Changed OAuth token+secret encryption to use supplemental user key.

chrome/browser/chromeos/login/parallel_authenticator.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/parallel_authenticator.h"
 
 #include <string>
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/path_service.h"
 #include "base/rand_util.h"
 #include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "base/synchronization/lock.h"
+#include "chrome/browser/chromeos/cros/cert_library.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
 #include "chrome/browser/chromeos/login/auth_response_handler.h"
 #include "chrome/browser/chromeos/login/authentication_notification_details.h"
 #include "chrome/browser/chromeos/login/login_status_consumer.h"
 #include "chrome/browser/chromeos/login/ownership_service.h"
 #include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/chrome_paths.h"
@@ skipping 10 matching lines @@
 #include "net/url_request/url_request_status.h"
 #include "third_party/libjingle/source/talk/base/urlencode.h"
 
 using base::Time;
 using base::TimeDelta;
 using file_util::GetFileSize;
 using file_util::PathExists;
 using file_util::ReadFile;
 using file_util::ReadFileToString;
 
+namespace {
+
+const int kPassHashLen = 32;
+const size_t kKeySize = 16;
+
+std::string DecryptTokenWithKey(

[wtc, 2011/09/06 21:35:17]

Nit: as recommended by the Style Guide, it'd be nice to
add a comment to document what this function does.  At
least say it is the code common to DecryptToken and
DecryptLegacyToken.

[zel, 2011/09/06 22:33:35]

Done.

+    crypto::SymmetricKey* key,
+    const std::string& salt,
+    const std::string& encrypted_token_hex) {
+  std::vector<uint8> encrypted_token_bytes;
+  if (!base::HexStringToBytes(encrypted_token_hex, &encrypted_token_bytes))
+    return std::string();
+
+  std::string encrypted_token(
+      reinterpret_cast<char*>(encrypted_token_bytes.data()),
+      encrypted_token_bytes.size());
+  crypto::Encryptor encryptor;
+  if (!encryptor.Init(key, crypto::Encryptor::CTR, std::string()))
+    return std::string();
+
+  std::string nonce = salt.substr(0, kKeySize);
+  std::string token;
+  CHECK(encryptor.SetCounter(nonce));
+  if (!encryptor.Decrypt(encrypted_token, &token))
+    return std::string();
+  return token;
+}
+
+}   // namespace
+
 namespace chromeos {
 
 // static
 const char ParallelAuthenticator::kLocalaccountFile[] = "localaccount";
 
 // static
 const int ParallelAuthenticator::kClientLoginTimeoutMs = 10000;
 // static
 const int ParallelAuthenticator::kLocalaccountRetryIntervalMs = 20;
 
-const int kPassHashLen = 32;
-const size_t kKeySize = 16;
-
 ParallelAuthenticator::ParallelAuthenticator(LoginStatusConsumer* consumer)
     : Authenticator(consumer),
       already_reported_success_(false),
       checked_for_localaccount_(false),
       using_oauth_(
           CommandLine::ForCurrentProcess()->HasSwitch(
               switches::kWebUILogin) &&
           !CommandLine::ForCurrentProcess()->HasSwitch(
                   switches::kSkipOAuthLogin)) {
   CHECK(chromeos::CrosLibrary::Get()->EnsureLoaded());
@@ skipping 583 matching lines @@
 }
 
 void ParallelAuthenticator::LoadSystemSalt() {
   if (!system_salt_.empty())
     return;
   system_salt_ = CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt();
   CHECK(!system_salt_.empty());
   CHECK_EQ(system_salt_.size() % 2, 0U);
 }
 
+bool ParallelAuthenticator::LoadSupplementalUserKey() {
+  if (!supplemental_user_key_.get()) {
+    supplemental_user_key_.reset(
+        CrosLibrary::Get()->GetCertLibrary()->GetSupplementalUserKey());
+  }
+  return supplemental_user_key_.get() != NULL;
+}
+
+
 void ParallelAuthenticator::LoadLocalaccount(const std::string& filename) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE));
   {
     base::AutoLock for_this_block(localaccount_lock_);
     if (checked_for_localaccount_)
       return;
   }
   FilePath localaccount_file;
   std::string localaccount;
   if (PathService::Get(base::DIR_EXE, &localaccount_file)) {
@@ skipping 11 matching lines @@
 
 void ParallelAuthenticator::SetLocalaccount(const std::string& new_name) {
   localaccount_ = new_name;
   {  // extra braces for clarity about AutoLock scope.
     base::AutoLock for_this_block(localaccount_lock_);
     checked_for_localaccount_ = true;
   }
 }
 
 std::string ParallelAuthenticator::EncryptToken(const std::string& token) {
-  // TODO(zelidrag): Replace salt with
-  scoped_ptr<crypto::SymmetricKey> key(
-      crypto::SymmetricKey::DeriveKeyFromPassword(
-          crypto::SymmetricKey::AES, UserSupplementalKeyAsAscii(),
-          SaltAsAscii(), 1000, 256));
+  if (!LoadSupplementalUserKey())
+    return std::string();
   crypto::Encryptor encryptor;
-  if (!encryptor.Init(key.get(), crypto::Encryptor::CTR, std::string()))
+  if (!encryptor.Init(supplemental_user_key_.get(), crypto::Encryptor::CTR,
+                      std::string()))
     return std::string();
 
   std::string nonce = SaltAsAscii().substr(0, kKeySize);
   std::string encoded_token;
   CHECK(encryptor.SetCounter(nonce));
   if (!encryptor.Encrypt(token, &encoded_token))
     return std::string();
 
   return StringToLowerASCII(base::HexEncode(
       reinterpret_cast<const void*>(encoded_token.data()),
       encoded_token.size()));
 }
-
 std::string ParallelAuthenticator::DecryptToken(
     const std::string& encrypted_token_hex) {
-  std::vector<uint8> encrypted_token_bytes;
-  if (!base::HexStringToBytes(encrypted_token_hex, &encrypted_token_bytes))
+  if (!LoadSupplementalUserKey())
     return std::string();
+  return DecryptTokenWithKey(supplemental_user_key_.get(),
+                             SaltAsAscii(),
+                             encrypted_token_hex);
+}
 
-  std::string encrypted_token(
-      reinterpret_cast<char*>(encrypted_token_bytes.data()),
-                              encrypted_token_bytes.size());
+std::string ParallelAuthenticator::DecryptLegacyToken(
+    const std::string& encrypted_token_hex) {
   scoped_ptr<crypto::SymmetricKey> key(
       crypto::SymmetricKey::DeriveKeyFromPassword(
           crypto::SymmetricKey::AES, UserSupplementalKeyAsAscii(),
           SaltAsAscii(), 1000, 256));
-  crypto::Encryptor encryptor;
-  if (!encryptor.Init(key.get(), crypto::Encryptor::CTR, std::string()))
-    return std::string();
-
-  std::string nonce = SaltAsAscii().substr(0, kKeySize);
-  std::string token;
-  CHECK(encryptor.SetCounter(nonce));
-  if (!encryptor.Decrypt(encrypted_token, &token))
-    return std::string();
-  return token;
+  return DecryptTokenWithKey(key.get(), SaltAsAscii(), encrypted_token_hex);
 }
 
-
 std::string ParallelAuthenticator::HashPassword(const std::string& password) {
   // Get salt, ascii encode, update sha with that, then update with ascii
   // of password, then end.
   std::string ascii_salt = SaltAsAscii();
   char passhash_buf[kPassHashLen];
 
   // Hash salt and password
   crypto::SHA256HashString(ascii_salt + password,
                            &passhash_buf, sizeof(passhash_buf));
 
@@ skipping 16 matching lines @@
 }
 
 void ParallelAuthenticator::ResolveLoginCompletionStatus() {
   // Shortcut online state resolution process.
   current_state_->RecordOnlineLoginStatus(GaiaAuthConsumer::ClientLoginResult(),
                                           LoginFailure::None());
   Resolve();
 }
 
 }  // namespace chromeos