Remove chromeos::CryptohomeLibrary::HashPassword

chrome/browser/chromeos/login/parallel_authenticator.cc

Index: chrome/browser/chromeos/login/parallel_authenticator.cc
diff --git a/chrome/browser/chromeos/login/parallel_authenticator.cc b/chrome/browser/chromeos/login/parallel_authenticator.cc
index cb4758de2353f73b7687d2f4b0f1104657369f3d..e0a8869e1797847318fedebacd7f376bf11a9a59 100644
--- a/chrome/browser/chromeos/login/parallel_authenticator.cc
+++ b/chrome/browser/chromeos/login/parallel_authenticator.cc
@@ -9,6 +9,7 @@
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
+#include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "chrome/browser/chromeos/boot_times_loader.h"
 #include "chrome/browser/chromeos/cros/cert_library.h"
@@ -27,6 +28,7 @@
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_service.h"
+#include "crypto/sha2.h"
 #include "third_party/cros_system_api/dbus/service_constants.h"
 
 using content::BrowserThread;
@@ -162,6 +164,24 @@ bool WasConnectionIssue(const LoginFailure& online_outcome) {
            GoogleServiceAuthError::REQUEST_CANCELED));
 }
 
+// Returns hash of |password|, salted with the system salt.
+std::string HashPassword(const std::string& password) {
+  // Get salt, ascii encode, update sha with that, then update with ascii
+  // of password, then end.
+  const int kPassHashLen = 32;

[stevenjb, 2012/07/03 15:31:14]

nit: constant at top of file

[hashimoto, 2012/07/04 04:33:34]

Done.

+  std::string ascii_salt =
+      CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt();
+  char passhash_buf[kPassHashLen];
+
+  // Hash salt and password
+  crypto::SHA256HashString(ascii_salt + password,
+                           &passhash_buf, sizeof(passhash_buf));
+
+  return StringToLowerASCII(base::HexEncode(
+      reinterpret_cast<const void*>(passhash_buf),
+      sizeof(passhash_buf) / 2));

[stevenjb, 2012/07/03 15:31:14]

Why / 2? Maybe use a const or sizeof() instead of 2? (Or a comment).

[hashimoto, 2012/07/04 04:33:34]

Looks like this '/2' trick has been there for 20 months
(http://codereview.chromium.org/3442009/diff/37001/chrome/browser/chromeos/log...)
Adding cmasone@ who introduced this trick as a reviewer.

+}
+
 }  // namespace
 
 ParallelAuthenticator::ParallelAuthenticator(LoginStatusConsumer* consumer)
@@ -193,7 +213,7 @@ void ParallelAuthenticator::AuthenticateToLogin(
       new AuthAttemptState(
           canonicalized,
           password,
-          CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password),
+          HashPassword(password),
           login_token,
           login_captcha,
           !UserManager::Get()->IsKnownUser(canonicalized)));
@@ -230,7 +250,7 @@ void ParallelAuthenticator::CompleteLogin(Profile* profile,
       new AuthAttemptState(
           canonicalized,
           password,
-          CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password),
+          HashPassword(password),
           !UserManager::Get()->IsKnownUser(canonicalized)));
   {
     // Reset the verified flag.
@@ -270,7 +290,7 @@ void ParallelAuthenticator::AuthenticateToUnlock(const std::string& username,
   current_state_.reset(
       new AuthAttemptState(
           gaia::CanonicalizeEmail(username),
-          CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password)));
+          HashPassword(password)));
   check_key_attempted_ = true;
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
@@ -367,8 +387,7 @@ void ParallelAuthenticator::RecordOAuthCheckFailure(
 
 void ParallelAuthenticator::RecoverEncryptedData(
     const std::string& old_password) {
-  std::string old_hash =
-      CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(old_password);
+  std::string old_hash = HashPassword(old_password);
   migrate_attempted_ = true;
   current_state_->ResetCryptohomeStatus();
   BrowserThread::PostTask(
@@ -432,7 +451,7 @@ void ParallelAuthenticator::RetryAuth(Profile* profile,
       new AuthAttemptState(
           gaia::CanonicalizeEmail(username),
           password,
-          CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password),
+          HashPassword(password),
           login_token,
           login_captcha,
           false /* not a new user */));