Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(418)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/settings/token_encryptor.h

Issue 25975002: cryptohome: Move Encrypt/DecryptWithSystemSalt() out of CryptohomeLibrary (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: address comments Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/chromeos/settings/device_oauth2_token_service_unittest.cc ('k') | chrome/browser/chromeos/settings/token_encryptor.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_TOKEN_ENCRYPTOR_H_
6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_TOKEN_ENCRYPTOR_H_
7
8 #include <string>
9
10 #include "base/basictypes.h"
11 #include "base/memory/scoped_ptr.h"
12
13 namespace crypto {
14 class SymmetricKey;
15 }
16
17 namespace chromeos {
18
19 // Interface class for classes that encrypt and decrypt tokens using the
20 // system salt.
21 class TokenEncryptor {
22 public:
23 virtual ~TokenEncryptor() {}
24
25 // Encrypts |token| with the system salt key (stable for the lifetime
26 // of the device). Useful to avoid storing plain text in place like
27 // Local State.
28 virtual std::string EncryptWithSystemSalt(const std::string& token) = 0;
29
30 // Decrypts |token| with the system salt key (stable for the lifetime
31 // of the device).
32 virtual std::string DecryptWithSystemSalt(
33 const std::string& encrypted_token_hex) = 0;
34 };
35
36 // TokenEncryptor based on the cryptohome daemon. This implementation is used
37 // in production.
38 class CryptohomeTokenEncryptor : public TokenEncryptor {
39 public:
40 CryptohomeTokenEncryptor();
41 virtual ~CryptohomeTokenEncryptor();
42
43 // TokenEncryptor overrides:
44 virtual std::string EncryptWithSystemSalt(const std::string& token) OVERRIDE;
45 virtual std::string DecryptWithSystemSalt(
46 const std::string& encrypted_token_hex) OVERRIDE;
47
48 private:
49 // Loads the system salt key based on the system salt from the cryptohome
50 // daemon. Returns true on success.
51 bool LoadSystemSaltKey();
52
53 // Converts |passphrase| to a SymmetricKey using the given |salt|.
54 crypto::SymmetricKey* PassphraseToKey(const std::string& passphrase,
55 const std::string& salt);
56
57 // Encrypts (AES) the token given |key| and |salt|.
58 std::string EncryptTokenWithKey(crypto::SymmetricKey* key,
59 const std::string& salt,
60 const std::string& token);
61
62 // Decrypts (AES) hex encoded encrypted token given |key| and |salt|.
63 std::string DecryptTokenWithKey(crypto::SymmetricKey* key,
64 const std::string& salt,
65 const std::string& encrypted_token_hex);
66
67 // The cached system salt obtained from the cryptohome daemon.
68 std::string system_salt_;
69
70 // A key based on the system salt. Useful for encrypting device-level
71 // data for which we have no additional credentials.
72 scoped_ptr<crypto::SymmetricKey> system_salt_key_;
73
74 DISALLOW_COPY_AND_ASSIGN(CryptohomeTokenEncryptor);
75 };
76
77 } // namespace chromeos
78
79 #endif // CHROME_BROWSER_CHROMEOS_SETTINGS_TOKEN_ENCRYPTOR_H_
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/settings/device_oauth2_token_service_unittest.cc ('k') | chrome/browser/chromeos/settings/token_encryptor.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698