| // Copyright 2013 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "remoting/protocol/pairing_host_authenticator.h" |
| |
| #include "base/bind.h" |
| #include "base/logging.h" |
| #include "remoting/base/constants.h" |
| #include "remoting/base/rsa_key_pair.h" |
| #include "remoting/protocol/channel_authenticator.h" |
| #include "remoting/protocol/v2_authenticator.h" |
| #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
| |
| namespace remoting { |
| namespace protocol { |
| |
| PairingHostAuthenticator::PairingHostAuthenticator( |
| scoped_refptr<PairingRegistry> pairing_registry, |
| const std::string& local_cert, |
| scoped_refptr<RsaKeyPair> key_pair, |
| const std::string& pin) |
| : pairing_registry_(pairing_registry), |
| local_cert_(local_cert), |
| key_pair_(key_pair), |
| pin_(pin), |
| protocol_error_(false), |
| waiting_for_paired_secret_(false), |
| weak_factory_(this) { |
| } |
| |
| PairingHostAuthenticator::~PairingHostAuthenticator() { |
| } |
| |
| Authenticator::State PairingHostAuthenticator::state() const { |
| if (protocol_error_) { |
| return REJECTED; |
| } else if (waiting_for_paired_secret_) { |
| return PROCESSING_MESSAGE; |
| } else if (!v2_authenticator_) { |
| return WAITING_MESSAGE; |
| } |
| return PairingAuthenticatorBase::state(); |
| } |
| |
| Authenticator::RejectionReason |
| PairingHostAuthenticator::rejection_reason() const { |
| if (protocol_error_) { |
| return PROTOCOL_ERROR; |
| } |
| return PairingAuthenticatorBase::rejection_reason(); |
| } |
| |
| void PairingHostAuthenticator::CreateV2AuthenticatorWithPIN( |
| State initial_state, |
| const SetAuthenticatorCallback& callback) { |
| callback.Run(V2Authenticator::CreateForHost( |
| local_cert_, key_pair_, pin_, initial_state)); |
| } |
| |
| void PairingHostAuthenticator::ProcessMessage( |
| const buzz::XmlElement* message, |
| const base::Closure& resume_callback) { |
| if (!v2_authenticator_) { |
| std::string client_id; |
| |
| const buzz::XmlElement* pairing_tag = message->FirstNamed(kPairingInfoTag); |
| if (pairing_tag) { |
| client_id = pairing_tag->Attr(kClientIdAttribute); |
| } |
| |
| if (client_id.empty()) { |
| LOG(ERROR) << "No client id specified."; |
| protocol_error_ = true; |
| } else { |
| waiting_for_paired_secret_ = true; |
| pairing_registry_->GetPairing( |
| client_id, |
| base::Bind(&PairingHostAuthenticator::ProcessMessageWithPairing, |
| weak_factory_.GetWeakPtr(), |
| base::Owned(new buzz::XmlElement(*message)), |
| resume_callback)); |
| return; |
| } |
| } |
| |
| PairingAuthenticatorBase::ProcessMessage(message, resume_callback); |
| } |
| |
| void PairingHostAuthenticator::AddPairingElements(buzz::XmlElement* message) { |
| // Nothing to do here |
| } |
| |
| void PairingHostAuthenticator::ProcessMessageWithPairing( |
| const buzz::XmlElement* message, |
| const base::Closure& resume_callback, |
| PairingRegistry::Pairing pairing) { |
| waiting_for_paired_secret_ = false; |
| std::string paired_secret = pairing.shared_secret(); |
| if (paired_secret.empty()) { |
| LOG(INFO) << "Unknown client id"; |
| error_message_ = "unknown-client-id"; |
| } |
| |
| using_paired_secret_ = !paired_secret.empty(); |
| if (using_paired_secret_) { |
| v2_authenticator_ = V2Authenticator::CreateForHost( |
| local_cert_, key_pair_, paired_secret, WAITING_MESSAGE); |
| PairingAuthenticatorBase::ProcessMessage(message, resume_callback); |
| } else { |
| v2_authenticator_ = V2Authenticator::CreateForHost( |
| local_cert_, key_pair_, pin_, MESSAGE_READY); |
| // The client's optimistic SPAKE message is using a Paired Secret to |
| // which the host doesn't have access, so don't bother processing it. |
| resume_callback.Run(); |
| } |
| } |
| |
| } // namespace protocol |
| } // namespace remoting |