OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sync/util/cryptographer.h" | 5 #include "sync/util/cryptographer.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
103 DCHECK(message); | 103 DCHECK(message); |
104 std::string plaintext = DecryptToString(encrypted); | 104 std::string plaintext = DecryptToString(encrypted); |
105 return message->ParseFromString(plaintext); | 105 return message->ParseFromString(plaintext); |
106 } | 106 } |
107 | 107 |
108 std::string Cryptographer::DecryptToString( | 108 std::string Cryptographer::DecryptToString( |
109 const sync_pb::EncryptedData& encrypted) const { | 109 const sync_pb::EncryptedData& encrypted) const { |
110 NigoriMap::const_iterator it = nigoris_.find(encrypted.key_name()); | 110 NigoriMap::const_iterator it = nigoris_.find(encrypted.key_name()); |
111 if (nigoris_.end() == it) { | 111 if (nigoris_.end() == it) { |
112 NOTREACHED() << "Cannot decrypt message"; | 112 NOTREACHED() << "Cannot decrypt message"; |
113 return std::string(""); // Caller should have called CanDecrypt(encrypt). | 113 return std::string(); // Caller should have called CanDecrypt(encrypt). |
114 } | 114 } |
115 | 115 |
116 std::string plaintext; | 116 std::string plaintext; |
117 if (!it->second->Decrypt(encrypted.blob(), &plaintext)) { | 117 if (!it->second->Decrypt(encrypted.blob(), &plaintext)) { |
118 return std::string(""); | 118 return std::string(); |
119 } | 119 } |
120 | 120 |
121 return plaintext; | 121 return plaintext; |
122 } | 122 } |
123 | 123 |
124 bool Cryptographer::GetKeys(sync_pb::EncryptedData* encrypted) const { | 124 bool Cryptographer::GetKeys(sync_pb::EncryptedData* encrypted) const { |
125 DCHECK(encrypted); | 125 DCHECK(encrypted); |
126 DCHECK(!nigoris_.empty()); | 126 DCHECK(!nigoris_.empty()); |
127 | 127 |
128 // Create a bag of all the Nigori parameters we know about. | 128 // Create a bag of all the Nigori parameters we know about. |
(...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
264 if (!base::Base64Encode(encrypted_token, token)) { | 264 if (!base::Base64Encode(encrypted_token, token)) { |
265 NOTREACHED(); | 265 NOTREACHED(); |
266 return false; | 266 return false; |
267 } | 267 } |
268 return true; | 268 return true; |
269 } | 269 } |
270 | 270 |
271 std::string Cryptographer::UnpackBootstrapToken( | 271 std::string Cryptographer::UnpackBootstrapToken( |
272 const std::string& token) const { | 272 const std::string& token) const { |
273 if (token.empty()) | 273 if (token.empty()) |
274 return ""; | 274 return std::string(); |
275 | 275 |
276 std::string encrypted_data; | 276 std::string encrypted_data; |
277 if (!base::Base64Decode(token, &encrypted_data)) { | 277 if (!base::Base64Decode(token, &encrypted_data)) { |
278 DLOG(WARNING) << "Could not decode token."; | 278 DLOG(WARNING) << "Could not decode token."; |
279 return ""; | 279 return std::string(); |
280 } | 280 } |
281 | 281 |
282 std::string unencrypted_token; | 282 std::string unencrypted_token; |
283 if (!encryptor_->DecryptString(encrypted_data, &unencrypted_token)) { | 283 if (!encryptor_->DecryptString(encrypted_data, &unencrypted_token)) { |
284 DLOG(WARNING) << "Decryption of bootstrap token failed."; | 284 DLOG(WARNING) << "Decryption of bootstrap token failed."; |
285 return ""; | 285 return std::string(); |
286 } | 286 } |
287 return unencrypted_token; | 287 return unencrypted_token; |
288 } | 288 } |
289 | 289 |
290 void Cryptographer::InstallKeyBag(const sync_pb::NigoriKeyBag& bag) { | 290 void Cryptographer::InstallKeyBag(const sync_pb::NigoriKeyBag& bag) { |
291 int key_size = bag.key_size(); | 291 int key_size = bag.key_size(); |
292 for (int i = 0; i < key_size; ++i) { | 292 for (int i = 0; i < key_size; ++i) { |
293 const sync_pb::NigoriKey key = bag.key(i); | 293 const sync_pb::NigoriKey key = bag.key(i); |
294 // Only use this key if we don't already know about it. | 294 // Only use this key if we don't already know about it. |
295 if (nigoris_.end() == nigoris_.find(key.name())) { | 295 if (nigoris_.end() == nigoris_.find(key.name())) { |
(...skipping 25 matching lines...) Expand all Loading... |
321 << "Assuming keybag is corrupted."; | 321 << "Assuming keybag is corrupted."; |
322 return true; | 322 return true; |
323 } | 323 } |
324 if (static_cast<size_t>(bag.key_size()) < nigoris_.size()) | 324 if (static_cast<size_t>(bag.key_size()) < nigoris_.size()) |
325 return true; | 325 return true; |
326 return false; | 326 return false; |
327 } | 327 } |
328 | 328 |
329 std::string Cryptographer::GetDefaultNigoriKey() const { | 329 std::string Cryptographer::GetDefaultNigoriKey() const { |
330 if (!is_initialized()) | 330 if (!is_initialized()) |
331 return ""; | 331 return std::string(); |
332 NigoriMap::const_iterator iter = nigoris_.find(default_nigori_name_); | 332 NigoriMap::const_iterator iter = nigoris_.find(default_nigori_name_); |
333 if (iter == nigoris_.end()) | 333 if (iter == nigoris_.end()) |
334 return ""; | 334 return std::string(); |
335 sync_pb::NigoriKey key; | 335 sync_pb::NigoriKey key; |
336 if (!iter->second->ExportKeys(key.mutable_user_key(), | 336 if (!iter->second->ExportKeys(key.mutable_user_key(), |
337 key.mutable_encryption_key(), | 337 key.mutable_encryption_key(), |
338 key.mutable_mac_key())) | 338 key.mutable_mac_key())) |
339 return ""; | 339 return std::string(); |
340 return key.SerializeAsString(); | 340 return key.SerializeAsString(); |
341 } | 341 } |
342 | 342 |
343 bool Cryptographer::ImportNigoriKey(const std::string serialized_nigori_key) { | 343 bool Cryptographer::ImportNigoriKey(const std::string serialized_nigori_key) { |
344 if (serialized_nigori_key.empty()) | 344 if (serialized_nigori_key.empty()) |
345 return false; | 345 return false; |
346 | 346 |
347 sync_pb::NigoriKey key; | 347 sync_pb::NigoriKey key; |
348 if (!key.ParseFromString(serialized_nigori_key)) | 348 if (!key.ParseFromString(serialized_nigori_key)) |
349 return false; | 349 return false; |
350 | 350 |
351 scoped_ptr<Nigori> nigori(new Nigori); | 351 scoped_ptr<Nigori> nigori(new Nigori); |
352 if (!nigori->InitByImport(key.user_key(), key.encryption_key(), | 352 if (!nigori->InitByImport(key.user_key(), key.encryption_key(), |
353 key.mac_key())) { | 353 key.mac_key())) { |
354 NOTREACHED(); | 354 NOTREACHED(); |
355 return false; | 355 return false; |
356 } | 356 } |
357 | 357 |
358 if (!AddKeyImpl(nigori.Pass(), true)) | 358 if (!AddKeyImpl(nigori.Pass(), true)) |
359 return false; | 359 return false; |
360 return true; | 360 return true; |
361 } | 361 } |
362 | 362 |
363 } // namespace syncer | 363 } // namespace syncer |
OLD | NEW |