OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/settings/token_encryptor.h" | 5 #include "chrome/browser/chromeos/settings/token_encryptor.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <vector> | 10 #include <vector> |
(...skipping 13 matching lines...) Expand all Loading... |
24 namespace { | 24 namespace { |
25 const size_t kNonceSize = 16; | 25 const size_t kNonceSize = 16; |
26 } // namespace | 26 } // namespace |
27 | 27 |
28 CryptohomeTokenEncryptor::CryptohomeTokenEncryptor( | 28 CryptohomeTokenEncryptor::CryptohomeTokenEncryptor( |
29 const std::string& system_salt) | 29 const std::string& system_salt) |
30 : system_salt_(system_salt) { | 30 : system_salt_(system_salt) { |
31 DCHECK(!system_salt.empty()); | 31 DCHECK(!system_salt.empty()); |
32 // TODO(davidroche): should this use the system salt for both the password | 32 // TODO(davidroche): should this use the system salt for both the password |
33 // and the salt value, or should this use a separate salt value? | 33 // and the salt value, or should this use a separate salt value? |
34 system_salt_key_.reset(PassphraseToKey(system_salt_, system_salt_)); | 34 system_salt_key_ = PassphraseToKey(system_salt_, system_salt_); |
35 } | 35 } |
36 | 36 |
37 CryptohomeTokenEncryptor::~CryptohomeTokenEncryptor() { | 37 CryptohomeTokenEncryptor::~CryptohomeTokenEncryptor() { |
38 } | 38 } |
39 | 39 |
40 std::string CryptohomeTokenEncryptor::EncryptWithSystemSalt( | 40 std::string CryptohomeTokenEncryptor::EncryptWithSystemSalt( |
41 const std::string& token) { | 41 const std::string& token) { |
42 // Don't care about token encryption while debugging. | 42 // Don't care about token encryption while debugging. |
43 if (!base::SysInfo::IsRunningOnChromeOS()) | 43 if (!base::SysInfo::IsRunningOnChromeOS()) |
44 return token; | 44 return token; |
(...skipping 15 matching lines...) Expand all Loading... |
60 | 60 |
61 if (!system_salt_key_) { | 61 if (!system_salt_key_) { |
62 LOG(WARNING) << "System salt key is not available for decrypt."; | 62 LOG(WARNING) << "System salt key is not available for decrypt."; |
63 return std::string(); | 63 return std::string(); |
64 } | 64 } |
65 return DecryptTokenWithKey(system_salt_key_.get(), | 65 return DecryptTokenWithKey(system_salt_key_.get(), |
66 system_salt_, | 66 system_salt_, |
67 encrypted_token_hex); | 67 encrypted_token_hex); |
68 } | 68 } |
69 | 69 |
70 crypto::SymmetricKey* CryptohomeTokenEncryptor::PassphraseToKey( | 70 std::unique_ptr<crypto::SymmetricKey> CryptohomeTokenEncryptor::PassphraseToKey( |
71 const std::string& passphrase, | 71 const std::string& passphrase, |
72 const std::string& salt) { | 72 const std::string& salt) { |
73 return crypto::SymmetricKey::DeriveKeyFromPassword( | 73 return crypto::SymmetricKey::DeriveKeyFromPassword( |
74 crypto::SymmetricKey::AES, passphrase, salt, 1000, 256); | 74 crypto::SymmetricKey::AES, passphrase, salt, 1000, 256); |
75 } | 75 } |
76 | 76 |
77 std::string CryptohomeTokenEncryptor::EncryptTokenWithKey( | 77 std::string CryptohomeTokenEncryptor::EncryptTokenWithKey( |
78 crypto::SymmetricKey* key, | 78 crypto::SymmetricKey* key, |
79 const std::string& salt, | 79 const std::string& salt, |
80 const std::string& token) { | 80 const std::string& token) { |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
119 std::string token; | 119 std::string token; |
120 CHECK(encryptor.SetCounter(nonce)); | 120 CHECK(encryptor.SetCounter(nonce)); |
121 if (!encryptor.Decrypt(encrypted_token, &token)) { | 121 if (!encryptor.Decrypt(encrypted_token, &token)) { |
122 LOG(WARNING) << "Failed to decrypt token."; | 122 LOG(WARNING) << "Failed to decrypt token."; |
123 return std::string(); | 123 return std::string(); |
124 } | 124 } |
125 return token; | 125 return token; |
126 } | 126 } |
127 | 127 |
128 } // namespace chromeos | 128 } // namespace chromeos |
OLD | NEW |