenticator in the specified state, prompting the user for | |
| 58 // the PIN first if necessary. | |
| 59 virtual void CreateV2AuthenticatorWithPIN( | |
| 60 State initial_state, | |
| 61 const SetAuthenticatorCallback& callback) = 0; | |
| 62 | |
| 63 // Amend an authenticator message, for example to add client- or host-specific | |
| 64 // elements to it. | |
| 65 virtual void AddPairingElements(buzz::XmlElement* message) = 0; | |
| 66 | |
| 67 // A non-fatal error message that derived classes should set in order to | |
| 68 // cause the peer to be notified that pairing has failed and that it should | |
| 69 // fall back on PIN authentication. This string need not be human-readable, | |
| 70 // nor is it currently used other than being logged. | |
| 71 std::string error_message_; | |
| 72 | |
| 73 // The underlying V2 authenticator, created with either the PIN or the | |
| 74 // Paired Secret by the derived class. | |
| 75 scoped_ptr<Authenticator> v2_authenticator_; | |
| 76 | |
| 77 // Derived classes must set this to True if the underlying authenticator is | |
| 78 // using the Paired Secret. | |
| 79 bool using_paired_secret_; | |
| 80 | |
| 81 static const buzz::StaticQName kPairingInfoTag; | |
| 82 static const buzz::StaticQName kClientIdAttribute; | |
|
Wez
2013/05/22 00:51:45
These belong at the top of the section, after the
Jamie
2013/05/22 01:16:46
Done.
| |
| 83 | |
| 84 private: | |
| 85 void MaybeAddErrorMessage(buzz::XmlElement* message); | |
| 86 bool HasErrorMessage(const buzz::XmlElement* message) const; | |
| 87 void CheckForFailedSpakeExchange(const base::Closure& resume_callback); | |
| 88 void SetAuthenticator(const base::Closure& resume_callback, | |
| 89 scoped_ptr<Authenticator> authenticator); | |
| 90 void SetAuthenticatorAndProcessMessage( | |
| 91 const buzz::XmlElement* message, | |
| 92 const base::Closure& resume_callback, | |
| 93 scoped_ptr<Authenticator> authenticator); | |
|
Wez
2013/05/22 00:51:45
nit: Document these members, please.
Jamie
2013/05/22 01:16:46
Done.
| |
| 94 | |
| 95 // Set to true if a PIN-based authenticator has been requested but has not | |
| 96 // yet been set. | |
| 97 bool waiting_for_authenticator_; | |
| 98 | |
| 99 base::WeakPtrFactory<PairingAuthenticatorBase> weak_factory_; | |
| 100 | |
| 101 DISALLOW_COPY_AND_ASSIGN(PairingAuthenticatorBase); | |
| 102 }; | |
| 103 | |
| 104 } // namespace protocol | |
| 105 } // namespace remoting | |
| 106 | |
| 107 #endif // REMOTING_PROTOCOL_PAIRING_AUTHENTICATOR_H_ | |
| OLD | NEW |
