Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(97)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/mac/keychain_reauthorize.h

Issue 183713003: Remove keychain_reauthorize (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/chrome_browser_main_mac.mm ('k') | chrome/browser/mac/keychain_reauthorize.mm » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_MAC_KEYCHAIN_REAUTHORIZE_H_
6 #define CHROME_BROWSER_MAC_KEYCHAIN_REAUTHORIZE_H_
7
8 #ifdef __OBJC__
9 @class NSString;
10 #else
11 class NSString;
12 #endif
13
14 namespace chrome {
15
16 // Reauthorizes all Keychain items that can be found in a standard Keychain
17 // search, as long as they are accessible and can be decrypted. This operates
18 // by scanning the requirement strings for each application in each ACL in
19 // each accessible Keychain item. If any requirement string matches a list of
20 // strings to perform reauthorization for, the matching application in the ACL
21 // will be replaced with this application, using this application's designated
22 // requirement as the requirement string. Keychain items that are reauthorized
23 // are made effective by deleting the original item and storing the new one
24 // with its revised access policy in the Keychain. This circuitous method is
25 // used because applications don't generally have permission to modify access
26 // control policies on existing Keychain items (even when they are able to
27 // decrypt those items), but any application can remove a Keychain item.
28 void KeychainReauthorize();
29
30 // Calls KeychainReauthorize, but only if it's determined that it's necessary.
31 // pref_key is looked up in the system's standard user defaults (preferences)
32 // and if its integer value is less than max_tries, KeychainReauthorize is
33 // attempted. Before the attempt, the preference is incremented, allowing a
34 // finite number of incomplete attempts at performing the KeychainReauthorize
35 // operation. When the step completes successfully, the preference is set to
36 // max_tries to prevent further attempts, and the preference name with the
37 // word "Success" appended is also stored with a boolean value of YES,
38 // disambiguating between the cases where the step completed successfully and
39 // the step completed unsuccessfully while reaching the maximum number of
40 // tries.
41 //
42 // The system's standard user defaults for the application are used
43 // (~/Library/Preferences/com.google.Chrome.plist,
44 // com.google.Chrome.canary.plist, etc.) instead of Chrome preferences because
45 // Keychain access is tied more closely to the bundle identifier and signed
46 // product than it is to any specific profile (--user-data-dir).
47 void KeychainReauthorizeIfNeeded(NSString* pref_key, int max_tries);
48
49 } // namespace chrome
50
51 #endif // CHROME_BROWSER_MAC_KEYCHAIN_REAUTHORIZE_H_
OLDNEW
« no previous file with comments | « chrome/browser/chrome_browser_main_mac.mm ('k') | chrome/browser/mac/keychain_reauthorize.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698