Use HMAC SHA-256, since SHA-1 won't work inside the Windows sandbox.

BUG=91878 TEST=Can connect remoting Client on Windows, with sandbox active, to a Host. Review URL: http://codereview.chromium.org/7528015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@95946 0039d316-1c4b-4281-b951-d872f2087c98

Use HMAC SHA-256, since SHA-1 won't work inside the Windows sandbox.
BUG=91878 TEST=Can connect remoting Client on Windows, with sandbox active, to a Host. Review URL: http://codereview.chromium.org/7528015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@95946 0039d316-1c4b-4281-b951-d872f2087c98
b0635957 · wez@chromium.org · ec7f48d5 · b0635957 · b0635957 · b0635957
Commit b0635957 authored Aug 09, 2011 by wez@chromium.org
3 changed files
--- a/remoting/protocol/channel_authenticator.cc
+++ b/remoting/protocol/channel_authenticator.cc
@@ -21,21 +21,21 @@ namespace {
 // Labels for use when exporting the SSL master keys.
 const char kClientSslExporterLabel[] = "EXPORTER-remoting-channel-auth-client";
-// Size of the HMAC-SHA-1 authentication digest.
+// Size of the HMAC-SHA-256 authentication digest.
-const size_t kAuthDigestLength = 20;
+const size_t kAuthDigestLength = 32;
 // static
 bool GetAuthBytes(const std::string& shared_secret,
                  const std::string& key_material,
                  std::string* auth_bytes) {
  // Generate auth digest based on the keying material and shared secret.
-  crypto::HMAC response(crypto::HMAC::SHA1);
+  crypto::HMAC response(crypto::HMAC::SHA256);
-  if (!response.Init(shared_secret)) {
+  if (!response.Init(key_material)) {
    NOTREACHED() << "HMAC::Init failed";
    return false;
  }
  unsigned char out_bytes[kAuthDigestLength];
-  if (!response.Sign(key_material, out_bytes, kAuthDigestLength)) {
+  if (!response.Sign(shared_secret, out_bytes, kAuthDigestLength)) {
    NOTREACHED() << "HMAC::Sign failed";
    return false;
  }

--- a/remoting/protocol/jingle_session_manager.cc
+++ b/remoting/protocol/jingle_session_manager.cc
@@ -183,7 +183,7 @@ void JingleSessionManager::OnSessionCreate(
  // Allow local connections if neccessary.
  cricket_session->set_allow_local_ips(allow_local_ips_);
-  // If this is an outcoming session the session object is already created.
+  // If this is an incoming session, create a JingleSession on top of it.
  if (incoming) {
    DCHECK(!certificate_.empty());
    DCHECK(private_key_.get());

--- a/remoting/protocol/session_config.cc
+++ b/remoting/protocol/session_config.cc
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
@@ -9,7 +9,7 @@
 namespace remoting {
 namespace protocol {
-const int kDefaultStreamVersion = 1;
+const int kDefaultStreamVersion = 2;
 namespace {
 const int kDefaultWidth = 800;