diff options
author | tfarina <tfarina@chromium.org> | 2015-12-23 16:27:48 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-12-24 00:28:37 +0000 |
commit | d433493df4b98ea006e6407590cff7a7912e16df (patch) | |
tree | 5b1ff9d7307df61633c9a48d727b701bcbcb8023 /remoting | |
parent | 53f7c096eb83e126105e3a21ee3f5eef086b2f8e (diff) | |
download | chromium_src-d433493df4b98ea006e6407590cff7a7912e16df.zip chromium_src-d433493df4b98ea006e6407590cff7a7912e16df.tar.gz chromium_src-d433493df4b98ea006e6407590cff7a7912e16df.tar.bz2 |
remoting: use VerifyHostPinHash() in place on IsPinValid()
For over a year, we have been shipping a 64-bit version of Chrome for Mac.
So with this statement, this patch makes the switch to
VerifyHostPinHash() function from remoting/host/pin_hash.h, fixing the
lambroslambrou's TODO.
BUG=None
R=sergeyu@chromium.org
Committed: https://crrev.com/7acd392e4018d121977e2738b6e3c59f5cf418f1
Cr-Commit-Position: refs/heads/master@{#366762}
Review URL: https://codereview.chromium.org/1547533002
Cr-Commit-Position: refs/heads/master@{#366783}
Diffstat (limited to 'remoting')
-rw-r--r-- | remoting/host/DEPS | 1 | ||||
-rw-r--r-- | remoting/host/mac/me2me_preference_pane.mm | 49 | ||||
-rw-r--r-- | remoting/remoting_host_mac.gypi | 17 |
3 files changed, 5 insertions, 62 deletions
diff --git a/remoting/host/DEPS b/remoting/host/DEPS index 3abc854..052a0c5c 100644 --- a/remoting/host/DEPS +++ b/remoting/host/DEPS @@ -10,7 +10,6 @@ include_rules = [ "+remoting/signaling", "+remoting/tools", "+third_party/jsoncpp", - "+third_party/modp_b64", "+third_party/skia", "+third_party/webrtc", "+ui", diff --git a/remoting/host/mac/me2me_preference_pane.mm b/remoting/host/mac/me2me_preference_pane.mm index de33b8bf..ab020bd 100644 --- a/remoting/host/mac/me2me_preference_pane.mm +++ b/remoting/host/mac/me2me_preference_pane.mm @@ -21,11 +21,11 @@ #include "base/posix/eintr_wrapper.h" #include "remoting/host/constants_mac.h" #include "remoting/host/host_config.h" +#include "remoting/host/pin_hash.h" #import "remoting/host/mac/me2me_preference_pane_confirm_pin.h" #import "remoting/host/mac/me2me_preference_pane_disable.h" #include "third_party/jsoncpp/source/include/json/reader.h" #include "third_party/jsoncpp/source/include/json/writer.h" -#include "third_party/modp_b64/modp_b64.h" namespace { @@ -46,51 +46,6 @@ bool IsConfigValid(const remoting::JsonHostConfig* config) { config->GetString(remoting::kXmppLoginConfigPath, &value)); } -bool IsPinValid(const std::string& pin, const std::string& host_id, - const std::string& host_secret_hash) { - // TODO(lambroslambrou): Once the "base" target supports building for 64-bit - // on Mac OS X, remove this code and replace it with |VerifyHostPinHash()| - // from host/pin_hash.h. - size_t separator = host_secret_hash.find(':'); - if (separator == std::string::npos) - return false; - - std::string method = host_secret_hash.substr(0, separator); - if (method != "hmac") { - NSLog(@"Authentication method '%s' not supported", method.c_str()); - return false; - } - - std::string hash_base64 = host_secret_hash.substr(separator + 1); - - // Convert |hash_base64| to |hash|, based on code from base/base64.cc. - int hash_base64_size = static_cast<int>(hash_base64.size()); - std::string hash; - hash.resize(modp_b64_decode_len(hash_base64_size)); - - // modp_b64_decode_len() returns at least 1, so hash[0] is safe here. - int hash_size = modp_b64_decode(&(hash[0]), hash_base64.data(), - hash_base64_size); - if (hash_size < 0) { - NSLog(@"Failed to parse host_secret_hash"); - return false; - } - hash.resize(hash_size); - - std::string computed_hash; - computed_hash.resize(CC_SHA256_DIGEST_LENGTH); - - CCHmac(kCCHmacAlgSHA256, - host_id.data(), host_id.size(), - pin.data(), pin.size(), - &(computed_hash[0])); - - // Normally, a constant-time comparison function would be used, but it is - // unnecessary here as the "secret" is already readable by the user - // supplying input to this routine. - return computed_hash == hash; -} - } // namespace // These methods are copied from base/mac, but with the logging changed to use @@ -341,7 +296,7 @@ std::string JsonHostConfig::GetSerializedData() const { [self showError]; return; } - if (!IsPinValid(pin_utf8, host_id, host_secret_hash)) { + if (!remoting::VerifyHostPinHash(pin_utf8, host_id, host_secret_hash)) { [self showIncorrectPinMessage]; return; } diff --git a/remoting/remoting_host_mac.gypi b/remoting/remoting_host_mac.gypi index dce3cf0..258a688 100644 --- a/remoting/remoting_host_mac.gypi +++ b/remoting/remoting_host_mac.gypi @@ -178,7 +178,10 @@ 'prefpane_bundle_name': '<!(python <(version_py_path) -f <(branding_path) -t "@MAC_PREFPANE_BUNDLE_NAME@")', }, 'dependencies': [ + 'remoting_base', + 'remoting_host', 'remoting_infoplist_strings', + '<(DEPTH)/third_party/jsoncpp/jsoncpp.gyp:jsoncpp', ], 'defines': [ 'HOST_BUNDLE_NAME="<(host_bundle_name)"', @@ -190,21 +193,7 @@ '../third_party/jsoncpp/source/include/', '../third_party/jsoncpp/source/src/lib_json/', ], - - # These source files are included directly, instead of adding target - # dependencies, because the targets are not yet built for 64-bit on - # Mac OS X - http://crbug.com/125116. - # - # TODO(lambroslambrou): Fix this when Chrome supports building for - # Mac OS X 64-bit - http://crbug.com/128122. 'sources': [ - '../third_party/jsoncpp/overrides/src/lib_json/json_value.cpp', - '../third_party/jsoncpp/overrides/src/lib_json/json_reader.cpp', - '../third_party/jsoncpp/source/src/lib_json/json_writer.cpp', - '../third_party/modp_b64/modp_b64.cc', - 'host/constants_mac.cc', - 'host/constants_mac.h', - 'host/host_config_constants.cc', 'host/mac/me2me_preference_pane.h', 'host/mac/me2me_preference_pane.mm', 'host/mac/me2me_preference_pane_confirm_pin.h', |