cros: Added a new function to quick unlock api for checking unfinished pins.

chrome/browser/chromeos/extensions/quick_unlock_private/quick_unlock_private_api.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/extensions/quick_unlock_private/quick_unlock_private_api.h"
 
 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage.h"
 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage_factory.h"
 #include "chrome/browser/chromeos/profiles/profile_helper.h"
+#include "chrome/common/pref_names.h"
 #include "chromeos/login/auth/extended_authenticator.h"
 #include "chromeos/login/auth/user_context.h"
+#include "components/prefs/pref_service.h"
 #include "extensions/browser/event_router.h"
 
 namespace extensions {
 
 namespace quick_unlock_private = api::quick_unlock_private;
 namespace SetModes = quick_unlock_private::SetModes;
 namespace GetActiveModes = quick_unlock_private::GetActiveModes;
+namespace CheckCredential = quick_unlock_private::CheckCredential;
 namespace GetAvailableModes = quick_unlock_private::GetAvailableModes;
 namespace OnActiveModesChanged = quick_unlock_private::OnActiveModesChanged;
+using CredentialProblem = quick_unlock_private::CredentialProblem;
+using CredentialCheck = quick_unlock_private::CredentialCheck;
 using QuickUnlockMode = quick_unlock_private::QuickUnlockMode;
 using QuickUnlockModeList = std::vector<QuickUnlockMode>;
 
 namespace {
 
 const char kModesAndCredentialsLengthMismatch[] =
     "|modes| and |credentials| must have the same number of elements";
 const char kMultipleModesNotSupported[] =
     "At most one quick unlock mode can be active.";
+// PINs greater in length than |kMinLengthForWeakPin| will be checked for
+// weakness.
+const int kMinLengthForWeakPin = 2;
+// A list of the top-10 most commmonly used PINs. This list is taken from
+// www.datagenetics.com/blog/september32012/.
+const char* kMostCommonPins[] = {"1234", "1111", "0000", "1212", "7777",
+                                 "1004", "2000", "4444", "2222", "6969"};
 
 // Returns the active set of quick unlock modes.
 QuickUnlockModeList ComputeActiveModes(Profile* profile) {
   QuickUnlockModeList modes;
 
   chromeos::PinStorage* pin_storage =
       chromeos::PinStorageFactory::GetForProfile(profile);
   if (pin_storage && pin_storage->IsPinSet())
     modes.push_back(quick_unlock_private::QUICK_UNLOCK_MODE_PIN);
 
   return modes;
 }
 
 // Returns true if |a| and |b| contain the same elements. The elements do not
 // need to be in the same order.
 bool AreModesEqual(const QuickUnlockModeList& a, const QuickUnlockModeList& b) {
   if (a.size() != b.size())
     return false;
 
   // This is a slow comparison algorithm, but the number of entries in |a| and
   // |b| will always be very low (0-3 items) so it doesn't matter.
   for (size_t i = 0; i < a.size(); ++i) {
     if (std::find(b.begin(), b.end(), a[i]) == b.end())
       return false;
   }
 
   return true;
 }
 
+bool IsPinNumeric(const std::string& pin) {
+  return std::all_of(pin.begin(), pin.end(), ::isdigit);
+}
+
+// Checks whether a given |pin| is valid given the PIN min/max policies in
+// |pref_service|. If |out_min_length| and/or |out_max_length| are valid
+// pointers, return the profile min/max length as well. If |length_problem| is
+// a valid pointer return the type of problem.
+bool IsPinLengthValid(const std::string& pin,
+                      PrefService* pref_service,
+                      int* out_min_length,
+                      int* out_max_length,
+                      CredentialProblem* length_problem) {
+  int min_length = pref_service->GetInteger(prefs::kPinUnlockMinimumLength);
+  int max_length = pref_service->GetInteger(prefs::kPinUnlockMaximumLength);
+
+  // Sanitize the policy input.
+  if (min_length < 1)
+    min_length = 1;
+  if (max_length < 0)
+    max_length = 0;
+
+  // If the maximum length is nonzero and shorter than the minimum length, the
+  // maximum length is the minimum length.
+  if (max_length != 0 && max_length < min_length)
+    max_length = min_length;
+
+  if (out_min_length)
+    *out_min_length = min_length;
+  if (out_max_length)
+    *out_max_length = max_length;
+
+  // Check if the PIN is shorter than the minimum specified length.
+  if (static_cast<int>(pin.size()) < min_length) {
+    *length_problem = CredentialProblem::CREDENTIAL_PROBLEM_TOO_SHORT;

[Devlin, 2016/11/29 21:35:17]

need to check this for null (here and on line 112)

[sammiequon, 2016/11/30 00:42:50]

Done.

+    return false;
+  }
+
+  // If the maximum specified length is zero, there is no maximum length.
+  // Otherwise check if the PIN is longer than the maximum specified length.
+  if (max_length != 0 && static_cast<int>(pin.size()) > max_length) {
+    *length_problem = CredentialProblem::CREDENTIAL_PROBLEM_TOO_LONG;
+    return false;
+  }
+
+  return true;
+}
+
+// Checks if a given |pin| is weak or not. A PIN is considered weak if it:
+// a) has all the same digits
+// b) each digit is one larger than the previous digit
+// c) each digit is one smaller than the previous digit
+// d) is on the top ten of this list;
+// www.datagenetics.com/blog/september32012/
+// Note: A 9 followed by a 0 is not considered increasing, and a 0 followed by
+// a 9 is not considered decreasing.
+bool IsPinDifficultEnough(const std::string& pin) {
+  // If the pin length is |kMinLengthForWeakPin| or less, there is no need to
+  // check for same character and increasing pin.
+  if (static_cast<int>(pin.size()) <= kMinLengthForWeakPin)
+    return true;
+
+  // Check if it is on the list of most common PINs.
+  bool is_common = std::find(kMostCommonPins, std::end(kMostCommonPins), pin) !=
+                   std::end(kMostCommonPins);

[Devlin, 2016/11/29 21:35:17]

nit: just return here:
if (std::find(...) != std::end(...))
  return false;

[sammiequon, 2016/11/30 00:42:50]

Done.

+
+  // Check for same digits, increasing PIN simutaneously.
+  bool is_same = true;
+  // TODO(sammiequon): Should longer PINs (5+) be still subjected to this?
+  bool is_increasing = true;
+  bool is_decreasing = true;
+  for (int i = 1; i < int{pin.length()}; ++i) {
+    const char previous = pin[i - 1];
+    const char current = pin[i];
+
+    is_same = is_same && (current == previous);
+    is_increasing = is_increasing && (current == previous + 1);
+    is_decreasing = is_decreasing && (current == previous - 1);
+  }
+
+  // PIN is considered weak if any of these conditions is met.
+  if (is_same || is_increasing || is_decreasing || is_common)
+    return false;
+
+  return true;
+}
+
 }  // namespace
 
 // quickUnlockPrivate.getAvailableModes
 
 QuickUnlockPrivateGetAvailableModesFunction::
     QuickUnlockPrivateGetAvailableModesFunction()
     : chrome_details_(this) {}
 
 QuickUnlockPrivateGetAvailableModesFunction::
     ~QuickUnlockPrivateGetAvailableModesFunction() {}
@@ skipping 17 matching lines @@
 QuickUnlockPrivateGetActiveModesFunction::
     ~QuickUnlockPrivateGetActiveModesFunction() {}
 
 ExtensionFunction::ResponseAction
 QuickUnlockPrivateGetActiveModesFunction::Run() {
   const QuickUnlockModeList modes =
       ComputeActiveModes(chrome_details_.GetProfile());
   return RespondNow(ArgumentList(GetActiveModes::Results::Create(modes)));
 }
 
+// quickUnlockPrivate.checkCredential
+
+QuickUnlockPrivateCheckCredentialFunction::
+    QuickUnlockPrivateCheckCredentialFunction()
+    : chrome_details_(this) {}

[Devlin, 2016/11/29 21:35:17]

no longer needed, right?

[sammiequon, 2016/11/30 00:42:50]

Right.

+
+QuickUnlockPrivateCheckCredentialFunction::
+    ~QuickUnlockPrivateCheckCredentialFunction() {}
+
+ExtensionFunction::ResponseAction
+QuickUnlockPrivateCheckCredentialFunction::Run() {
+  params_ = CheckCredential::Params::Create(*args_);

[Devlin, 2016/11/29 21:35:17]

given params is only used here, let's have it be local to this function, rather
than a private member

[sammiequon, 2016/11/30 00:42:50]

Done.

+  EXTENSION_FUNCTION_VALIDATE(params_.get());

[Devlin, 2016/11/29 21:35:17]

nit: params_.get() is redundant (unique_ptr has a bool operator).  Prefer just
EXTENSION_FUNCTION_VALIDATE(params_)

[sammiequon, 2016/11/30 00:42:50]

Done.

+
+  auto result = base::MakeUnique<CredentialCheck>();
+
+  // Only handles pins for now.
+  if (params_->mode != QuickUnlockMode::QUICK_UNLOCK_MODE_PIN)
+    return RespondNow(ArgumentList(CheckCredential::Results::Create(*result)));
+
+  std::string credential = params_->credential;

[Devlin, 2016/11/29 21:35:17]

const std::string&

[sammiequon, 2016/11/30 00:42:50]

Done.

+
+  Profile* profile = Profile::FromBrowserContext(browser_context());
+  PrefService* pref_service = profile->GetPrefs();
+  bool allow_weak = pref_service->GetBoolean(prefs::kPinUnlockAllowWeakPins);
+
+  // Check and return the problems.
+  if (!IsPinNumeric(credential)) {
+    result->errors.push_back(
+        CredentialProblem::CREDENTIAL_PROBLEM_CONTAINS_NONDIGIT);
+  }
+
+  CredentialProblem length_problem = CredentialProblem::CREDENTIAL_PROBLEM_NONE;
+  // Note: This function call writes values to |result->min_length|,
+  // |result->max_length| and |length_problem|.
+  if (!IsPinLengthValid(credential, pref_service, &result->min_length,
+                        &result->max_length, &length_problem)) {
+    if (length_problem != CredentialProblem::CREDENTIAL_PROBLEM_NONE)

[Devlin, 2016/11/29 21:35:17]

When would we return false to IsPinLengthValid(), but not have a length problem?
 Seems like, if anything, this should be a DCHECK_NE()

[sammiequon, 2016/11/30 00:42:50]

Done.

+      result->errors.push_back(length_problem);
+  }
+
+  if (!IsPinDifficultEnough(credential)) {
+    if (allow_weak) {
+      result->warnings.push_back(
+          CredentialProblem::CREDENTIAL_PROBLEM_TOO_WEAK);
+    } else {
+      result->errors.push_back(CredentialProblem::CREDENTIAL_PROBLEM_TOO_WEAK);
+    }
+  }
+
+  return RespondNow(ArgumentList(CheckCredential::Results::Create(*result)));
+}
+
 // quickUnlockPrivate.setModes
 
 QuickUnlockPrivateSetModesFunction::QuickUnlockPrivateSetModesFunction()
     : chrome_details_(this) {}
 
 QuickUnlockPrivateSetModesFunction::~QuickUnlockPrivateSetModesFunction() {}
 
 void QuickUnlockPrivateSetModesFunction::SetAuthenticatorAllocatorForTesting(
     const QuickUnlockPrivateSetModesFunction::AuthenticatorAllocator&
         allocator) {
   authenticator_allocator_ = allocator;
 }
 
 void QuickUnlockPrivateSetModesFunction::SetModesChangedEventHandlerForTesting(
     const ModesChangedEventHandler& handler) {
   modes_changed_handler_ = handler;
 }
 
 ExtensionFunction::ResponseAction QuickUnlockPrivateSetModesFunction::Run() {
   params_ = SetModes::Params::Create(*args_);
   EXTENSION_FUNCTION_VALIDATE(params_.get());
 
   if (params_->modes.size() != params_->credentials.size())
     return RespondNow(Error(kModesAndCredentialsLengthMismatch));
 
   if (params_->modes.size() > 1)
     return RespondNow(Error(kMultipleModesNotSupported));
 
-  // Verify every credential is numeric.
-  for (const std::string& credential : params_->credentials) {
-    if (!std::all_of(credential.begin(), credential.end(), ::isdigit))
-      return RespondNow(ArgumentList(SetModes::Results::Create(false)));
+  // Verify every credential is valid based on policies.
+  bool allow_weak = Profile::FromBrowserContext(browser_context())

[Devlin, 2016/11/29 21:35:17]

nit: cache Profile so we can re-use it on line 290.

[sammiequon, 2016/11/30 00:42:50]

Done.

+                        ->GetPrefs()
+                        ->GetBoolean(prefs::kPinUnlockAllowWeakPins);
+  for (size_t j = 0; j < params_->modes.size(); ++j) {

[Devlin, 2016/11/29 21:35:17]

This loop seems unnecessary given the check on line 273 - do we anticipate
various modes being accepted later?

[sammiequon, 2016/11/30 00:42:50]

Yes, there are other modes planned to be added later.

+    if (params_->credentials[j].empty())
+      continue;
+
+    if (params_->modes[j] == QuickUnlockMode::QUICK_UNLOCK_MODE_PIN) {
+      if (!IsPinNumeric(params_->credentials[j]))
+        return RespondNow(ArgumentList(SetModes::Results::Create(false)));
+
+      if (!IsPinLengthValid(
+              params_->credentials[j],
+              Profile::FromBrowserContext(browser_context())->GetPrefs(),
+              nullptr, nullptr, nullptr)) {
+        return RespondNow(ArgumentList(SetModes::Results::Create(false)));
+      }
+      if (!allow_weak && !IsPinDifficultEnough(params_->credentials[j])) {
+        return RespondNow(ArgumentList(SetModes::Results::Create(false)));
+      }
+    }
   }
 
   user_manager::User* user = chromeos::ProfileHelper::Get()->GetUserByProfile(
       chrome_details_.GetProfile());
   chromeos::UserContext user_context(user->GetAccountId());
   user_context.SetKey(chromeos::Key(params_->account_password));
 
   // Lazily allocate the authenticator. We do this here, instead of in the ctor,
   // so that tests can install a fake.
   if (authenticator_allocator_.is_null())
@@ skipping 85 matching lines @@
   }
 
   std::unique_ptr<base::ListValue> args = OnActiveModesChanged::Create(modes);
   std::unique_ptr<Event> event(
       new Event(events::QUICK_UNLOCK_PRIVATE_ON_ACTIVE_MODES_CHANGED,
                 OnActiveModesChanged::kEventName, std::move(args)));
   EventRouter::Get(browser_context())->BroadcastEvent(std::move(event));
 }
 
 }  // namespace extensions