Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2660)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/managed_mode/managed_user_passphrase.cc

Issue 11783008: Add a lock to the managed user settings page and require authentication for unlocking. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Added a randomly generated salt, small fix in key generation Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/managed_mode/managed_mode.cc ('K') | « chrome/browser/managed_mode/managed_user_passphrase.h ('k') | chrome/browser/resources/managed_user_passphrase_dialog.css » ('j') | chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/managed_mode/managed_user_passphrase.cc
diff --git a/chrome/browser/managed_mode/managed_user_passphrase.cc b/chrome/browser/managed_mode/managed_user_passphrase.cc
new file mode 100644
index 0000000000000000000000000000000000000000..347a32bef7575b38d36e30b270523198e3a70ab3
--- /dev/null
+++ b/chrome/browser/managed_mode/managed_user_passphrase.cc
@@ -0,0 +1,73 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/managed_mode/managed_user_passphrase.h"
+
+#include <stdlib.h>
+#include <time.h>
+
+#include "base/base64.h"
+#include "base/logging.h"
+#include "crypto/encryptor.h"
+#include "crypto/symmetric_key.h"
+
+namespace {
+
+int kNumberOfIterations = 1;
+int kDerivedKeySize = 128;
+
+}
+
+ManagedUserPassphrase::ManagedUserPassphrase(const std::string &salt) {
+ salt_ = salt;
+ if (salt_.size() == 0) {
Bernhard Bauer 2013/01/07 14:39:22 You can use `salt_.empty()` here.
+ GenerateRandomSalt();
+ }
+}
+
+ManagedUserPassphrase::~ManagedUserPassphrase() {}
+
+std::string ManagedUserPassphrase::GetSalt() {
+ return salt_;
+}
+
+void ManagedUserPassphrase::GenerateRandomSalt() {
+ salt_ = "";
Bernhard Bauer 2013/01/07 14:39:22 salt_.clear();
+ srand(time(0));
Bernhard Bauer 2013/01/07 14:39:22 Please don't. I'm sure we have a cryptographic ran
+ for (int i = 0; i<32; ++i) {
+ salt_ += rand() % 128;
+ }
+ std::string temp = salt_;
+ if (!base::Base64Encode(temp, &salt_)) {
+ NOTREACHED();
+ }
+}
+
+void ManagedUserPassphrase::GenerateHashFromPassphrase(
+ const std::string& passphrase,
+ std::string* encoded_passphrase_hash) {
+ DCHECK(encoded_passphrase_hash);
+ std::string passphrase_hash;
+ GetPassphraseHash(passphrase, &passphrase_hash);
+ if (!base::Base64Encode(passphrase_hash, encoded_passphrase_hash)) {
+ NOTREACHED();
+ }
+}
+
+void ManagedUserPassphrase::GetPassphraseHash(const std::string& passphrase,
+ std::string* passphrase_hash) {
+ DCHECK(passphrase_hash);
+ // Create a hash from the user-provided passphrase and our hard-coded salt.
+ scoped_ptr<crypto::SymmetricKey> encryption_key(
+ crypto::SymmetricKey::DeriveKeyFromPassword(
+ crypto::SymmetricKey::AES,
+ passphrase,
+ salt_,
+ kNumberOfIterations,
+ kDerivedKeySize));
+ DCHECK(encryption_key.get());
+ if (!encryption_key->GetRawKey(passphrase_hash)) {
+ NOTREACHED();
+ }
+}
« chrome/browser/managed_mode/managed_mode.cc ('K') | « chrome/browser/managed_mode/managed_user_passphrase.h ('k') | chrome/browser/resources/managed_user_passphrase_dialog.css » ('j') | chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698