• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 // AuthenticationMethod represents an authentication algorithm and its
6 // configuration. It knows how to parse and format authentication
7 // method names.
8 // Currently the following methods are supported:
9 //   spake2_plain - SPAKE2 without hashing applied to the password.
10 //   spake2_hmac - SPAKE2 with HMAC hashing of the password.
11 
12 #ifndef REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
13 #define REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
14 
15 #include <string>
16 
17 namespace remoting {
18 namespace protocol {
19 
20 class Authenticator;
21 
22 class AuthenticationMethod {
23  public:
24   enum MethodType {
25     INVALID,
26     SPAKE2,
27     SPAKE2_PAIR,
28     THIRD_PARTY
29   };
30 
31   enum HashFunction {
32     NONE,
33     HMAC_SHA256,
34   };
35 
36   // Constructors for various authentication methods.
37   static AuthenticationMethod Invalid();
38   static AuthenticationMethod Spake2(HashFunction hash_function);
39   static AuthenticationMethod Spake2Pair();
40   static AuthenticationMethod ThirdParty();
41 
42   // Parses a string that defines an authentication method. Returns an
43   // invalid value if the string is invalid.
44   static AuthenticationMethod FromString(const std::string& value);
45 
46   // Applies the specified hash function to |shared_secret| with the
47   // specified |tag| as a key.
48   static std::string ApplyHashFunction(HashFunction hash_function,
49                                        const std::string& tag,
50                                        const std::string& shared_secret);
51 
is_valid()52   bool is_valid() const { return type_ != INVALID; }
53 
type()54   MethodType type() const { return type_; }
55 
56   // Following methods are valid only when is_valid() returns true.
57 
58   // Hash function applied to the shared secret on both ends.
59   HashFunction hash_function() const;
60 
61   // Returns string representation of the value stored in this object.
62   const std::string ToString() const;
63 
64   // Comparison operators so that std::find() can be used with
65   // collections of this class.
66   bool operator ==(const AuthenticationMethod& other) const;
67   bool operator !=(const AuthenticationMethod& other) const {
68     return !(*this == other);
69   }
70 
71  protected:
72   AuthenticationMethod();
73   AuthenticationMethod(MethodType type, HashFunction hash_function);
74 
75   MethodType type_;
76   HashFunction hash_function_;
77 };
78 
79 // SharedSecretHash stores hash of a host secret paired with the type
80 // of the hashing function.
81 struct SharedSecretHash {
82   AuthenticationMethod::HashFunction hash_function;
83   std::string value;
84 
85   // Parse string representation of a shared secret hash. The |as_string|
86   // must be in form "<hash_function>:<hash_value_base64>".
87   bool Parse(const std::string& as_string);
88 };
89 
90 }  // namespace protocol
91 }  // namespace remoting
92 
93 #endif  // REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
94