OSCrypt for POSIX uses libsecret to store a randomised encryption key.

components/os_crypt/os_crypt_linux.cc

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/os_crypt/os_crypt.h"
+
+#include <stddef.h>
+
+#include <functional>

[Lei Zhang, 2016/05/18 22:38:16]

What's this used for?

[cfroussios, 2016/05/19 21:18:18]

Done.

+#include <memory>
+
+#include "base/lazy_instance.h"
+#include "base/logging.h"
+#include "base/strings/string_util.h"
+#include "base/strings/utf_string_conversions.h"
+#include "components/os_crypt/key_storage_linux.h"
+#include "crypto/encryptor.h"
+#include "crypto/symmetric_key.h"
+
+namespace {
+
+// Salt for Symmetric key derivation.
+const char kSalt[] = "saltysalt";
+
+// Key size required for 128 bit AES.
+const size_t kDerivedKeySizeInBits = 128;
+
+// Constant for Symmetic key derivation.
+const size_t kEncryptionIterations = 1;
+
+// Size of initialization vector for AES 128-bit.
+const size_t kIVBlockSizeAES128 = 16;
+
+// Used for array indexing
+enum Version {
+  V10 = 0,
+  V11 = 1,
+};
+
+// Prefix for cypher text returned by obfuscation version.  We prefix the
+// cyphertext with this string so that future data migration can detect
+// this and migrate to full encryption without data loss.
+const char* kObfuscationPrefix[] = {

[Lei Zhang, 2016/05/18 22:38:16]

const char kObfuscationPrefix[][4]

[cfroussios, 2016/05/19 21:18:18]

Done.

+    "v10", "v11",
+};
+
+struct Cache {
+  std::unique_ptr<KeyStorage> key_storage_cache;
+  std::unique_ptr<std::string> password_v10_cache;
+  std::unique_ptr<std::string> password_v11_cache;
+  bool is_key_storage_cached;
+  bool is_password_v11_cached;
+};
+
+base::LazyInstance<Cache>::Leaky g_cache = LAZY_INSTANCE_INITIALIZER;
+
+// Lazy acquisition and caching of a KeyStorage. Will be null if no service is
+// found.
+KeyStorage* GetKeyStorage() {
+  if (!g_cache.Get().is_key_storage_cached) {
+    g_cache.Get().is_key_storage_cached = true;
+    g_cache.Get().key_storage_cache.reset(
+        KeyStorage::CreateService().release());

[Lei Zhang, 2016/05/18 22:38:16]

foo.reset(bar.release()) -> foo = bar?

[cfroussios, 2016/05/19 21:18:18]

Done.

+  }
+  return g_cache.Get().key_storage_cache.get();
+}
+
+// Returns a cached string of "peanuts"
+std::string* GetPasswordV10() {
+  if (!g_cache.Get().password_v10_cache.get())
+    g_cache.Get().password_v10_cache.reset(new std::string("peanuts"));
+  return g_cache.Get().password_v10_cache.get();
+}
+
+// Caches and returns the password from the KeyStorage or null if there is no
+// service.
+std::string* GetPasswordV11() {
+  if (!g_cache.Get().is_password_v11_cached) {
+    g_cache.Get().is_password_v11_cached = true;
+    g_cache.Get().password_v11_cache.reset(
+        GetKeyStorage() ? new std::string(GetKeyStorage()->GetKey()) : nullptr);
+  }
+  return g_cache.Get().password_v11_cache.get();
+}
+
+KeyStorage* (*g_key_storage_provider)() = &GetKeyStorage;
+
+std::string* (*get_password[])() = {
+    &GetPasswordV10, &GetPasswordV11,
+};
+
+// Generates a newly allocated SymmetricKey object based a hard-coded password.
+// Ownership of the key is passed to the caller.  Returns NULL key if a key
+// generation error occurs.
+std::unique_ptr<crypto::SymmetricKey> GetEncryptionKey(Version version) {
+  std::string salt(kSalt);
+
+  std::string* password = get_password[version]();
+  if (password == nullptr)

[Lei Zhang, 2016/05/18 22:38:16]

!password

[cfroussios, 2016/05/19 21:18:19]

Done.

+    return nullptr;
+
+  // Create an encryption key from our password and salt.
+  std::unique_ptr<crypto::SymmetricKey> encryption_key(
+      crypto::SymmetricKey::DeriveKeyFromPassword(
+          crypto::SymmetricKey::AES, *password, salt, kEncryptionIterations,
+          kDerivedKeySizeInBits));
+  DCHECK(encryption_key.get());
+
+  return encryption_key;
+}
+
+}  // namespace
+
+// static
+bool OSCrypt::EncryptString16(const base::string16& plaintext,
+                              std::string* ciphertext) {
+  return EncryptString(base::UTF16ToUTF8(plaintext), ciphertext);
+}
+
+// static
+bool OSCrypt::DecryptString16(const std::string& ciphertext,
+                              base::string16* plaintext) {
+  std::string utf8;
+  if (!DecryptString(ciphertext, &utf8))
+    return false;
+
+  *plaintext = base::UTF8ToUTF16(utf8);
+  return true;
+}
+
+// static
+bool OSCrypt::EncryptString(const std::string& plaintext,
+                            std::string* ciphertext) {
+  if (plaintext.empty()) {
+    *ciphertext = std::string();
+    return true;
+  }
+
+  // If a |KeyStorage| is available, use a password backed by the |KeyStorage|.
+  // Otherwise use the hardcoded password.
+  Version version = g_key_storage_provider() ? Version::V11 : Version::V10;
+
+  std::unique_ptr<crypto::SymmetricKey> encryption_key(
+      GetEncryptionKey(version));
+  if (!encryption_key.get())
+    return false;
+
+  std::string iv(kIVBlockSizeAES128, ' ');
+  crypto::Encryptor encryptor;
+  if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
+    return false;
+
+  if (!encryptor.Encrypt(plaintext, ciphertext))
+    return false;
+
+  // Prefix the cypher text with version information.
+  ciphertext->insert(0, kObfuscationPrefix[version]);
+  return true;
+}
+
+// static
+bool OSCrypt::DecryptString(const std::string& ciphertext,
+                            std::string* plaintext) {
+  if (ciphertext.empty()) {
+    *plaintext = std::string();
+    return true;
+  }
+
+  // Check that the incoming cyphertext was encrypted and with what version.
+  // Credit card numbers are current legacy unencrypted data, so false match
+  // with prefix won't happen.
+  Version version;
+  if (ciphertext.find(kObfuscationPrefix[Version::V10]) == 0) {

[Lei Zhang, 2016/05/18 22:38:16]

Use base::StartsWith() for readability?

[cfroussios, 2016/05/19 21:18:18]

Done.

+    version = Version::V10;
+  } else if (ciphertext.find(kObfuscationPrefix[Version::V11]) == 0) {
+    version = Version::V11;
+  } else {
+    // If the prefix is not found then we'll assume we're dealing with
+    // old data saved as clear text and we'll return it directly.
+    *plaintext = ciphertext;
+    return true;
+  }
+
+  // Strip off the versioning prefix before decrypting.
+  std::string raw_ciphertext =

[Lei Zhang, 2016/05/18 22:38:16]

Can you defer this until you use it?

[cfroussios, 2016/05/19 21:18:18]

Done.

+      ciphertext.substr(strlen(kObfuscationPrefix[version]));
+
+  std::unique_ptr<crypto::SymmetricKey> encryption_key(
+      GetEncryptionKey(version));
+  if (!encryption_key.get())
+    return false;
+
+  std::string iv(kIVBlockSizeAES128, ' ');
+  crypto::Encryptor encryptor;
+  if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
+    return false;
+
+  if (!encryptor.Decrypt(raw_ciphertext, plaintext))
+    return false;
+
+  return true;
+}
+
+namespace {
+
+base::LazyInstance<KeyStorageMock>::Leaky key_storage_mock =

[Lei Zhang, 2016/05/18 22:38:16]

g_var_name_for_globals

[cfroussios, 2016/05/19 21:18:19]

Done.

+    LAZY_INSTANCE_INITIALIZER;
+
+std::string* get_password_v11_mock() {
+  return key_storage_mock.Get().GetKeyPtr();
+}
+
+KeyStorage* get_key_storage_mock() {
+  return key_storage_mock.Pointer();
+}
+
+}  // namespace
+
+// static
+KeyStorageMock* OSCrypt::UseMockKeyStorage(bool use) {
+  if (use) {
+    // Bypass loading a |KeyStorage| and caching of the key for V11
+    get_password[Version::V11] = &get_password_v11_mock;
+    // OSCrypt will determine the encryption version by checking if a
+    // |KeyStorage| can be found. Enable V11 by returning the mock.
+    g_key_storage_provider = &get_key_storage_mock;
+  } else {
+    get_password[Version::V11] = &GetPasswordV11;
+    g_key_storage_provider = &GetKeyStorage;
+  }
+
+  return key_storage_mock.Pointer();
+}