Add a lock to the managed user settings page and require authentication for unlocking.

chrome/browser/managed_mode/managed_user_passphrase.cc

Index: chrome/browser/managed_mode/managed_user_passphrase.cc
diff --git a/chrome/browser/managed_mode/managed_user_passphrase.cc b/chrome/browser/managed_mode/managed_user_passphrase.cc
new file mode 100644
index 0000000000000000000000000000000000000000..a68684c20187738d4340073e631547994fa73f7e
--- /dev/null
+++ b/chrome/browser/managed_mode/managed_user_passphrase.cc
@@ -0,0 +1,40 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/managed_mode/managed_user_passphrase.h"
+
+#include "base/base64.h"
+#include "base/logging.h"
+#include "crypto/encryptor.h"
+#include "crypto/symmetric_key.h"
+
+const std::string ManagedUserPassphrase::kSalt_ = "managed_salt";

[Pam (message me for reviews), 2013/01/07 14:51:49]

You'll be fixing this as your very next change, right? :) Too often, this kind
of temporary placeholder ends up sticking around for months or years...

+
+void ManagedUserPassphrase::GenerateHashFromPassphrase(
+    const std::string& passphrase,
+    std::string* encoded_passphrase_hash) {
+  DCHECK(encoded_passphrase_hash);

[Pam (message me for reviews), 2013/01/07 14:51:49]

This should just be a CHECK. If somebody passes a NULL in here, we're going to
crash anyway.

[Bernhard Bauer, 2013/01/08 17:43:14]

Well, then you can probably leave it out completely, right?

+  std::string passphrase_hash;
+  GetPassphraseHash(passphrase, &passphrase_hash);
+  if (!base::Base64Encode(passphrase_hash, encoded_passphrase_hash)) {

[Bernhard Bauer, 2013/01/07 14:20:22]

Nit: I usually do `bool success = ...; DCHECK(success);` (NOTREACHED is a
DCHECK(false), so this is a slightly more convoluted way to do the same).

+    NOTREACHED();
+  }
+}
+
+void ManagedUserPassphrase::GetPassphraseHash(const std::string& passphrase,
+    std::string* passphrase_hash) {

[Bernhard Bauer, 2013/01/07 14:20:22]

Please align this parameter with the previous one (or if it doesn't fit anymore,
put this first one on a new line, indented four spaces.

+  DCHECK(passphrase_hash);
+  // Create a hash from the user-provided passphrase and our hard-coded salt.
+  scoped_ptr<crypto::SymmetricKey> encryption_key(
+      crypto::SymmetricKey::DeriveKeyFromPassword(
+          crypto::SymmetricKey::AES,
+          passphrase,
+          kSalt_,
+          128,
+          1));
+  DCHECK(encryption_key.get());

[Pam (message me for reviews), 2013/01/07 14:51:49]

I don't think this is necessary, since the next line will helpfully crash for us
if encryption_key is NULL.

+  if (!encryption_key->GetRawKey(passphrase_hash)) {
+    NOTREACHED();
+  }
+}