1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "remoting/protocol/auth_util.h"
6 
7 #include "base/base64.h"
8 #include "base/logging.h"
9 #include "base/strings/string_util.h"
10 #include "crypto/hmac.h"
11 #include "crypto/sha2.h"
12 #include "net/base/net_errors.h"
13 #include "net/socket/ssl_socket.h"
14 
15 namespace remoting {
16 namespace protocol {
17 
18 const char kClientAuthSslExporterLabel[] =
19     "EXPORTER-remoting-channel-auth-client";
20 const char kHostAuthSslExporterLabel[] =
21     "EXPORTER-remoting-channel-auth-host";
22 
23 const char kSslFakeHostName[] = "chromoting";
24 
GetSharedSecretHash(const std::string & tag,const std::string & shared_secret)25 std::string GetSharedSecretHash(const std::string& tag,
26                                 const std::string& shared_secret) {
27   crypto::HMAC response(crypto::HMAC::SHA256);
28   if (!response.Init(tag)) {
29     LOG(FATAL) << "HMAC::Init failed";
30   }
31 
32   unsigned char out_bytes[kSharedSecretHashLength];
33   if (!response.Sign(shared_secret, out_bytes, sizeof(out_bytes))) {
34     LOG(FATAL) << "HMAC::Sign failed";
35   }
36 
37   return std::string(out_bytes, out_bytes + sizeof(out_bytes));
38 }
39 
40 // static
GetAuthBytes(net::SSLSocket * socket,const base::StringPiece & label,const base::StringPiece & shared_secret)41 std::string GetAuthBytes(net::SSLSocket* socket,
42                          const base::StringPiece& label,
43                          const base::StringPiece& shared_secret) {
44   // Get keying material from SSL.
45   unsigned char key_material[kAuthDigestLength];
46   int export_result = socket->ExportKeyingMaterial(
47       label, false, "", key_material, kAuthDigestLength);
48   if (export_result != net::OK) {
49     LOG(ERROR) << "Error fetching keying material: " << export_result;
50     return std::string();
51   }
52 
53   // Generate auth digest based on the keying material and shared secret.
54   crypto::HMAC response(crypto::HMAC::SHA256);
55   if (!response.Init(key_material, kAuthDigestLength)) {
56     NOTREACHED() << "HMAC::Init failed";
57     return std::string();
58   }
59   unsigned char out_bytes[kAuthDigestLength];
60   if (!response.Sign(shared_secret, out_bytes, kAuthDigestLength)) {
61     NOTREACHED() << "HMAC::Sign failed";
62     return std::string();
63   }
64 
65   return std::string(out_bytes, out_bytes + kAuthDigestLength);
66 }
67 
68 }  // namespace protocol
69 }  // namespace remoting
70