| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/os_crypt/os_crypt.h" | 5 #include "components/os_crypt/os_crypt.h" |
| 6 | 6 |
| 7 #include <CommonCrypto/CommonCryptor.h> // for kCCBlockSizeAES128 | 7 #include <CommonCrypto/CommonCryptor.h> // for kCCBlockSizeAES128 |
| 8 #include <stddef.h> | 8 #include <stddef.h> |
| 9 | 9 |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| 11 #include "base/debug/leak_annotations.h" | 11 #include "base/debug/leak_annotations.h" |
| 12 #include "base/lazy_instance.h" |
| 12 #include "base/logging.h" | 13 #include "base/logging.h" |
| 13 #include "base/strings/utf_string_conversions.h" | 14 #include "base/strings/utf_string_conversions.h" |
| 14 #include "base/synchronization/lock.h" | 15 #include "base/synchronization/lock.h" |
| 15 #include "components/os_crypt/keychain_password_mac.h" | 16 #include "components/os_crypt/keychain_password_mac.h" |
| 16 #include "components/os_crypt/os_crypt_switches.h" | 17 #include "components/os_crypt/os_crypt_switches.h" |
| 17 #include "crypto/apple_keychain.h" | 18 #include "crypto/apple_keychain.h" |
| 18 #include "crypto/encryptor.h" | 19 #include "crypto/encryptor.h" |
| 19 #include "crypto/mock_apple_keychain.h" | 20 #include "crypto/mock_apple_keychain.h" |
| 20 #include "crypto/symmetric_key.h" | 21 #include "crypto/symmetric_key.h" |
| 21 | 22 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 33 const size_t kEncryptionIterations = 1003; | 34 const size_t kEncryptionIterations = 1003; |
| 34 | 35 |
| 35 // TODO(dhollowa): Refactor to allow dependency injection of Keychain. | 36 // TODO(dhollowa): Refactor to allow dependency injection of Keychain. |
| 36 static bool use_mock_keychain = false; | 37 static bool use_mock_keychain = false; |
| 37 | 38 |
| 38 // Prefix for cypher text returned by current encryption version. We prefix | 39 // Prefix for cypher text returned by current encryption version. We prefix |
| 39 // the cypher text with this string so that future data migration can detect | 40 // the cypher text with this string so that future data migration can detect |
| 40 // this and migrate to different encryption without data loss. | 41 // this and migrate to different encryption without data loss. |
| 41 const char kEncryptionVersionPrefix[] = "v10"; | 42 const char kEncryptionVersionPrefix[] = "v10"; |
| 42 | 43 |
| 44 // This lock is used to make the GetEncrytionKey method thread-safe. |
| 45 base::LazyInstance<base::Lock>::Leaky g_lock = LAZY_INSTANCE_INITIALIZER; |
| 46 |
| 43 // Generates a newly allocated SymmetricKey object based on the password found | 47 // Generates a newly allocated SymmetricKey object based on the password found |
| 44 // in the Keychain. The generated key is for AES encryption. Returns NULL key | 48 // in the Keychain. The generated key is for AES encryption. Returns NULL key |
| 45 // in the case password access is denied or key generation error occurs. | 49 // in the case password access is denied or key generation error occurs. |
| 46 crypto::SymmetricKey* GetEncryptionKey() { | 50 crypto::SymmetricKey* GetEncryptionKey() { |
| 47 static crypto::SymmetricKey* cached_encryption_key = NULL; | 51 static crypto::SymmetricKey* cached_encryption_key = NULL; |
| 48 static bool key_is_cached = false; | 52 static bool key_is_cached = false; |
| 49 static base::Lock lock; | 53 base::AutoLock auto_lock(g_lock.Get()); |
| 50 base::AutoLock auto_lock(lock); | |
| 51 | 54 |
| 52 if (key_is_cached) | 55 if (key_is_cached) |
| 53 return cached_encryption_key; | 56 return cached_encryption_key; |
| 54 | 57 |
| 55 static bool mock_keychain_command_line_flag = | 58 static bool mock_keychain_command_line_flag = |
| 56 base::CommandLine::ForCurrentProcess()->HasSwitch( | 59 base::CommandLine::ForCurrentProcess()->HasSwitch( |
| 57 os_crypt::switches::kUseMockKeychain); | 60 os_crypt::switches::kUseMockKeychain); |
| 58 | 61 |
| 59 std::string password; | 62 std::string password; |
| 60 if (use_mock_keychain || mock_keychain_command_line_flag) { | 63 if (use_mock_keychain || mock_keychain_command_line_flag) { |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 160 if (!encryptor.Decrypt(raw_ciphertext, plaintext)) | 163 if (!encryptor.Decrypt(raw_ciphertext, plaintext)) |
| 161 return false; | 164 return false; |
| 162 | 165 |
| 163 return true; | 166 return true; |
| 164 } | 167 } |
| 165 | 168 |
| 166 void OSCrypt::UseMockKeychain(bool use_mock) { | 169 void OSCrypt::UseMockKeychain(bool use_mock) { |
| 167 use_mock_keychain = use_mock; | 170 use_mock_keychain = use_mock; |
| 168 } | 171 } |
| 169 | 172 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2472743002:
Make GetEncryptionKey thread-safe (Closed)
