OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 5 #ifndef REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
6 #define REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 6 #define REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
59 // another method from the client's supported methods list. | 59 // another method from the client's supported methods list. |
60 // * The host never sends its own supported methods back to the client, so once | 60 // * The host never sends its own supported methods back to the client, so once |
61 // the host picks a method from the client's list, it's final. | 61 // the host picks a method from the client's list, it's final. |
62 // * Any change in this class must maintain compatibility between any version | 62 // * Any change in this class must maintain compatibility between any version |
63 // mix of webapp, client plugin and host, for both Me2Me and IT2Me. | 63 // mix of webapp, client plugin and host, for both Me2Me and IT2Me. |
64 class NegotiatingAuthenticatorBase : public Authenticator { | 64 class NegotiatingAuthenticatorBase : public Authenticator { |
65 public: | 65 public: |
66 // Method represents an authentication algorithm. | 66 // Method represents an authentication algorithm. |
67 enum class Method { | 67 enum class Method { |
68 INVALID, | 68 INVALID, |
69 SPAKE2_SHARED_SECRET_PLAIN, | 69 |
70 SPAKE2_SHARED_SECRET_HMAC, | 70 // SPAKE2 with P224 using access code in plain-text. Used for It2Me. |
71 SPAKE2_PAIR, | 71 // TODO(sergeyu): Remove and use SHARED_SECRET_SPAKE2_CURVE25519. |
72 THIRD_PARTY, | 72 SHARED_SECRET_PLAIN_SPAKE2_P224, |
| 73 |
| 74 // SPAKE2 PIN or access code hashed with host_id using HMAC-SHA256. |
| 75 SHARED_SECRET_SPAKE2_P224, |
| 76 SHARED_SECRET_SPAKE2_CURVE25519, |
| 77 |
| 78 // SPAKE2 using shared pairing secret. Falls back to PIN-based |
| 79 // authentication when pairing fails. |
| 80 // TODO(sergeyu): Add CURVE25519 variant. crbug.com/593123 |
| 81 PAIRED_SPAKE2_P224, |
| 82 |
| 83 // Authentication using third-party authentication server. |
| 84 // SPAKE2 with P224 using shared pairing secret. Falls back to PIN-based |
| 85 // authentication when it fails to authenticate using paired secret. |
| 86 THIRD_PARTY_SPAKE2_P224, |
| 87 THIRD_PARTY_SPAKE2_CURVE25519, |
73 }; | 88 }; |
74 | 89 |
75 ~NegotiatingAuthenticatorBase() override; | 90 ~NegotiatingAuthenticatorBase() override; |
76 | 91 |
77 // Authenticator interface. | 92 // Authenticator interface. |
78 State state() const override; | 93 State state() const override; |
79 bool started() const override; | 94 bool started() const override; |
80 RejectionReason rejection_reason() const override; | 95 RejectionReason rejection_reason() const override; |
81 const std::string& GetAuthKey() const override; | 96 const std::string& GetAuthKey() const override; |
82 scoped_ptr<ChannelAuthenticator> CreateChannelAuthenticator() const override; | 97 scoped_ptr<ChannelAuthenticator> CreateChannelAuthenticator() const override; |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
120 RejectionReason rejection_reason_ = INVALID_CREDENTIALS; | 135 RejectionReason rejection_reason_ = INVALID_CREDENTIALS; |
121 | 136 |
122 private: | 137 private: |
123 DISALLOW_COPY_AND_ASSIGN(NegotiatingAuthenticatorBase); | 138 DISALLOW_COPY_AND_ASSIGN(NegotiatingAuthenticatorBase); |
124 }; | 139 }; |
125 | 140 |
126 } // namespace protocol | 141 } // namespace protocol |
127 } // namespace remoting | 142 } // namespace remoting |
128 | 143 |
129 #endif // REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ | 144 #endif // REMOTING_PROTOCOL_NEGOTIATING_AUTHENTICATOR_BASE_H_ |
OLD | NEW |