| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/negotiating_host_authenticator.h" | 5 #include "remoting/protocol/negotiating_host_authenticator.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <sstream> | 8 #include <sstream> |
| 9 #include <utility> | 9 #include <utility> |
| 10 | 10 |
| (...skipping 18 matching lines...) Expand all Loading... |
| 29 const std::string& remote_id, | 29 const std::string& remote_id, |
| 30 const std::string& local_cert, | 30 const std::string& local_cert, |
| 31 scoped_refptr<RsaKeyPair> key_pair) | 31 scoped_refptr<RsaKeyPair> key_pair) |
| 32 : NegotiatingAuthenticatorBase(WAITING_MESSAGE), | 32 : NegotiatingAuthenticatorBase(WAITING_MESSAGE), |
| 33 local_id_(local_id), | 33 local_id_(local_id), |
| 34 remote_id_(remote_id), | 34 remote_id_(remote_id), |
| 35 local_cert_(local_cert), | 35 local_cert_(local_cert), |
| 36 local_key_pair_(key_pair) {} | 36 local_key_pair_(key_pair) {} |
| 37 | 37 |
| 38 // static | 38 // static |
| 39 scoped_ptr<Authenticator> NegotiatingHostAuthenticator::CreateForIt2Me( | 39 scoped_ptr<NegotiatingHostAuthenticator> |
| 40 const std::string& local_id, | 40 NegotiatingHostAuthenticator::CreateForIt2Me(const std::string& local_id, |
| 41 const std::string& remote_id, | 41 const std::string& remote_id, |
| 42 const std::string& local_cert, | 42 const std::string& local_cert, |
| 43 scoped_refptr<RsaKeyPair> key_pair, | 43 scoped_refptr<RsaKeyPair> key_pair, |
| 44 const std::string& access_code) { | 44 const std::string& access_code) { |
| 45 scoped_ptr<NegotiatingHostAuthenticator> result( | 45 scoped_ptr<NegotiatingHostAuthenticator> result( |
| 46 new NegotiatingHostAuthenticator(local_id, remote_id, local_cert, | 46 new NegotiatingHostAuthenticator(local_id, remote_id, local_cert, |
| 47 key_pair)); | 47 key_pair)); |
| 48 result->shared_secret_hash_ = access_code; | 48 result->shared_secret_hash_ = access_code; |
| 49 result->AddMethod(Method::SHARED_SECRET_PLAIN_SPAKE2_P224); | 49 result->AddMethod(Method::SHARED_SECRET_PLAIN_SPAKE2_P224); |
| 50 return std::move(result); | 50 return result; |
| 51 } | 51 } |
| 52 | 52 |
| 53 // static | 53 // static |
| 54 scoped_ptr<Authenticator> NegotiatingHostAuthenticator::CreateWithPin( | 54 scoped_ptr<NegotiatingHostAuthenticator> |
| 55 NegotiatingHostAuthenticator::CreateWithPin( |
| 55 const std::string& local_id, | 56 const std::string& local_id, |
| 56 const std::string& remote_id, | 57 const std::string& remote_id, |
| 57 const std::string& local_cert, | 58 const std::string& local_cert, |
| 58 scoped_refptr<RsaKeyPair> key_pair, | 59 scoped_refptr<RsaKeyPair> key_pair, |
| 59 const std::string& pin_hash, | 60 const std::string& pin_hash, |
| 60 scoped_refptr<PairingRegistry> pairing_registry) { | 61 scoped_refptr<PairingRegistry> pairing_registry) { |
| 61 scoped_ptr<NegotiatingHostAuthenticator> result( | 62 scoped_ptr<NegotiatingHostAuthenticator> result( |
| 62 new NegotiatingHostAuthenticator(local_id, remote_id, local_cert, | 63 new NegotiatingHostAuthenticator(local_id, remote_id, local_cert, |
| 63 key_pair)); | 64 key_pair)); |
| 64 result->shared_secret_hash_ = pin_hash; | 65 result->shared_secret_hash_ = pin_hash; |
| 65 result->pairing_registry_ = pairing_registry; | 66 result->pairing_registry_ = pairing_registry; |
| 66 result->AddMethod(Method::SHARED_SECRET_SPAKE2_CURVE25519); | 67 result->AddMethod(Method::SHARED_SECRET_SPAKE2_CURVE25519); |
| 67 result->AddMethod(Method::SHARED_SECRET_SPAKE2_P224); | 68 result->AddMethod(Method::SHARED_SECRET_SPAKE2_P224); |
| 68 if (pairing_registry.get()) { | 69 if (pairing_registry.get()) { |
| 70 result->AddMethod(Method::PAIRED_SPAKE2_CURVE25519); |
| 69 result->AddMethod(Method::PAIRED_SPAKE2_P224); | 71 result->AddMethod(Method::PAIRED_SPAKE2_P224); |
| 70 } | 72 } |
| 71 return std::move(result); | 73 return result; |
| 72 } | 74 } |
| 73 | 75 |
| 74 // static | 76 // static |
| 75 scoped_ptr<Authenticator> | 77 scoped_ptr<NegotiatingHostAuthenticator> |
| 76 NegotiatingHostAuthenticator::CreateWithThirdPartyAuth( | 78 NegotiatingHostAuthenticator::CreateWithThirdPartyAuth( |
| 77 const std::string& local_id, | 79 const std::string& local_id, |
| 78 const std::string& remote_id, | 80 const std::string& remote_id, |
| 79 const std::string& local_cert, | 81 const std::string& local_cert, |
| 80 scoped_refptr<RsaKeyPair> key_pair, | 82 scoped_refptr<RsaKeyPair> key_pair, |
| 81 scoped_refptr<TokenValidatorFactory> token_validator_factory) { | 83 scoped_refptr<TokenValidatorFactory> token_validator_factory) { |
| 82 scoped_ptr<NegotiatingHostAuthenticator> result( | 84 scoped_ptr<NegotiatingHostAuthenticator> result( |
| 83 new NegotiatingHostAuthenticator(local_id, remote_id, local_cert, | 85 new NegotiatingHostAuthenticator(local_id, remote_id, local_cert, |
| 84 key_pair)); | 86 key_pair)); |
| 85 result->token_validator_factory_ = token_validator_factory; | 87 result->token_validator_factory_ = token_validator_factory; |
| 86 result->AddMethod(Method::THIRD_PARTY_SPAKE2_CURVE25519); | 88 result->AddMethod(Method::THIRD_PARTY_SPAKE2_CURVE25519); |
| 87 result->AddMethod(Method::THIRD_PARTY_SPAKE2_P224); | 89 result->AddMethod(Method::THIRD_PARTY_SPAKE2_P224); |
| 88 return std::move(result); | 90 return result; |
| 89 } | 91 } |
| 90 | 92 |
| 91 NegotiatingHostAuthenticator::~NegotiatingHostAuthenticator() {} | 93 NegotiatingHostAuthenticator::~NegotiatingHostAuthenticator() {} |
| 92 | 94 |
| 93 void NegotiatingHostAuthenticator::ProcessMessage( | 95 void NegotiatingHostAuthenticator::ProcessMessage( |
| 94 const buzz::XmlElement* message, | 96 const buzz::XmlElement* message, |
| 95 const base::Closure& resume_callback) { | 97 const base::Closure& resume_callback) { |
| 96 DCHECK_EQ(state(), WAITING_MESSAGE); | 98 DCHECK_EQ(state(), WAITING_MESSAGE); |
| 97 state_ = PROCESSING_MESSAGE; | 99 state_ = PROCESSING_MESSAGE; |
| 98 | 100 |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 181 | 183 |
| 182 scoped_ptr<buzz::XmlElement> NegotiatingHostAuthenticator::GetNextMessage() { | 184 scoped_ptr<buzz::XmlElement> NegotiatingHostAuthenticator::GetNextMessage() { |
| 183 return GetNextMessageInternal(); | 185 return GetNextMessageInternal(); |
| 184 } | 186 } |
| 185 | 187 |
| 186 void NegotiatingHostAuthenticator::CreateAuthenticator( | 188 void NegotiatingHostAuthenticator::CreateAuthenticator( |
| 187 Authenticator::State preferred_initial_state, | 189 Authenticator::State preferred_initial_state, |
| 188 const base::Closure& resume_callback) { | 190 const base::Closure& resume_callback) { |
| 189 DCHECK(current_method_ != Method::INVALID); | 191 DCHECK(current_method_ != Method::INVALID); |
| 190 | 192 |
| 191 if (current_method_ == Method::THIRD_PARTY_SPAKE2_P224) { | 193 switch(current_method_) { |
| 192 current_authenticator_.reset(new ThirdPartyHostAuthenticator( | 194 case Method::INVALID: |
| 193 base::Bind(&V2Authenticator::CreateForHost, local_cert_, | 195 NOTREACHED(); |
| 194 local_key_pair_), | 196 break; |
| 195 token_validator_factory_->CreateTokenValidator(local_id_, remote_id_))); | 197 |
| 196 } else if (current_method_ == Method::THIRD_PARTY_SPAKE2_CURVE25519) { | 198 case Method::THIRD_PARTY_SPAKE2_P224: |
| 197 current_authenticator_.reset(new ThirdPartyHostAuthenticator( | 199 current_authenticator_.reset(new ThirdPartyHostAuthenticator( |
| 198 base::Bind(&Spake2Authenticator::CreateForHost, local_id_, remote_id_, | 200 base::Bind(&V2Authenticator::CreateForHost, local_cert_, |
| 199 local_cert_, local_key_pair_), | 201 local_key_pair_), |
| 200 token_validator_factory_->CreateTokenValidator(local_id_, remote_id_))); | 202 token_validator_factory_->CreateTokenValidator(local_id_, |
| 201 } else if (current_method_ == Method::PAIRED_SPAKE2_P224) { | 203 remote_id_))); |
| 202 PairingHostAuthenticator* pairing_authenticator = | 204 resume_callback.Run(); |
| 203 new PairingHostAuthenticator(pairing_registry_, | 205 break; |
| 204 base::Bind(&V2Authenticator::CreateForHost, | 206 |
| 205 local_cert_, local_key_pair_), | 207 case Method::THIRD_PARTY_SPAKE2_CURVE25519: |
| 206 shared_secret_hash_); | 208 current_authenticator_.reset(new ThirdPartyHostAuthenticator( |
| 207 current_authenticator_.reset(pairing_authenticator); | 209 base::Bind(&Spake2Authenticator::CreateForHost, local_id_, remote_id_, |
| 208 pairing_authenticator->Initialize(client_id_, preferred_initial_state, | 210 local_cert_, local_key_pair_), |
| 209 resume_callback); | 211 token_validator_factory_->CreateTokenValidator(local_id_, |
| 210 return; | 212 remote_id_))); |
| 211 } else if (current_method_ == Method::SHARED_SECRET_SPAKE2_CURVE25519) { | 213 resume_callback.Run(); |
| 212 current_authenticator_ = Spake2Authenticator::CreateForHost( | 214 break; |
| 213 local_id_, remote_id_, local_cert_, local_key_pair_, | 215 |
| 214 shared_secret_hash_, preferred_initial_state); | 216 case Method::PAIRED_SPAKE2_P224: { |
| 215 } else { | 217 PairingHostAuthenticator* pairing_authenticator = |
| 216 DCHECK(current_method_ == Method::SHARED_SECRET_PLAIN_SPAKE2_P224 || | 218 new PairingHostAuthenticator( |
| 217 current_method_ == Method::SHARED_SECRET_SPAKE2_P224); | 219 pairing_registry_, base::Bind(&V2Authenticator::CreateForHost, |
| 218 current_authenticator_ = V2Authenticator::CreateForHost( | 220 local_cert_, local_key_pair_), |
| 219 local_cert_, local_key_pair_, shared_secret_hash_, | 221 shared_secret_hash_); |
| 220 preferred_initial_state); | 222 current_authenticator_.reset(pairing_authenticator); |
| 223 pairing_authenticator->Initialize(client_id_, preferred_initial_state, |
| 224 resume_callback); |
| 225 break; |
| 226 } |
| 227 |
| 228 case Method::PAIRED_SPAKE2_CURVE25519: { |
| 229 PairingHostAuthenticator* pairing_authenticator = |
| 230 new PairingHostAuthenticator( |
| 231 pairing_registry_, |
| 232 base::Bind(&Spake2Authenticator::CreateForHost, local_id_, |
| 233 remote_id_, local_cert_, local_key_pair_), |
| 234 shared_secret_hash_); |
| 235 current_authenticator_.reset(pairing_authenticator); |
| 236 pairing_authenticator->Initialize(client_id_, preferred_initial_state, |
| 237 resume_callback); |
| 238 break; |
| 239 } |
| 240 |
| 241 case Method::SHARED_SECRET_SPAKE2_CURVE25519: |
| 242 current_authenticator_ = Spake2Authenticator::CreateForHost( |
| 243 local_id_, remote_id_, local_cert_, local_key_pair_, |
| 244 shared_secret_hash_, preferred_initial_state); |
| 245 resume_callback.Run(); |
| 246 break; |
| 247 |
| 248 case Method::SHARED_SECRET_PLAIN_SPAKE2_P224: |
| 249 case Method::SHARED_SECRET_SPAKE2_P224: |
| 250 current_authenticator_ = V2Authenticator::CreateForHost( |
| 251 local_cert_, local_key_pair_, shared_secret_hash_, |
| 252 preferred_initial_state); |
| 253 resume_callback.Run(); |
| 254 break; |
| 221 } | 255 } |
| 222 resume_callback.Run(); | |
| 223 } | 256 } |
| 224 | 257 |
| 225 } // namespace protocol | 258 } // namespace protocol |
| 226 } // namespace remoting | 259 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1800823002:
Add Curve25519 version of pairing authenticators (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master