| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/proximity_auth/device_to_device_authenticator.h" | 5 #include "components/proximity_auth/device_to_device_authenticator.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/memory/ptr_util.h" |
| 9 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| 10 #include "base/timer/timer.h" | 11 #include "base/timer/timer.h" |
| 11 #include "components/proximity_auth/connection.h" | 12 #include "components/proximity_auth/connection.h" |
| 12 #include "components/proximity_auth/cryptauth/secure_message_delegate.h" | 13 #include "components/proximity_auth/cryptauth/secure_message_delegate.h" |
| 13 #include "components/proximity_auth/device_to_device_initiator_operations.h" | 14 #include "components/proximity_auth/device_to_device_initiator_operations.h" |
| 14 #include "components/proximity_auth/device_to_device_secure_context.h" | 15 #include "components/proximity_auth/device_to_device_secure_context.h" |
| 15 #include "components/proximity_auth/logging/logging.h" | 16 #include "components/proximity_auth/logging/logging.h" |
| 16 #include "components/proximity_auth/secure_context.h" | 17 #include "components/proximity_auth/secure_context.h" |
| 17 #include "components/proximity_auth/wire_message.h" | 18 #include "components/proximity_auth/wire_message.h" |
| 18 | 19 |
| 19 namespace proximity_auth { | 20 namespace proximity_auth { |
| 20 | 21 |
| 21 namespace { | 22 namespace { |
| 22 | 23 |
| 23 // The time to wait in seconds for the remote device to send its | 24 // The time to wait in seconds for the remote device to send its |
| 24 // [Responder Auth] message. If we do not get the message in this time, then | 25 // [Responder Auth] message. If we do not get the message in this time, then |
| 25 // authentication will fail. | 26 // authentication will fail. |
| 26 const int kResponderAuthTimeoutSeconds = 5; | 27 const int kResponderAuthTimeoutSeconds = 5; |
| 27 | 28 |
| 28 // The prefix of the permit id sent to the remote device. The permit id | 29 // The prefix of the permit id sent to the remote device. The permit id |
| 29 // is used by the remote device to find the credentials of the local device. | 30 // is used by the remote device to find the credentials of the local device. |
| 30 const char kPermitIdPrefix[] = "permit://google.com/easyunlock/v1/"; | 31 const char kPermitIdPrefix[] = "permit://google.com/easyunlock/v1/"; |
| 31 | 32 |
| 32 } // namespace | 33 } // namespace |
| 33 | 34 |
| 34 DeviceToDeviceAuthenticator::DeviceToDeviceAuthenticator( | 35 DeviceToDeviceAuthenticator::DeviceToDeviceAuthenticator( |
| 35 Connection* connection, | 36 Connection* connection, |
| 36 const std::string& account_id, | 37 const std::string& account_id, |
| 37 scoped_ptr<SecureMessageDelegate> secure_message_delegate) | 38 std::unique_ptr<SecureMessageDelegate> secure_message_delegate) |
| 38 : connection_(connection), | 39 : connection_(connection), |
| 39 account_id_(account_id), | 40 account_id_(account_id), |
| 40 secure_message_delegate_(std::move(secure_message_delegate)), | 41 secure_message_delegate_(std::move(secure_message_delegate)), |
| 41 state_(State::NOT_STARTED), | 42 state_(State::NOT_STARTED), |
| 42 weak_ptr_factory_(this) { | 43 weak_ptr_factory_(this) { |
| 43 DCHECK(connection_); | 44 DCHECK(connection_); |
| 44 } | 45 } |
| 45 | 46 |
| 46 DeviceToDeviceAuthenticator::~DeviceToDeviceAuthenticator() { | 47 DeviceToDeviceAuthenticator::~DeviceToDeviceAuthenticator() { |
| 47 connection_->RemoveObserver(this); | 48 connection_->RemoveObserver(this); |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 83 | 84 |
| 84 // Create the [Hello] message to send to the remote device. | 85 // Create the [Hello] message to send to the remote device. |
| 85 state_ = State::SENDING_HELLO; | 86 state_ = State::SENDING_HELLO; |
| 86 DeviceToDeviceInitiatorOperations::CreateHelloMessage( | 87 DeviceToDeviceInitiatorOperations::CreateHelloMessage( |
| 87 public_key, connection_->remote_device().persistent_symmetric_key, | 88 public_key, connection_->remote_device().persistent_symmetric_key, |
| 88 secure_message_delegate_.get(), | 89 secure_message_delegate_.get(), |
| 89 base::Bind(&DeviceToDeviceAuthenticator::OnHelloMessageCreated, | 90 base::Bind(&DeviceToDeviceAuthenticator::OnHelloMessageCreated, |
| 90 weak_ptr_factory_.GetWeakPtr())); | 91 weak_ptr_factory_.GetWeakPtr())); |
| 91 } | 92 } |
| 92 | 93 |
| 93 scoped_ptr<base::Timer> DeviceToDeviceAuthenticator::CreateTimer() { | 94 std::unique_ptr<base::Timer> DeviceToDeviceAuthenticator::CreateTimer() { |
| 94 return make_scoped_ptr(new base::OneShotTimer()); | 95 return base::WrapUnique(new base::OneShotTimer()); |
| 95 } | 96 } |
| 96 | 97 |
| 97 void DeviceToDeviceAuthenticator::OnHelloMessageCreated( | 98 void DeviceToDeviceAuthenticator::OnHelloMessageCreated( |
| 98 const std::string& message) { | 99 const std::string& message) { |
| 99 DCHECK(state_ == State::SENDING_HELLO); | 100 DCHECK(state_ == State::SENDING_HELLO); |
| 100 if (message.empty()) { | 101 if (message.empty()) { |
| 101 Fail("Failed to create [Hello]"); | 102 Fail("Failed to create [Hello]"); |
| 102 return; | 103 return; |
| 103 } | 104 } |
| 104 | 105 |
| 105 // Add a timeout for receiving the [Responder Auth] message as a guard. | 106 // Add a timeout for receiving the [Responder Auth] message as a guard. |
| 106 timer_ = CreateTimer(); | 107 timer_ = CreateTimer(); |
| 107 timer_->Start( | 108 timer_->Start( |
| 108 FROM_HERE, base::TimeDelta::FromSeconds(kResponderAuthTimeoutSeconds), | 109 FROM_HERE, base::TimeDelta::FromSeconds(kResponderAuthTimeoutSeconds), |
| 109 base::Bind(&DeviceToDeviceAuthenticator::OnResponderAuthTimedOut, | 110 base::Bind(&DeviceToDeviceAuthenticator::OnResponderAuthTimedOut, |
| 110 weak_ptr_factory_.GetWeakPtr())); | 111 weak_ptr_factory_.GetWeakPtr())); |
| 111 | 112 |
| 112 // Send the [Hello] message to the remote device. | 113 // Send the [Hello] message to the remote device. |
| 113 state_ = State::SENT_HELLO; | 114 state_ = State::SENT_HELLO; |
| 114 hello_message_ = message; | 115 hello_message_ = message; |
| 115 std::string permit_id = kPermitIdPrefix + account_id_; | 116 std::string permit_id = kPermitIdPrefix + account_id_; |
| 116 connection_->SendMessage( | 117 connection_->SendMessage( |
| 117 make_scoped_ptr(new WireMessage(hello_message_, permit_id))); | 118 base::WrapUnique(new WireMessage(hello_message_, permit_id))); |
| 118 } | 119 } |
| 119 | 120 |
| 120 void DeviceToDeviceAuthenticator::OnResponderAuthTimedOut() { | 121 void DeviceToDeviceAuthenticator::OnResponderAuthTimedOut() { |
| 121 DCHECK(state_ == State::SENT_HELLO); | 122 DCHECK(state_ == State::SENT_HELLO); |
| 122 Fail("Timed out waiting for [Responder Auth]"); | 123 Fail("Timed out waiting for [Responder Auth]"); |
| 123 } | 124 } |
| 124 | 125 |
| 125 void DeviceToDeviceAuthenticator::OnResponderAuthValidated( | 126 void DeviceToDeviceAuthenticator::OnResponderAuthValidated( |
| 126 bool validated, | 127 bool validated, |
| 127 const std::string& session_symmetric_key) { | 128 const std::string& session_symmetric_key) { |
| (...skipping 18 matching lines...) Expand all Loading... |
| 146 | 147 |
| 147 void DeviceToDeviceAuthenticator::OnInitiatorAuthCreated( | 148 void DeviceToDeviceAuthenticator::OnInitiatorAuthCreated( |
| 148 const std::string& message) { | 149 const std::string& message) { |
| 149 DCHECK(state_ == State::VALIDATED_RESPONDER_AUTH); | 150 DCHECK(state_ == State::VALIDATED_RESPONDER_AUTH); |
| 150 if (message.empty()) { | 151 if (message.empty()) { |
| 151 Fail("Failed to create [Initiator Auth]"); | 152 Fail("Failed to create [Initiator Auth]"); |
| 152 return; | 153 return; |
| 153 } | 154 } |
| 154 | 155 |
| 155 state_ = State::SENT_INITIATOR_AUTH; | 156 state_ = State::SENT_INITIATOR_AUTH; |
| 156 connection_->SendMessage(make_scoped_ptr(new WireMessage(message))); | 157 connection_->SendMessage(base::WrapUnique(new WireMessage(message))); |
| 157 } | 158 } |
| 158 | 159 |
| 159 void DeviceToDeviceAuthenticator::Fail(const std::string& error_message) { | 160 void DeviceToDeviceAuthenticator::Fail(const std::string& error_message) { |
| 160 Fail(error_message, Result::FAILURE); | 161 Fail(error_message, Result::FAILURE); |
| 161 } | 162 } |
| 162 | 163 |
| 163 void DeviceToDeviceAuthenticator::Fail(const std::string& error_message, | 164 void DeviceToDeviceAuthenticator::Fail(const std::string& error_message, |
| 164 Result result) { | 165 Result result) { |
| 165 DCHECK(result != Result::SUCCESS); | 166 DCHECK(result != Result::SUCCESS); |
| 166 PA_LOG(WARNING) << "Authentication failed: " << error_message; | 167 PA_LOG(WARNING) << "Authentication failed: " << error_message; |
| 167 state_ = State::AUTHENTICATION_FAILURE; | 168 state_ = State::AUTHENTICATION_FAILURE; |
| 168 weak_ptr_factory_.InvalidateWeakPtrs(); | 169 weak_ptr_factory_.InvalidateWeakPtrs(); |
| 169 connection_->RemoveObserver(this); | 170 connection_->RemoveObserver(this); |
| 170 timer_.reset(); | 171 timer_.reset(); |
| 171 callback_.Run(result, nullptr); | 172 callback_.Run(result, nullptr); |
| 172 } | 173 } |
| 173 | 174 |
| 174 void DeviceToDeviceAuthenticator::Succeed() { | 175 void DeviceToDeviceAuthenticator::Succeed() { |
| 175 DCHECK(state_ == State::SENT_INITIATOR_AUTH); | 176 DCHECK(state_ == State::SENT_INITIATOR_AUTH); |
| 176 DCHECK(!session_symmetric_key_.empty()); | 177 DCHECK(!session_symmetric_key_.empty()); |
| 177 PA_LOG(INFO) << "Authentication succeeded!"; | 178 PA_LOG(INFO) << "Authentication succeeded!"; |
| 178 | 179 |
| 179 state_ = State::AUTHENTICATION_SUCCESS; | 180 state_ = State::AUTHENTICATION_SUCCESS; |
| 180 connection_->RemoveObserver(this); | 181 connection_->RemoveObserver(this); |
| 181 callback_.Run( | 182 callback_.Run( |
| 182 Result::SUCCESS, | 183 Result::SUCCESS, |
| 183 make_scoped_ptr(new DeviceToDeviceSecureContext( | 184 base::WrapUnique(new DeviceToDeviceSecureContext( |
| 184 std::move(secure_message_delegate_), session_symmetric_key_, | 185 std::move(secure_message_delegate_), session_symmetric_key_, |
| 185 responder_auth_message_, SecureContext::PROTOCOL_VERSION_THREE_ONE))); | 186 responder_auth_message_, SecureContext::PROTOCOL_VERSION_THREE_ONE))); |
| 186 } | 187 } |
| 187 | 188 |
| 188 void DeviceToDeviceAuthenticator::OnConnectionStatusChanged( | 189 void DeviceToDeviceAuthenticator::OnConnectionStatusChanged( |
| 189 Connection* connection, | 190 Connection* connection, |
| 190 Connection::Status old_status, | 191 Connection::Status old_status, |
| 191 Connection::Status new_status) { | 192 Connection::Status new_status) { |
| 192 // We do not expect the connection to drop during authentication. | 193 // We do not expect the connection to drop during authentication. |
| 193 if (new_status == Connection::DISCONNECTED) { | 194 if (new_status == Connection::DISCONNECTED) { |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 229 Succeed(); | 230 Succeed(); |
| 230 else | 231 else |
| 231 Fail("Failed to send [Initiator Auth]"); | 232 Fail("Failed to send [Initiator Auth]"); |
| 232 } else if (!success && state_ == State::SENT_HELLO) { | 233 } else if (!success && state_ == State::SENT_HELLO) { |
| 233 DCHECK(message.payload() == hello_message_); | 234 DCHECK(message.payload() == hello_message_); |
| 234 Fail("Failed to send [Hello]"); | 235 Fail("Failed to send [Hello]"); |
| 235 } | 236 } |
| 236 } | 237 } |
| 237 | 238 |
| 238 } // namespace proximity_auth | 239 } // namespace proximity_auth |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1912433002:
Convert //components/proximity_auth from scoped_ptr to std::unique_ptr (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master