Revert of remoting: use VerifyHostPinHash() in place on IsPinValid() (patchset #4 id:60001 of https://codereview.chromium.org/1547533002/ )

Reason for revert: This seems to break the build on Mac: https://build.chromium.org/p/chromium/builders/Mac/builds/10276/steps/compile/logs/stdio: FAILED: /b/build/goma/gomacc ../../third_party/llvm-build/Release+Asserts/bin/clang++ -MMD -MF obj/remoting/host/mac/remoting_host_prefpane.me2me_preference_pane.x86_64.o.d -DBINARY_CORE=1 -DBINARY_DESKTOP=2 -DBINARY_HOST_ME2ME=3 -DBINARY_NATIVE_MESSAGING_HOST=4 -DBINARY_REMOTE_ASSISTANCE_HOST=5 -DV8_DEPRECATION_WARNINGS -DCLD_VERSION=2 -D__ASSERT_MACROS_DEFINE_VERSIONS_WITHOUT_UNDERSCORE=0 -DCHROMIUM_BUILD -DCR_CLANG_REVISION=255169-1 -DUSE_LIBJPEG_TURBO=1 -DENABLE_ONE_CLICK_SIGNIN -DENABLE_WEBRTC=1 -DENABLE_MEDIA_ROUTER=1 -DENABLE_PEPPER_CDMS -DENABLE_CONFIGURATION_POLICY -DENABLE_NOTIFICATIONS -DENABLE_HIDPI=1 -DDONT_EMBED_BUILD_METADATA -DFIELDTRIAL_TESTING_ENABLED -DENABLE_TASK_MANAGER=1 -DENABLE_EXTENSIONS=1 -DENABLE_PDF=1 -DENABLE_PLUGIN_INSTALLATION=1 -DENABLE_PLUGINS=1 -DENABLE_SESSION_SERVICE=1 -DENABLE_THEMES=1 -DENABLE_AUTOFILL_DIALOG=1 -DENABLE_BACKGROUND=1 -DENABLE_PRINTING=1 -DENABLE_BASIC_PRINTING=1 -DENABLE_PRINT_PREVIEW=1 -DENABLE_SPELLCHECK=1 -DUSE_BROWSER_SPELLCHECKER=1 -DENABLE_CAPTIVE_PORTAL_DETECTION=1 -DENABLE_APP_LIST=1 -DENABLE_SETTINGS_APP=1 -DENABLE_SUPERVISED_USERS=1 -DENABLE_SERVICE_DISCOVERY=1 -DV8_USE_EXTERNAL_STARTUP_DATA -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD -DSAFE_BROWSING_DB_LOCAL '-DHOST_BUNDLE_NAME="ChromotingHost.bundle"' '-DPREFPANE_BUNDLE_NAME="Chromoting.prefPane"' -DJSON_USE_EXCEPTION=0 -DPROTOBUF_USE_DLLS -DGOOGLE_PROTOBUF_NO_RTTI -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DUSE_LIBPCI=1 -DUSE_OPENSSL=1 -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -D_FORTIFY_SOURCE=2 -I../.. -Igen -I../../third_party/jsoncpp/overrides/include -I../../third_party/jsoncpp/source/include -I../../third_party/jsoncpp/source/src/lib_json -I../../third_party/khronos -I../../gpu -I../../skia/config -I../../third_party/protobuf -I../../third_party/protobuf/src -Igen/protoc_out -isysroot /Applications/Xcode5.1.1.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.10.sdk -O2 -gdwarf-2 -fvisibility=hidden -Werror -Wnewline-eof -mmacosx-version-min=10.6 -arch x86_64 -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wno-selector-type-mismatch -Wpartial-availability -Wheader-hygiene -Wno-char-subscripts -Wno-unneeded-internal-declaration -Wno-covered-switch-default -Wstring-conversion -Wno-c++11-narrowing -Wno-deprecated-register -Wno-inconsistent-missing-override -Wno-shift-negative-value -Wno-bitfield-width -std=c++11 -stdlib=libc++ -fno-rtti -fno-exceptions -fvisibility-inlines-hidden -fno-threadsafe-statics -Xclang -load -Xclang /b/build/slave/Mac/build/src/third_party/llvm-build/Release+Asserts/lib/libFindBadConstructs.dylib -Xclang -add-plugin -Xclang find-bad-constructs -Xclang -plugin-arg-find-bad-constructs -Xclang check-templates -fcolor-diagnostics -fno-strict-aliasing -fobjc-gc -Wobjc-missing-property-synthesis -fobjc-call-cxx-cdtors -c ../../remoting/host/mac/me2me_preference_pane.mm -o obj/remoting/host/mac/remoting_host_prefpane.me2me_preference_pane.x86_64.o ../../remoting/host/mac/me2me_preference_pane.mm:299:8: error: use of undeclared identifier 'VerifyHostPinHash'; did you mean 'remoting::VerifyHostPinHash'? if (!VerifyHostPinHash(pin_utf8, host_id, host_secret_hash)) { ^~~~~~~~~~~~~~~~~ remoting::VerifyHostPinHash Original issue's description: > remoting: use VerifyHostPinHash() in place on IsPinValid() > > For over a year, we have been shipping a 64-bit version of Chrome for Mac. > So with this statement, this patch makes the switch to > VerifyHostPinHash() function from remoting/host/pin_hash.h, fixing the > lambroslambrou's TODO. > > BUG=None > R=sergeyu@chromium.org > > Committed: https://crrev.com/7acd392e4018d121977e2738b6e3c59f5cf418f1 > Cr-Commit-Position: refs/heads/master@{#366762} TBR=sergeyu@chromium.org,tfarina@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=None Review URL: https://codereview.chromium.org/1543303002 Cr-Commit-Position: refs/heads/master@{#366774}
author: lukasza <lukasza@chromium.org> 2015-12-23 15:33:47 -0800
committer: Commit bot <commit-bot@chromium.org> 2015-12-23 23:34:56 +0000
commit: 8be589e12e616c69c1d24bfa5277686c799d6843 (patch)
tree: f0c0c6d4f9c4ed1910089c2ed32966e9afbd6882 /remoting
parent: d56268567741bf0c9764a341c961e046c3212ab3 (diff)
download: chromium_src-8be589e12e616c69c1d24bfa5277686c799d6843.zip
chromium_src-8be589e12e616c69c1d24bfa5277686c799d6843.tar.gz
chromium_src-8be589e12e616c69c1d24bfa5277686c799d6843.tar.bz2
3 files changed, 62 insertions, 5 deletions
diff --git a/remoting/host/DEPS b/remoting/host/DEPS
index 052a0c5c..3abc854 100644
--- a/remoting/host/DEPS
+++ b/remoting/host/DEPS
@@ -10,6 +10,7 @@ include_rules = [
   "+remoting/signaling",
   "+remoting/tools",
   "+third_party/jsoncpp",
+  "+third_party/modp_b64",
   "+third_party/skia",
   "+third_party/webrtc",
   "+ui",
diff --git a/remoting/host/mac/me2me_preference_pane.mm b/remoting/host/mac/me2me_preference_pane.mm
index 0d67bff..de33b8bf 100644
--- a/remoting/host/mac/me2me_preference_pane.mm
+++ b/remoting/host/mac/me2me_preference_pane.mm
@@ -21,11 +21,11 @@
 #include "base/posix/eintr_wrapper.h"
 #include "remoting/host/constants_mac.h"
 #include "remoting/host/host_config.h"
-#include "remoting/host/pin_hash.h"
 #import "remoting/host/mac/me2me_preference_pane_confirm_pin.h"
 #import "remoting/host/mac/me2me_preference_pane_disable.h"
 #include "third_party/jsoncpp/source/include/json/reader.h"
 #include "third_party/jsoncpp/source/include/json/writer.h"
+#include "third_party/modp_b64/modp_b64.h"
 
 namespace {
 
@@ -46,6 +46,51 @@ bool IsConfigValid(const remoting::JsonHostConfig* config) {
           config->GetString(remoting::kXmppLoginConfigPath, &value));
 }
 
+bool IsPinValid(const std::string& pin, const std::string& host_id,
+                const std::string& host_secret_hash) {
+  // TODO(lambroslambrou): Once the "base" target supports building for 64-bit
+  // on Mac OS X, remove this code and replace it with |VerifyHostPinHash()|
+  // from host/pin_hash.h.
+  size_t separator = host_secret_hash.find(':');
+  if (separator == std::string::npos)
+    return false;
+
+  std::string method = host_secret_hash.substr(0, separator);
+  if (method != "hmac") {
+    NSLog(@"Authentication method '%s' not supported", method.c_str());
+    return false;
+  }
+
+  std::string hash_base64 = host_secret_hash.substr(separator + 1);
+
+  // Convert |hash_base64| to |hash|, based on code from base/base64.cc.
+  int hash_base64_size = static_cast<int>(hash_base64.size());
+  std::string hash;
+  hash.resize(modp_b64_decode_len(hash_base64_size));
+
+  // modp_b64_decode_len() returns at least 1, so hash[0] is safe here.
+  int hash_size = modp_b64_decode(&(hash[0]), hash_base64.data(),
+                                  hash_base64_size);
+  if (hash_size < 0) {
+    NSLog(@"Failed to parse host_secret_hash");
+    return false;
+  }
+  hash.resize(hash_size);
+
+  std::string computed_hash;
+  computed_hash.resize(CC_SHA256_DIGEST_LENGTH);
+
+  CCHmac(kCCHmacAlgSHA256,
+         host_id.data(), host_id.size(),
+         pin.data(), pin.size(),
+         &(computed_hash[0]));
+
+  // Normally, a constant-time comparison function would be used, but it is
+  // unnecessary here as the "secret" is already readable by the user
+  // supplying input to this routine.
+  return computed_hash == hash;
+}
+
 }  // namespace
 
 // These methods are copied from base/mac, but with the logging changed to use
@@ -296,7 +341,7 @@ std::string JsonHostConfig::GetSerializedData() const {
     [self showError];
     return;
   }
-  if (!VerifyHostPinHash(pin_utf8, host_id, host_secret_hash)) {
+  if (!IsPinValid(pin_utf8, host_id, host_secret_hash)) {
     [self showIncorrectPinMessage];
     return;
   }
diff --git a/remoting/remoting_host_mac.gypi b/remoting/remoting_host_mac.gypi
index 258a688..dce3cf0 100644
--- a/remoting/remoting_host_mac.gypi
+++ b/remoting/remoting_host_mac.gypi
@@ -178,10 +178,7 @@
         'prefpane_bundle_name': '<!(python <(version_py_path) -f <(branding_path) -t "@MAC_PREFPANE_BUNDLE_NAME@")',
       },
       'dependencies': [
-        'remoting_base',
-        'remoting_host',
         'remoting_infoplist_strings',
-        '<(DEPTH)/third_party/jsoncpp/jsoncpp.gyp:jsoncpp',
       ],
       'defines': [
         'HOST_BUNDLE_NAME="<(host_bundle_name)"',
@@ -193,7 +190,21 @@
         '../third_party/jsoncpp/source/include/',
         '../third_party/jsoncpp/source/src/lib_json/',
       ],
+
+      # These source files are included directly, instead of adding target
+      # dependencies, because the targets are not yet built for 64-bit on
+      # Mac OS X - http://crbug.com/125116.
+      #
+      # TODO(lambroslambrou): Fix this when Chrome supports building for
+      # Mac OS X 64-bit - http://crbug.com/128122.
       'sources': [
+        '../third_party/jsoncpp/overrides/src/lib_json/json_value.cpp',
+        '../third_party/jsoncpp/overrides/src/lib_json/json_reader.cpp',
+        '../third_party/jsoncpp/source/src/lib_json/json_writer.cpp',
+        '../third_party/modp_b64/modp_b64.cc',
+        'host/constants_mac.cc',
+        'host/constants_mac.h',
+        'host/host_config_constants.cc',
         'host/mac/me2me_preference_pane.h',
         'host/mac/me2me_preference_pane.mm',
         'host/mac/me2me_preference_pane_confirm_pin.h',
author	lukasza <lukasza@chromium.org>	2015-12-23 15:33:47 -0800
committer	Commit bot <commit-bot@chromium.org>	2015-12-23 23:34:56 +0000
commit	8be589e12e616c69c1d24bfa5277686c799d6843 (patch)
tree	f0c0c6d4f9c4ed1910089c2ed32966e9afbd6882 /remoting
parent	d56268567741bf0c9764a341c961e046c3212ab3 (diff)
download	chromium_src-8be589e12e616c69c1d24bfa5277686c799d6843.zip chromium_src-8be589e12e616c69c1d24bfa5277686c799d6843.tar.gz chromium_src-8be589e12e616c69c1d24bfa5277686c799d6843.tar.bz2