Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(206)

Unified Diff: components/os_crypt/key_storage_libsecret.cc

Issue 1973483002: OSCrypt for POSIX uses libsecret to store a randomised encryption key. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Recommendations Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/os_crypt/key_storage_libsecret.h ('k') | components/os_crypt/key_storage_linux.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/os_crypt/key_storage_libsecret.cc
diff --git a/components/os_crypt/key_storage_libsecret.cc b/components/os_crypt/key_storage_libsecret.cc
new file mode 100644
index 0000000000000000000000000000000000000000..9c27ffc443cad053a0bed4304a12265d2839c256
--- /dev/null
+++ b/components/os_crypt/key_storage_libsecret.cc
@@ -0,0 +1,66 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/os_crypt/key_storage_libsecret.h"
+
+#include "base/base64.h"
+#include "base/rand_util.h"
+#include "base/strings/string_number_conversions.h"
+#include "components/os_crypt/libsecret_util_linux.h"
+
+namespace {
+
+#if defined(OFFICIAL_BUILD)
+const char kKeyStorageEntryName[] = "Chrome Safe Storage";
+#else
+const char kKeyStorageEntryName[] = "Chromium Safe Storage";
+#endif
+
+const SecretSchema kKeystoreSchema = {
+ "chrome_libsecret_os_crypt_password",
+ SECRET_SCHEMA_NONE,
+ {
+ {nullptr, SECRET_SCHEMA_ATTRIBUTE_STRING},
+ }};
+
+std::string AddRandomPasswordInLibsecret() {
+ std::string password;
+ base::Base64Encode(base::RandBytesAsString(16), &password);
+ GError* error = nullptr;
+ LibsecretLoader::secret_password_store_sync(
+ &kKeystoreSchema, nullptr, kKeyStorageEntryName, password.c_str(),
+ nullptr, &error, nullptr);
+
+ if (error) {
+ VLOG(1) << "Libsecret lookup failed: " << error->message;
+ return std::string();
+ }
+ return password;
+}
+
+} // namespace
+
+std::string KeyStorageLibsecret::GetKey() {
+ GError* error = nullptr;
+ LibsecretAttributesBuilder attrs;
+ SecretValue* password_libsecret = LibsecretLoader::secret_service_lookup_sync(
+ nullptr, &kKeystoreSchema, attrs.Get(), nullptr, &error);
+
+ if (error) {
+ VLOG(1) << "Libsecret lookup failed: " << error->message;
+ g_error_free(error);
+ return std::string();
+ }
+ if (!password_libsecret) {
+ return AddRandomPasswordInLibsecret();
+ }
+ std::string password(
+ LibsecretLoader::secret_value_get_text(password_libsecret));
+ LibsecretLoader::secret_value_unref(password_libsecret);
+ return password;
+}
+
+bool KeyStorageLibsecret::Init() {
+ return LibsecretLoader::EnsureLibsecretLoaded();
+}
« no previous file with comments | « components/os_crypt/key_storage_libsecret.h ('k') | components/os_crypt/key_storage_linux.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698