Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(20)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/sync/base/nigori.cc

Issue 2813453004: [sync] Fix decryption failure caused by missing user_key (Closed)
Patch Set: [sync] Fix decryption failure caused by missing user_key Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/sync/base/nigori.h ('k') | components/sync/base/nigori_unittest.cc » ('j') | components/sync/base/nigori_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/sync/base/nigori.h" 5 #include "components/sync/base/nigori.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 8
9 #include <sstream> 9 #include <sstream>
10 #include <vector> 10 #include <vector>
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
72 // Suser = PBKDF2(Username || Servername, "saltsalt", Nsalt, 8) 72 // Suser = PBKDF2(Username || Servername, "saltsalt", Nsalt, 8)
73 std::unique_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword( 73 std::unique_ptr<SymmetricKey> user_salt(SymmetricKey::DeriveKeyFromPassword(
74 SymmetricKey::HMAC_SHA1, salt_password.str(), kSaltSalt, kSaltIterations, 74 SymmetricKey::HMAC_SHA1, salt_password.str(), kSaltSalt, kSaltIterations,
75 kSaltKeySizeInBits)); 75 kSaltKeySizeInBits));
76 DCHECK(user_salt); 76 DCHECK(user_salt);
77 77
78 std::string raw_user_salt; 78 std::string raw_user_salt;
79 if (!user_salt->GetRawKey(&raw_user_salt)) 79 if (!user_salt->GetRawKey(&raw_user_salt))
80 return false; 80 return false;
81 81
82 // Kuser = PBKDF2(P, Suser, Nuser, 16)
83 user_key_ = SymmetricKey::DeriveKeyFromPassword(
84 SymmetricKey::AES, password, raw_user_salt, kUserIterations,
85 kDerivedKeySizeInBits);
pavely 2017/04/10 21:27:29 Could you keep DCHECK and return value check for I
Patrick Noland 2017/04/10 23:43:06 Done.
86
82 // Kenc = PBKDF2(P, Suser, Nenc, 16) 87 // Kenc = PBKDF2(P, Suser, Nenc, 16)
83 encryption_key_ = SymmetricKey::DeriveKeyFromPassword( 88 encryption_key_ = SymmetricKey::DeriveKeyFromPassword(
84 SymmetricKey::AES, password, raw_user_salt, kEncryptionIterations, 89 SymmetricKey::AES, password, raw_user_salt, kEncryptionIterations,
85 kDerivedKeySizeInBits); 90 kDerivedKeySizeInBits);
86 DCHECK(encryption_key_); 91 DCHECK(encryption_key_);
87 92
88 // Kmac = PBKDF2(P, Suser, Nmac, 16) 93 // Kmac = PBKDF2(P, Suser, Nmac, 16)
89 mac_key_ = SymmetricKey::DeriveKeyFromPassword( 94 mac_key_ = SymmetricKey::DeriveKeyFromPassword(
90 SymmetricKey::HMAC_SHA1, password, raw_user_salt, kSigningIterations, 95 SymmetricKey::HMAC_SHA1, password, raw_user_salt, kSigningIterations,
91 kDerivedKeySizeInBits); 96 kDerivedKeySizeInBits);
92 DCHECK(mac_key_); 97 DCHECK(mac_key_);
93 98
94 return encryption_key_ && mac_key_; 99 return encryption_key_ && mac_key_;
95 } 100 }
96 101
97 bool Nigori::InitByImport(const std::string& encryption_key, 102 bool Nigori::InitByImport(const std::string& user_key,
103 const std::string& encryption_key,
98 const std::string& mac_key) { 104 const std::string& mac_key) {
105 user_key_ = SymmetricKey::Import(SymmetricKey::AES, user_key);
pavely 2017/04/10 21:27:29 Could you add a comment here or in nigori.h explai
Patrick Noland 2017/04/10 23:43:06 Done.
106
99 encryption_key_ = SymmetricKey::Import(SymmetricKey::AES, encryption_key); 107 encryption_key_ = SymmetricKey::Import(SymmetricKey::AES, encryption_key);
100 DCHECK(encryption_key_); 108 DCHECK(encryption_key_);
101 109
102 mac_key_ = SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key); 110 mac_key_ = SymmetricKey::Import(SymmetricKey::HMAC_SHA1, mac_key);
103 DCHECK(mac_key_); 111 DCHECK(mac_key_);
104 112
105 return encryption_key_ && mac_key_; 113 return encryption_key_ && mac_key_;
106 } 114 }
107 115
108 // Permute[Kenc,Kmac](type || name) 116 // Permute[Kenc,Kmac](type || name)
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after
216 Encryptor encryptor; 224 Encryptor encryptor;
217 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv)) 225 if (!encryptor.Init(encryption_key_.get(), Encryptor::CBC, iv))
218 return false; 226 return false;
219 227
220 if (!encryptor.Decrypt(ciphertext, value)) 228 if (!encryptor.Decrypt(ciphertext, value))
221 return false; 229 return false;
222 230
223 return true; 231 return true;
224 } 232 }
225 233
226 bool Nigori::ExportKeys(std::string* encryption_key, 234 bool Nigori::ExportKeys(std::string* user_key,
235 std::string* encryption_key,
227 std::string* mac_key) const { 236 std::string* mac_key) const {
228 DCHECK(encryption_key); 237 DCHECK(encryption_key);
229 DCHECK(mac_key); 238 DCHECK(mac_key);
230 239
240 user_key_->GetRawKey(user_key);
241
231 return encryption_key_->GetRawKey(encryption_key) && 242 return encryption_key_->GetRawKey(encryption_key) &&
232 mac_key_->GetRawKey(mac_key); 243 mac_key_->GetRawKey(mac_key);
233 } 244 }
234 245
235 } // namespace syncer 246 } // namespace syncer
OLDNEW
« no previous file with comments | « components/sync/base/nigori.h ('k') | components/sync/base/nigori_unittest.cc » ('j') | components/sync/base/nigori_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698