Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(234)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/login/quick_unlock/pin_backend.h

Issue 2809993004: cros: Implement cryptohome backend for pin.
Patch Set: Address comments Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/chromeos/login/lock/screen_locker.cc ('k') | chrome/browser/chromeos/login/quick_unlock/pin_backend.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_QUICK_UNLOCK_PIN_BACKEND_H_
6 #define CHROME_BROWSER_CHROMEOS_LOGIN_QUICK_UNLOCK_PIN_BACKEND_H_
7
8 #include <string>
9
10 #include "base/callback.h"
11
12 class AccountId;
13
14 namespace chromeos {
15
16 class UserContext;
17
18 namespace quick_unlock {
19
20 // TODO(jdufault): Implement pref pin -> cryptohome pin migration. We can
21 // maintain the salt, store the secret in cryptohome, and when the user enters a
22 // PIN we pre-hash and then submit to cryptohome. We have to drop the secret
23 // from prefs though. So essentially, we store the hashed pin in cryptohome.
24 // Maybe we just want to always do this for simplicity? Need to confirm with
25 // security this approach is fine.
26
27 // Provides api for accessing the user's pin. The underlying storage is either
28 // cryptohome or prefs.
29 class PinBackend {
30 public:
31 using BoolCallback = base::Callback<void(bool)>;
32
33 // Check if the given account_id has a pin registered.
34 static void IsSet(const AccountId& account_id, const BoolCallback& result);
35 // Set the pin for the given user.
36 static void Set(const UserContext& user_context, const std::string& pin);
37 // Remove the given user's pin.
38 static void Remove(const UserContext& user_context);
39
40 // Is pin authentication available for the given account? Even if pin is set,
41 // it may not be available for authentication due to some additional
42 // restrictions.
43 static void CanAuthenticate(const AccountId& account_id,
44 const BoolCallback& result);
45
46 // Try to authenticate.
47 static void TryAuthenticate(const AccountId& account_id,
48 const std::string& pin,
49 const BoolCallback& result);
50
51 // This should be called when there has been a non-pin trusted authentication,
52 // ie, password on the lock screen.
53 static void NotifyAuthentication(const AccountId& account_id);
54
55 // Computes the secret for a given |pin| and |salt|.
56 static std::string ComputeSecret(const std::string& pin,
57 const std::string& salt);
58
59 // Resets any cached state for testing purposes.
60 static void ResetForTesting();
61
62 private:
63 DISALLOW_COPY_AND_ASSIGN(PinBackend);
64 };
65
66 } // namespace quick_unlock
67 } // namespace chromeos
68
69 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_QUICK_UNLOCK_PIN_BACKEND_H_
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/login/lock/screen_locker.cc ('k') | chrome/browser/chromeos/login/quick_unlock/pin_backend.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698