Chromium Code Reviews Chromium Code Reviews
Issue 6873156:
Move crypto_helpers from sync to base (Closed)
Base URL: http://git.chromium.org/git/chromium.git@trunk| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // This class isn't pretty. It's just a step better than globals, which is what | 5 // This class isn't pretty. It's just a step better than globals, which is what |
| 6 // these were previously. | 6 // these were previously. |
| 7 | 7 |
| 8 #include "chrome/browser/sync/util/user_settings.h" | 8 #include "chrome/browser/sync/util/user_settings.h" |
| 9 | 9 |
| 10 #include "build/build_config.h" | 10 #include "build/build_config.h" |
| 11 | 11 |
| 12 #if defined(OS_WIN) | 12 #if defined(OS_WIN) |
| 13 #include <windows.h> | 13 #include <windows.h> |
| 14 #endif | 14 #endif |
| 15 | 15 |
| 16 #include <limits> | 16 #include <limits> |
| 17 #include <string> | 17 #include <string> |
| 18 #include <vector> | 18 #include <vector> |
| 19 | 19 |
| 20 #include "base/file_util.h" | 20 #include "base/file_util.h" |
| 21 #include "base/md5.h" | |
| 21 #include "base/string_util.h" | 22 #include "base/string_util.h" |
| 22 #include "chrome/browser/sync/syncable/directory_manager.h" // For migration. | 23 #include "chrome/browser/sync/syncable/directory_manager.h" // For migration. |
| 23 #include "chrome/browser/sync/util/crypto_helpers.h" | |
| 24 #include "chrome/browser/sync/util/data_encryption.h" | 24 #include "chrome/browser/sync/util/data_encryption.h" |
| 25 #include "chrome/common/sqlite_utils.h" | 25 #include "chrome/common/sqlite_utils.h" |
| 26 #include "crypto/random.h" | |
| 26 | 27 |
| 27 using std::numeric_limits; | 28 using std::numeric_limits; |
| 28 using std::string; | 29 using std::string; |
| 29 using std::vector; | 30 using std::vector; |
| 30 | 31 |
| 31 using syncable::DirectoryManager; | 32 using syncable::DirectoryManager; |
| 32 | 33 |
| 33 namespace browser_sync { | 34 namespace browser_sync { |
| 34 | 35 |
| 35 void ExecOrDie(sqlite3* dbhandle, const char *query) { | 36 void ExecOrDie(sqlite3* dbhandle, const char *query) { |
| (...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 159 } | 160 } |
| 160 | 161 |
| 161 static void MakeClientIDTable(sqlite3* const dbhandle) { | 162 static void MakeClientIDTable(sqlite3* const dbhandle) { |
| 162 // Stores a single client ID value that can be used as the client id, if | 163 // Stores a single client ID value that can be used as the client id, if |
| 163 // there's not another such ID provided on the install. | 164 // there's not another such ID provided on the install. |
| 164 ExecOrDie(dbhandle, "CREATE TABLE client_id (id) "); | 165 ExecOrDie(dbhandle, "CREATE TABLE client_id (id) "); |
| 165 { | 166 { |
| 166 SQLStatement statement; | 167 SQLStatement statement; |
| 167 statement.prepare(dbhandle, | 168 statement.prepare(dbhandle, |
| 168 "INSERT INTO client_id values ( ? )"); | 169 "INSERT INTO client_id values ( ? )"); |
| 169 statement.bind_string(0, Generate128BitRandomHexString()); | 170 statement.bind_string(0, Generate128BitRandomBase64String()); |
| 170 if (SQLITE_DONE != statement.step()) { | 171 if (SQLITE_DONE != statement.step()) { |
| 171 LOG(FATAL) << "INSERT INTO client_id\n" << sqlite3_errmsg(dbhandle); | 172 LOG(FATAL) << "INSERT INTO client_id\n" << sqlite3_errmsg(dbhandle); |
| 172 } | 173 } |
| 173 } | 174 } |
| 174 } | 175 } |
| 175 | 176 |
| 176 bool UserSettings::Init(const FilePath& settings_path) { | 177 bool UserSettings::Init(const FilePath& settings_path) { |
| 177 { // Scope the handle. | 178 { // Scope the handle. |
| 178 ScopedDBHandle dbhandle(this); | 179 ScopedDBHandle dbhandle(this); |
| 179 if (dbhandle_) | 180 if (dbhandle_) |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 263 UserSettings::~UserSettings() { | 264 UserSettings::~UserSettings() { |
| 264 if (dbhandle_) | 265 if (dbhandle_) |
| 265 sqlite3_close(dbhandle_); | 266 sqlite3_close(dbhandle_); |
| 266 } | 267 } |
| 267 | 268 |
| 268 const int32 kInvalidHash = 0xFFFFFFFF; | 269 const int32 kInvalidHash = 0xFFFFFFFF; |
| 269 | 270 |
| 270 // We use 10 bits of data from the MD5 digest as the hash. | 271 // We use 10 bits of data from the MD5 digest as the hash. |
| 271 const int32 kHashMask = 0x3FF; | 272 const int32 kHashMask = 0x3FF; |
| 272 | 273 |
| 273 int32 GetHashFromDigest(const vector<uint8>& digest) { | 274 int32 GetHashFromDigest(MD5Digest& digest) { |
|
Ryan Sleevi
2011/04/27 13:43:09
nit: const MD5Digest&
| |
| 274 int32 hash = 0; | 275 int32 hash = 0; |
| 275 int32 mask = kHashMask; | 276 int32 mask = kHashMask; |
| 276 for (vector<uint8>::const_iterator i = digest.begin(); i != digest.end(); | 277 for (size_t i = 0; i < sizeof(digest.a); ++i) { |
| 277 ++i) { | |
| 278 hash = hash << 8; | 278 hash = hash << 8; |
| 279 hash = hash | (*i & kHashMask); | 279 hash = hash | (digest.a[i] & kHashMask); |
| 280 mask = mask >> 8; | 280 mask = mask >> 8; |
| 281 if (0 == mask) | 281 if (0 == mask) |
| 282 break; | 282 break; |
| 283 } | 283 } |
| 284 return hash; | 284 return hash; |
| 285 } | 285 } |
| 286 | 286 |
| 287 void UserSettings::StoreEmailForSignin(const string& signin, | 287 void UserSettings::StoreEmailForSignin(const string& signin, |
| 288 const string& primary_email) { | 288 const string& primary_email) { |
| 289 ScopedDBHandle dbhandle(this); | 289 ScopedDBHandle dbhandle(this); |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 347 return false; | 347 return false; |
| 348 } | 348 } |
| 349 | 349 |
| 350 void UserSettings::StoreHashedPassword(const string& email, | 350 void UserSettings::StoreHashedPassword(const string& email, |
| 351 const string& password) { | 351 const string& password) { |
| 352 // Save one-way hashed password: | 352 // Save one-way hashed password: |
| 353 char binary_salt[kSaltSize]; | 353 char binary_salt[kSaltSize]; |
| 354 GetRandomBytes(binary_salt, sizeof(binary_salt)); | 354 GetRandomBytes(binary_salt, sizeof(binary_salt)); |
| 355 | 355 |
| 356 const string salt = APEncode(string(binary_salt, sizeof(binary_salt))); | 356 const string salt = APEncode(string(binary_salt, sizeof(binary_salt))); |
| 357 MD5Calculator md5; | 357 MD5Context md5_context; |
| 358 md5.AddData(salt.data(), salt.size()); | 358 MD5Digest md5_digest; |
| 359 md5.AddData(password.data(), password.size()); | 359 MD5Init(&md5_context); |
| 360 MD5Update(&md5_context, salt.data(), salt.size()); | |
| 361 MD5Update(&md5_context, password.data(), password.size()); | |
| 362 MD5Final(&md5_digest, &md5_context); | |
| 360 ScopedDBHandle dbhandle(this); | 363 ScopedDBHandle dbhandle(this); |
| 361 SQLTransaction transaction(dbhandle.get()); | 364 SQLTransaction transaction(dbhandle.get()); |
| 362 transaction.BeginExclusive(); | 365 transaction.BeginExclusive(); |
| 363 { | 366 { |
| 364 SQLStatement statement; | 367 SQLStatement statement; |
| 365 statement.prepare(dbhandle.get(), | 368 statement.prepare(dbhandle.get(), |
| 366 "INSERT INTO settings(email, key, value)" | 369 "INSERT INTO settings(email, key, value)" |
| 367 " values ( ?, ?, ? )"); | 370 " values ( ?, ?, ? )"); |
| 368 statement.bind_string(0, email); | 371 statement.bind_string(0, email); |
| 369 statement.bind_string(1, PASSWORD_HASH); | 372 statement.bind_string(1, PASSWORD_HASH); |
| 370 statement.bind_int(2, GetHashFromDigest(md5.GetDigest())); | 373 statement.bind_int(2, GetHashFromDigest(md5_digest)); |
| 371 if (SQLITE_DONE != statement.step()) { | 374 if (SQLITE_DONE != statement.step()) { |
| 372 LOG(FATAL) << sqlite3_errmsg(dbhandle.get()); | 375 LOG(FATAL) << sqlite3_errmsg(dbhandle.get()); |
| 373 } | 376 } |
| 374 } | 377 } |
| 375 { | 378 { |
| 376 SQLStatement statement; | 379 SQLStatement statement; |
| 377 statement.prepare(dbhandle.get(), | 380 statement.prepare(dbhandle.get(), |
| 378 "INSERT INTO settings(email, key, value)" | 381 "INSERT INTO settings(email, key, value)" |
| 379 " values ( ?, ?, ? )"); | 382 " values ( ?, ?, ? )"); |
| 380 statement.bind_string(0, email); | 383 statement.bind_string(0, email); |
| (...skipping 25 matching lines...) Expand all Loading... | |
| 406 string key(query.column_string(0)); | 409 string key(query.column_string(0)); |
| 407 if (key == SALT) | 410 if (key == SALT) |
| 408 salt = query.column_string(1); | 411 salt = query.column_string(1); |
| 409 else | 412 else |
| 410 hash = query.column_int(1); | 413 hash = query.column_int(1); |
| 411 query_result = query.step(); | 414 query_result = query.step(); |
| 412 } | 415 } |
| 413 CHECK(SQLITE_DONE == query_result); | 416 CHECK(SQLITE_DONE == query_result); |
| 414 if (salt.empty() || hash == kInvalidHash) | 417 if (salt.empty() || hash == kInvalidHash) |
| 415 return false; | 418 return false; |
| 416 MD5Calculator md5; | 419 MD5Context md5_context; |
| 417 md5.AddData(salt.data(), salt.size()); | 420 MD5Digest md5_digest; |
| 418 md5.AddData(password.data(), password.size()); | 421 MD5Init(&md5_context); |
| 419 return hash == GetHashFromDigest(md5.GetDigest()); | 422 MD5Update(&md5_context, salt.data(), salt.size()); |
| 423 MD5Update(&md5_context, password.data(), password.size()); | |
| 424 MD5Final(&md5_digest, &md5_context); | |
| 425 return hash == GetHashFromDigest(md5_digest); | |
| 420 } | 426 } |
| 421 | 427 |
| 422 void UserSettings::SwitchUser(const string& username) { | 428 void UserSettings::SwitchUser(const string& username) { |
| 423 { | 429 { |
| 424 base::AutoLock lock(mutex_); | 430 base::AutoLock lock(mutex_); |
| 425 email_ = username; | 431 email_ = username; |
| 426 } | 432 } |
| 427 } | 433 } |
| 428 | 434 |
| 429 string UserSettings::GetClientId() { | 435 string UserSettings::GetClientId() { |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 448 query.prepare(dbhandle.get(), "SELECT email FROM cookies"); | 454 query.prepare(dbhandle.get(), "SELECT email FROM cookies"); |
| 449 if (SQLITE_ROW == query.step()) { | 455 if (SQLITE_ROW == query.step()) { |
| 450 *username = query.column_string(0); | 456 *username = query.column_string(0); |
| 451 return true; | 457 return true; |
| 452 } else { | 458 } else { |
| 453 return false; | 459 return false; |
| 454 } | 460 } |
| 455 } | 461 } |
| 456 | 462 |
| 457 } // namespace browser_sync | 463 } // namespace browser_sync |
| OLD | NEW |
