1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef REMOTING_PROTOCOL_AUTH_UTIL_H_ 6#define REMOTING_PROTOCOL_AUTH_UTIL_H_ 7 8#include <string> 9 10#include "base/strings/string_piece.h" 11 12namespace net { 13class SSLSocket; 14} // namespace net 15 16namespace remoting { 17namespace protocol { 18 19// Labels for use when exporting the SSL master keys. 20extern const char kClientAuthSslExporterLabel[]; 21extern const char kHostAuthSslExporterLabel[]; 22 23// Fake hostname used for SSL connections. 24extern const char kSslFakeHostName[]; 25 26// Size of the HMAC-SHA-256 hash used as shared secret in SPAKE2. 27const size_t kSharedSecretHashLength = 32; 28 29// Size of the HMAC-SHA-256 digest used for channel authentication. 30const size_t kAuthDigestLength = 32; 31 32// TODO(sergeyu): The following two methods are used for V1 33// authentication. Remove them when we finally switch to V2 34// authentication method. crbug.com/110483 . 35 36// Generates auth token for the specified |jid| and |access_code|. 37std::string GenerateSupportAuthToken(const std::string& jid, 38 const std::string& access_code); 39 40// Verifies validity of an |access_token|. 41bool VerifySupportAuthToken(const std::string& jid, 42 const std::string& access_code, 43 const std::string& auth_token); 44 45// Returns authentication bytes that must be used for the given 46// |socket|. Empty string is returned in case of failure. 47std::string GetAuthBytes(net::SSLSocket* socket, 48 const base::StringPiece& label, 49 const base::StringPiece& shared_secret); 50 51} // namespace protocol 52} // namespace remoting 53 54#endif // REMOTING_PROTOCOL_AUTH_UTIL_H_ 55