remoting/host/support_access_verifier.cc - chromium/src - Git at Google

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "remoting/host/support_access_verifier.h"

 #include <stdlib.h>
 #include <vector>

 #include "base/logging.h"
 #include "base/rand_util.h"
 #include "base/string_util.h"
 #include "remoting/host/host_config.h"
 #include "remoting/protocol/auth_token_utils.h"

 namespace remoting {

 namespace {
 // 5 digits means 100K possible host secrets with uniform distribution, which
 // should be enough for short-term passwords, given that we rate-limit guesses
 // in the cloud and expire access codes after a small number of attempts.
 const int kHostSecretLength = 5;
 const char kHostSecretAlphabet[] = "0123456789";

 // Generates cryptographically strong random number in the range [0, max).
 int CryptoRandomInt(int max) {
   uint32 random_int32;
   base::RandBytes(&random_int32, sizeof(random_int32));
   return random_int32 % max;
 }

 std::string GenerateRandomHostSecret() {
   std::vector<char> result;
   int alphabet_size = strlen(kHostSecretAlphabet);
   result.resize(kHostSecretLength);
   for (int i = 0; i < kHostSecretLength; ++i) {
     result[i] = kHostSecretAlphabet[CryptoRandomInt(alphabet_size)];
   }
   return std::string(result.begin(), result.end());
 }

 }  // namespace

 SupportAccessVerifier::SupportAccessVerifier() {
   host_secret_ = GenerateRandomHostSecret();
 }

 SupportAccessVerifier::~SupportAccessVerifier() { }

 bool SupportAccessVerifier::VerifyPermissions(
     const std::string& client_jid,
     const std::string& encoded_access_token) {
   if (support_id_.empty())
     return false;
   std::string access_code = support_id_ + host_secret_;
   return protocol::VerifySupportAuthToken(
       client_jid, access_code, encoded_access_token);
 }

 void SupportAccessVerifier::OnIT2MeHostRegistered(
     bool successful, const std::string& support_id) {
   if (successful) {
     support_id_ = support_id;
   } else {
     LOG(ERROR) << "Failed to register support host";
   }
 }

 }  // namespace remoting
	// Copyright (c) 2011 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "remoting/host/support_access_verifier.h"

	#include <stdlib.h>
	#include <vector>

	#include "base/logging.h"
	#include "base/rand_util.h"
	#include "base/string_util.h"
	#include "remoting/host/host_config.h"
	#include "remoting/protocol/auth_token_utils.h"

	namespace remoting {

	namespace {
	// 5 digits means 100K possible host secrets with uniform distribution, which
	// should be enough for short-term passwords, given that we rate-limit guesses
	// in the cloud and expire access codes after a small number of attempts.
	const int kHostSecretLength = 5;
	const char kHostSecretAlphabet[] = "0123456789";

	// Generates cryptographically strong random number in the range [0, max).
	int CryptoRandomInt(int max) {
	uint32 random_int32;
	base::RandBytes(&random_int32, sizeof(random_int32));
	return random_int32 % max;
	}

	std::string GenerateRandomHostSecret() {
	std::vector<char> result;
	int alphabet_size = strlen(kHostSecretAlphabet);
	result.resize(kHostSecretLength);
	for (int i = 0; i < kHostSecretLength; ++i) {
	result[i] = kHostSecretAlphabet[CryptoRandomInt(alphabet_size)];
	}
	return std::string(result.begin(), result.end());
	}

	} // namespace

	SupportAccessVerifier::SupportAccessVerifier() {
	host_secret_ = GenerateRandomHostSecret();
	}

	SupportAccessVerifier::~SupportAccessVerifier() { }

	bool SupportAccessVerifier::VerifyPermissions(
	const std::string& client_jid,
	const std::string& encoded_access_token) {
	if (support_id_.empty())
	return false;
	std::string access_code = support_id_ + host_secret_;
	return protocol::VerifySupportAuthToken(
	client_jid, access_code, encoded_access_token);
	}

	void SupportAccessVerifier::OnIT2MeHostRegistered(
	bool successful, const std::string& support_id) {
	if (successful) {
	support_id_ = support_id;
	} else {
	LOG(ERROR) << "Failed to register support host";
	}
	}

	} // namespace remoting