| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/cert_library.h" | 5 #include "chrome/browser/chromeos/cros/cert_library.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/chromeos/chromeos_version.h" | 9 #include "base/chromeos/chromeos_version.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 190 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 190 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 191 return server_certs_; | 191 return server_certs_; |
| 192 } | 192 } |
| 193 | 193 |
| 194 virtual const CertList& GetCACertificates() const OVERRIDE { | 194 virtual const CertList& GetCACertificates() const OVERRIDE { |
| 195 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 195 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 196 return server_ca_certs_; | 196 return server_ca_certs_; |
| 197 } | 197 } |
| 198 | 198 |
| 199 virtual std::string EncryptToken(const std::string& token) OVERRIDE { | 199 virtual std::string EncryptToken(const std::string& token) OVERRIDE { |
| 200 // Don't care about token encryption while debugging. |
| 201 if (!base::chromeos::IsRunningOnChromeOS()) |
| 202 return token; |
| 203 |
| 200 if (!LoadSupplementalUserKey()) { | 204 if (!LoadSupplementalUserKey()) { |
| 201 LOG(WARNING) << "Supplemental user key is not available for encrypt."; | 205 LOG(WARNING) << "Supplemental user key is not available for encrypt."; |
| 202 return std::string(); | 206 return std::string(); |
| 203 } | 207 } |
| 204 crypto::Encryptor encryptor; | 208 crypto::Encryptor encryptor; |
| 205 if (!encryptor.Init(supplemental_user_key_.get(), crypto::Encryptor::CTR, | 209 if (!encryptor.Init(supplemental_user_key_.get(), crypto::Encryptor::CTR, |
| 206 std::string())) { | 210 std::string())) { |
| 207 LOG(WARNING) << "Failed to initialize Encryptor."; | 211 LOG(WARNING) << "Failed to initialize Encryptor."; |
| 208 return std::string(); | 212 return std::string(); |
| 209 } | 213 } |
| 210 std::string salt = | 214 std::string salt = |
| 211 CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt(); | 215 CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt(); |
| 212 std::string nonce = salt.substr(0, kKeySize); | 216 std::string nonce = salt.substr(0, kKeySize); |
| 213 std::string encoded_token; | 217 std::string encoded_token; |
| 214 CHECK(encryptor.SetCounter(nonce)); | 218 CHECK(encryptor.SetCounter(nonce)); |
| 215 if (!encryptor.Encrypt(token, &encoded_token)) { | 219 if (!encryptor.Encrypt(token, &encoded_token)) { |
| 216 LOG(WARNING) << "Failed to encrypt token."; | 220 LOG(WARNING) << "Failed to encrypt token."; |
| 217 return std::string(); | 221 return std::string(); |
| 218 } | 222 } |
| 219 | 223 |
| 220 return StringToLowerASCII(base::HexEncode( | 224 return StringToLowerASCII(base::HexEncode( |
| 221 reinterpret_cast<const void*>(encoded_token.data()), | 225 reinterpret_cast<const void*>(encoded_token.data()), |
| 222 encoded_token.size())); | 226 encoded_token.size())); |
| 223 } | 227 } |
| 224 | 228 |
| 225 virtual std::string DecryptToken( | 229 virtual std::string DecryptToken( |
| 226 const std::string& encrypted_token_hex) OVERRIDE { | 230 const std::string& encrypted_token_hex) OVERRIDE { |
| 231 // Don't care about token encryption while debugging. |
| 232 if (!base::chromeos::IsRunningOnChromeOS()) |
| 233 return encrypted_token_hex; |
| 234 |
| 227 if (!LoadSupplementalUserKey()) { | 235 if (!LoadSupplementalUserKey()) { |
| 228 LOG(WARNING) << "Supplemental user key is not available for decrypt."; | 236 LOG(WARNING) << "Supplemental user key is not available for decrypt."; |
| 229 return std::string(); | 237 return std::string(); |
| 230 } | 238 } |
| 231 return DecryptTokenWithKey(supplemental_user_key_.get(), | 239 return DecryptTokenWithKey(supplemental_user_key_.get(), |
| 232 CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt(), | 240 CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt(), |
| 233 encrypted_token_hex); | 241 encrypted_token_hex); |
| 234 } | 242 } |
| 235 | 243 |
| 236 // net::CertDatabase::Observer implementation. Observer added on UI thread. | 244 // net::CertDatabase::Observer implementation. Observer added on UI thread. |
| (...skipping 362 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 599 net::X509Certificate* cert = GetCertificateAt(index); | 607 net::X509Certificate* cert = GetCertificateAt(index); |
| 600 net::X509Certificate::OSCertHandle cert_handle = cert->os_cert_handle(); | 608 net::X509Certificate::OSCertHandle cert_handle = cert->os_cert_handle(); |
| 601 std::string id = x509_certificate_model::GetPkcs11Id(cert_handle); | 609 std::string id = x509_certificate_model::GetPkcs11Id(cert_handle); |
| 602 if (id == pkcs11_id) | 610 if (id == pkcs11_id) |
| 603 return index; | 611 return index; |
| 604 } | 612 } |
| 605 return -1; // Not found. | 613 return -1; // Not found. |
| 606 } | 614 } |
| 607 | 615 |
| 608 } // chromeos | 616 } // chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
