Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(614)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/signin/core/browser/webdata/token_service_table.cc

Issue 2672603003: Avoid loading an empty token when decrypt failed (Closed)
Patch Set: Fix histogram names Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/signin/mutable_profile_oauth2_token_service_delegate.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/signin/core/browser/webdata/token_service_table.h" 5 #include "components/signin/core/browser/webdata/token_service_table.h"
6 6
7 #include <map> 7 #include <map>
8 #include <string> 8 #include <string>
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
11 #include "base/metrics/histogram_macros.h"
11 #include "components/os_crypt/os_crypt.h" 12 #include "components/os_crypt/os_crypt.h"
12 #include "components/webdata/common/web_database.h" 13 #include "components/webdata/common/web_database.h"
13 #include "sql/statement.h" 14 #include "sql/statement.h"
14 15
15 namespace { 16 namespace {
16 17
17 WebDatabaseTable::TypeKey GetKey() { 18 WebDatabaseTable::TypeKey GetKey() {
18 // We just need a unique constant. Use the address of a static that 19 // We just need a unique constant. Use the address of a static that
19 // COMDAT folding won't touch in an optimizing linker. 20 // COMDAT folding won't touch in an optimizing linker.
20 static int table_key = 0; 21 static int table_key = 0;
21 return reinterpret_cast<void*>(&table_key); 22 return reinterpret_cast<void*>(&table_key);
22 } 23 }
23 24
25 // Entries in the |Signin.TokenTable.ReadTokenFromDBResult| histogram.
26 enum ReadOneTokenResult {
27 READ_ONE_TOKEN_SUCCESS,
28 READ_ONE_TOKEN_DB_SUCCESS_DECRYPT_FAILED,
29 READ_ONE_TOKEN_DB_FAILED_BAD_ENTRY,
30 READ_ONE_TOKEN_MAX_VALUE
31 };
32
24 } // namespace 33 } // namespace
25 34
26 TokenServiceTable* TokenServiceTable::FromWebDatabase(WebDatabase* db) { 35 TokenServiceTable* TokenServiceTable::FromWebDatabase(WebDatabase* db) {
27 return static_cast<TokenServiceTable*>(db->GetTable(GetKey())); 36 return static_cast<TokenServiceTable*>(db->GetTable(GetKey()));
28 37
29 } 38 }
30 39
31 WebDatabaseTable::TypeKey TokenServiceTable::GetTypeKey() const { 40 WebDatabaseTable::TypeKey TokenServiceTable::GetTypeKey() const {
32 return GetKey(); 41 return GetKey();
33 } 42 }
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
86 static_cast<int>(encrypted_token.length())); 95 static_cast<int>(encrypted_token.length()));
87 96
88 return s.Run(); 97 return s.Run();
89 } 98 }
90 99
91 bool TokenServiceTable::GetAllTokens( 100 bool TokenServiceTable::GetAllTokens(
92 std::map<std::string, std::string>* tokens) { 101 std::map<std::string, std::string>* tokens) {
93 sql::Statement s(db_->GetUniqueStatement( 102 sql::Statement s(db_->GetUniqueStatement(
94 "SELECT service, encrypted_token FROM token_service")); 103 "SELECT service, encrypted_token FROM token_service"));
95 104
96 if (!s.is_valid()) 105 UMA_HISTOGRAM_BOOLEAN("Signin.TokenTable.GetAllTokensSqlStatementValidity",
106 s.is_valid());
107
108 if (!s.is_valid()) {
109 LOG(ERROR) << "Failed to load tokens (invalid SQL statement).";
97 return false; 110 return false;
111 }
98 112
113 bool read_all_tokens_result = true;
99 while (s.Step()) { 114 while (s.Step()) {
115 ReadOneTokenResult read_token_result = READ_ONE_TOKEN_MAX_VALUE;
116
100 std::string encrypted_token; 117 std::string encrypted_token;
101 std::string decrypted_token; 118 std::string decrypted_token;
102 std::string service; 119 std::string service;
103 service = s.ColumnString(0); 120 service = s.ColumnString(0);
104 bool entry_ok = !service.empty() && 121 bool entry_ok = !service.empty() &&
105 s.ColumnBlobAsString(1, &encrypted_token); 122 s.ColumnBlobAsString(1, &encrypted_token);
106 if (entry_ok) { 123 if (entry_ok) {
107 OSCrypt::DecryptString(encrypted_token, &decrypted_token); 124 if (OSCrypt::DecryptString(encrypted_token, &decrypted_token)) {
108 (*tokens)[service] = decrypted_token; 125 (*tokens)[service] = decrypted_token;
126 read_token_result = READ_ONE_TOKEN_SUCCESS;
127 } else {
128 // Chrome relies on native APIs to encrypt and decrypt the tokens which
129 // may fail (see http://crbug.com/686485).
130 LOG(ERROR) << "Failed to decrypt token for service " << service;
131 read_token_result = READ_ONE_TOKEN_DB_SUCCESS_DECRYPT_FAILED;
132 read_all_tokens_result = false;
133 }
109 } else { 134 } else {
110 NOTREACHED(); 135 LOG(ERROR) << "Bad token entry for service " << service;
111 return false; 136 read_token_result = READ_ONE_TOKEN_DB_FAILED_BAD_ENTRY;
137 read_all_tokens_result = false;
112 } 138 }
139 DCHECK_LT(read_token_result, READ_ONE_TOKEN_MAX_VALUE);
140 UMA_HISTOGRAM_ENUMERATION("Signin.TokenTable.ReadTokenFromDBResult",
141 read_token_result,
142 READ_ONE_TOKEN_MAX_VALUE);
113 } 143 }
114 return true; 144 return read_all_tokens_result;
115 } 145 }
OLDNEW
« no previous file with comments | « chrome/browser/signin/mutable_profile_oauth2_token_service_delegate.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698