Index: remoting/protocol/negotiating_host_authenticator.cc |
diff --git a/remoting/protocol/negotiating_host_authenticator.cc b/remoting/protocol/negotiating_host_authenticator.cc |
index f60a6d24bf9632fa4962f82b851db41836b3c0c4..a21dd19f5bab812f9f0f07c5e30e505ba2041552 100644 |
--- a/remoting/protocol/negotiating_host_authenticator.cc |
+++ b/remoting/protocol/negotiating_host_authenticator.cc |
@@ -13,6 +13,8 @@ |
#include "base/strings/string_split.h" |
#include "remoting/base/rsa_key_pair.h" |
#include "remoting/protocol/channel_authenticator.h" |
+#include "remoting/protocol/pairing_host_authenticator.h" |
+#include "remoting/protocol/pairing_registry.h" |
#include "remoting/protocol/v2_authenticator.h" |
#include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
@@ -32,11 +34,16 @@ scoped_ptr<Authenticator> NegotiatingHostAuthenticator::CreateWithSharedSecret( |
const std::string& local_cert, |
scoped_refptr<RsaKeyPair> key_pair, |
const std::string& shared_secret_hash, |
- AuthenticationMethod::HashFunction hash_function) { |
+ AuthenticationMethod::HashFunction hash_function, |
+ scoped_refptr<PairingRegistry> pairing_registry) { |
scoped_ptr<NegotiatingHostAuthenticator> result( |
new NegotiatingHostAuthenticator(local_cert, key_pair)); |
result->shared_secret_hash_ = shared_secret_hash; |
+ result->pairing_registry_ = pairing_registry; |
result->AddMethod(AuthenticationMethod::Spake2(hash_function)); |
+ if (pairing_registry) { |
+ result->AddMethod(AuthenticationMethod::Spake2Pair()); |
+ } |
return scoped_ptr<Authenticator>(result.Pass()); |
} |
@@ -72,8 +79,9 @@ void NegotiatingHostAuthenticator::ProcessMessage( |
return; |
} |
- // If the client did not specify auth method or specified unknown method, |
- // then select the first known method from the supported-methods attribute. |
+ // If the client did not specify auth method or specified an unknown |
+ // or unsupported method, then select the first known method from |
+ // the supported-methods attribute. |
if (!method.is_valid() || |
std::find(methods_.begin(), methods_.end(), method) == methods_.end()) { |
method = AuthenticationMethod::Invalid(); |
@@ -155,12 +163,15 @@ void NegotiatingHostAuthenticator::CreateAuthenticator( |
DCHECK(token_validator_); |
current_authenticator_.reset(new ThirdPartyHostAuthenticator( |
local_cert_, local_key_pair_, token_validator_.Pass())); |
+ } else if (current_method_ == AuthenticationMethod::Spake2Pair()) { |
+ current_authenticator_.reset(new PairingHostAuthenticator( |
+ pairing_registry_, local_cert_, local_key_pair_, shared_secret_hash_, |
+ preferred_initial_state)); |
} else { |
current_authenticator_ = V2Authenticator::CreateForHost( |
local_cert_, local_key_pair_, shared_secret_hash_, |
preferred_initial_state); |
} |
- |
resume_callback.Run(); |
} |