OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/host/pin_hash.h" | 5 #include "remoting/host/pin_hash.h" |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "remoting/protocol/authentication_method.h" | 9 #include "remoting/protocol/auth_util.h" |
10 #include "remoting/protocol/me2me_host_authenticator_factory.h" | 10 #include "remoting/protocol/me2me_host_authenticator_factory.h" |
11 | 11 |
12 namespace remoting { | 12 namespace remoting { |
13 | 13 |
14 bool ParsePinHashFromConfig(const std::string& value, | 14 bool ParsePinHashFromConfig(const std::string& value, |
15 const std::string& host_id, | 15 const std::string& host_id, |
16 std::string* pin_hash_out) { | 16 std::string* pin_hash_out) { |
17 size_t separator = value.find(':'); | 17 size_t separator = value.find(':'); |
18 if (separator == std::string::npos) | 18 if (separator == std::string::npos) |
19 return false; | 19 return false; |
20 | 20 |
21 if (!base::Base64Decode(value.substr(separator + 1), pin_hash_out)) | 21 if (!base::Base64Decode(value.substr(separator + 1), pin_hash_out)) |
22 return false; | 22 return false; |
23 | 23 |
24 std::string function_name = value.substr(0, separator); | 24 std::string function_name = value.substr(0, separator); |
25 if (function_name == "plain") { | 25 if (function_name == "plain") { |
26 *pin_hash_out = protocol::ApplySharedSecretHashFunction( | 26 *pin_hash_out = protocol::GetSharedSecretHash(host_id, *pin_hash_out); |
27 protocol::HashFunction::HMAC_SHA256, host_id, *pin_hash_out); | |
28 return true; | 27 return true; |
29 } else if (function_name == "hmac") { | 28 } else if (function_name == "hmac") { |
30 return true; | 29 return true; |
31 } | 30 } |
32 | 31 |
33 pin_hash_out->clear(); | 32 pin_hash_out->clear(); |
34 return false; | 33 return false; |
35 } | 34 } |
36 | 35 |
37 std::string MakeHostPinHash(const std::string& host_id, | 36 std::string MakeHostPinHash(const std::string& host_id, |
38 const std::string& pin) { | 37 const std::string& pin) { |
39 std::string hash = protocol::ApplySharedSecretHashFunction( | 38 std::string hash = protocol::GetSharedSecretHash(host_id, pin); |
40 protocol::HashFunction::HMAC_SHA256, host_id, pin); | |
41 std::string hash_base64; | 39 std::string hash_base64; |
42 base::Base64Encode(hash, &hash_base64); | 40 base::Base64Encode(hash, &hash_base64); |
43 return "hmac:" + hash_base64; | 41 return "hmac:" + hash_base64; |
44 } | 42 } |
45 | 43 |
46 bool VerifyHostPinHash(const std::string& hash, | 44 bool VerifyHostPinHash(const std::string& hash, |
47 const std::string& host_id, | 45 const std::string& host_id, |
48 const std::string& pin) { | 46 const std::string& pin) { |
49 std::string hash_parsed; | 47 std::string hash_parsed; |
50 if (!ParsePinHashFromConfig(hash, host_id, &hash_parsed)) { | 48 if (!ParsePinHashFromConfig(hash, host_id, &hash_parsed)) { |
51 LOG(FATAL) << "Failed to parse PIN hash."; | 49 LOG(FATAL) << "Failed to parse PIN hash."; |
52 return false; | 50 return false; |
53 } | 51 } |
54 std::string hash_calculated = protocol::ApplySharedSecretHashFunction( | 52 std::string hash_calculated = protocol::GetSharedSecretHash(host_id, pin); |
55 protocol::HashFunction::HMAC_SHA256, host_id, pin); | |
56 return hash_calculated == hash_parsed; | 53 return hash_calculated == hash_parsed; |
57 } | 54 } |
58 | 55 |
59 } // namespace remoting | 56 } // namespace remoting |
OLD | NEW |