| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "components/user_prefs/tracked/pref_hash_calculator.h" | |
| 6 | |
| 7 #include <stdint.h> | |
| 8 | |
| 9 #include <memory> | |
| 10 #include <vector> | |
| 11 | |
| 12 #include "base/bind.h" | |
| 13 #include "base/json/json_string_value_serializer.h" | |
| 14 #include "base/logging.h" | |
| 15 #include "base/strings/string_number_conversions.h" | |
| 16 #include "base/strings/string_util.h" | |
| 17 #include "base/values.h" | |
| 18 #include "crypto/hmac.h" | |
| 19 | |
| 20 namespace { | |
| 21 | |
| 22 // Calculates an HMAC of |message| using |key|, encoded as a hexadecimal string. | |
| 23 std::string GetDigestString(const std::string& key, | |
| 24 const std::string& message) { | |
| 25 crypto::HMAC hmac(crypto::HMAC::SHA256); | |
| 26 std::vector<uint8_t> digest(hmac.DigestLength()); | |
| 27 if (!hmac.Init(key) || !hmac.Sign(message, &digest[0], digest.size())) { | |
| 28 NOTREACHED(); | |
| 29 return std::string(); | |
| 30 } | |
| 31 return base::HexEncode(&digest[0], digest.size()); | |
| 32 } | |
| 33 | |
| 34 // Verifies that |digest_string| is a valid HMAC of |message| using |key|. | |
| 35 // |digest_string| must be encoded as a hexadecimal string. | |
| 36 bool VerifyDigestString(const std::string& key, | |
| 37 const std::string& message, | |
| 38 const std::string& digest_string) { | |
| 39 crypto::HMAC hmac(crypto::HMAC::SHA256); | |
| 40 std::vector<uint8_t> digest; | |
| 41 return base::HexStringToBytes(digest_string, &digest) && hmac.Init(key) && | |
| 42 hmac.Verify(message, | |
| 43 base::StringPiece(reinterpret_cast<char*>(&digest[0]), | |
| 44 digest.size())); | |
| 45 } | |
| 46 | |
| 47 // Renders |value| as a string. |value| may be NULL, in which case the result | |
| 48 // is an empty string. This method can be expensive and its result should be | |
| 49 // re-used rather than recomputed where possible. | |
| 50 std::string ValueAsString(const base::Value* value) { | |
| 51 // Dictionary values may contain empty lists and sub-dictionaries. Make a | |
| 52 // deep copy with those removed to make the hash more stable. | |
| 53 const base::DictionaryValue* dict_value; | |
| 54 std::unique_ptr<base::DictionaryValue> canonical_dict_value; | |
| 55 if (value && value->GetAsDictionary(&dict_value)) { | |
| 56 canonical_dict_value = dict_value->DeepCopyWithoutEmptyChildren(); | |
| 57 value = canonical_dict_value.get(); | |
| 58 } | |
| 59 | |
| 60 std::string value_as_string; | |
| 61 if (value) { | |
| 62 JSONStringValueSerializer serializer(&value_as_string); | |
| 63 serializer.Serialize(*value); | |
| 64 } | |
| 65 | |
| 66 return value_as_string; | |
| 67 } | |
| 68 | |
| 69 // Concatenates |device_id|, |path|, and |value_as_string| to give the hash | |
| 70 // input. | |
| 71 std::string GetMessage(const std::string& device_id, | |
| 72 const std::string& path, | |
| 73 const std::string& value_as_string) { | |
| 74 std::string message; | |
| 75 message.reserve(device_id.size() + path.size() + value_as_string.size()); | |
| 76 message.append(device_id); | |
| 77 message.append(path); | |
| 78 message.append(value_as_string); | |
| 79 return message; | |
| 80 } | |
| 81 | |
| 82 } // namespace | |
| 83 | |
| 84 PrefHashCalculator::PrefHashCalculator(const std::string& seed, | |
| 85 const std::string& device_id, | |
| 86 const std::string& legacy_device_id) | |
| 87 : seed_(seed), device_id_(device_id), legacy_device_id_(legacy_device_id) {} | |
| 88 | |
| 89 PrefHashCalculator::~PrefHashCalculator() { | |
| 90 } | |
| 91 | |
| 92 std::string PrefHashCalculator::Calculate(const std::string& path, | |
| 93 const base::Value* value) const { | |
| 94 return GetDigestString(seed_, | |
| 95 GetMessage(device_id_, path, ValueAsString(value))); | |
| 96 } | |
| 97 | |
| 98 PrefHashCalculator::ValidationResult PrefHashCalculator::Validate( | |
| 99 const std::string& path, | |
| 100 const base::Value* value, | |
| 101 const std::string& digest_string) const { | |
| 102 const std::string value_as_string(ValueAsString(value)); | |
| 103 if (VerifyDigestString(seed_, GetMessage(device_id_, path, value_as_string), | |
| 104 digest_string)) { | |
| 105 return VALID; | |
| 106 } | |
| 107 if (VerifyDigestString(seed_, | |
| 108 GetMessage(legacy_device_id_, path, value_as_string), | |
| 109 digest_string)) { | |
| 110 return VALID_SECURE_LEGACY; | |
| 111 } | |
| 112 return INVALID; | |
| 113 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2782803002:
Move tracked prefs into services/preferences/tracked. (Closed)
