Implement pin storage backend.

chrome/browser/chromeos/login/quick_unlock/pin_authentication.cc

Index: chrome/browser/chromeos/login/quick_unlock/pin_authentication.cc
diff --git a/chrome/browser/chromeos/login/quick_unlock/pin_authentication.cc b/chrome/browser/chromeos/login/quick_unlock/pin_authentication.cc
new file mode 100644
index 0000000000000000000000000000000000000000..e51adbe7ec8e7fb463a2cb752099aa08ba1c7735
--- /dev/null
+++ b/chrome/browser/chromeos/login/quick_unlock/pin_authentication.cc
@@ -0,0 +1,36 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/login/quick_unlock/pin_authentication.h"
+
+#include "base/time/time.h"
+#include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h"
+#include "chromeos/login/auth/key.h"
+
+namespace chromeos {
+
+namespace {
+// TODO(jdufault): Pull these values in from policy.

[achuithb, 2016/05/13 23:34:56]

Reference a bug

[jdufault, 2016/05/16 22:08:47]

Done.

+const int kMaximumUnlockAttempts = 3;
+base::TimeDelta kStrongAuthTimeout = base::TimeDelta::FromHours(24);
+}  // namespace
+
+bool IsPinAvailable(PinStorage* storage) {
+  return storage->HasPin() &&
+         storage->UnlockAttemptCount() < kMaximumUnlockAttempts &&
+         storage->TimeSinceLastStrongAuth() < kStrongAuthTimeout;
+}
+
+bool IsValidPin(PinStorage* storage, const std::string& raw_pin) {
+  if (!IsPinAvailable(storage))
+    return false;
+
+  storage->AddUnlockAttempt();
+
+  Key key(raw_pin);
+  key.Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, storage->pin_salt());
+  return key.GetSecret() == storage->pin_secret();
+}

[stevenjb, 2016/05/16 16:33:34]

These both look like they should be PinStorage member functions.

[jdufault, 2016/05/16 22:08:47]

Done.

+
+}  // namespace chromeos