Changed OAuth token+secret encryption to use supplemental user key.

chrome/browser/chromeos/login/parallel_authenticator.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_
 #define CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_
 #pragma once
 
 #include <string>
 #include <vector>
@@ skipping 14 matching lines @@
 #include "chrome/common/net/gaia/gaia_auth_consumer.h"
 
 class GaiaAuthFetcher;
 class LoginFailure;
 class Profile;
 
 namespace base {
 class Lock;
 }
 
+namespace crypto {
+class SymmetricKey;
+}
+
 namespace chromeos {
 
 class LoginStatusConsumer;
 class ParallelAuthenticator;
 class ResolveChecker;
 
 // Authenticates a Chromium OS user against the Google Accounts ClientLogin API.
 //
 // Simultaneously attempts authentication both offline and online, failing over
 // to the "localaccount" in the event that authentication fails.
@@ skipping 97 matching lines @@
       const GaiaAuthConsumer::ClientLoginResult& credentials) OVERRIDE;
   virtual void RetryAuth(Profile* profile,
                          const std::string& username,
                          const std::string& password,
                          const std::string& login_token,
                          const std::string& login_captcha) OVERRIDE;
   virtual void VerifyOAuth1AccessToken(const std::string& oauth1_access_token,
       const std::string& oauth1_secret) OVERRIDE;
   virtual std::string EncryptToken(const std::string& token) OVERRIDE;
   virtual std::string DecryptToken(const std::string& encrypted_token) OVERRIDE;
+  virtual std::string DecryptLegacyToken(
+      const std::string& encrypted_token) OVERRIDE;
 
   // AuthAttemptStateResolver overrides.
   // Attempts to make a decision and call back |consumer_| based on
   // the state we have gathered at the time of call.  If a decision
   // can't be made, defers until the next time this is called.
   // When a decision is made, will call back to |consumer_| on the UI thread.
   //
   // Must be called on the IO thread.
   virtual void Resolve() OVERRIDE;
 
@@ skipping 51 matching lines @@
     current_online_ = attempt;
   }
 
   // Resets |current_state_| and then posts a task to the UI thread to
   // Initiate() |to_initiate|.
   // Call this method on the IO thread.
   void ResyncRecoverHelper(CryptohomeOp* to_initiate);
 
   // If we don't have the system salt yet, loads it from the CryptohomeLibrary.
   void LoadSystemSalt();
+  // If we don't have supplemental_user_key_ yet, loads it from the NSS DB.
+  // Returns false if the key can not be loaded/created.
+  bool LoadSupplementalUserKey();
 
   // If we haven't already, looks in a file called |filename| next to
   // the browser executable for a "localaccount" name, and retrieves it
   // if one is present.  If someone attempts to authenticate with this
   // username, we will mount a tmpfs for them and let them use the
   // browser.
   // Should only be called on the FILE thread.
   void LoadLocalaccount(const std::string& filename);
 
   void SetLocalaccount(const std::string& new_name);
 
   // Records OAuth1 access token verification failure for |user_account|.
   void RecordOAuthCheckFailure(const std::string& user_account);
 
-  // Stores a hash of |password|, salted with the ascii of |system_salt_|.
+    // Stores a hash of |password|, salted with the ascii of |system_salt_|.

[wtc, 2011/09/06 21:35:17]

Nit: undo the whitespace.

[zel, 2011/09/06 22:33:35]

Done.

   std::string HashPassword(const std::string& password);
 
   // Returns the ascii encoding of the system salt.
   std::string SaltAsAscii();
 
   // Returns the ascii encoding of user supplemental key.
   // TODO(zelidrag): http://crosbug.com/18905. Replace this with a key from
   // nssdb instead.
   std::string UserSupplementalKeyAsAscii();
 
@@ skipping 20 matching lines @@
   scoped_ptr<AuthAttemptState> current_state_;
   scoped_refptr<OnlineAttempt> current_online_;
   scoped_refptr<CryptohomeOp> mounter_;
   scoped_refptr<CryptohomeOp> key_migrator_;
   scoped_refptr<CryptohomeOp> data_remover_;
   scoped_refptr<CryptohomeOp> guest_mounter_;
   scoped_refptr<CryptohomeOp> key_checker_;
 
   std::string ascii_hash_;
   chromeos::CryptohomeBlob system_salt_;
+  scoped_ptr<crypto::SymmetricKey> supplemental_user_key_;
 
   // When the user has changed her password, but gives us the old one, we will
   // be able to mount her cryptohome, but online authentication will fail.
   // This allows us to present the same behavior to the caller, regardless
   // of the order in which we receive these results.
   bool already_reported_success_;
   base::Lock success_lock_;  // A lock around already_reported_success_.
 
   // Status relating to the local "backdoor" account.
   std::string localaccount_;
   bool checked_for_localaccount_;  // Needed because empty localaccount_ is ok.
   base::Lock localaccount_lock_;  // A lock around checked_for_localaccount_.
 
   // True if we use OAuth-based authentication flow.
   bool using_oauth_;
 
   friend class ResolveChecker;
   friend class ParallelAuthenticatorTest;
   FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, SaltToAscii);
   FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadLocalaccount);
   FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest,
                            ReadLocalaccountTrailingWS);
   FRIEND_TEST_ALL_PREFIXES(ParallelAuthenticatorTest, ReadNoLocalaccount);
   DISALLOW_COPY_AND_ASSIGN(ParallelAuthenticator);
 };
 
 }  // namespace chromeos
 
 #endif  // CHROME_BROWSER_CHROMEOS_LOGIN_PARALLEL_AUTHENTICATOR_H_