| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/net/cookie_store_util.h" | |
| 6 | |
| 7 #include "base/lazy_instance.h" | |
| 8 #include "chrome/browser/browser_process.h" | |
| 9 #include "chrome/common/chrome_constants.h" | |
| 10 #include "chrome/common/chrome_switches.h" | |
| 11 #include "components/os_crypt/os_crypt.h" | |
| 12 #include "content/public/common/content_constants.h" | |
| 13 #include "extensions/common/constants.h" | |
| 14 #include "net/extras/sqlite/cookie_crypto_delegate.h" | |
| 15 | |
| 16 namespace chrome_browser_net { | |
| 17 | |
| 18 #if defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX) | |
| 19 namespace { | |
| 20 | |
| 21 // Use the operating system's mechanisms to encrypt cookies before writing | |
| 22 // them to persistent store. Currently this only is done with desktop OS's | |
| 23 // because ChromeOS and Android already protect the entire profile contents. | |
| 24 class CookieOSCryptoDelegate : public net::CookieCryptoDelegate { | |
| 25 public: | |
| 26 bool ShouldEncrypt() override; | |
| 27 bool EncryptString(const std::string& plaintext, | |
| 28 std::string* ciphertext) override; | |
| 29 bool DecryptString(const std::string& ciphertext, | |
| 30 std::string* plaintext) override; | |
| 31 }; | |
| 32 | |
| 33 bool CookieOSCryptoDelegate::ShouldEncrypt() { | |
| 34 #if defined(OS_IOS) | |
| 35 // Cookie encryption is not necessary on iOS, due to OS-protected storage. | |
| 36 // However, due to https://codereview.chromium.org/135183021/, cookies were | |
| 37 // accidentally encrypted. In order to allow these cookies to still be used,a | |
| 38 // a CookieCryptoDelegate is provided that can decrypt existing cookies. | |
| 39 // However, new cookies will not be encrypted. The alternatives considered | |
| 40 // were not supplying a delegate at all (thus invalidating all existing | |
| 41 // encrypted cookies) or in migrating all cookies at once, which may impose | |
| 42 // startup costs. Eventually, all cookies will get migrated as they are | |
| 43 // rewritten. | |
| 44 return false; | |
| 45 #else | |
| 46 return true; | |
| 47 #endif | |
| 48 } | |
| 49 | |
| 50 bool CookieOSCryptoDelegate::EncryptString(const std::string& plaintext, | |
| 51 std::string* ciphertext) { | |
| 52 return OSCrypt::EncryptString(plaintext, ciphertext); | |
| 53 } | |
| 54 | |
| 55 bool CookieOSCryptoDelegate::DecryptString(const std::string& ciphertext, | |
| 56 std::string* plaintext) { | |
| 57 return OSCrypt::DecryptString(ciphertext, plaintext); | |
| 58 } | |
| 59 | |
| 60 // Using a LazyInstance is safe here because this class is stateless and | |
| 61 // requires 0 initialization. | |
| 62 base::LazyInstance<CookieOSCryptoDelegate> g_cookie_crypto_delegate = | |
| 63 LAZY_INSTANCE_INITIALIZER; | |
| 64 | |
| 65 } // namespace | |
| 66 | |
| 67 net::CookieCryptoDelegate* GetCookieCryptoDelegate() { | |
| 68 return g_cookie_crypto_delegate.Pointer(); | |
| 69 } | |
| 70 #else // defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX) | |
| 71 net::CookieCryptoDelegate* GetCookieCryptoDelegate() { | |
| 72 return NULL; | |
| 73 } | |
| 74 #endif // defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX) | |
| 75 | |
| 76 } // namespace chrome_browser_net | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1405463006:
Componentize CookieOSCryptoDelegate (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master