Chromium Code Reviews Chromium Code Reviews
Issue 14793021:
PairingAuthenticator implementation and plumbing. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: remoting/protocol/pairing_host_authenticator.cc |
| diff --git a/remoting/protocol/pairing_host_authenticator.cc b/remoting/protocol/pairing_host_authenticator.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..a1fa8ef82cc632f3736cf702619db971c41364f5 |
| --- /dev/null |
| +++ b/remoting/protocol/pairing_host_authenticator.cc |
| @@ -0,0 +1,140 @@ |
| +// Copyright 2013 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "remoting/protocol/pairing_host_authenticator.h" |
| + |
| +#include "base/logging.h" |
| +#include "remoting/base/constants.h" |
| +#include "remoting/base/rsa_key_pair.h" |
| +#include "remoting/protocol/channel_authenticator.h" |
| +#include "remoting/protocol/pairing_registry.h" |
| +#include "remoting/protocol/v2_authenticator.h" |
| +#include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
| + |
| +namespace remoting { |
| +namespace protocol { |
| + |
| +namespace { |
| +// These definitions must be kept in sync with pairing_client_authenticator.cc. |
| +const buzz::StaticQName kPairingInfoTag = |
| + { kChromotingXmlNamespace, "pairing-info" }; |
| +const buzz::StaticQName kClientIdAttribute = |
| + { "", "client-id" }; |
| +const buzz::StaticQName kPairingFailedTag = |
| + { kChromotingXmlNamespace, "pairing-failed" }; |
| +const buzz::StaticQName kPairingErrorAttribute = |
| + { "", "error" }; |
| +} |
| + |
| +PairingHostAuthenticator::PairingHostAuthenticator( |
| + scoped_refptr<PairingRegistry> pairing_registry, |
| + const std::string& local_cert, |
| + scoped_refptr<RsaKeyPair> key_pair, |
| + const std::string& shared_secret, |
| + State initial_state) |
| + : pairing_registry_(pairing_registry), |
| + local_cert_(local_cert), |
| + key_pair_(key_pair), |
| + shared_secret_(shared_secret), |
| + protocol_error_(false) { |
| + // If the client didn't specify an initial message, use the PIN as the shared |
| + // secret. If it did, the authenticator will be created in ProcessMessage with |
| + // the appropriate secret from the pairing registry. |
| + if (initial_state != WAITING_MESSAGE) { |
| + DCHECK_EQ(initial_state, MESSAGE_READY); |
| + CreateV2AuthenticatorWithPIN(initial_state); |
| + } |
| +} |
| + |
| +Authenticator::State PairingHostAuthenticator::state() const { |
| + if (protocol_error_) { |
| + return REJECTED; |
| + } else if (!error_message_.empty()) { |
| + return MESSAGE_READY; |
| + } else if (v2_authenticator_) { |
| + return v2_authenticator_->state(); |
| + } else { |
| + return WAITING_MESSAGE; |
| + } |
| +} |
| + |
| +Authenticator::RejectionReason |
| +PairingHostAuthenticator::rejection_reason() const { |
| + DCHECK(v2_authenticator_); |
|
rmsousa
2013/05/16 00:46:25
if (!v2_authenticator_) return PROTOCOL_ERROR
rmsousa
2013/05/16 20:11:02
Did you miss this one?
Jamie
2013/05/16 21:09:10
I did, but looking at it, it seems redundant given
rmsousa
2013/05/16 22:16:37
Yes, that's what I meant - you needed to handle th
|
| + return v2_authenticator_->rejection_reason(); |
| +} |
| + |
| +void PairingHostAuthenticator::ProcessMessage( |
| + const buzz::XmlElement* message, |
| + const base::Closure& resume_callback) { |
| + DCHECK_EQ(state(), WAITING_MESSAGE); |
| + |
| + // If there's already an underlying authenticator, defer to it. |
| + if (v2_authenticator_) { |
| + DCHECK_EQ(v2_authenticator_->state(), WAITING_MESSAGE); |
| + v2_authenticator_->ProcessMessage(message, resume_callback); |
| + return; |
| + } |
| + |
| + // If not, then create one based on the contents of the first message. |
| + std::string client_id; |
| + const buzz::XmlElement* pairing_tag = message->FirstNamed(kPairingInfoTag); |
| + if (pairing_tag) { |
|
rmsousa
2013/05/16 00:46:25
Lack of pairing tag should be an error as well.
rmsousa
2013/05/16 20:11:02
Did you miss this one?
Jamie
2013/05/16 21:09:10
Sorry, yes. Done.
|
| + client_id = pairing_tag->Attr(kClientIdAttribute); |
| + if (client_id.empty()) { |
| + LOG(ERROR) << "No client id specified."; |
| + protocol_error_ = true; |
| + resume_callback.Run(); |
| + return; |
| + } |
| + } |
| + |
| + std::string paired_secret = pairing_registry_->GetSecret(client_id); |
| + |
| + if (paired_secret.empty()) { |
| + LOG(INFO) << "Unknown client id"; |
| + error_message_ = "unknown-client-id"; |
| + CreateV2AuthenticatorWithPIN(WAITING_MESSAGE); |
| + resume_callback.Run(); |
| + return; |
| + } |
| + |
| + v2_authenticator_ = V2Authenticator::CreateForHost( |
| + local_cert_, key_pair_, paired_secret, MESSAGE_READY); |
| + resume_callback.Run(); |
| +} |
| + |
| +scoped_ptr<buzz::XmlElement> PairingHostAuthenticator::GetNextMessage() { |
| + DCHECK_EQ(state(), MESSAGE_READY); |
| + |
| + if (!error_message_.empty()) { |
| + scoped_ptr<buzz::XmlElement> result = CreateEmptyAuthenticatorMessage(); |
| + buzz::XmlElement* pairing_failed_tag = |
| + new buzz::XmlElement(kPairingFailedTag); |
| + pairing_failed_tag->AddAttr(kPairingErrorAttribute, error_message_); |
| + result->AddElement(pairing_failed_tag); |
| + error_message_.clear(); |
| + return result.Pass(); |
| + |
| + } else { |
| + DCHECK(v2_authenticator_); |
| + return v2_authenticator_->GetNextMessage(); |
| + } |
| +} |
| + |
| +scoped_ptr<ChannelAuthenticator> |
| +PairingHostAuthenticator::CreateChannelAuthenticator() const { |
| + DCHECK(v2_authenticator_); |
| + return v2_authenticator_->CreateChannelAuthenticator(); |
| +} |
| + |
| +void PairingHostAuthenticator::CreateV2AuthenticatorWithPIN( |
| + State initial_state) { |
| + DCHECK(!v2_authenticator_); |
| + v2_authenticator_ = V2Authenticator::CreateForHost( |
| + local_cert_, key_pair_, shared_secret_, initial_state); |
| +} |
| + |
| +} // namespace protocol |
| +} // namespace remoting |
