Implement authenticator based on SPAKE2 implementation in boringssl.

remoting/protocol/spake2_authenticator_unittest.cc

Index: remoting/protocol/spake2_authenticator_unittest.cc
diff --git a/remoting/protocol/v2_authenticator_unittest.cc b/remoting/protocol/spake2_authenticator_unittest.cc
similarity index 67%
copy from remoting/protocol/v2_authenticator_unittest.cc
copy to remoting/protocol/spake2_authenticator_unittest.cc
index 73f86d3f94f5c5f1e3a384498bcb886979d30910..9f5e5d024656a2e573a2c3a9f8582a9334f1b877 100644
--- a/remoting/protocol/v2_authenticator_unittest.cc
+++ b/remoting/protocol/spake2_authenticator_unittest.cc
@@ -1,12 +1,11 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "remoting/protocol/v2_authenticator.h"
+#include "remoting/protocol/spake2_authenticator.h"
 
 #include "base/bind.h"
 #include "base/macros.h"
-#include "net/base/net_errors.h"
 #include "remoting/base/rsa_key_pair.h"
 #include "remoting/protocol/authenticator_test_base.h"
 #include "remoting/protocol/channel_authenticator.h"
@@ -27,31 +26,33 @@ namespace {
 const int kMessageSize = 100;
 const int kMessages = 1;
 
+const char kClientId[] = "alice@gmail.com/abc";
+const char kHostId[] = "alice@gmail.com/123";
+
 const char kTestSharedSecret[] = "1234-1234-5678";
 const char kTestSharedSecretBad[] = "0000-0000-0001";
 
 }  // namespace
 
-class V2AuthenticatorTest : public AuthenticatorTestBase {
+class Spake2AuthenticatorTest : public AuthenticatorTestBase {
  public:
-  V2AuthenticatorTest() {
-  }
-  ~V2AuthenticatorTest() override {}
+  Spake2AuthenticatorTest() {}
+  ~Spake2AuthenticatorTest() override {}
 
  protected:
   void InitAuthenticators(const std::string& client_secret,
                           const std::string& host_secret) {
-    host_ = V2Authenticator::CreateForHost(
-        host_cert_, key_pair_, host_secret,
-        Authenticator::WAITING_MESSAGE);
-    client_ = V2Authenticator::CreateForClient(
-        client_secret, Authenticator::MESSAGE_READY);
+    host_ = Spake2Authenticator::CreateForHost(kHostId, kClientId, host_secret,
+                                               host_cert_, key_pair_,
+                                               Authenticator::WAITING_MESSAGE);
+    client_ = Spake2Authenticator::CreateForClient(
+        kClientId, kHostId, client_secret, Authenticator::MESSAGE_READY);
   }
 
-  DISALLOW_COPY_AND_ASSIGN(V2AuthenticatorTest);
+  DISALLOW_COPY_AND_ASSIGN(Spake2AuthenticatorTest);
 };
 
-TEST_F(V2AuthenticatorTest, SuccessfulAuth) {
+TEST_F(Spake2AuthenticatorTest, SuccessfulAuth) {
   ASSERT_NO_FATAL_FAILURE(
       InitAuthenticators(kTestSharedSecret, kTestSharedSecret));
   ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
@@ -72,15 +73,16 @@ TEST_F(V2AuthenticatorTest, SuccessfulAuth) {
 }
 
 // Verify that connection is rejected when secrets don't match.
-TEST_F(V2AuthenticatorTest, InvalidSecret) {
+TEST_F(Spake2AuthenticatorTest, InvalidSecret) {
   ASSERT_NO_FATAL_FAILURE(
       InitAuthenticators(kTestSharedSecretBad, kTestSharedSecret));
   ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
 
   ASSERT_EQ(Authenticator::REJECTED, client_->state());
+  ASSERT_EQ(Authenticator::INVALID_CREDENTIALS, client_->rejection_reason());
 
   // Change |client_| so that we can get the last message.
-  reinterpret_cast<V2Authenticator*>(client_.get())->state_ =
+  reinterpret_cast<Spake2Authenticator*>(client_.get())->state_ =
       Authenticator::MESSAGE_READY;
 
   scoped_ptr<buzz::XmlElement> message(client_->GetNextMessage());
@@ -88,7 +90,7 @@ TEST_F(V2AuthenticatorTest, InvalidSecret) {
 
   ASSERT_EQ(Authenticator::WAITING_MESSAGE, client_->state());
   host_->ProcessMessage(message.get(), base::Bind(&base::DoNothing));
-  // This assumes that V2Authenticator::ProcessMessage runs synchronously.
+  // This assumes that Spake2Authenticator::ProcessMessage runs synchronously.
   ASSERT_EQ(Authenticator::REJECTED, host_->state());
 }