components/os_crypt/key_storage_libsecret.cc - Issue 1973483002: OSCrypt for POSIX uses libsecret to store a randomised encryption key.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/os_crypt/key_storage_libsecret.cc

Issue 1973483002: OSCrypt for POSIX uses libsecret to store a randomised encryption key. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Nit Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/os_crypt/key_storage_libsecret.cc

diff --git a/components/os_crypt/key_storage_libsecret.cc b/components/os_crypt/key_storage_libsecret.cc

new file mode 100644

index 0000000000000000000000000000000000000000..c5264bdecf32e89533c70d899cc2bc13819d7c3e

--- /dev/null

+++ b/components/os_crypt/key_storage_libsecret.cc

@@ -0,0 +1,65 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "components/os_crypt/key_storage_libsecret.h"

+#include "base/base64.h"

+#include "base/rand_util.h"

+#include "base/strings/string_number_conversions.h"

+#include "components/os_crypt/libsecret_util_linux.h"

+namespace {

+#if defined(OFFICIAL_BUILD)

+const char kKeyStorageEntryName[] = "Chrome Safe Storage";

+#else

+const char kKeyStorageEntryName[] = "Chromium Safe Storage";

+#endif

+const SecretSchema kKeystoreSchema = {

+ "chrome_libsecret_os_crypt_password",

+ SECRET_SCHEMA_NONE,

+ {

+ {nullptr, SECRET_SCHEMA_ATTRIBUTE_STRING},

+ }};

+std::string AddRandomPasswordInLibsecret() {

+ std::string password;

+ base::Base64Encode(base::RandBytesAsString(128 / 8), &password);

+ GError* error = nullptr;

+ LibsecretLoader::secret_password_store_sync(

+ &kKeystoreSchema, nullptr, kKeyStorageEntryName, password.c_str(),

+ nullptr, &error, nullptr);

+ if (error) {

+ VLOG(1) << "Libsecret lookup failed: " << error->message;

+ return std::string();

+ }

+ return password;

+} // namespace

+std::string KeyStorageLibsecret::GetKey() {

+ GError* error = nullptr;

+ LibsecretAttributesBuilder attrs;

+ SecretValue* password_libsecret = LibsecretLoader::secret_service_lookup_sync(

+ nullptr, &kKeystoreSchema, attrs.Get(), nullptr, &error);

+ if (error) {

+ VLOG(1) << "Libsecret lookup failed: " << error->message;

+ g_error_free(error);

+ return std::string();

+ } else if (!password_libsecret) {

Lei Zhang 2016/05/19 22:45:38 There's still an else-if after a return.

cfroussios 2016/05/20 16:44:52 Done.

+ return AddRandomPasswordInLibsecret();

+ }

+ std::string password(

+ LibsecretLoader::secret_value_get_text(password_libsecret));

+ LibsecretLoader::secret_value_unref(password_libsecret);

+ return password;

+bool KeyStorageLibsecret::Init() {

+ return LibsecretLoader::EnsureLibsecretLoaded();

« components/os_crypt/BUILD.gn ('K') | « components/os_crypt/key_storage_libsecret.h ('k') | components/os_crypt/key_storage_linux.h » ('j') | components/os_crypt/os_crypt.h » ('J')