Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(18)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/browser/api/cast_channel/cast_auth_util.cc

Issue 687733004: Implement crypto signature verification routines using OpenSSL. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix const truncation warning (raised by Win builds.) Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/browser/api/cast_channel/cast_auth_util.h ('k') | extensions/browser/api/cast_channel/cast_auth_util_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/browser/api/cast_channel/cast_auth_util.h" 5 #include "extensions/browser/api/cast_channel/cast_auth_util.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/strings/string_number_conversions.h" 8 #include "base/strings/string_number_conversions.h"
9 #include "base/strings/stringprintf.h" 9 #include "base/strings/stringprintf.h"
10 #include "extensions/browser/api/cast_channel/cast_message_util.h" 10 #include "extensions/browser/api/cast_channel/cast_message_util.h"
11 #include "extensions/common/api/cast_channel/cast_channel.pb.h" 11 #include "extensions/common/api/cast_channel/cast_channel.pb.h"
12 12
13 namespace extensions { 13 namespace extensions {
14 namespace core_api { 14 namespace core_api {
15 namespace cast_channel { 15 namespace cast_channel {
16 namespace { 16 namespace {
17 17
18 const char* const kParseErrorPrefix = "Failed to parse auth message: "; 18 const char* const kParseErrorPrefix = "Failed to parse auth message: ";
19 19
20 // Extracts an embedded DeviceAuthMessage payload from an auth challenge reply
21 // message.
22 AuthResult ParseAuthMessage(const CastMessage& challenge_reply,
23 DeviceAuthMessage* auth_message) {
24 if (challenge_reply.payload_type() != CastMessage_PayloadType_BINARY) {
25 return AuthResult::CreateWithParseError(
26 "Wrong payload type in challenge reply",
27 AuthResult::ERROR_WRONG_PAYLOAD_TYPE);
28 }
29 if (!challenge_reply.has_payload_binary()) {
30 return AuthResult::CreateWithParseError(
31 "Payload type is binary but payload_binary field not set",
32 AuthResult::ERROR_NO_PAYLOAD);
33 }
34 if (!auth_message->ParseFromString(challenge_reply.payload_binary())) {
35 return AuthResult::CreateWithParseError(
36 "Cannot parse binary payload into DeviceAuthMessage",
37 AuthResult::ERROR_PAYLOAD_PARSING_FAILED);
38 }
39
40 VLOG(1) << "Auth message: " << AuthMessageToString(*auth_message);
41
42 if (auth_message->has_error()) {
43 return AuthResult::CreateWithParseError(
44 "Auth message error: " +
45 base::IntToString(auth_message->error().error_type()),
46 AuthResult::ERROR_MESSAGE_ERROR);
47 }
48 if (!auth_message->has_response()) {
49 return AuthResult::CreateWithParseError(
50 "Auth message has no response field", AuthResult::ERROR_NO_RESPONSE);
51 }
52 return AuthResult();
53 }
54
20 } // namespace 55 } // namespace
21 56
22 AuthResult::AuthResult() : error_type(ERROR_NONE), nss_error_code(0) { 57 AuthResult::AuthResult() : error_type(ERROR_NONE), nss_error_code(0) {
23 } 58 }
24 59
25 AuthResult::~AuthResult() { 60 AuthResult::~AuthResult() {
26 } 61 }
27 62
28 // static 63 // static
29 AuthResult AuthResult::CreateWithParseError(const std::string& error_message, 64 AuthResult AuthResult::CreateWithParseError(const std::string& error_message,
30 ErrorType error_type) { 65 ErrorType error_type) {
31 return AuthResult(kParseErrorPrefix + error_message, error_type, 0); 66 return AuthResult(kParseErrorPrefix + error_message, error_type, 0);
32 } 67 }
33 68
34 // static 69 // static
35 AuthResult AuthResult::CreateWithNSSError(const std::string& error_message, 70 AuthResult AuthResult::CreateWithNSSError(const std::string& error_message,
36 ErrorType error_type, 71 ErrorType error_type,
37 int nss_error_code) { 72 int nss_error_code) {
38 return AuthResult(error_message, error_type, nss_error_code); 73 return AuthResult(error_message, error_type, nss_error_code);
39 } 74 }
40 75
41 AuthResult::AuthResult(const std::string& error_message, 76 AuthResult::AuthResult(const std::string& error_message,
42 ErrorType error_type, 77 ErrorType error_type,
43 int nss_error_code) 78 int nss_error_code)
44 : error_message(error_message), 79 : error_message(error_message),
45 error_type(error_type), 80 error_type(error_type),
46 nss_error_code(nss_error_code) { 81 nss_error_code(nss_error_code) {
47 } 82 }
48 83
49 AuthResult ParseAuthMessage(const CastMessage& challenge_reply, 84 AuthResult AuthenticateChallengeReply(const CastMessage& challenge_reply,
50 DeviceAuthMessage* auth_message) { 85 const std::string& peer_cert) {
51 if (challenge_reply.payload_type() != CastMessage_PayloadType_BINARY) { 86 if (peer_cert.empty()) {
52 return AuthResult::CreateWithParseError( 87 AuthResult result = AuthResult::CreateWithParseError(
53 "Wrong payload type in challenge reply", 88 "Peer cert was empty.", AuthResult::ERROR_PEER_CERT_EMPTY);
54 AuthResult::ERROR_WRONG_PAYLOAD_TYPE); 89 return result;
55 }
56 if (!challenge_reply.has_payload_binary()) {
57 return AuthResult::CreateWithParseError(
58 "Payload type is binary but payload_binary field not set",
59 AuthResult::ERROR_NO_PAYLOAD);
60 }
61 if (!auth_message->ParseFromString(challenge_reply.payload_binary())) {
62 return AuthResult::CreateWithParseError(
63 "Cannot parse binary payload into DeviceAuthMessage",
64 AuthResult::ERROR_PAYLOAD_PARSING_FAILED);
65 } 90 }
66 91
67 VLOG(1) << "Auth message: " << AuthMessageToString(*auth_message); 92 DeviceAuthMessage auth_message;
93 AuthResult result = ParseAuthMessage(challenge_reply, &auth_message);
94 if (!result.success()) {
95 return result;
96 }
68 97
69 if (auth_message->has_error()) { 98 const AuthResponse& response = auth_message.response();
70 return AuthResult::CreateWithParseError( 99 result = VerifyCredentials(response, peer_cert);
71 "Auth message error: " + 100 if (!result.success()) {
72 base::IntToString(auth_message->error().error_type()), 101 return result;
73 AuthResult::ERROR_MESSAGE_ERROR);
74 } 102 }
75 if (!auth_message->has_response()) { 103
76 return AuthResult::CreateWithParseError(
77 "Auth message has no response field", AuthResult::ERROR_NO_RESPONSE);
78 }
79 return AuthResult(); 104 return AuthResult();
80 } 105 }
81 106
82 } // namespace cast_channel 107 } // namespace cast_channel
83 } // namespace core_api 108 } // namespace core_api
84 } // namespace extensions 109 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/browser/api/cast_channel/cast_auth_util.h ('k') | extensions/browser/api/cast_channel/cast_auth_util_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698