| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/cryptohome_library.h" | 5 #include "chrome/browser/chromeos/cros/cryptohome_library.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/hash_tables.h" | 9 #include "base/hash_tables.h" |
| 10 #include "base/message_loop.h" | 10 #include "base/message_loop.h" |
| 11 #include "base/string_number_conversions.h" |
| 12 #include "base/string_util.h" |
| 11 #include "chrome/browser/chromeos/cros/cros_library.h" | 13 #include "chrome/browser/chromeos/cros/cros_library.h" |
| 12 #include "chrome/common/chrome_switches.h" | 14 #include "chrome/common/chrome_switches.h" |
| 13 #include "content/public/browser/browser_thread.h" | 15 #include "content/public/browser/browser_thread.h" |
| 16 #include "crypto/encryptor.h" |
| 17 #include "crypto/sha2.h" |
| 14 | 18 |
| 15 using content::BrowserThread; | 19 using content::BrowserThread; |
| 16 | 20 |
| 17 namespace { | 21 namespace { |
| 18 const char kStubSystemSalt[] = "stub_system_salt"; | 22 |
| 23 const char kStubSystemSalt[] = "stub_system_salt"; |
| 24 const int kPassHashLen = 32; |
| 25 |
| 19 } | 26 } |
| 20 | 27 |
| 21 namespace chromeos { | 28 namespace chromeos { |
| 22 | 29 |
| 23 // This class handles the interaction with the ChromeOS cryptohome library APIs. | 30 // This class handles the interaction with the ChromeOS cryptohome library APIs. |
| 24 class CryptohomeLibraryImpl : public CryptohomeLibrary { | 31 class CryptohomeLibraryImpl : public CryptohomeLibrary { |
| 25 public: | 32 public: |
| 26 CryptohomeLibraryImpl() {} | 33 CryptohomeLibraryImpl() {} |
| 27 virtual ~CryptohomeLibraryImpl() {} | 34 virtual ~CryptohomeLibraryImpl() {} |
| 28 | 35 |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 77 return CacheCallback( | 84 return CacheCallback( |
| 78 chromeos::CryptohomeAsyncRemove(user_email.c_str()), | 85 chromeos::CryptohomeAsyncRemove(user_email.c_str()), |
| 79 d, | 86 d, |
| 80 "Couldn't initiate async removal of cryptohome."); | 87 "Couldn't initiate async removal of cryptohome."); |
| 81 } | 88 } |
| 82 | 89 |
| 83 virtual bool IsMounted() OVERRIDE { | 90 virtual bool IsMounted() OVERRIDE { |
| 84 return chromeos::CryptohomeIsMounted(); | 91 return chromeos::CryptohomeIsMounted(); |
| 85 } | 92 } |
| 86 | 93 |
| 87 virtual CryptohomeBlob GetSystemSalt() OVERRIDE { | |
| 88 CryptohomeBlob system_salt; | |
| 89 char* salt_buf; | |
| 90 int salt_len; | |
| 91 bool result = chromeos::CryptohomeGetSystemSaltSafe(&salt_buf, &salt_len); | |
| 92 if (result) { | |
| 93 system_salt.resize(salt_len); | |
| 94 if ((int)system_salt.size() == salt_len) { | |
| 95 memcpy(&system_salt[0], static_cast<const void*>(salt_buf), | |
| 96 salt_len); | |
| 97 } else { | |
| 98 system_salt.clear(); | |
| 99 } | |
| 100 } | |
| 101 return system_salt; | |
| 102 } | |
| 103 | |
| 104 virtual bool AsyncSetOwnerUser( | 94 virtual bool AsyncSetOwnerUser( |
| 105 const std::string& username, Delegate* d) OVERRIDE { | 95 const std::string& username, Delegate* d) OVERRIDE { |
| 106 return CacheCallback( | 96 return CacheCallback( |
| 107 chromeos::CryptohomeAsyncSetOwnerUser(username.c_str()), | 97 chromeos::CryptohomeAsyncSetOwnerUser(username.c_str()), |
| 108 d, | 98 d, |
| 109 "Couldn't do set owner user in Cryptohomed."); | 99 "Couldn't do set owner user in Cryptohomed."); |
| 110 } | 100 } |
| 111 | 101 |
| 112 virtual bool TpmIsReady() OVERRIDE { | 102 virtual bool TpmIsReady() OVERRIDE { |
| 113 return chromeos::CryptohomeTpmIsReady(); | 103 return chromeos::CryptohomeTpmIsReady(); |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 177 | 167 |
| 178 virtual void Pkcs11GetTpmTokenInfo( | 168 virtual void Pkcs11GetTpmTokenInfo( |
| 179 std::string* label, std::string* user_pin) OVERRIDE { | 169 std::string* label, std::string* user_pin) OVERRIDE { |
| 180 chromeos::CryptohomePkcs11GetTpmTokenInfo(label, user_pin); | 170 chromeos::CryptohomePkcs11GetTpmTokenInfo(label, user_pin); |
| 181 } | 171 } |
| 182 | 172 |
| 183 virtual bool Pkcs11IsTpmTokenReady() OVERRIDE { | 173 virtual bool Pkcs11IsTpmTokenReady() OVERRIDE { |
| 184 return chromeos::CryptohomePkcs11IsTpmTokenReady(); | 174 return chromeos::CryptohomePkcs11IsTpmTokenReady(); |
| 185 } | 175 } |
| 186 | 176 |
| 177 virtual std::string HashPassword(const std::string& password) OVERRIDE { |
| 178 // Get salt, ascii encode, update sha with that, then update with ascii |
| 179 // of password, then end. |
| 180 std::string ascii_salt = GetSystemSalt(); |
| 181 char passhash_buf[kPassHashLen]; |
| 182 |
| 183 // Hash salt and password |
| 184 crypto::SHA256HashString(ascii_salt + password, |
| 185 &passhash_buf, sizeof(passhash_buf)); |
| 186 |
| 187 return StringToLowerASCII(base::HexEncode( |
| 188 reinterpret_cast<const void*>(passhash_buf), |
| 189 sizeof(passhash_buf) / 2)); |
| 190 } |
| 191 |
| 192 virtual std::string GetSystemSalt() OVERRIDE { |
| 193 LoadSystemSalt(); // no-op if it's already loaded. |
| 194 return StringToLowerASCII(base::HexEncode( |
| 195 reinterpret_cast<const void*>(system_salt_.data()), |
| 196 system_salt_.size())); |
| 197 } |
| 198 |
| 187 private: | 199 private: |
| 200 typedef base::hash_map<int, Delegate*> CallbackMap; |
| 201 |
| 188 static void Handler(const chromeos::CryptohomeAsyncCallStatus& event, | 202 static void Handler(const chromeos::CryptohomeAsyncCallStatus& event, |
| 189 void* cryptohome_library) { | 203 void* cryptohome_library) { |
| 190 CryptohomeLibraryImpl* library = | 204 CryptohomeLibraryImpl* library = |
| 191 reinterpret_cast<CryptohomeLibraryImpl*>(cryptohome_library); | 205 reinterpret_cast<CryptohomeLibraryImpl*>(cryptohome_library); |
| 192 library->Dispatch(event); | 206 library->Dispatch(event); |
| 193 } | 207 } |
| 194 | 208 |
| 195 void Dispatch(const chromeos::CryptohomeAsyncCallStatus& event) { | 209 void Dispatch(const chromeos::CryptohomeAsyncCallStatus& event) { |
| 196 const CallbackMap::iterator callback = callback_map_.find(event.async_id); | 210 const CallbackMap::iterator callback = callback_map_.find(event.async_id); |
| 197 if (callback == callback_map_.end()) { | 211 if (callback == callback_map_.end()) { |
| 198 LOG(ERROR) << "Received signal for unknown async_id " << event.async_id; | 212 LOG(ERROR) << "Received signal for unknown async_id " << event.async_id; |
| 199 return; | 213 return; |
| 200 } | 214 } |
| 201 if (callback->second) | 215 if (callback->second) |
| 202 callback->second->OnComplete(event.return_status, event.return_code); | 216 callback->second->OnComplete(event.return_status, event.return_code); |
| 203 callback_map_.erase(callback); | 217 callback_map_.erase(callback); |
| 204 } | 218 } |
| 205 | 219 |
| 206 bool CacheCallback(int async_id, Delegate* d, const char* error) { | 220 bool CacheCallback(int async_id, Delegate* d, const char* error) { |
| 207 if (async_id == 0) { | 221 if (async_id == 0) { |
| 208 LOG(ERROR) << error; | 222 LOG(ERROR) << error; |
| 209 return false; | 223 return false; |
| 210 } | 224 } |
| 211 VLOG(1) << "Adding handler for " << async_id; | 225 VLOG(1) << "Adding handler for " << async_id; |
| 212 callback_map_[async_id] = d; | 226 callback_map_[async_id] = d; |
| 213 return true; | 227 return true; |
| 214 } | 228 } |
| 215 | 229 |
| 216 typedef base::hash_map<int, Delegate*> CallbackMap; | 230 void LoadSystemSalt() { |
| 231 if (!system_salt_.empty()) |
| 232 return; |
| 233 |
| 234 char* salt_buf; |
| 235 int salt_len; |
| 236 bool result = chromeos::CryptohomeGetSystemSaltSafe(&salt_buf, &salt_len); |
| 237 if (result) { |
| 238 system_salt_.resize(salt_len); |
| 239 if (static_cast<int>(system_salt_.size()) == salt_len) |
| 240 memcpy(&system_salt_[0], static_cast<const void*>(salt_buf), salt_len); |
| 241 else |
| 242 system_salt_.clear(); |
| 243 } |
| 244 CHECK(!system_salt_.empty()); |
| 245 CHECK_EQ(system_salt_.size() % 2, 0U); |
| 246 } |
| 247 |
| 248 chromeos::CryptohomeBlob system_salt_; |
| 217 mutable CallbackMap callback_map_; | 249 mutable CallbackMap callback_map_; |
| 218 | 250 |
| 219 void* cryptohome_connection_; | 251 void* cryptohome_connection_; |
| 220 | 252 |
| 221 DISALLOW_COPY_AND_ASSIGN(CryptohomeLibraryImpl); | 253 DISALLOW_COPY_AND_ASSIGN(CryptohomeLibraryImpl); |
| 222 }; | 254 }; |
| 223 | 255 |
| 224 class CryptohomeLibraryStubImpl : public CryptohomeLibrary { | 256 class CryptohomeLibraryStubImpl : public CryptohomeLibrary { |
| 225 public: | 257 public: |
| 226 CryptohomeLibraryStubImpl() | 258 CryptohomeLibraryStubImpl() |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 270 BrowserThread::PostTask( | 302 BrowserThread::PostTask( |
| 271 BrowserThread::UI, FROM_HERE, | 303 BrowserThread::UI, FROM_HERE, |
| 272 base::Bind(&DoStubCallback, callback)); | 304 base::Bind(&DoStubCallback, callback)); |
| 273 return true; | 305 return true; |
| 274 } | 306 } |
| 275 | 307 |
| 276 virtual bool IsMounted() OVERRIDE { | 308 virtual bool IsMounted() OVERRIDE { |
| 277 return true; | 309 return true; |
| 278 } | 310 } |
| 279 | 311 |
| 280 virtual CryptohomeBlob GetSystemSalt() OVERRIDE { | |
| 281 CryptohomeBlob salt = CryptohomeBlob(); | |
| 282 for (size_t i = 0; i < strlen(kStubSystemSalt); i++) | |
| 283 salt.push_back(static_cast<unsigned char>(kStubSystemSalt[i])); | |
| 284 | |
| 285 return salt; | |
| 286 } | |
| 287 | |
| 288 virtual bool AsyncSetOwnerUser( | 312 virtual bool AsyncSetOwnerUser( |
| 289 const std::string& username, Delegate* callback) OVERRIDE { | 313 const std::string& username, Delegate* callback) OVERRIDE { |
| 290 BrowserThread::PostTask( | 314 BrowserThread::PostTask( |
| 291 BrowserThread::UI, FROM_HERE, | 315 BrowserThread::UI, FROM_HERE, |
| 292 base::Bind(&DoStubCallback, callback)); | 316 base::Bind(&DoStubCallback, callback)); |
| 293 return true; | 317 return true; |
| 294 } | 318 } |
| 295 | 319 |
| 296 // Tpm begin ready after 20-th call. | 320 // Tpm begin ready after 20-th call. |
| 297 virtual bool TpmIsReady() OVERRIDE { | 321 virtual bool TpmIsReady() OVERRIDE { |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 353 } | 377 } |
| 354 | 378 |
| 355 virtual void Pkcs11GetTpmTokenInfo(std::string* label, | 379 virtual void Pkcs11GetTpmTokenInfo(std::string* label, |
| 356 std::string* user_pin) OVERRIDE { | 380 std::string* user_pin) OVERRIDE { |
| 357 *label = "Stub TPM Token"; | 381 *label = "Stub TPM Token"; |
| 358 *user_pin = "012345"; | 382 *user_pin = "012345"; |
| 359 } | 383 } |
| 360 | 384 |
| 361 virtual bool Pkcs11IsTpmTokenReady() OVERRIDE { return true; } | 385 virtual bool Pkcs11IsTpmTokenReady() OVERRIDE { return true; } |
| 362 | 386 |
| 387 virtual std::string HashPassword(const std::string& password) OVERRIDE { |
| 388 return StringToLowerASCII(base::HexEncode( |
| 389 reinterpret_cast<const void*>(password.data()), |
| 390 password.length())); |
| 391 } |
| 392 |
| 393 virtual std::string GetSystemSalt() OVERRIDE { |
| 394 return kStubSystemSalt; |
| 395 } |
| 396 |
| 363 private: | 397 private: |
| 364 static void DoStubCallback(Delegate* callback) { | 398 static void DoStubCallback(Delegate* callback) { |
| 365 if (callback) | 399 if (callback) |
| 366 callback->OnComplete(true, kCryptohomeMountErrorNone); | 400 callback->OnComplete(true, kCryptohomeMountErrorNone); |
| 367 } | 401 } |
| 368 | 402 |
| 369 std::map<std::string, std::string> install_attrs_; | 403 std::map<std::string, std::string> install_attrs_; |
| 370 bool locked_; | 404 bool locked_; |
| 371 DISALLOW_COPY_AND_ASSIGN(CryptohomeLibraryStubImpl); | 405 DISALLOW_COPY_AND_ASSIGN(CryptohomeLibraryStubImpl); |
| 372 }; | 406 }; |
| 373 | 407 |
| 374 CryptohomeLibrary::CryptohomeLibrary() {} | 408 CryptohomeLibrary::CryptohomeLibrary() {} |
| 375 CryptohomeLibrary::~CryptohomeLibrary() {} | 409 CryptohomeLibrary::~CryptohomeLibrary() {} |
| 376 | 410 |
| 377 // static | 411 // static |
| 378 CryptohomeLibrary* CryptohomeLibrary::GetImpl(bool stub) { | 412 CryptohomeLibrary* CryptohomeLibrary::GetImpl(bool stub) { |
| 379 CryptohomeLibrary* impl; | 413 CryptohomeLibrary* impl; |
| 380 if (stub) | 414 if (stub) |
| 381 impl = new CryptohomeLibraryStubImpl(); | 415 impl = new CryptohomeLibraryStubImpl(); |
| 382 else | 416 else |
| 383 impl = new CryptohomeLibraryImpl(); | 417 impl = new CryptohomeLibraryImpl(); |
| 384 impl->Init(); | 418 impl->Init(); |
| 385 return impl; | 419 return impl; |
| 386 } | 420 } |
| 387 | 421 |
| 388 } // namespace chromeos | 422 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8761016:
Shaving parallel authenticator yak to remove unnecessary dependency on this class from OAuth spec... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/