Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(125)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/login/quick_unlock/pin_storage.cc

Issue 2150763002: Enable PIN configuration settings. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@lkgr
Patch Set: Rebase Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/about_flags.cc ('k') | chrome/browser/resources/settings/people_page/people_page.js » ('j') | chrome/browser/ui/webui/settings/chromeos/quick_unlock_handler.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h" 5 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/strings/string_util.h" 8 #include "base/strings/string_util.h"
9 #include "chrome/browser/browser_process.h"
10 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
9 #include "chrome/common/pref_names.h" 11 #include "chrome/common/pref_names.h"
10 #include "chromeos/login/auth/key.h" 12 #include "chromeos/login/auth/key.h"
11 #include "components/pref_registry/pref_registry_syncable.h" 13 #include "components/pref_registry/pref_registry_syncable.h"
12 #include "components/prefs/pref_service.h" 14 #include "components/prefs/pref_service.h"
13 #include "crypto/random.h" 15 #include "crypto/random.h"
14 16
15 namespace chromeos { 17 namespace chromeos {
16 18
17 namespace { 19 namespace {
18 20
21 bool IsDisabledByPolicy() {
achuithb 2016/07/22 01:14:59 Maybe move this to after ComputeSecret? I think kS
jdufault 2016/07/22 19:15:50 Done, moved into another file.
22 // TODO(jdufault): Implement a proper policy check. For now, just disable if
achuithb 2016/07/22 01:14:59 file a bug?
jdufault 2016/07/22 19:15:50 Done.
23 // the device is enterprise enrolled.
24 return g_browser_process->platform_part()
25 ->browser_policy_connector_chromeos()
26 ->IsEnterpriseManaged();
27 }
28
19 const int kSaltByteSize = 16; 29 const int kSaltByteSize = 16;
20 30
21 // Returns a new salt of length |kSaltByteSize|. 31 // Returns a new salt of length |kSaltByteSize|.
22 std::string CreateSalt() { 32 std::string CreateSalt() {
23 // The salt needs to be base64 encoded because the pref service requires a 33 // The salt needs to be base64 encoded because the pref service requires a
24 // UTF8 string. 34 // UTF8 string.
25 std::string salt; 35 std::string salt;
26 crypto::RandBytes(base::WriteInto(&salt, kSaltByteSize + 1), kSaltByteSize); 36 crypto::RandBytes(base::WriteInto(&salt, kSaltByteSize + 1), kSaltByteSize);
27 base::Base64Encode(salt, &salt); 37 base::Base64Encode(salt, &salt);
28 DCHECK(!salt.empty()); 38 DCHECK(!salt.empty());
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after
97 107
98 std::string PinStorage::PinSalt() const { 108 std::string PinStorage::PinSalt() const {
99 return pref_service_->GetString(prefs::kQuickUnlockPinSalt); 109 return pref_service_->GetString(prefs::kQuickUnlockPinSalt);
100 } 110 }
101 111
102 std::string PinStorage::PinSecret() const { 112 std::string PinStorage::PinSecret() const {
103 return pref_service_->GetString(prefs::kQuickUnlockPinSecret); 113 return pref_service_->GetString(prefs::kQuickUnlockPinSecret);
104 } 114 }
105 115
106 bool PinStorage::IsPinAuthenticationAvailable() const { 116 bool PinStorage::IsPinAuthenticationAvailable() const {
107 return IsPinSet() && unlock_attempt_count() < kMaximumUnlockAttempts && 117 return !IsDisabledByPolicy() && IsPinSet() &&
achuithb 2016/07/22 01:14:59 I think booleans like const bool exceeded_unlock_a
jdufault 2016/07/22 19:15:50 Done.
108 HasStrongAuth() && TimeSinceLastStrongAuth() < kStrongAuthTimeout; 118 unlock_attempt_count() < kMaximumUnlockAttempts && HasStrongAuth() &&
119 TimeSinceLastStrongAuth() < kStrongAuthTimeout;
109 } 120 }
110 121
111 bool PinStorage::TryAuthenticatePin(const std::string& pin) { 122 bool PinStorage::TryAuthenticatePin(const std::string& pin) {
112 if (!IsPinAuthenticationAvailable()) 123 if (!IsPinAuthenticationAvailable())
113 return false; 124 return false;
114 125
115 AddUnlockAttempt(); 126 AddUnlockAttempt();
116 return ComputeSecret(pin, PinSalt()) == PinSecret(); 127 return ComputeSecret(pin, PinSalt()) == PinSecret();
117 } 128 }
118 129
119 } // namespace chromeos 130 } // namespace chromeos
OLDNEW
« no previous file with comments | « chrome/browser/about_flags.cc ('k') | chrome/browser/resources/settings/people_page/people_page.js » ('j') | chrome/browser/ui/webui/settings/chromeos/quick_unlock_handler.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698