| Index: chrome/browser/importer/nss_decryptor.cc
|
| diff --git a/chrome/browser/importer/nss_decryptor.cc b/chrome/browser/importer/nss_decryptor.cc
|
| deleted file mode 100644
|
| index 63887860fc658c8f657e21dca71d86b659b9bece..0000000000000000000000000000000000000000
|
| --- a/chrome/browser/importer/nss_decryptor.cc
|
| +++ /dev/null
|
| @@ -1,299 +0,0 @@
|
| -// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "chrome/browser/importer/nss_decryptor.h"
|
| -
|
| -#include <string>
|
| -#include <vector>
|
| -
|
| -#include "base/base64.h"
|
| -#include "base/memory/scoped_ptr.h"
|
| -#include "base/strings/string_split.h"
|
| -#include "base/strings/string_util.h"
|
| -#include "base/strings/utf_string_conversions.h"
|
| -#include "content/public/common/password_form.h"
|
| -#include "sql/connection.h"
|
| -#include "sql/statement.h"
|
| -
|
| -#if defined(USE_NSS)
|
| -#include <pk11pub.h>
|
| -#include <pk11sdr.h>
|
| -#endif // defined(USE_NSS)
|
| -
|
| -// This method is based on some Firefox code in
|
| -// security/manager/ssl/src/nsSDR.cpp
|
| -// The license block is:
|
| -
|
| -/* ***** BEGIN LICENSE BLOCK *****
|
| -* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
| -*
|
| -* The contents of this file are subject to the Mozilla Public License Version
|
| -* 1.1 (the "License"); you may not use this file except in compliance with
|
| -* the License. You may obtain a copy of the License at
|
| -* http://www.mozilla.org/MPL/
|
| -*
|
| -* Software distributed under the License is distributed on an "AS IS" basis,
|
| -* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
| -* for the specific language governing rights and limitations under the
|
| -* License.
|
| -*
|
| -* The Original Code is the Netscape security libraries.
|
| -*
|
| -* The Initial Developer of the Original Code is
|
| -* Netscape Communications Corporation.
|
| -* Portions created by the Initial Developer are Copyright (C) 1994-2000
|
| -* the Initial Developer. All Rights Reserved.
|
| -*
|
| -* Contributor(s):
|
| -*
|
| -* Alternatively, the contents of this file may be used under the terms of
|
| -* either the GNU General Public License Version 2 or later (the "GPL"), or
|
| -* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
| -* in which case the provisions of the GPL or the LGPL are applicable instead
|
| -* of those above. If you wish to allow use of your version of this file only
|
| -* under the terms of either the GPL or the LGPL, and not to allow others to
|
| -* use your version of this file under the terms of the MPL, indicate your
|
| -* decision by deleting the provisions above and replace them with the notice
|
| -* and other provisions required by the GPL or the LGPL. If you do not delete
|
| -* the provisions above, a recipient may use your version of this file under
|
| -* the terms of any one of the MPL, the GPL or the LGPL.
|
| -*
|
| -* ***** END LICENSE BLOCK ***** */
|
| -
|
| -string16 NSSDecryptor::Decrypt(const std::string& crypt) const {
|
| - // Do nothing if NSS is not loaded.
|
| - if (!is_nss_initialized_)
|
| - return string16();
|
| -
|
| - // The old style password is encoded in base64. They are identified
|
| - // by a leading '~'. Otherwise, we should decrypt the text.
|
| - std::string plain;
|
| - if (crypt[0] != '~') {
|
| - std::string decoded_data;
|
| - base::Base64Decode(crypt, &decoded_data);
|
| - PK11SlotInfo* slot = GetKeySlotForDB();
|
| - SECStatus result = PK11_Authenticate(slot, PR_TRUE, NULL);
|
| - if (result != SECSuccess) {
|
| - FreeSlot(slot);
|
| - return string16();
|
| - }
|
| -
|
| - SECItem request;
|
| - request.data = reinterpret_cast<unsigned char*>(
|
| - const_cast<char*>(decoded_data.data()));
|
| - request.len = static_cast<unsigned int>(decoded_data.size());
|
| - SECItem reply;
|
| - reply.data = NULL;
|
| - reply.len = 0;
|
| -#if defined(USE_NSS)
|
| - result = PK11SDR_DecryptWithSlot(slot, &request, &reply, NULL);
|
| -#else
|
| - result = PK11SDR_Decrypt(&request, &reply, NULL);
|
| -#endif // defined(USE_NSS)
|
| - if (result == SECSuccess)
|
| - plain.assign(reinterpret_cast<char*>(reply.data), reply.len);
|
| -
|
| - SECITEM_FreeItem(&reply, PR_FALSE);
|
| - FreeSlot(slot);
|
| - } else {
|
| - // Deletes the leading '~' before decoding.
|
| - base::Base64Decode(crypt.substr(1), &plain);
|
| - }
|
| -
|
| - return UTF8ToUTF16(plain);
|
| -}
|
| -
|
| -// There are three versions of password files. They store saved user
|
| -// names and passwords.
|
| -// References:
|
| -// http://kb.mozillazine.org/Signons.txt
|
| -// http://kb.mozillazine.org/Signons2.txt
|
| -// http://kb.mozillazine.org/Signons3.txt
|
| -void NSSDecryptor::ParseSignons(
|
| - const std::string& content,
|
| - std::vector<content::PasswordForm>* forms) {
|
| - forms->clear();
|
| -
|
| - // Splits the file content into lines.
|
| - std::vector<std::string> lines;
|
| - base::SplitString(content, '\n', &lines);
|
| -
|
| - // The first line is the file version. We skip the unknown versions.
|
| - if (lines.empty())
|
| - return;
|
| - int version;
|
| - if (lines[0] == "#2c")
|
| - version = 1;
|
| - else if (lines[0] == "#2d")
|
| - version = 2;
|
| - else if (lines[0] == "#2e")
|
| - version = 3;
|
| - else
|
| - return;
|
| -
|
| - GURL::Replacements rep;
|
| - rep.ClearQuery();
|
| - rep.ClearRef();
|
| - rep.ClearUsername();
|
| - rep.ClearPassword();
|
| -
|
| - // Reads never-saved list. Domains are stored one per line.
|
| - size_t i;
|
| - for (i = 1; i < lines.size() && lines[i].compare(".") != 0; ++i) {
|
| - content::PasswordForm form;
|
| - form.origin = GURL(lines[i]).ReplaceComponents(rep);
|
| - form.signon_realm = form.origin.GetOrigin().spec();
|
| - form.blacklisted_by_user = true;
|
| - forms->push_back(form);
|
| - }
|
| - ++i;
|
| -
|
| - // Reads saved passwords. The information is stored in blocks
|
| - // seperated by lines that only contain a dot. We find a block
|
| - // by the seperator and parse them one by one.
|
| - while (i < lines.size()) {
|
| - size_t begin = i;
|
| - size_t end = i + 1;
|
| - while (end < lines.size() && lines[end].compare(".") != 0)
|
| - ++end;
|
| - i = end + 1;
|
| -
|
| - // A block has at least five lines.
|
| - if (end - begin < 5)
|
| - continue;
|
| -
|
| - content::PasswordForm form;
|
| -
|
| - // The first line is the site URL.
|
| - // For HTTP authentication logins, the URL may contain http realm,
|
| - // which will be in bracket:
|
| - // sitename:8080 (realm)
|
| - GURL url;
|
| - std::string realm;
|
| - const char kRealmBracketBegin[] = " (";
|
| - const char kRealmBracketEnd[] = ")";
|
| - if (lines[begin].find(kRealmBracketBegin) != std::string::npos) {
|
| - // In this case, the scheme may not exsit. We assume that the
|
| - // scheme is HTTP.
|
| - if (lines[begin].find("://") == std::string::npos)
|
| - lines[begin] = "http://" + lines[begin];
|
| -
|
| - size_t start = lines[begin].find(kRealmBracketBegin);
|
| - url = GURL(lines[begin].substr(0, start));
|
| -
|
| - start += std::string(kRealmBracketBegin).size();
|
| - size_t end = lines[begin].rfind(kRealmBracketEnd);
|
| - realm = lines[begin].substr(start, end - start);
|
| - } else {
|
| - // Don't have http realm. It is the URL that the following passwords
|
| - // belong to.
|
| - url = GURL(lines[begin]);
|
| - }
|
| - // Skips this block if the URL is not valid.
|
| - if (!url.is_valid())
|
| - continue;
|
| - form.origin = url.ReplaceComponents(rep);
|
| - form.signon_realm = form.origin.GetOrigin().spec();
|
| - if (!realm.empty())
|
| - form.signon_realm += realm;
|
| - form.ssl_valid = form.origin.SchemeIsSecure();
|
| - ++begin;
|
| -
|
| - // There may be multiple username/password pairs for this site.
|
| - // In this case, they are saved in one block without a seperated
|
| - // line (contains a dot).
|
| - while (begin + 4 < end) {
|
| - // The user name.
|
| - form.username_element = UTF8ToUTF16(lines[begin++]);
|
| - form.username_value = Decrypt(lines[begin++]);
|
| - // The element name has a leading '*'.
|
| - if (lines[begin].at(0) == '*') {
|
| - form.password_element = UTF8ToUTF16(lines[begin++].substr(1));
|
| - form.password_value = Decrypt(lines[begin++]);
|
| - } else {
|
| - // Maybe the file is bad, we skip to next block.
|
| - break;
|
| - }
|
| - // The action attribute from the form element. This line exists
|
| - // in versin 2 or above.
|
| - if (version >= 2) {
|
| - if (begin < end)
|
| - form.action = GURL(lines[begin]).ReplaceComponents(rep);
|
| - ++begin;
|
| - }
|
| - // Version 3 has an extra line for further use.
|
| - if (version == 3) {
|
| - ++begin;
|
| - }
|
| -
|
| - forms->push_back(form);
|
| - }
|
| - }
|
| -}
|
| -
|
| -bool NSSDecryptor::ReadAndParseSignons(const base::FilePath& sqlite_file,
|
| - std::vector<content::PasswordForm>* forms) {
|
| - sql::Connection db;
|
| - if (!db.Open(sqlite_file))
|
| - return false;
|
| -
|
| - const char* query = "SELECT hostname FROM moz_disabledHosts";
|
| - sql::Statement s(db.GetUniqueStatement(query));
|
| - if (!s.is_valid())
|
| - return false;
|
| -
|
| - GURL::Replacements rep;
|
| - rep.ClearQuery();
|
| - rep.ClearRef();
|
| - rep.ClearUsername();
|
| - rep.ClearPassword();
|
| - // Read domains for which passwords are never saved.
|
| - while (s.Step()) {
|
| - content::PasswordForm form;
|
| - form.origin = GURL(s.ColumnString(0)).ReplaceComponents(rep);
|
| - form.signon_realm = form.origin.GetOrigin().spec();
|
| - form.blacklisted_by_user = true;
|
| - forms->push_back(form);
|
| - }
|
| -
|
| - const char* query2 = "SELECT hostname, httpRealm, formSubmitURL, "
|
| - "usernameField, passwordField, encryptedUsername, "
|
| - "encryptedPassword FROM moz_logins";
|
| -
|
| - sql::Statement s2(db.GetUniqueStatement(query2));
|
| - if (!s2.is_valid())
|
| - return false;
|
| -
|
| - while (s2.Step()) {
|
| - GURL url;
|
| - std::string realm(s2.ColumnString(1));
|
| - if (!realm.empty()) {
|
| - // In this case, the scheme may not exsit. Assume HTTP.
|
| - std::string host(s2.ColumnString(0));
|
| - if (host.find("://") == std::string::npos)
|
| - host = "http://" + host;
|
| - url = GURL(host);
|
| - } else {
|
| - url = GURL(s2.ColumnString(0));
|
| - }
|
| - // Skip this row if the URL is not valid.
|
| - if (!url.is_valid())
|
| - continue;
|
| -
|
| - content::PasswordForm form;
|
| - form.origin = url.ReplaceComponents(rep);
|
| - form.signon_realm = form.origin.GetOrigin().spec();
|
| - if (!realm.empty())
|
| - form.signon_realm += realm;
|
| - form.ssl_valid = form.origin.SchemeIsSecure();
|
| - // The user name, password and action.
|
| - form.username_element = s2.ColumnString16(3);
|
| - form.username_value = Decrypt(s2.ColumnString(5));
|
| - form.password_element = s2.ColumnString16(4);
|
| - form.password_value = Decrypt(s2.ColumnString(6));
|
| - form.action = GURL(s2.ColumnString(2)).ReplaceComponents(rep);
|
| - forms->push_back(form);
|
| - }
|
| - return true;
|
| -}
|
|
|
Chromium Code Reviews
Issue 18501013:
Move most importer code to chrome/utility/importer (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src