Private API for extensions like ssh-client that need access to websocket-to-tcp proxy.

Access to TCP is obtained in following way:
(1) extension requests authentication token via call to private API like:
    chrome.webSocketProxyPrivate.getPassportForTCP('netbsd.org', 25, callback);
    if API validates this request
    then extension obtains some string token (in callback).
(2) open websocket connection to local websocket-to-tcp proxy ws://127.0.0.1:10101/tcpproxy
(3) pass header containing hostname, port and token obtained at step (1)
(4) communicate (in base64 encoding at this moment).

Proxy (running in chrome process) verifies those tokens by calls to InternalAuthVerification::VerifyPassport

Passports are one-time; no passport can be reused.
Passports expire in short period of time (20 seconds).

BUG=chromium-os:9667
TEST=unit_test,apitest

Review URL: http://codereview.chromium.org/6683060

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@85757 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 74 insertions, 0 deletions

diff --git a/chrome/browser/internal_auth.h b/chrome/browser/internal_auth.h
new file mode 100644
index 0000000..008559b
--- /dev/null
+++ b/chrome/browser/internal_auth.h
@@ -0,0 +1,74 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_INTERNAL_AUTH_H_
+#define CHROME_BROWSER_INTERNAL_AUTH_H_
+#pragma once
+
+#include <map>
+#include <string>
+
+#include "base/gtest_prod_util.h"
+
+class WebSocketProxyPrivateGetPassportForTCPFunction;
+
+namespace browser {
+
+// Call InternalAuthVerification methods on any thread.
+class InternalAuthVerification {
+ public:
+  // Used by consumer of passport in order to verify credentials.
+  static bool VerifyPassport(
+      const std::string& passport,
+      const std::string& domain,
+      const std::map<std::string, std::string>& var_value_map);
+
+ private:
+  // We allow for easy separation of InternalAuthVerification and
+  // InternalAuthGeneration so the only thing they share (besides time) is
+  // a key (regenerated infrequently).
+  static void ChangeKey(const std::string& key);
+
+#ifdef UNIT_TEST
+  static void set_verification_window_seconds(int seconds) {
+    verification_window_seconds_ = seconds;
+  }
+#endif
+
+  static int get_verification_window_ticks();
+
+  static int verification_window_seconds_;
+
+  friend class InternalAuthGeneration;
+  friend class InternalAuthVerificationService;
+  friend class InternalAuthGenerationService;
+
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, ExpirationAndBruteForce);
+};
+
+// Not thread-safe. Make all calls on the same thread (UI thread).
+class InternalAuthGeneration {
+ private:
+  // Generates passport; do this only after successful check of credentials.
+  static std::string GeneratePassport(
+      const std::string& domain,
+      const std::map<std::string, std::string>& var_value_map);
+
+  // Used only by tests.
+  static void GenerateNewKey();
+
+  friend class ::WebSocketProxyPrivateGetPassportForTCPFunction;
+
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, BasicGeneration);
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, DoubleGeneration);
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, BadGeneration);
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, BasicVerification);
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, BruteForce);
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, ExpirationAndBruteForce);
+  FRIEND_TEST_ALL_PREFIXES(InternalAuthTest, ChangeKey);
+};
+
+}  // namespace browser
+
+#endif  // CHROME_BROWSER_INTERNAL_AUTH_H_