OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "cryptohome/username_passkey.h" | |
6 | |
7 #include <openssl/sha.h> | |
8 | |
9 #include "base/logging.h" | |
10 #include "chromeos/utility.h" | |
11 | |
12 namespace cryptohome { | |
13 using std::string; | |
14 | |
15 UsernamePasskey::UsernamePasskey(const char *username, | |
16 const int username_length, | |
17 const char *passkey, | |
18 const int passkey_length) | |
19 : username_(username, username_length), | |
20 passkey_(passkey_length) { | |
21 memcpy(&passkey_[0], passkey, passkey_length); | |
22 } | |
23 | |
24 UsernamePasskey::UsernamePasskey(const char *username, | |
25 const int username_length, | |
26 const chromeos::Blob& passkey) | |
27 : username_(username, username_length), | |
28 passkey_() { | |
29 passkey_.assign(passkey.begin(), passkey.end()); | |
30 } | |
31 | |
32 UsernamePasskey::UsernamePasskey(const char *username, | |
33 const int username_length, | |
34 const std::string& passkey) | |
35 : username_(username, username_length), | |
36 passkey_() { | |
37 passkey_.resize(passkey.length()); | |
38 memcpy(&passkey_[0], passkey.c_str(), passkey.length()); | |
39 } | |
40 | |
41 UsernamePasskey::UsernamePasskey(const UsernamePasskey& rhs) | |
42 : username_(rhs.username_), | |
43 passkey_(rhs.passkey_) { | |
44 } | |
45 | |
46 UsernamePasskey::~UsernamePasskey() { | |
47 } | |
48 | |
49 UsernamePasskey& UsernamePasskey::operator=(const UsernamePasskey& rhs) { | |
50 this->username_ = rhs.username_; | |
51 this->passkey_ = rhs.passkey_; | |
52 return *this; | |
53 } | |
54 | |
55 UsernamePasskey UsernamePasskey::FromUsernamePassword(const char* username, | |
56 const char* password, | |
57 const chromeos::Blob& salt) { | |
58 SecureBlob passkey = PasswordToPasskey(password, salt); | |
59 return UsernamePasskey(username, strlen(username), passkey); | |
60 } | |
61 | |
62 SecureBlob UsernamePasskey::PasswordToPasskey(const char *password, | |
63 const chromeos::Blob& salt) { | |
64 CHECK(password); | |
65 | |
66 std::string ascii_salt = chromeos::AsciiEncode(salt); | |
67 // Convert a raw password to a password hash | |
68 SHA256_CTX sha_ctx; | |
69 unsigned char md_value[SHA256_DIGEST_LENGTH]; | |
70 | |
71 SHA256_Init(&sha_ctx); | |
72 SHA256_Update(&sha_ctx, | |
73 reinterpret_cast<const unsigned char*>(ascii_salt.data()), | |
74 static_cast<unsigned int>(ascii_salt.length())); | |
75 SHA256_Update(&sha_ctx, password, strlen(password)); | |
76 SHA256_Final(md_value, &sha_ctx); | |
77 | |
78 SecureBlob password_hash(SHA256_DIGEST_LENGTH); | |
79 AsciiEncodeToBuffer(md_value, SHA256_DIGEST_LENGTH / 2, | |
80 reinterpret_cast<char*>(&password_hash[0]), | |
mschilder
2010/05/27 04:20:18
Add a void* data() method to SecureBlob? This cast
| |
81 password_hash.size()); | |
82 chromeos::SecureMemset(md_value, sizeof(md_value), 0); | |
83 return password_hash; | |
84 } | |
85 | |
86 void UsernamePasskey::AsciiEncodeToBuffer(const unsigned char* source, | |
87 int source_length, char* buffer, | |
88 int buffer_length) { | |
89 const char hex_chars[] = "0123456789abcdef"; | |
90 int i = 0; | |
91 for (int index = 0; | |
92 (index < source_length) && ((i + 1) < buffer_length); | |
93 index++) { | |
94 buffer[i++] = hex_chars[(source[index] >> 4) & 0x0f]; | |
95 buffer[i++] = hex_chars[source[index] & 0x0f]; | |
96 } | |
97 if (i < buffer_length) { | |
98 buffer[i] = '\0'; | |
99 } | |
100 } | |
101 | |
102 void UsernamePasskey::GetFullUsername(char *name_buffer, int length) const { | |
103 strncpy(name_buffer, username_.c_str(), length); | |
104 } | |
105 | |
106 std::string UsernamePasskey::GetFullUsername() const { | |
107 return username_; | |
108 } | |
109 | |
110 void UsernamePasskey::GetPartialUsername(char *name_buffer, int length) const { | |
111 size_t at_index = username_.find('@'); | |
112 string partial = username_.substr(0, at_index); | |
113 strncpy(name_buffer, partial.c_str(), length); | |
114 } | |
115 | |
116 string UsernamePasskey::GetObfuscatedUsername( | |
117 const chromeos::Blob &system_salt) const { | |
118 CHECK(!username_.empty()); | |
119 | |
120 SHA_CTX ctx; | |
121 unsigned char md_value[SHA_DIGEST_LENGTH]; | |
122 | |
123 SHA1_Init(&ctx); | |
124 SHA1_Update(&ctx, &system_salt[0], system_salt.size()); | |
125 SHA1_Update(&ctx, username_.c_str(), username_.length()); | |
126 SHA1_Final(md_value, &ctx); | |
127 | |
128 chromeos::Blob md_blob(md_value, | |
129 md_value + (SHA_DIGEST_LENGTH * sizeof(unsigned char))); | |
130 | |
131 return chromeos::AsciiEncode(md_blob); | |
132 } | |
133 | |
134 SecureBlob UsernamePasskey::GetPasskey() const { | |
135 return passkey_; | |
136 } | |
137 | |
138 } // namespace cryptohome | |
OLD | NEW |