Chromium Code Reviews Chromium Code Reviews
Issue 14793021:
PairingAuthenticator implementation and plumbing. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: remoting/protocol/pairing_client_authenticator.cc |
| diff --git a/remoting/protocol/pairing_client_authenticator.cc b/remoting/protocol/pairing_client_authenticator.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..969fc67d736555d6c70239245948390155a07866 |
| --- /dev/null |
| +++ b/remoting/protocol/pairing_client_authenticator.cc |
| @@ -0,0 +1,121 @@ |
| +// Copyright 2013 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "remoting/protocol/pairing_client_authenticator.h" |
| + |
| +#include "base/bind.h" |
| +#include "base/logging.h" |
| +#include "remoting/base/constants.h" |
| +#include "remoting/base/rsa_key_pair.h" |
| +#include "remoting/protocol/authentication_method.h" |
| +#include "remoting/protocol/channel_authenticator.h" |
| +#include "remoting/protocol/v2_authenticator.h" |
| +#include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
| + |
| +namespace remoting { |
| +namespace protocol { |
| + |
| +namespace { |
| +// These definitions must be kept in sync with pairing_host_authenticator.cc. |
| +const buzz::StaticQName kPairingInfoTag = |
| + { kChromotingXmlNamespace, "pairing-info" }; |
| +const buzz::StaticQName kClientIdAttribute = |
| + { "", "client-id" }; |
| +const buzz::StaticQName kPairingFailedTag = |
| + { kChromotingXmlNamespace, "pairing-failed" }; |
| +const buzz::StaticQName kPairingErrorAttribute = |
| + { "", "error" }; |
| +} |
| + |
| +PairingClientAuthenticator::PairingClientAuthenticator( |
| + const std::string& client_id, |
| + const std::string& shared_secret, |
| + const FetchSecretCallback& fetch_secret_callback, |
| + const std::string& authentication_tag) |
| + : pairing_state_(MESSAGE_READY), |
| + client_id_(client_id), |
| + shared_secret_(shared_secret), |
| + fetch_secret_callback_(fetch_secret_callback), |
| + authentication_tag_(authentication_tag), |
| + pairing_failed_(false), |
| + weak_factory_(this) { |
| +} |
| + |
| +Authenticator::State PairingClientAuthenticator::state() const { |
| + if (pairing_state_ == ACCEPTED || pairing_state_ == REJECTED) { |
| + DCHECK(v2_authenticator_); |
| + return v2_authenticator_->state(); |
| + } else { |
| + return pairing_state_; |
| + } |
| +} |
| + |
| +Authenticator::RejectionReason |
| +PairingClientAuthenticator::rejection_reason() const { |
| + DCHECK(v2_authenticator_); |
| + return v2_authenticator_->rejection_reason(); |
| +} |
| + |
| +void PairingClientAuthenticator::ProcessMessage( |
| + const buzz::XmlElement* message, |
| + const base::Closure& resume_callback) { |
|
rmsousa
2013/05/16 00:46:25
please DCHECK_EQ(state(), WAITING_MESSAGE)
Jamie
2013/05/16 19:30:16
Done.
|
| + const buzz::XmlElement* pairing_failed_tag = |
| + message->FirstNamed(kPairingFailedTag); |
| + if (pairing_failed_tag) { |
| + // If pairing failed, prompt the user for the PIN and try again. |
| + std::string error = pairing_failed_tag->Attr(kPairingErrorAttribute); |
| + LOG(INFO) << "Pairing failed: " << error; |
| + pairing_state_ = PROCESSING_MESSAGE; |
| + SecretFetchedCallback callback = base::Bind( |
| + &PairingClientAuthenticator::CreateV2AuthenticatorWithSecret, |
| + weak_factory_.GetWeakPtr(), resume_callback); |
| + fetch_secret_callback_.Run(callback); |
| + return; |
| + } else { |
|
rmsousa
2013/05/16 00:46:25
This could either be a PIN based V2 message or a S
Jamie
2013/05/16 19:30:16
If the pairing authenticator is in use, then the c
rmsousa
2013/05/16 20:11:02
I see. But I think you'll need to use this authent
|
| + // If it's not a pairing error message, create the V2 authenticator |
| + // backed by the shared secret if it doesn't already exist, and let |
| + // it process the message. |
| + if (!v2_authenticator_) { |
| + pairing_state_ = ACCEPTED; |
| + v2_authenticator_ = V2Authenticator::CreateForClient( |
| + shared_secret_, WAITING_MESSAGE); |
| + } |
| + v2_authenticator_->ProcessMessage(message, resume_callback); |
| + } |
| +} |
| + |
| +scoped_ptr<buzz::XmlElement> PairingClientAuthenticator::GetNextMessage() { |
| + // If the initial message has not yet been sent, return it now. |
|
rmsousa
2013/05/16 00:46:25
Please DCHECK_EQ(state(), MESSAGE_READY)
Jamie
2013/05/16 19:30:16
Done.
|
| + if (pairing_state_ == MESSAGE_READY) { |
| + scoped_ptr<buzz::XmlElement> result = CreateEmptyAuthenticatorMessage(); |
| + buzz::XmlElement* pairing_tag = new buzz::XmlElement(kPairingInfoTag); |
| + pairing_tag->AddAttr(kClientIdAttribute, client_id_); |
| + result->AddElement(pairing_tag); |
| + pairing_state_ = WAITING_MESSAGE; |
| + return result.Pass(); |
| + } |
| + // In all other cases, defer to the underlying authenticator. |
| + DCHECK(v2_authenticator_); |
| + return v2_authenticator_->GetNextMessage(); |
| +} |
| + |
| +scoped_ptr<ChannelAuthenticator> |
| +PairingClientAuthenticator::CreateChannelAuthenticator() const { |
| + return v2_authenticator_->CreateChannelAuthenticator(); |
| +} |
| + |
| +void PairingClientAuthenticator::CreateV2AuthenticatorWithSecret( |
| + const base::Closure& resume_callback, |
| + const std::string& shared_secret) { |
|
rmsousa
2013/05/16 00:46:25
Nit: The term "Secret" is a bit ambiguous here, so
Jamie
2013/05/16 19:30:16
Fair point. I've made the authenticator classes re
|
| + pairing_state_ = REJECTED; |
| + v2_authenticator_ = V2Authenticator::CreateForClient( |
| + AuthenticationMethod::ApplyHashFunction( |
| + AuthenticationMethod::HMAC_SHA256, |
| + authentication_tag_, shared_secret), |
| + MESSAGE_READY); |
| + resume_callback.Run(); |
| +} |
| + |
| +} // namespace protocol |
| +} // namespace remoting |
