OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/v2_authenticator.h" | 5 #include "remoting/protocol/v2_authenticator.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/memory/ptr_util.h" |
11 #include "remoting/base/constants.h" | 12 #include "remoting/base/constants.h" |
12 #include "remoting/base/rsa_key_pair.h" | 13 #include "remoting/base/rsa_key_pair.h" |
13 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 14 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
14 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" | 15 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h" |
15 | 16 |
16 using crypto::P224EncryptedKeyExchange; | 17 using crypto::P224EncryptedKeyExchange; |
17 | 18 |
18 namespace remoting { | 19 namespace remoting { |
19 namespace protocol { | 20 namespace protocol { |
20 | 21 |
21 namespace { | 22 namespace { |
22 | 23 |
23 const buzz::StaticQName kEkeTag = { kChromotingXmlNamespace, | 24 const buzz::StaticQName kEkeTag = { kChromotingXmlNamespace, |
24 "eke-message" }; | 25 "eke-message" }; |
25 const buzz::StaticQName kCertificateTag = { kChromotingXmlNamespace, | 26 const buzz::StaticQName kCertificateTag = { kChromotingXmlNamespace, |
26 "certificate" }; | 27 "certificate" }; |
27 | 28 |
28 } // namespace | 29 } // namespace |
29 | 30 |
30 // static | 31 // static |
31 bool V2Authenticator::IsEkeMessage(const buzz::XmlElement* message) { | 32 bool V2Authenticator::IsEkeMessage(const buzz::XmlElement* message) { |
32 return message->FirstNamed(kEkeTag) != nullptr; | 33 return message->FirstNamed(kEkeTag) != nullptr; |
33 } | 34 } |
34 | 35 |
35 // static | 36 // static |
36 scoped_ptr<Authenticator> V2Authenticator::CreateForClient( | 37 std::unique_ptr<Authenticator> V2Authenticator::CreateForClient( |
37 const std::string& shared_secret, | 38 const std::string& shared_secret, |
38 Authenticator::State initial_state) { | 39 Authenticator::State initial_state) { |
39 return make_scoped_ptr(new V2Authenticator( | 40 return base::WrapUnique(new V2Authenticator( |
40 P224EncryptedKeyExchange::kPeerTypeClient, shared_secret, initial_state)); | 41 P224EncryptedKeyExchange::kPeerTypeClient, shared_secret, initial_state)); |
41 } | 42 } |
42 | 43 |
43 // static | 44 // static |
44 scoped_ptr<Authenticator> V2Authenticator::CreateForHost( | 45 std::unique_ptr<Authenticator> V2Authenticator::CreateForHost( |
45 const std::string& local_cert, | 46 const std::string& local_cert, |
46 scoped_refptr<RsaKeyPair> key_pair, | 47 scoped_refptr<RsaKeyPair> key_pair, |
47 const std::string& shared_secret, | 48 const std::string& shared_secret, |
48 Authenticator::State initial_state) { | 49 Authenticator::State initial_state) { |
49 scoped_ptr<V2Authenticator> result(new V2Authenticator( | 50 std::unique_ptr<V2Authenticator> result(new V2Authenticator( |
50 P224EncryptedKeyExchange::kPeerTypeServer, shared_secret, initial_state)); | 51 P224EncryptedKeyExchange::kPeerTypeServer, shared_secret, initial_state)); |
51 result->local_cert_ = local_cert; | 52 result->local_cert_ = local_cert; |
52 result->local_key_pair_ = key_pair; | 53 result->local_key_pair_ = key_pair; |
53 return std::move(result); | 54 return std::move(result); |
54 } | 55 } |
55 | 56 |
56 V2Authenticator::V2Authenticator( | 57 V2Authenticator::V2Authenticator( |
57 crypto::P224EncryptedKeyExchange::PeerType type, | 58 crypto::P224EncryptedKeyExchange::PeerType type, |
58 const std::string& shared_secret, | 59 const std::string& shared_secret, |
59 Authenticator::State initial_state) | 60 Authenticator::State initial_state) |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
143 | 144 |
144 case P224EncryptedKeyExchange::kResultSuccess: | 145 case P224EncryptedKeyExchange::kResultSuccess: |
145 auth_key_ = key_exchange_impl_.GetKey(); | 146 auth_key_ = key_exchange_impl_.GetKey(); |
146 state_ = ACCEPTED; | 147 state_ = ACCEPTED; |
147 return; | 148 return; |
148 } | 149 } |
149 } | 150 } |
150 state_ = MESSAGE_READY; | 151 state_ = MESSAGE_READY; |
151 } | 152 } |
152 | 153 |
153 scoped_ptr<buzz::XmlElement> V2Authenticator::GetNextMessage() { | 154 std::unique_ptr<buzz::XmlElement> V2Authenticator::GetNextMessage() { |
154 DCHECK_EQ(state(), MESSAGE_READY); | 155 DCHECK_EQ(state(), MESSAGE_READY); |
155 | 156 |
156 scoped_ptr<buzz::XmlElement> message = CreateEmptyAuthenticatorMessage(); | 157 std::unique_ptr<buzz::XmlElement> message = CreateEmptyAuthenticatorMessage(); |
157 | 158 |
158 DCHECK(!pending_messages_.empty()); | 159 DCHECK(!pending_messages_.empty()); |
159 while (!pending_messages_.empty()) { | 160 while (!pending_messages_.empty()) { |
160 const std::string& spake_message = pending_messages_.front(); | 161 const std::string& spake_message = pending_messages_.front(); |
161 std::string base64_message; | 162 std::string base64_message; |
162 base::Base64Encode(spake_message, &base64_message); | 163 base::Base64Encode(spake_message, &base64_message); |
163 | 164 |
164 buzz::XmlElement* eke_tag = new buzz::XmlElement(kEkeTag); | 165 buzz::XmlElement* eke_tag = new buzz::XmlElement(kEkeTag); |
165 eke_tag->SetBodyText(base64_message); | 166 eke_tag->SetBodyText(base64_message); |
166 message->AddElement(eke_tag); | 167 message->AddElement(eke_tag); |
(...skipping 13 matching lines...) Expand all Loading... |
180 if (state_ != ACCEPTED) { | 181 if (state_ != ACCEPTED) { |
181 state_ = WAITING_MESSAGE; | 182 state_ = WAITING_MESSAGE; |
182 } | 183 } |
183 return message; | 184 return message; |
184 } | 185 } |
185 | 186 |
186 const std::string& V2Authenticator::GetAuthKey() const { | 187 const std::string& V2Authenticator::GetAuthKey() const { |
187 return auth_key_; | 188 return auth_key_; |
188 } | 189 } |
189 | 190 |
190 scoped_ptr<ChannelAuthenticator> | 191 std::unique_ptr<ChannelAuthenticator> |
191 V2Authenticator::CreateChannelAuthenticator() const { | 192 V2Authenticator::CreateChannelAuthenticator() const { |
192 DCHECK_EQ(state(), ACCEPTED); | 193 DCHECK_EQ(state(), ACCEPTED); |
193 CHECK(!auth_key_.empty()); | 194 CHECK(!auth_key_.empty()); |
194 | 195 |
195 if (is_host_side()) { | 196 if (is_host_side()) { |
196 return SslHmacChannelAuthenticator::CreateForHost( | 197 return SslHmacChannelAuthenticator::CreateForHost( |
197 local_cert_, local_key_pair_, auth_key_); | 198 local_cert_, local_key_pair_, auth_key_); |
198 } else { | 199 } else { |
199 return SslHmacChannelAuthenticator::CreateForClient( | 200 return SslHmacChannelAuthenticator::CreateForClient( |
200 remote_cert_, auth_key_); | 201 remote_cert_, auth_key_); |
201 } | 202 } |
202 } | 203 } |
203 | 204 |
204 bool V2Authenticator::is_host_side() const { | 205 bool V2Authenticator::is_host_side() const { |
205 return local_key_pair_.get() != nullptr; | 206 return local_key_pair_.get() != nullptr; |
206 } | 207 } |
207 | 208 |
208 } // namespace protocol | 209 } // namespace protocol |
209 } // namespace remoting | 210 } // namespace remoting |
OLD | NEW |