2 files changed, 49 insertions, 17 deletions

diff --git a/remoting/protocol/me2me_host_authenticator_factory.cc b/remoting/protocol/me2me_host_authenticator_factory.cc
index db7cc4c..e3f6d98 100644
--- a/remoting/protocol/me2me_host_authenticator_factory.cc
+++ b/remoting/protocol/me2me_host_authenticator_factory.cc
@@ -4,6 +4,7 @@
 
 #include "remoting/protocol/me2me_host_authenticator_factory.h"
 
+#include "base/base64.h"
 #include "base/string_util.h"
 #include "crypto/rsa_private_key.h"
 #include "remoting/protocol/v1_authenticator.h"
@@ -12,14 +13,36 @@
 namespace remoting {
 namespace protocol {
 
+
+bool SharedSecretHash::Parse(const std::string& as_string) {
+  size_t separator = as_string.find(':');
+  if (separator == std::string::npos)
+    return false;
+
+  std::string function_name = as_string.substr(0, separator);
+  if (function_name == "plain") {
+    hash_function = AuthenticationMethod::NONE;
+  } else if (function_name == "hmac") {
+    hash_function = AuthenticationMethod::HMAC_SHA256;
+  } else {
+    return false;
+  }
+
+  if (!base::Base64Decode(as_string.substr(separator + 1), &value)) {
+    return false;
+  }
+
+  return true;
+}
+
 Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory(
     const std::string& local_jid,
     const std::string& local_cert,
     const crypto::RSAPrivateKey& local_private_key,
-    const std::string& shared_secret)
+    const SharedSecretHash& shared_secret_hash)
     : local_cert_(local_cert),
       local_private_key_(local_private_key.Copy()),
-      shared_secret_(shared_secret) {
+      shared_secret_hash_(shared_secret_hash) {
   // Verify that |local_jid| is bare.
   DCHECK_EQ(local_jid.find('/'), std::string::npos);
   local_jid_prefix_ = local_jid + '/';
@@ -45,19 +68,15 @@ scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator(
     return scoped_ptr<Authenticator>(NULL);
   }
 
-  // TODO(sergeyu): V2 authenticator is not finished yet. Enable it
-  // here when it is finished. crbug.com/105214
-  //
-  // if (V2Authenticator::IsEkeMessage(first_message)) {
-  //   return V2Authenticator::CreateForHost(
-  //       local_cert_, local_private_key_.get(), shared_secret_);
-  // }
+  if (V2Authenticator::IsEkeMessage(first_message)) {
+    return V2Authenticator::CreateForHost(
+        local_cert_, *local_private_key_, shared_secret_hash_.value);
+  }
 
   // TODO(sergeyu): Old clients still use V1 auth protocol. Remove
-  // this once we are done migrating to V2.
+  // this once we are done migrating to V2. crbug.com/110483 .
   return scoped_ptr<Authenticator>(new V1HostAuthenticator(
-      local_cert_, *local_private_key_,
-      shared_secret_, remote_jid));
+      local_cert_, *local_private_key_, "", remote_jid));
 }
 
 }  // namespace protocol
diff --git a/remoting/protocol/me2me_host_authenticator_factory.h b/remoting/protocol/me2me_host_authenticator_factory.h
index e20cea6..a2cf3e5 100644
--- a/remoting/protocol/me2me_host_authenticator_factory.h
+++ b/remoting/protocol/me2me_host_authenticator_factory.h
@@ -10,6 +10,7 @@
 #include "base/basictypes.h"
 #include "base/compiler_specific.h"
 #include "base/memory/scoped_ptr.h"
+#include "remoting/protocol/authentication_method.h"
 #include "remoting/protocol/authenticator.h"
 
 namespace crypto {
@@ -19,13 +20,25 @@ class RSAPrivateKey;
 namespace remoting {
 namespace protocol {
 
+// SharedSecretHash stores hash of a host secret paired with the type
+// of the hashing function.
+struct SharedSecretHash {
+  AuthenticationMethod::HashFunction hash_function;
+  std::string value;
+
+  // Parse string representation of a shared secret hash. The |as_string|
+  // must be in form "<hash_function>:<hash_value_base64>".
+  bool Parse(const std::string& as_string);
+};
+
 class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory {
  public:
   // Doesn't take ownership of |local_private_key|.
-  Me2MeHostAuthenticatorFactory(const std::string& local_jid,
-                                const std::string& local_cert,
-                                const crypto::RSAPrivateKey& local_private_key,
-                                const std::string& shared_secret);
+  Me2MeHostAuthenticatorFactory(
+      const std::string& local_jid,
+      const std::string& local_cert,
+      const crypto::RSAPrivateKey& local_private_key,
+      const SharedSecretHash& shared_secret_hash);
   virtual ~Me2MeHostAuthenticatorFactory();
 
   // AuthenticatorFactory interface.
@@ -37,7 +50,7 @@ class Me2MeHostAuthenticatorFactory : public AuthenticatorFactory {
   std::string local_jid_prefix_;
   std::string local_cert_;
   scoped_ptr<crypto::RSAPrivateKey> local_private_key_;
-  std::string shared_secret_;
+  SharedSecretHash shared_secret_hash_;
 
   DISALLOW_COPY_AND_ASSIGN(Me2MeHostAuthenticatorFactory);
 };