OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/os_crypt/os_crypt.h" | |
6 | |
7 #include <stddef.h> | |
8 | |
9 #include <memory> | |
10 | |
11 #include "base/lazy_instance.h" | |
12 #include "base/logging.h" | |
13 #include "base/strings/string_util.h" | |
14 #include "base/strings/utf_string_conversions.h" | |
15 #include "components/os_crypt/key_storage_linux.h" | |
16 #include "crypto/encryptor.h" | |
17 #include "crypto/symmetric_key.h" | |
18 | |
19 namespace { | |
20 | |
21 // Salt for Symmetric key derivation. | |
22 const char kSalt[] = "saltysalt"; | |
23 | |
24 // Key size required for 128 bit AES. | |
25 const size_t kDerivedKeySizeInBits = 128; | |
26 | |
27 // Constant for Symmetic key derivation. | |
28 const size_t kEncryptionIterations = 1; | |
29 | |
30 // Size of initialization vector for AES 128-bit. | |
31 const size_t kIVBlockSizeAES128 = 16; | |
32 | |
33 // Password version. V10 means that the hardcoded password will be used. | |
34 // V11 means that a password is/will be stored using an OS-level library (e.g | |
35 // Libsecret). V11 will not be used if such a library is not available. | |
36 // Used for array indexing | |
vabr (Chromium)
2016/05/23 12:38:33
nit: Full-stop at the end.
cfroussios
2016/05/30 11:50:16
Done.
| |
37 enum Version { | |
38 V10 = 0, | |
39 V11 = 1, | |
40 }; | |
41 | |
42 // Prefix for cypher text returned by obfuscation version. We prefix the | |
vabr (Chromium)
2016/05/23 12:38:33
The US spelling of cypher seems to be with -i- onl
cfroussios
2016/05/30 11:50:17
Done.
| |
43 // cyphertext with this string so that future data migration can detect | |
44 // this and migrate to full encryption without data loss. | |
45 const char kObfuscationPrefix[][4] = { | |
46 "v10", "v11", | |
47 }; | |
48 | |
49 struct Cache { | |
50 std::unique_ptr<KeyStorageLinux> key_storage_cache; | |
51 std::unique_ptr<std::string> password_v10_cache; | |
52 std::unique_ptr<std::string> password_v11_cache; | |
53 bool is_key_storage_cached; | |
54 bool is_password_v11_cached; | |
55 }; | |
56 | |
57 base::LazyInstance<Cache>::Leaky g_cache = LAZY_INSTANCE_INITIALIZER; | |
58 | |
59 // Lazy acquisition and caching of a KeyStorage. Will be null if no service is | |
60 // found. | |
61 KeyStorageLinux* GetKeyStorage() { | |
62 if (!g_cache.Get().is_key_storage_cached) { | |
63 g_cache.Get().is_key_storage_cached = true; | |
64 g_cache.Get().key_storage_cache = KeyStorageLinux::CreateService(); | |
65 } | |
66 return g_cache.Get().key_storage_cache.get(); | |
67 } | |
68 | |
69 // Returns a cached string of "peanuts" | |
vabr (Chromium)
2016/05/23 12:38:33
nit: full-stop at the end
cfroussios
2016/05/30 11:50:16
Done.
| |
70 std::string* GetPasswordV10() { | |
71 if (!g_cache.Get().password_v10_cache.get()) | |
72 g_cache.Get().password_v10_cache.reset(new std::string("peanuts")); | |
73 return g_cache.Get().password_v10_cache.get(); | |
74 } | |
75 | |
76 // Caches and returns the password from the KeyStorage or null if there is no | |
77 // service. | |
78 std::string* GetPasswordV11() { | |
79 if (!g_cache.Get().is_password_v11_cached) { | |
80 g_cache.Get().is_password_v11_cached = true; | |
81 g_cache.Get().password_v11_cache.reset( | |
82 GetKeyStorage() ? new std::string(GetKeyStorage()->GetKey()) : nullptr); | |
83 } | |
84 return g_cache.Get().password_v11_cache.get(); | |
85 } | |
86 | |
87 // Pointer to a function that creates and returns the |KeyStorage| instance to | |
88 // be used. The function maintains ownership of the pointer. | |
89 KeyStorageLinux* (*g_key_storage_provider)() = &GetKeyStorage; | |
90 | |
91 // Pointers to functions that return a password for deriving the encryption key. | |
92 // One function for each supported password version (see Version enum). | |
93 std::string* (*get_password[])() = { | |
94 &GetPasswordV10, &GetPasswordV11, | |
95 }; | |
96 | |
97 // Generates a newly allocated SymmetricKey object based a hard-coded password. | |
vabr (Chromium)
2016/05/23 12:38:33
nit: "based a" -> "based on a"
cfroussios
2016/05/30 11:50:16
Done.
| |
98 // Ownership of the key is passed to the caller. Returns NULL key if a key | |
vabr (Chromium)
2016/05/23 12:38:33
optional nit: NULL -> null
Because NULL is an obso
vabr (Chromium)
2016/05/23 12:38:33
nit: Please use just one space to separate sentenc
cfroussios
2016/05/30 11:50:16
Done.
cfroussios
2016/05/30 11:50:16
Done.
| |
99 // generation error occurs. | |
100 std::unique_ptr<crypto::SymmetricKey> GetEncryptionKey(Version version) { | |
101 std::string salt(kSalt); | |
102 | |
103 std::string* password = get_password[version](); | |
104 if (!password) | |
105 return nullptr; | |
106 | |
107 // Create an encryption key from our password and salt. | |
108 std::unique_ptr<crypto::SymmetricKey> encryption_key( | |
109 crypto::SymmetricKey::DeriveKeyFromPassword( | |
110 crypto::SymmetricKey::AES, *password, salt, kEncryptionIterations, | |
111 kDerivedKeySizeInBits)); | |
112 DCHECK(encryption_key.get()); | |
vabr (Chromium)
2016/05/23 12:38:33
Please drop ".get()", unique_ptr should convert to
cfroussios
2016/05/30 11:50:16
Done.
| |
113 | |
114 return encryption_key; | |
115 } | |
116 | |
117 } // namespace | |
118 | |
119 // static | |
120 bool OSCrypt::EncryptString16(const base::string16& plaintext, | |
121 std::string* ciphertext) { | |
122 return EncryptString(base::UTF16ToUTF8(plaintext), ciphertext); | |
123 } | |
124 | |
125 // static | |
126 bool OSCrypt::DecryptString16(const std::string& ciphertext, | |
127 base::string16* plaintext) { | |
128 std::string utf8; | |
129 if (!DecryptString(ciphertext, &utf8)) | |
130 return false; | |
131 | |
132 *plaintext = base::UTF8ToUTF16(utf8); | |
133 return true; | |
134 } | |
135 | |
136 // static | |
137 bool OSCrypt::EncryptString(const std::string& plaintext, | |
138 std::string* ciphertext) { | |
139 if (plaintext.empty()) { | |
140 *ciphertext = std::string(); | |
vabr (Chromium)
2016/05/23 12:38:33
ciphertext->clear()
(Let's use the most direct ST
cfroussios
2016/05/30 11:50:16
Done.
| |
141 return true; | |
142 } | |
143 | |
144 // If a |KeyStorage| is available, use a password backed by the |KeyStorage|. | |
145 // Otherwise use the hardcoded password. | |
146 Version version = g_key_storage_provider() ? Version::V11 : Version::V10; | |
147 | |
148 std::unique_ptr<crypto::SymmetricKey> encryption_key( | |
149 GetEncryptionKey(version)); | |
150 if (!encryption_key.get()) | |
vabr (Chromium)
2016/05/23 12:38:33
no need for .get()
cfroussios
2016/05/30 11:50:17
Done.
| |
151 return false; | |
152 | |
153 std::string iv(kIVBlockSizeAES128, ' '); | |
154 crypto::Encryptor encryptor; | |
155 if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv)) | |
156 return false; | |
157 | |
158 if (!encryptor.Encrypt(plaintext, ciphertext)) | |
159 return false; | |
160 | |
161 // Prefix the cypher text with version information. | |
162 ciphertext->insert(0, kObfuscationPrefix[version]); | |
163 return true; | |
164 } | |
165 | |
166 // static | |
167 bool OSCrypt::DecryptString(const std::string& ciphertext, | |
168 std::string* plaintext) { | |
169 if (ciphertext.empty()) { | |
170 *plaintext = std::string(); | |
vabr (Chromium)
2016/05/23 12:38:33
plaintext->clear()
cfroussios
2016/05/30 11:50:16
Done.
| |
171 return true; | |
172 } | |
173 | |
174 // Check that the incoming cyphertext was encrypted and with what version. | |
175 // Credit card numbers are current legacy unencrypted data, so false match | |
176 // with prefix won't happen. | |
177 Version version; | |
178 if (base::StartsWith(ciphertext, kObfuscationPrefix[Version::V10], | |
179 base::CompareCase::SENSITIVE)) { | |
180 version = Version::V10; | |
181 } else if (base::StartsWith(ciphertext, kObfuscationPrefix[Version::V11], | |
182 base::CompareCase::SENSITIVE)) { | |
183 version = Version::V11; | |
184 } else { | |
185 // If the prefix is not found then we'll assume we're dealing with | |
186 // old data saved as clear text and we'll return it directly. | |
187 *plaintext = ciphertext; | |
188 return true; | |
189 } | |
190 | |
191 std::unique_ptr<crypto::SymmetricKey> encryption_key( | |
192 GetEncryptionKey(version)); | |
193 if (!encryption_key.get()) | |
vabr (Chromium)
2016/05/23 12:38:33
no need for .get()
cfroussios
2016/05/30 11:50:17
Done.
| |
194 return false; | |
195 | |
196 std::string iv(kIVBlockSizeAES128, ' '); | |
197 crypto::Encryptor encryptor; | |
198 if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv)) | |
199 return false; | |
200 | |
201 // Strip off the versioning prefix before decrypting. | |
202 std::string raw_ciphertext = | |
203 ciphertext.substr(strlen(kObfuscationPrefix[version])); | |
204 | |
205 if (!encryptor.Decrypt(raw_ciphertext, plaintext)) | |
206 return false; | |
207 | |
208 return true; | |
209 } | |
210 | |
211 void UseMockKeyStorageForTesting(KeyStorageLinux* (*get_key_storage_mock)(), | |
212 std::string* (*get_password_v11_mock)()) { | |
213 if (get_key_storage_mock && get_password_v11_mock) { | |
214 // Bypass calling KeyStorage::CreateService and caching of the key for V11 | |
215 get_password[Version::V11] = get_password_v11_mock; | |
216 // OSCrypt will determine the encryption version by checking if a | |
217 // |KeyStorage| instance can be created. Enable V11 by returning the mock. | |
218 g_key_storage_provider = get_key_storage_mock; | |
219 } else { | |
220 get_password[Version::V11] = &GetPasswordV11; | |
vabr (Chromium)
2016/05/23 12:38:33
Please do not make the assumption that the "real i
cfroussios
2016/05/30 11:50:16
Done.
| |
221 g_key_storage_provider = &GetKeyStorage; | |
222 } | |
223 } | |
OLD | NEW |