Index: chrome/browser/chromeos/login/quick_unlock/pin_storage_prefs.cc |
diff --git a/chrome/browser/chromeos/login/quick_unlock/pin_storage_prefs.cc b/chrome/browser/chromeos/login/quick_unlock/pin_storage_prefs.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..49e6f6b1c3ade798c3ae2e43a158f683659a5e3e |
--- /dev/null |
+++ b/chrome/browser/chromeos/login/quick_unlock/pin_storage_prefs.cc |
@@ -0,0 +1,102 @@ |
+// Copyright 2016 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "chrome/browser/chromeos/login/quick_unlock/pin_storage_prefs.h" |
+ |
+#include "base/base64.h" |
+#include "base/strings/string_util.h" |
+#include "chrome/browser/chromeos/login/quick_unlock/pin_backend.h" |
+#include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_utils.h" |
+#include "chrome/browser/profiles/profile.h" |
+#include "chrome/common/pref_names.h" |
+#include "components/prefs/pref_registry_simple.h" |
+#include "components/prefs/pref_service.h" |
+#include "crypto/random.h" |
+ |
+namespace chromeos { |
+namespace quick_unlock { |
+ |
+namespace { |
+ |
+const int kSaltByteSize = 16; |
+ |
+// Returns a new salt of length |kSaltByteSize|. |
+std::string CreateSalt() { |
+ // The salt needs to be base64 encoded because the pref service requires a |
+ // UTF8 string. |
+ std::string salt; |
+ crypto::RandBytes(base::WriteInto(&salt, kSaltByteSize + 1), kSaltByteSize); |
+ base::Base64Encode(salt, &salt); |
+ DCHECK(!salt.empty()); |
+ return salt; |
+} |
+ |
+} // namespace |
+ |
+// static |
+void PinStoragePrefs::RegisterProfilePrefs(PrefRegistrySimple* registry) { |
+ registry->RegisterStringPref(prefs::kQuickUnlockPinSalt, ""); |
+ registry->RegisterStringPref(prefs::kQuickUnlockPinSecret, ""); |
+} |
+ |
+PinStoragePrefs::PinStoragePrefs(Profile* profile) : profile_(profile) {} |
+ |
+PinStoragePrefs::~PinStoragePrefs() {} |
+ |
+bool PinStoragePrefs::IsPinSet() const { |
+ return !PinSalt().empty() && !PinSecret().empty(); |
+} |
+ |
+void PinStoragePrefs::SetPin(const std::string& pin) { |
+ const std::string salt = CreateSalt(); |
+ const std::string secret = PinBackend::ComputeSecret(pin, salt); |
+ |
+ profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSalt, salt); |
+ profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSecret, secret); |
+} |
+ |
+void PinStoragePrefs::RemovePin() { |
+ profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSalt, ""); |
+ profile_->GetPrefs()->SetString(prefs::kQuickUnlockPinSecret, ""); |
+} |
+ |
+std::string PinStoragePrefs::PinSalt() const { |
+ return profile_->GetPrefs()->GetString(prefs::kQuickUnlockPinSalt); |
+} |
+ |
+std::string PinStoragePrefs::PinSecret() const { |
+ return profile_->GetPrefs()->GetString(prefs::kQuickUnlockPinSecret); |
+} |
+ |
+bool PinStoragePrefs::IsPinAuthenticationAvailable() const { |
+ const bool exceeded_unlock_attempts = |
+ unlock_attempt_count() >= kMaximumUnlockAttempts; |
+ |
+ return IsPinEnabled(profile_->GetPrefs()) && IsPinSet() && |
+ !exceeded_unlock_attempts; |
+} |
+ |
+bool PinStoragePrefs::TryAuthenticatePin(const std::string& pin) { |
+ if (!IsPinAuthenticationAvailable()) { |
+ return false; |
+ } |
+ |
+ AddUnlockAttempt(); |
+ return PinBackend::ComputeSecret(pin, PinSalt()) == PinSecret(); |
+} |
+ |
+bool PinStoragePrefs::NeedsStrongAuth() const { |
+ return true; |
+} |
+ |
+void PinStoragePrefs::ResetUnlockAttemptCount() { |
+ unlock_attempt_count_ = 0; |
+} |
+ |
+void PinStoragePrefs::AddUnlockAttempt() { |
+ ++unlock_attempt_count_; |
+} |
+ |
+} // namespace quick_unlock |
+} // namespace chromeos |