remoting/protocol/authentication_method.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 // AuthenticationMethod represents an authentication algorithm and its
   6 // configuration. It knows how to parse and format authentication
   7 // method names.
   8 // Currently the following methods are supported:
   9 //   spake2_plain - SPAKE2 without hashing applied to the password.
  10 //   spake2_hmac - SPAKE2 with HMAC hashing of the password.
  11
  12 #ifndef REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
  13 #define REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_
  14
  15 #include <string>
  16
  17 namespace remoting {
  18 namespace protocol {
  19
  20 class Authenticator;
  21
  22 class AuthenticationMethod {
  23  public:
  24   enum MethodType {
  25     INVALID,
  26     SPAKE2,
  27     THIRD_PARTY
  28   };
  29
  30   enum HashFunction {
  31     NONE,
  32     HMAC_SHA256,
  33   };
  34
  35   // Constructors for various authentication methods.
  36   static AuthenticationMethod Invalid();
  37   static AuthenticationMethod Spake2(HashFunction hash_function);
  38   static AuthenticationMethod ThirdParty();
  39
  40   // Parses a string that defines an authentication method. Returns an
  41   // invalid value if the string is invalid.
  42   static AuthenticationMethod FromString(const std::string& value);
  43
  44   // Applies the specified hash function to |shared_secret| with the
  45   // specified |tag| as a key.
  46   static std::string ApplyHashFunction(HashFunction hash_function,
  47                                        const std::string& tag,
  48                                        const std::string& shared_secret);
  49
  50   bool is_valid() const { return type_ != INVALID; }
  51
  52   MethodType type() const { return type_; }
  53
  54   // Following methods are valid only when is_valid() returns true.
  55
  56   // Hash function applied to the shared secret on both ends.
  57   HashFunction hash_function() const;
  58
  59   // Returns string representation of the value stored in this object.
  60   const std::string ToString() const;
  61
  62   // Comparison operators so that std::find() can be used with
  63   // collections of this class.
  64   bool operator ==(const AuthenticationMethod& other) const;
  65   bool operator !=(const AuthenticationMethod& other) const {
  66     return !(*this == other);
  67   }
  68
  69  protected:
  70   AuthenticationMethod();
  71   AuthenticationMethod(MethodType type, HashFunction hash_function);
  72
  73   MethodType type_;
  74   HashFunction hash_function_;
  75 };
  76
  77 // SharedSecretHash stores hash of a host secret paired with the type
  78 // of the hashing function.
  79 struct SharedSecretHash {
  80   AuthenticationMethod::HashFunction hash_function;
  81   std::string value;
  82
  83   // Parse string representation of a shared secret hash. The |as_string|
  84   // must be in form "<hash_function>:<hash_value_base64>".
  85   bool Parse(const std::string& as_string);
  86 };
  87
  88 }  // namespace protocol
  89 }  // namespace remoting
  90
  91 #endif  // REMOTING_PROTOCOL_AUTHENTICATION_METHOD_H_