OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ | 5 #ifndef REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ |
6 #define REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ | 6 #define REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ |
7 | 7 |
| 8 #include <memory> |
8 #include <string> | 9 #include <string> |
9 | 10 |
10 #include "base/callback.h" | 11 #include "base/callback.h" |
11 #include "base/macros.h" | 12 #include "base/macros.h" |
12 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
13 #include "base/memory/scoped_ptr.h" | |
14 #include "base/threading/non_thread_safe.h" | 14 #include "base/threading/non_thread_safe.h" |
15 #include "remoting/protocol/channel_authenticator.h" | 15 #include "remoting/protocol/channel_authenticator.h" |
16 | 16 |
17 namespace net { | 17 namespace net { |
18 class CertVerifier; | 18 class CertVerifier; |
19 class DrainableIOBuffer; | 19 class DrainableIOBuffer; |
20 class GrowableIOBuffer; | 20 class GrowableIOBuffer; |
21 class SSLServerContext; | 21 class SSLServerContext; |
22 class SSLSocket; | 22 class SSLSocket; |
23 class TransportSecurityState; | 23 class TransportSecurityState; |
(...skipping 16 matching lines...) Expand all Loading... |
40 SEND_ONLY, | 40 SEND_ONLY, |
41 RECEIVE_ONLY, | 41 RECEIVE_ONLY, |
42 }; | 42 }; |
43 | 43 |
44 // CreateForClient() and CreateForHost() create an authenticator | 44 // CreateForClient() and CreateForHost() create an authenticator |
45 // instances for client and host. |auth_key| specifies shared key | 45 // instances for client and host. |auth_key| specifies shared key |
46 // known by both host and client. In case of V1Authenticator the | 46 // known by both host and client. In case of V1Authenticator the |
47 // |auth_key| is set to access code. For EKE-based authentication | 47 // |auth_key| is set to access code. For EKE-based authentication |
48 // |auth_key| is the key established using EKE over the signaling | 48 // |auth_key| is the key established using EKE over the signaling |
49 // channel. | 49 // channel. |
50 static scoped_ptr<SslHmacChannelAuthenticator> CreateForClient( | 50 static std::unique_ptr<SslHmacChannelAuthenticator> CreateForClient( |
51 const std::string& remote_cert, | 51 const std::string& remote_cert, |
52 const std::string& auth_key); | 52 const std::string& auth_key); |
53 | 53 |
54 static scoped_ptr<SslHmacChannelAuthenticator> CreateForHost( | 54 static std::unique_ptr<SslHmacChannelAuthenticator> CreateForHost( |
55 const std::string& local_cert, | 55 const std::string& local_cert, |
56 scoped_refptr<RsaKeyPair> key_pair, | 56 scoped_refptr<RsaKeyPair> key_pair, |
57 const std::string& auth_key); | 57 const std::string& auth_key); |
58 | 58 |
59 ~SslHmacChannelAuthenticator() override; | 59 ~SslHmacChannelAuthenticator() override; |
60 | 60 |
61 // ChannelAuthenticator interface. | 61 // ChannelAuthenticator interface. |
62 void SecureAndAuthenticate(scoped_ptr<P2PStreamSocket> socket, | 62 void SecureAndAuthenticate(std::unique_ptr<P2PStreamSocket> socket, |
63 const DoneCallback& done_callback) override; | 63 const DoneCallback& done_callback) override; |
64 | 64 |
65 private: | 65 private: |
66 SslHmacChannelAuthenticator(const std::string& auth_key); | 66 SslHmacChannelAuthenticator(const std::string& auth_key); |
67 | 67 |
68 bool is_ssl_server(); | 68 bool is_ssl_server(); |
69 | 69 |
70 void OnConnected(int result); | 70 void OnConnected(int result); |
71 | 71 |
72 void WriteAuthenticationBytes(bool* callback_called); | 72 void WriteAuthenticationBytes(bool* callback_called); |
73 void OnAuthBytesWritten(int result); | 73 void OnAuthBytesWritten(int result); |
74 bool HandleAuthBytesWritten(int result, bool* callback_called); | 74 bool HandleAuthBytesWritten(int result, bool* callback_called); |
75 | 75 |
76 void ReadAuthenticationBytes(); | 76 void ReadAuthenticationBytes(); |
77 void OnAuthBytesRead(int result); | 77 void OnAuthBytesRead(int result); |
78 bool HandleAuthBytesRead(int result); | 78 bool HandleAuthBytesRead(int result); |
79 bool VerifyAuthBytes(const std::string& received_auth_bytes); | 79 bool VerifyAuthBytes(const std::string& received_auth_bytes); |
80 | 80 |
81 void CheckDone(bool* callback_called); | 81 void CheckDone(bool* callback_called); |
82 void NotifyError(int error); | 82 void NotifyError(int error); |
83 | 83 |
84 // The mutual secret used for authentication. | 84 // The mutual secret used for authentication. |
85 std::string auth_key_; | 85 std::string auth_key_; |
86 | 86 |
87 // Used in the SERVER mode only. | 87 // Used in the SERVER mode only. |
88 std::string local_cert_; | 88 std::string local_cert_; |
89 scoped_refptr<RsaKeyPair> local_key_pair_; | 89 scoped_refptr<RsaKeyPair> local_key_pair_; |
90 scoped_ptr<net::SSLServerContext> server_context_; | 90 std::unique_ptr<net::SSLServerContext> server_context_; |
91 | 91 |
92 // Used in the CLIENT mode only. | 92 // Used in the CLIENT mode only. |
93 std::string remote_cert_; | 93 std::string remote_cert_; |
94 scoped_ptr<net::TransportSecurityState> transport_security_state_; | 94 std::unique_ptr<net::TransportSecurityState> transport_security_state_; |
95 scoped_ptr<net::CertVerifier> cert_verifier_; | 95 std::unique_ptr<net::CertVerifier> cert_verifier_; |
96 | 96 |
97 scoped_ptr<net::SSLSocket> socket_; | 97 std::unique_ptr<net::SSLSocket> socket_; |
98 DoneCallback done_callback_; | 98 DoneCallback done_callback_; |
99 | 99 |
100 scoped_refptr<net::DrainableIOBuffer> auth_write_buf_; | 100 scoped_refptr<net::DrainableIOBuffer> auth_write_buf_; |
101 scoped_refptr<net::GrowableIOBuffer> auth_read_buf_; | 101 scoped_refptr<net::GrowableIOBuffer> auth_read_buf_; |
102 | 102 |
103 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticator); | 103 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticator); |
104 }; | 104 }; |
105 | 105 |
106 } // namespace protocol | 106 } // namespace protocol |
107 } // namespace remoting | 107 } // namespace remoting |
108 | 108 |
109 #endif // REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ | 109 #endif // REMOTING_PROTOCOL_SSL_HMAC_CHANNEL_AUTHENTICATOR_H_ |
OLD | NEW |