1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef REMOTING_PROTOCOL_AUTH_UTIL_H_ 6 #define REMOTING_PROTOCOL_AUTH_UTIL_H_ 7 8 #include <string> 9 10 #include "base/strings/string_piece.h" 11 12 namespace net { 13 class SSLSocket; 14 } // namespace net 15 16 namespace remoting { 17 namespace protocol { 18 19 // Labels for use when exporting the SSL master keys. 20 extern const char kClientAuthSslExporterLabel[]; 21 extern const char kHostAuthSslExporterLabel[]; 22 23 // Fake hostname used for SSL connections. 24 extern const char kSslFakeHostName[]; 25 26 // Size of the HMAC-SHA-256 hash used as shared secret in SPAKE2. 27 const size_t kSharedSecretHashLength = 32; 28 29 // Size of the HMAC-SHA-256 digest used for channel authentication. 30 const size_t kAuthDigestLength = 32; 31 32 // TODO(sergeyu): The following two methods are used for V1 33 // authentication. Remove them when we finally switch to V2 34 // authentication method. crbug.com/110483 . 35 36 // Generates auth token for the specified |jid| and |access_code|. 37 std::string GenerateSupportAuthToken(const std::string& jid, 38 const std::string& access_code); 39 40 // Verifies validity of an |access_token|. 41 bool VerifySupportAuthToken(const std::string& jid, 42 const std::string& access_code, 43 const std::string& auth_token); 44 45 // Returns authentication bytes that must be used for the given 46 // |socket|. Empty string is returned in case of failure. 47 std::string GetAuthBytes(net::SSLSocket* socket, 48 const base::StringPiece& label, 49 const base::StringPiece& shared_secret); 50 51 } // namespace protocol 52 } // namespace remoting 53 54 #endif // REMOTING_PROTOCOL_AUTH_UTIL_H_ 55
