OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/pairing_client_authenticator.h" | 5 #include "remoting/protocol/pairing_client_authenticator.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "remoting/base/constants.h" | 9 #include "remoting/base/constants.h" |
10 #include "remoting/protocol/auth_util.h" | 10 #include "remoting/protocol/auth_util.h" |
11 #include "remoting/protocol/channel_authenticator.h" | 11 #include "remoting/protocol/channel_authenticator.h" |
12 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" | 12 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" |
13 | 13 |
14 namespace remoting { | 14 namespace remoting { |
15 namespace protocol { | 15 namespace protocol { |
16 | 16 |
17 PairingClientAuthenticator::PairingClientAuthenticator( | 17 PairingClientAuthenticator::PairingClientAuthenticator( |
18 const ClientAuthenticationConfig& client_auth_config, | 18 const ClientAuthenticationConfig& client_auth_config, |
19 const CreateBaseAuthenticatorCallback& create_base_authenticator_callback) | 19 const CreateBaseAuthenticatorCallback& create_base_authenticator_callback) |
20 : client_auth_config_(client_auth_config), | 20 : client_auth_config_(client_auth_config), |
21 create_base_authenticator_callback_(create_base_authenticator_callback), | 21 create_base_authenticator_callback_(create_base_authenticator_callback), |
22 weak_factory_(this) { | 22 weak_factory_(this) {} |
23 spake2_authenticator_ = create_base_authenticator_callback_.Run( | 23 |
24 client_auth_config.pairing_secret, MESSAGE_READY); | 24 PairingClientAuthenticator::~PairingClientAuthenticator() {} |
25 using_paired_secret_ = true; | 25 |
| 26 void PairingClientAuthenticator::Start(State initial_state, |
| 27 const base::Closure& resume_callback) { |
| 28 if (client_auth_config_.pairing_client_id.empty() || |
| 29 client_auth_config_.pairing_secret.empty()) { |
| 30 // Send pairing error to make it clear that PIN is being used instead of |
| 31 // pairing secret. |
| 32 error_message_ = "not-paired"; |
| 33 using_paired_secret_ = false; |
| 34 CreateSpakeAuthenticatorWithPin(initial_state, resume_callback); |
| 35 } else { |
| 36 StartPaired(initial_state); |
| 37 resume_callback.Run(); |
| 38 } |
26 } | 39 } |
27 | 40 |
28 PairingClientAuthenticator::~PairingClientAuthenticator() {} | 41 void PairingClientAuthenticator::StartPaired(State initial_state) { |
| 42 DCHECK(!client_auth_config_.pairing_client_id.empty()); |
| 43 DCHECK(!client_auth_config_.pairing_secret.empty()); |
| 44 |
| 45 using_paired_secret_ = true; |
| 46 spake2_authenticator_ = create_base_authenticator_callback_.Run( |
| 47 client_auth_config_.pairing_secret, initial_state); |
| 48 } |
29 | 49 |
30 Authenticator::State PairingClientAuthenticator::state() const { | 50 Authenticator::State PairingClientAuthenticator::state() const { |
31 if (waiting_for_pin_) | 51 if (waiting_for_pin_) |
32 return PROCESSING_MESSAGE; | 52 return PROCESSING_MESSAGE; |
33 return PairingAuthenticatorBase::state(); | 53 return PairingAuthenticatorBase::state(); |
34 } | 54 } |
35 | 55 |
36 void PairingClientAuthenticator::CreateSpakeAuthenticatorWithPin( | 56 void PairingClientAuthenticator::CreateSpakeAuthenticatorWithPin( |
37 State initial_state, | 57 State initial_state, |
38 const base::Closure& resume_callback) { | 58 const base::Closure& resume_callback) { |
39 DCHECK(!waiting_for_pin_); | 59 DCHECK(!waiting_for_pin_); |
40 waiting_for_pin_ = true; | 60 waiting_for_pin_ = true; |
41 client_auth_config_.fetch_secret_callback.Run( | 61 client_auth_config_.fetch_secret_callback.Run( |
42 true, | 62 true, |
43 base::Bind(&PairingClientAuthenticator::OnPinFetched, | 63 base::Bind(&PairingClientAuthenticator::OnPinFetched, |
44 weak_factory_.GetWeakPtr(), initial_state, resume_callback)); | 64 weak_factory_.GetWeakPtr(), initial_state, resume_callback)); |
45 } | 65 } |
46 | 66 |
47 void PairingClientAuthenticator::AddPairingElements(buzz::XmlElement* message) { | |
48 // If the client id and secret have not yet been sent, do so now. Note that | |
49 // in this case the V2Authenticator is being used optimistically to send the | |
50 // first message of the SPAKE exchange since we don't yet know whether or not | |
51 // the host will accept the client id or request that we fall back to the PIN. | |
52 if (!sent_client_id_) { | |
53 buzz::XmlElement* pairing_tag = new buzz::XmlElement(kPairingInfoTag); | |
54 pairing_tag->AddAttr(kClientIdAttribute, | |
55 client_auth_config_.pairing_client_id); | |
56 message->AddElement(pairing_tag); | |
57 sent_client_id_ = true; | |
58 } | |
59 } | |
60 | |
61 void PairingClientAuthenticator::OnPinFetched( | 67 void PairingClientAuthenticator::OnPinFetched( |
62 State initial_state, | 68 State initial_state, |
63 const base::Closure& resume_callback, | 69 const base::Closure& resume_callback, |
64 const std::string& pin) { | 70 const std::string& pin) { |
65 DCHECK(waiting_for_pin_); | 71 DCHECK(waiting_for_pin_); |
66 DCHECK(!spake2_authenticator_); | 72 DCHECK(!spake2_authenticator_); |
67 waiting_for_pin_ = false; | 73 waiting_for_pin_ = false; |
68 spake2_authenticator_ = create_base_authenticator_callback_.Run( | 74 spake2_authenticator_ = create_base_authenticator_callback_.Run( |
69 GetSharedSecretHash(client_auth_config_.host_id, pin), initial_state); | 75 GetSharedSecretHash(client_auth_config_.host_id, pin), initial_state); |
70 resume_callback.Run(); | 76 resume_callback.Run(); |
71 } | 77 } |
72 | 78 |
73 } // namespace protocol | 79 } // namespace protocol |
74 } // namespace remoting | 80 } // namespace remoting |
OLD | NEW |