| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/cryptauth/device_to_device_authenticator.h" | 5 #include "components/cryptauth/device_to_device_authenticator.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/memory/ptr_util.h" | 9 #include "base/memory/ptr_util.h" |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| 11 #include "base/timer/timer.h" | 11 #include "base/timer/timer.h" |
| 12 #include "components/cryptauth/authenticator.h" | 12 #include "components/cryptauth/authenticator.h" |
| 13 #include "components/cryptauth/connection.h" | 13 #include "components/cryptauth/connection.h" |
| 14 #include "components/cryptauth/device_to_device_initiator_operations.h" | 14 #include "components/cryptauth/device_to_device_initiator_operations.h" |
| 15 #include "components/cryptauth/device_to_device_secure_context.h" | 15 #include "components/cryptauth/device_to_device_secure_context.h" |
| 16 #include "components/cryptauth/secure_context.h" | 16 #include "components/cryptauth/secure_context.h" |
| 17 #include "components/cryptauth/secure_message_delegate.h" | 17 #include "components/cryptauth/secure_message_delegate.h" |
| 18 #include "components/cryptauth/session_keys.h" |
| 18 #include "components/cryptauth/wire_message.h" | 19 #include "components/cryptauth/wire_message.h" |
| 19 #include "components/proximity_auth/logging/logging.h" | 20 #include "components/proximity_auth/logging/logging.h" |
| 20 | 21 |
| 21 namespace cryptauth { | 22 namespace cryptauth { |
| 22 | 23 |
| 23 namespace { | 24 namespace { |
| 24 | 25 |
| 25 // The time to wait in seconds for the remote device to send its | 26 // The time to wait in seconds for the remote device to send its |
| 26 // [Responder Auth] message. If we do not get the message in this time, then | 27 // [Responder Auth] message. If we do not get the message in this time, then |
| 27 // authentication will fail. | 28 // authentication will fail. |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 147 hello_message_, std::string(Authenticator::kAuthenticationFeature))); | 148 hello_message_, std::string(Authenticator::kAuthenticationFeature))); |
| 148 } | 149 } |
| 149 | 150 |
| 150 void DeviceToDeviceAuthenticator::OnResponderAuthTimedOut() { | 151 void DeviceToDeviceAuthenticator::OnResponderAuthTimedOut() { |
| 151 DCHECK(state_ == State::SENT_HELLO); | 152 DCHECK(state_ == State::SENT_HELLO); |
| 152 Fail("Timed out waiting for [Responder Auth]"); | 153 Fail("Timed out waiting for [Responder Auth]"); |
| 153 } | 154 } |
| 154 | 155 |
| 155 void DeviceToDeviceAuthenticator::OnResponderAuthValidated( | 156 void DeviceToDeviceAuthenticator::OnResponderAuthValidated( |
| 156 bool validated, | 157 bool validated, |
| 157 const std::string& session_symmetric_key) { | 158 std::unique_ptr<SessionKeys> session_keys) { |
| 158 if (!validated) { | 159 if (!validated) { |
| 159 Fail("Unable to validated [Responder Auth]"); | 160 Fail("Unable to validated [Responder Auth]"); |
| 160 return; | 161 return; |
| 161 } | 162 } |
| 162 | 163 |
| 163 PA_LOG(INFO) << "Successfully validated [Responder Auth]! " | 164 PA_LOG(INFO) << "Successfully validated [Responder Auth]! " |
| 164 << "Sending [Initiator Auth]..."; | 165 << "Sending [Initiator Auth]..."; |
| 165 state_ = State::VALIDATED_RESPONDER_AUTH; | 166 state_ = State::VALIDATED_RESPONDER_AUTH; |
| 166 session_symmetric_key_ = session_symmetric_key; | 167 session_keys_ = std::move(session_keys); |
| 167 | 168 |
| 168 // Create the [Initiator Auth] message to send to the remote device. | 169 // Create the [Initiator Auth] message to send to the remote device. |
| 169 DeviceToDeviceInitiatorOperations::CreateInitiatorAuthMessage( | 170 DeviceToDeviceInitiatorOperations::CreateInitiatorAuthMessage( |
| 170 session_symmetric_key, | 171 session_keys_.get(), |
| 171 connection_->remote_device().persistent_symmetric_key, | 172 connection_->remote_device().persistent_symmetric_key, |
| 172 responder_auth_message_, secure_message_delegate_.get(), | 173 responder_auth_message_, secure_message_delegate_.get(), |
| 173 base::Bind(&DeviceToDeviceAuthenticator::OnInitiatorAuthCreated, | 174 base::Bind(&DeviceToDeviceAuthenticator::OnInitiatorAuthCreated, |
| 174 weak_ptr_factory_.GetWeakPtr())); | 175 weak_ptr_factory_.GetWeakPtr())); |
| 175 } | 176 } |
| 176 | 177 |
| 177 void DeviceToDeviceAuthenticator::OnInitiatorAuthCreated( | 178 void DeviceToDeviceAuthenticator::OnInitiatorAuthCreated( |
| 178 const std::string& message) { | 179 const std::string& message) { |
| 179 DCHECK(state_ == State::VALIDATED_RESPONDER_AUTH); | 180 DCHECK(state_ == State::VALIDATED_RESPONDER_AUTH); |
| 180 if (message.empty()) { | 181 if (message.empty()) { |
| (...skipping 16 matching lines...) Expand all Loading... |
| 197 PA_LOG(WARNING) << "Authentication failed: " << error_message; | 198 PA_LOG(WARNING) << "Authentication failed: " << error_message; |
| 198 state_ = State::AUTHENTICATION_FAILURE; | 199 state_ = State::AUTHENTICATION_FAILURE; |
| 199 weak_ptr_factory_.InvalidateWeakPtrs(); | 200 weak_ptr_factory_.InvalidateWeakPtrs(); |
| 200 connection_->RemoveObserver(this); | 201 connection_->RemoveObserver(this); |
| 201 timer_.reset(); | 202 timer_.reset(); |
| 202 callback_.Run(result, nullptr); | 203 callback_.Run(result, nullptr); |
| 203 } | 204 } |
| 204 | 205 |
| 205 void DeviceToDeviceAuthenticator::Succeed() { | 206 void DeviceToDeviceAuthenticator::Succeed() { |
| 206 DCHECK(state_ == State::SENT_INITIATOR_AUTH); | 207 DCHECK(state_ == State::SENT_INITIATOR_AUTH); |
| 207 DCHECK(!session_symmetric_key_.empty()); | 208 DCHECK(session_keys_); |
| 208 PA_LOG(INFO) << "Authentication succeeded!"; | 209 PA_LOG(INFO) << "Authentication succeeded!"; |
| 209 | 210 |
| 210 state_ = State::AUTHENTICATION_SUCCESS; | 211 state_ = State::AUTHENTICATION_SUCCESS; |
| 211 connection_->RemoveObserver(this); | 212 connection_->RemoveObserver(this); |
| 212 callback_.Run( | 213 callback_.Run( |
| 213 Result::SUCCESS, | 214 Result::SUCCESS, |
| 214 base::MakeUnique<DeviceToDeviceSecureContext>( | 215 base::MakeUnique<DeviceToDeviceSecureContext>( |
| 215 std::move(secure_message_delegate_), session_symmetric_key_, | 216 std::move(secure_message_delegate_), std::move(session_keys_), |
| 216 responder_auth_message_, SecureContext::PROTOCOL_VERSION_THREE_ONE)); | 217 responder_auth_message_, SecureContext::PROTOCOL_VERSION_THREE_ONE)); |
| 217 } | 218 } |
| 218 | 219 |
| 219 void DeviceToDeviceAuthenticator::OnConnectionStatusChanged( | 220 void DeviceToDeviceAuthenticator::OnConnectionStatusChanged( |
| 220 Connection* connection, | 221 Connection* connection, |
| 221 Connection::Status old_status, | 222 Connection::Status old_status, |
| 222 Connection::Status new_status) { | 223 Connection::Status new_status) { |
| 223 // We do not expect the connection to drop during authentication. | 224 // We do not expect the connection to drop during authentication. |
| 224 if (new_status == Connection::DISCONNECTED) { | 225 if (new_status == Connection::DISCONNECTED) { |
| 225 Fail("Disconnected while authentication is in progress", | 226 Fail("Disconnected while authentication is in progress", |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 Succeed(); | 263 Succeed(); |
| 263 else | 264 else |
| 264 Fail("Failed to send [Initiator Auth]"); | 265 Fail("Failed to send [Initiator Auth]"); |
| 265 } else if (!success && state_ == State::SENT_HELLO) { | 266 } else if (!success && state_ == State::SENT_HELLO) { |
| 266 DCHECK(message.payload() == hello_message_); | 267 DCHECK(message.payload() == hello_message_); |
| 267 Fail("Failed to send [Hello]"); | 268 Fail("Failed to send [Hello]"); |
| 268 } | 269 } |
| 269 } | 270 } |
| 270 | 271 |
| 271 } // namespace cryptauth | 272 } // namespace cryptauth |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2899863002:
Updating D2D protocol to v1 to support separate sequence numbers. (Closed)
