| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/chromeos/login/quick_unlock/pin_storage_prefs.h" |
| 6 |
| 7 #include "base/base64.h" |
| 8 #include "base/strings/string_util.h" |
| 9 #include "chrome/browser/chromeos/login/quick_unlock/pin_backend.h" |
| 10 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" |
| 11 #include "chrome/browser/profiles/profile.h" |
| 12 #include "chrome/common/pref_names.h" |
| 13 #include "components/prefs/pref_registry_simple.h" |
| 14 #include "components/prefs/pref_service.h" |
| 15 #include "crypto/random.h" |
| 16 |
| 17 namespace chromeos { |
| 18 namespace quick_unlock { |
| 19 |
| 20 namespace { |
| 21 |
| 22 const int kSaltByteSize = 16; |
| 23 |
| 24 // Returns a new salt of length |kSaltByteSize|. |
| 25 std::string CreateSalt() { |
| 26 // The salt needs to be base64 encoded because the pref service requires a |
| 27 // UTF8 string. |
| 28 std::string salt; |
| 29 crypto::RandBytes(base::WriteInto(&salt, kSaltByteSize + 1), kSaltByteSize); |
| 30 base::Base64Encode(salt, &salt); |
| 31 DCHECK(!salt.empty()); |
| 32 return salt; |
| 33 } |
| 34 |
| 35 } // namespace |
| 36 |
| 37 // static |
| 38 void PinStoragePrefs::RegisterProfilePrefs(PrefRegistrySimple* registry) { |
| 39 registry->RegisterStringPref(prefs::kQuickUnlockPinSalt, ""); |
| 40 registry->RegisterStringPref(prefs::kQuickUnlockPinSecret, ""); |
| 41 } |
| 42 |
| 43 PinStoragePrefs::PinStoragePrefs(Profile* profile) : profile_(profile) {} |
| 44 |
| 45 PinStoragePrefs::~PinStoragePrefs() {} |
| 46 |
| 47 bool PinStoragePrefs::IsPinSet() const { |
| 48 return !PinSalt().empty() && !PinSecret().empty(); |
| 49 } |
| 50 |
| 51 void PinStoragePrefs::SetPin(const std::string& pin) { |
| 52 const std::string salt = CreateSalt(); |
| 53 const std::string secret = PinBackend::ComputeSecret(pin, salt); |
| 54 |
| 55 profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSalt, salt); |
| 56 profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSecret, secret); |
| 57 } |
| 58 |
| 59 void PinStoragePrefs::RemovePin() { |
| 60 profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSalt, ""); |
| 61 profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSecret, ""); |
| 62 } |
| 63 |
| 64 std::string PinStoragePrefs::PinSalt() const { |
| 65 return profile_->GetPrefs()->GetString(prefs::kQuickUnlockPinSalt); |
| 66 } |
| 67 |
| 68 std::string PinStoragePrefs::PinSecret() const { |
| 69 return profile_->GetPrefs()->GetString(prefs::kQuickUnlockPinSecret); |
| 70 } |
| 71 |
| 72 bool PinStoragePrefs::IsPinAuthenticationAvailable() const { |
| 73 const bool exceeded_unlock_attempts = |
| 74 unlock_attempt_count() >= kMaximumUnlockAttempts; |
| 75 |
| 76 return IsPinEnabled(profile_->GetPrefs()) && IsPinSet() && |
| 77 !exceeded_unlock_attempts; |
| 78 } |
| 79 |
| 80 bool PinStoragePrefs::TryAuthenticatePin(const std::string& pin) { |
| 81 if (!IsPinAuthenticationAvailable()) { |
| 82 return false; |
| 83 } |
| 84 |
| 85 AddUnlockAttempt(); |
| 86 return PinBackend::ComputeSecret(pin, PinSalt()) == PinSecret(); |
| 87 } |
| 88 |
| 89 bool PinStoragePrefs::NeedsStrongAuth() const { |
| 90 return true; |
| 91 } |
| 92 |
| 93 void PinStoragePrefs::ResetUnlockAttemptCount() { |
| 94 unlock_attempt_count_ = 0; |
| 95 } |
| 96 |
| 97 void PinStoragePrefs::AddUnlockAttempt() { |
| 98 ++unlock_attempt_count_; |
| 99 } |
| 100 |
| 101 } // namespace quick_unlock |
| 102 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2809993004:
cros: Implement cryptohome backend for pin.
