| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef REMOTING_PROTOCOL_SPAKE2_AUTHENTICATOR_H_ | |
| 6 #define REMOTING_PROTOCOL_SPAKE2_AUTHENTICATOR_H_ | |
| 7 | |
| 8 #include <queue> | |
| 9 #include <string> | |
| 10 | |
| 11 #include "base/compiler_specific.h" | |
| 12 #include "base/gtest_prod_util.h" | |
| 13 #include "base/macros.h" | |
| 14 #include "base/memory/scoped_ptr.h" | |
| 15 #include "remoting/protocol/authenticator.h" | |
| 16 | |
| 17 typedef struct spake2_ctx_st SPAKE2_CTX; | |
| 18 | |
| 19 namespace remoting { | |
| 20 | |
| 21 class RsaKeyPair; | |
| 22 | |
| 23 namespace protocol { | |
| 24 | |
| 25 // Authenticator that uses SPAKE2 implementation from BoringSSL. It | |
| 26 // implements SPAKE2 over Curve25519. | |
| 27 class Spake2Authenticator : public Authenticator { | |
| 28 public: | |
| 29 static scoped_ptr<Authenticator> CreateForClient( | |
| 30 const std::string& local_id, | |
| 31 const std::string& remote_id, | |
| 32 const std::string& shared_secret, | |
| 33 State initial_state); | |
| 34 | |
| 35 static scoped_ptr<Authenticator> CreateForHost( | |
| 36 const std::string& local_id, | |
| 37 const std::string& remote_id, | |
| 38 const std::string& shared_secret, | |
| 39 const std::string& local_cert, | |
| 40 scoped_refptr<RsaKeyPair> key_pair, | |
| 41 State initial_state); | |
| 42 | |
| 43 ~Spake2Authenticator() override; | |
| 44 | |
| 45 // Authenticator interface. | |
| 46 State state() const override; | |
| 47 bool started() const override; | |
| 48 RejectionReason rejection_reason() const override; | |
| 49 void ProcessMessage(const buzz::XmlElement* message, | |
| 50 const base::Closure& resume_callback) override; | |
| 51 scoped_ptr<buzz::XmlElement> GetNextMessage() override; | |
| 52 const std::string& GetAuthKey() const override; | |
| 53 scoped_ptr<ChannelAuthenticator> CreateChannelAuthenticator() const override; | |
| 54 | |
| 55 private: | |
| 56 FRIEND_TEST_ALL_PREFIXES(Spake2AuthenticatorTest, InvalidSecret); | |
| 57 | |
| 58 Spake2Authenticator(const std::string& local_id, | |
| 59 const std::string& remote_id, | |
| 60 const std::string& shared_secret, | |
| 61 bool is_host, | |
| 62 State initial_state); | |
| 63 | |
| 64 virtual void ProcessMessageInternal(const buzz::XmlElement* message); | |
| 65 | |
| 66 std::string CalculateVerificationHash(bool from_host, | |
| 67 const std::string& local_id, | |
| 68 const std::string& remote_id); | |
| 69 | |
| 70 const std::string local_id_; | |
| 71 const std::string remote_id_; | |
| 72 const std::string shared_secret_; | |
| 73 const bool is_host_; | |
| 74 | |
| 75 // Used only for host authenticators. | |
| 76 std::string local_cert_; | |
| 77 scoped_refptr<RsaKeyPair> local_key_pair_; | |
| 78 | |
| 79 // Used only for client authenticators. | |
| 80 std::string remote_cert_; | |
| 81 | |
| 82 // Used for both host and client authenticators. | |
| 83 SPAKE2_CTX* spake2_context_; | |
| 84 State state_; | |
| 85 bool started_ = false; | |
| 86 RejectionReason rejection_reason_ = INVALID_CREDENTIALS; | |
| 87 std::string local_spake_message_; | |
| 88 bool spake_message_sent_ = false; | |
| 89 std::string outgoing_verification_hash_; | |
| 90 std::string auth_key_; | |
| 91 std::string expected_verification_hash_; | |
| 92 | |
| 93 DISALLOW_COPY_AND_ASSIGN(Spake2Authenticator); | |
| 94 }; | |
| 95 | |
| 96 } // namespace protocol | |
| 97 } // namespace remoting | |
| 98 | |
| 99 #endif // REMOTING_PROTOCOL_SPAKE2_AUTHENTICATOR_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1778223003:
Revert of Implement authenticator based on SPAKE2 implementation in boringssl. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master