190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)// found in the LICENSE file. 490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "remoting/protocol/pairing_client_authenticator.h" 690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "base/bind.h" 890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "base/logging.h" 990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "remoting/base/constants.h" 1090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "remoting/base/rsa_key_pair.h" 1190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "remoting/protocol/authentication_method.h" 1290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "remoting/protocol/channel_authenticator.h" 1390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "remoting/protocol/v2_authenticator.h" 141320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci#include "third_party/webrtc/libjingle/xmllite/xmlelement.h" 1590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 1690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)namespace remoting { 1790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)namespace protocol { 1890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 1990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)PairingClientAuthenticator::PairingClientAuthenticator( 2090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const std::string& client_id, 2190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const std::string& paired_secret, 2290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const FetchSecretCallback& fetch_pin_callback, 2390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const std::string& authentication_tag) 2490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) : sent_client_id_(false), 2590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) client_id_(client_id), 2690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) paired_secret_(paired_secret), 2790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) fetch_pin_callback_(fetch_pin_callback), 2890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) authentication_tag_(authentication_tag), 2990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) weak_factory_(this) { 3090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) v2_authenticator_ = V2Authenticator::CreateForClient( 3190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) paired_secret_, MESSAGE_READY); 3290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) using_paired_secret_ = true; 3390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)} 3490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 3590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)PairingClientAuthenticator::~PairingClientAuthenticator() { 3690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)} 3790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 3890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)void PairingClientAuthenticator::CreateV2AuthenticatorWithPIN( 3990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) State initial_state, 4090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const SetAuthenticatorCallback& set_authenticator_callback) { 4190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) SecretFetchedCallback callback = base::Bind( 4290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) &PairingClientAuthenticator::OnPinFetched, 4390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) weak_factory_.GetWeakPtr(), initial_state, set_authenticator_callback); 4490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) fetch_pin_callback_.Run(true, callback); 4590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)} 4690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 4790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)void PairingClientAuthenticator::AddPairingElements(buzz::XmlElement* message) { 4890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // If the client id and secret have not yet been sent, do so now. Note that 4990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // in this case the V2Authenticator is being used optimistically to send the 5090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // first message of the SPAKE exchange since we don't yet know whether or not 5190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // the host will accept the client id or request that we fall back to the PIN. 5290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) if (!sent_client_id_) { 5390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) buzz::XmlElement* pairing_tag = new buzz::XmlElement(kPairingInfoTag); 5490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) pairing_tag->AddAttr(kClientIdAttribute, client_id_); 5590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) message->AddElement(pairing_tag); 5690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) sent_client_id_ = true; 5790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) } 5890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)} 5990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 6090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)void PairingClientAuthenticator::OnPinFetched( 6190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) State initial_state, 6290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const SetAuthenticatorCallback& callback, 6390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) const std::string& pin) { 6490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) callback.Run(V2Authenticator::CreateForClient( 6590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) AuthenticationMethod::ApplyHashFunction( 6690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) AuthenticationMethod::HMAC_SHA256, 6790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) authentication_tag_, pin), 6890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) initial_state)); 6990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)} 7090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 7190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)} // namespace protocol 7290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)} // namespace remoting 73