OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/v2_authenticator.h" | 5 #include "remoting/protocol/v2_authenticator.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
85 | 85 |
86 void V2Authenticator::ProcessMessage(const buzz::XmlElement* message, | 86 void V2Authenticator::ProcessMessage(const buzz::XmlElement* message, |
87 const base::Closure& resume_callback) { | 87 const base::Closure& resume_callback) { |
88 ProcessMessageInternal(message); | 88 ProcessMessageInternal(message); |
89 resume_callback.Run(); | 89 resume_callback.Run(); |
90 } | 90 } |
91 | 91 |
92 void V2Authenticator::ProcessMessageInternal(const buzz::XmlElement* message) { | 92 void V2Authenticator::ProcessMessageInternal(const buzz::XmlElement* message) { |
93 DCHECK_EQ(state(), WAITING_MESSAGE); | 93 DCHECK_EQ(state(), WAITING_MESSAGE); |
94 | 94 |
95 // Parse the certificate. | |
96 std::string base64_cert = message->TextNamed(kCertificateTag); | |
97 if (!base64_cert.empty()) { | |
98 if (!base::Base64Decode(base64_cert, &remote_cert_)) { | |
99 LOG(WARNING) << "Failed to decode certificate received from the peer."; | |
100 remote_cert_.clear(); | |
101 } | |
102 } | |
103 | |
104 // Client always expect certificate in the first message. | |
105 if (!is_host_side() && remote_cert_.empty()) { | |
106 LOG(WARNING) << "No valid host certificate."; | |
107 state_ = REJECTED; | |
108 rejection_reason_ = PROTOCOL_ERROR; | |
109 return; | |
110 } | |
111 | |
112 const buzz::XmlElement* eke_element = message->FirstNamed(kEkeTag); | 95 const buzz::XmlElement* eke_element = message->FirstNamed(kEkeTag); |
113 if (!eke_element) { | 96 if (!eke_element) { |
114 LOG(WARNING) << "No eke-message found."; | 97 LOG(WARNING) << "No eke-message found."; |
115 state_ = REJECTED; | 98 state_ = REJECTED; |
116 rejection_reason_ = PROTOCOL_ERROR; | 99 rejection_reason_ = PROTOCOL_ERROR; |
117 return; | 100 return; |
118 } | 101 } |
119 | 102 |
120 for (; eke_element; eke_element = eke_element->NextNamed(kEkeTag)) { | 103 for (; eke_element; eke_element = eke_element->NextNamed(kEkeTag)) { |
121 std::string base64_message = eke_element->BodyText(); | 104 std::string base64_message = eke_element->BodyText(); |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
189 | 172 |
190 scoped_ptr<ChannelAuthenticator> | 173 scoped_ptr<ChannelAuthenticator> |
191 V2Authenticator::CreateChannelAuthenticator() const { | 174 V2Authenticator::CreateChannelAuthenticator() const { |
192 DCHECK_EQ(state(), ACCEPTED); | 175 DCHECK_EQ(state(), ACCEPTED); |
193 CHECK(!auth_key_.empty()); | 176 CHECK(!auth_key_.empty()); |
194 | 177 |
195 if (is_host_side()) { | 178 if (is_host_side()) { |
196 return SslHmacChannelAuthenticator::CreateForHost( | 179 return SslHmacChannelAuthenticator::CreateForHost( |
197 local_cert_, local_key_pair_, auth_key_); | 180 local_cert_, local_key_pair_, auth_key_); |
198 } else { | 181 } else { |
199 return SslHmacChannelAuthenticator::CreateForClient( | 182 return SslHmacChannelAuthenticator::CreateForClient(auth_key_); |
200 remote_cert_, auth_key_); | |
201 } | 183 } |
202 } | 184 } |
203 | 185 |
204 bool V2Authenticator::is_host_side() const { | 186 bool V2Authenticator::is_host_side() const { |
205 return local_key_pair_.get() != nullptr; | 187 return local_key_pair_.get() != nullptr; |
206 } | 188 } |
207 | 189 |
208 } // namespace protocol | 190 } // namespace protocol |
209 } // namespace remoting | 191 } // namespace remoting |
OLD | NEW |