Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(103)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/os_crypt/key_storage_libsecret.cc

Issue 1973483002: OSCrypt for POSIX uses libsecret to store a randomised encryption key. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixed lsan failure Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/os_crypt/BUILD.gn ('K') | « components/os_crypt/key_storage_libsecret.h ('k') | components/os_crypt/key_storage_linux.h » ('j') | components/os_crypt/key_storage_linux.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <components/os_crypt/key_storage_libsecret.h>
Lei Zhang 2016/05/18 22:38:15 Use quotes.
cfroussios 2016/05/19 21:18:17 Done.
6
7 #include "base/base64.h"
8 #include "base/rand_util.h"
9 #include "base/strings/string_number_conversions.h"
10 #include "components/os_crypt/libsecret_util_linux.h"
11
12 namespace {
13
14 #ifdef OFFICIAL_BUILD
Lei Zhang 2016/05/18 22:38:15 if defined()
cfroussios 2016/05/19 21:18:17 Done.
15 const char kKeyStorageEntryName[] = "Chrome Safe Storage";
16 #else
17 const char kKeyStorageEntryName[] = "Chromium Safe Storage";
18 #endif
19
20 const SecretSchema kKeystoreSchema = {
21 "chrome_libsecret_os_crypt_password",
22 SECRET_SCHEMA_NONE,
23 {
24 {nullptr, SECRET_SCHEMA_ATTRIBUTE_STRING},
25 }};
26
27 std::string AddRandomPasswordInLibsecret() {
28 std::string password;
29 base::Base64Encode(base::RandBytesAsString(128 / 8), &password);
Lei Zhang 2016/05/18 22:38:15 Is there a benefit to writing out "128 / 8" ?
cfroussios 2016/05/19 21:18:17 Explicitness about the number of bits used? The ma
30 GError* error = nullptr;
31 LibsecretLoader::secret_password_store_sync(
32 &kKeystoreSchema, nullptr, kKeyStorageEntryName, password.c_str(),
33 nullptr, &error, nullptr);
34
35 if (error) {
36 VLOG(1) << "Libsecret lookup failed: " << error->message;
37 return std::string();
38 }
39 return password;
40 }
41
42 } // namespace
43
44 std::string KeyStorageLibsecret::GetKey() {
45 GError* error = nullptr;
46 LibsecretAttributesBuilder attrs;
47 SecretValue* password_libsecret = LibsecretLoader::secret_service_lookup_sync(
48 nullptr, &kKeystoreSchema, attrs.Get(), nullptr, &error);
49
50 if (error) {
Lei Zhang 2016/05/18 22:38:15 Is |password_libsecret| guaranteed to be a nullptr
cfroussios 2016/05/19 21:18:17 The examples on the official site make that assump
51 VLOG(1) << "Libsecret lookup failed: " << error->message;
52 g_error_free(error);
53 return std::string();
54 } else if (password_libsecret == nullptr) {
Lei Zhang 2016/05/18 22:38:15 foo == nullptr -> !foo
Lei Zhang 2016/05/18 22:38:15 There's no need for else / else-if after a return.
cfroussios 2016/05/19 21:18:17 Done.
cfroussios 2016/05/19 21:18:17 Done.
55 return AddRandomPasswordInLibsecret();
56 } else {
57 std::string password(
58 LibsecretLoader::secret_value_get_text(password_libsecret));
59 LibsecretLoader::secret_value_unref(password_libsecret);
60 return password;
61 }
62 }
63
64 bool KeyStorageLibsecret::Init() {
65 return LibsecretLoader::EnsureLibsecretLoaded();
66 }
OLDNEW
« components/os_crypt/BUILD.gn ('K') | « components/os_crypt/key_storage_libsecret.h ('k') | components/os_crypt/key_storage_linux.h » ('j') | components/os_crypt/key_storage_linux.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698