Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(237)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/system/drm_settings.cc

Issue 10342013: Generate and connect a Pepper identifier for Chrome OS (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: cleanup as per brettw; move to serializedreturnvar in the host msg bounce step Created 8 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/chromeos/system/drm_settings.h ('k') | chrome/chrome_browser.gypi » ('j') | content/browser/renderer_host/pepper_message_filter.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chromeos/system/drm_settings.h"
6
7 #include "base/bind.h"
8 #include "base/chromeos/chromeos_version.h"
9 #include "base/command_line.h"
10 #include "base/file_path.h"
11 #include "base/file_util.h"
12 #include "base/path_service.h"
13 #include "base/string_number_conversions.h"
14 #include "base/string_util.h"
15 #include "chrome/browser/chromeos/cros/cros_library.h"
16 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
17 #include "chrome/browser/chromeos/login/user_manager.h"
18 #include "chrome/common/chrome_paths.h"
19 #include "chrome/common/chrome_switches.h"
20 #include "content/public/browser/browser_thread.h"
21 #include "crypto/encryptor.h"
22 #include "crypto/sha2.h"
23
24 using content::BrowserThread;
25
26 namespace {
27
28 // This constant is mirrored in
29 // content/browser/renderer_host/pepper_message_filter.cc
30 // for OnGetDeviceID.
31 //
32 // This ID file is solely for use via the private pepper API.
33 //
34 // NOTE! Changing this value will also change the generated value
35 // do not do so without accounting for the change.
36 const char kDRMIdentifierFile[] = "Pepper DRM ID.0";
37
38 void ManageDrmIdentifierOnFileThread(bool enable, const std::string& email) {
39 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE));
40
41 // Drop the file under <data>/<profile>/<drm id file>.
42 // TODO(wad) get the profile directory in a more succinct fashion.
43 FilePath drm_id_file;
44 PathService::Get(chrome::DIR_USER_DATA, &drm_id_file);
45 const CommandLine& cmd_line = *CommandLine::ForCurrentProcess();
46 FilePath profile = cmd_line.GetSwitchValuePath(switches::kLoginProfile);
47 if (profile.empty()) {
48 LOG(ERROR) << "called with no login-profile!";
49 return;
50 }
51 drm_id_file = drm_id_file.AppendASCII(profile.value());
52 drm_id_file = drm_id_file.AppendASCII(kDRMIdentifierFile);
53
54 // The file will be regenerated or deleted at toggle-time.
55 file_util::Delete(drm_id_file, false);
56
57 // If DRM support is disabled, then do nothing else.
58 if (!enable)
59 return;
60
61 // Build the identifier as follows:
62 // SHA256(system-salt||service||SHA256(system-salt||service||email))
63 chromeos::CryptohomeLibrary* c_home =
64 chromeos::CrosLibrary::Get()->GetCryptohomeLibrary();
65 std::string salt = c_home->GetSystemSalt();
66 char id_buf[256 / 8]; // 256-bits for SHA256
67 std::string input = salt;
68 input.append(kDRMIdentifierFile);
69 input.append(email);
70 crypto::SHA256HashString(input, &id_buf, sizeof(id_buf));
71 std::string id = StringToLowerASCII(base::HexEncode(
72 reinterpret_cast<const void*>(id_buf),
73 sizeof(id_buf)));
74 input = salt;
75 input.append(kDRMIdentifierFile);
76 input.append(id);
77 crypto::SHA256HashString(input, &id_buf, sizeof(id_buf));
78 id = StringToLowerASCII(base::HexEncode(
79 reinterpret_cast<const void*>(id_buf),
80 sizeof(id_buf)));
81
82 if (file_util::WriteFile(drm_id_file, id.c_str(), id.length()) !=
83 static_cast<int>(id.length())) {
84 LOG(ERROR) << "Failed to write " << drm_id_file.value();
85 return;
86 }
87 }
88
89 } // namespace
90
91 namespace chromeos {
92 namespace system {
93
94 void ToggleDrm(bool enable) {
95 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
96
97 // Never generate the file in Guest mode.
98 if (UserManager::Get()->IsLoggedInAsGuest() ||
99 UserManager::Get()->IsLoggedInAsDemoUser())
100 return;
101
102 // The user email address is included in the hash to keep the identifier
103 // from being the same across users.
104 std::string email = UserManager::Get()->GetLoggedInUser().email();
105 DCHECK(email.length() == 0);
106
107 // Generate a DRM identifier on the FILE thread.
108 // The DRM identifier is a per-user, per-OS-install identifier that is used
109 // by privileged pepper plugins specifically for deriving
110 // per-content-provider identifiers. The user must be able to clear it,
111 // reset it, and deny its use.
112 BrowserThread::PostTask(
113 BrowserThread::FILE, FROM_HERE,
114 base::Bind(&ManageDrmIdentifierOnFileThread, enable, email));
115 }
116
117 } // namespace system
118 } // namespace chromeos
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/system/drm_settings.h ('k') | chrome/chrome_browser.gypi » ('j') | content/browser/renderer_host/pepper_message_filter.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698