| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/sync/base/cryptographer.h" | 5 #include "components/sync/base/cryptographer.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 16 matching lines...) Expand all Loading... |
| 27 | 27 |
| 28 Cryptographer::Cryptographer(Encryptor* encryptor) : encryptor_(encryptor) { | 28 Cryptographer::Cryptographer(Encryptor* encryptor) : encryptor_(encryptor) { |
| 29 DCHECK(encryptor); | 29 DCHECK(encryptor); |
| 30 } | 30 } |
| 31 | 31 |
| 32 Cryptographer::Cryptographer(const Cryptographer& other) | 32 Cryptographer::Cryptographer(const Cryptographer& other) |
| 33 : encryptor_(other.encryptor_), | 33 : encryptor_(other.encryptor_), |
| 34 default_nigori_name_(other.default_nigori_name_) { | 34 default_nigori_name_(other.default_nigori_name_) { |
| 35 for (NigoriMap::const_iterator it = other.nigoris_.begin(); | 35 for (NigoriMap::const_iterator it = other.nigoris_.begin(); |
| 36 it != other.nigoris_.end(); ++it) { | 36 it != other.nigoris_.end(); ++it) { |
| 37 std::string encryption_key, mac_key; | 37 std::string user_key, encryption_key, mac_key; |
| 38 it->second->ExportKeys(&encryption_key, &mac_key); | 38 it->second->ExportKeys(&user_key, &encryption_key, &mac_key); |
| 39 linked_ptr<Nigori> nigori_copy(new Nigori()); | 39 linked_ptr<Nigori> nigori_copy(new Nigori()); |
| 40 nigori_copy->InitByImport(encryption_key, mac_key); | 40 nigori_copy->InitByImport(user_key, encryption_key, mac_key); |
| 41 nigoris_.insert(std::make_pair(it->first, nigori_copy)); | 41 nigoris_.insert(std::make_pair(it->first, nigori_copy)); |
| 42 } | 42 } |
| 43 | 43 |
| 44 if (other.pending_keys_) { | 44 if (other.pending_keys_) { |
| 45 pending_keys_ = | 45 pending_keys_ = |
| 46 base::MakeUnique<sync_pb::EncryptedData>(*(other.pending_keys_)); | 46 base::MakeUnique<sync_pb::EncryptedData>(*(other.pending_keys_)); |
| 47 } | 47 } |
| 48 } | 48 } |
| 49 | 49 |
| 50 Cryptographer::~Cryptographer() {} | 50 Cryptographer::~Cryptographer() {} |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 143 DCHECK(encrypted); | 143 DCHECK(encrypted); |
| 144 DCHECK(!nigoris_.empty()); | 144 DCHECK(!nigoris_.empty()); |
| 145 | 145 |
| 146 // Create a bag of all the Nigori parameters we know about. | 146 // Create a bag of all the Nigori parameters we know about. |
| 147 sync_pb::NigoriKeyBag bag; | 147 sync_pb::NigoriKeyBag bag; |
| 148 for (NigoriMap::const_iterator it = nigoris_.begin(); it != nigoris_.end(); | 148 for (NigoriMap::const_iterator it = nigoris_.begin(); it != nigoris_.end(); |
| 149 ++it) { | 149 ++it) { |
| 150 const Nigori& nigori = *it->second; | 150 const Nigori& nigori = *it->second; |
| 151 sync_pb::NigoriKey* key = bag.add_key(); | 151 sync_pb::NigoriKey* key = bag.add_key(); |
| 152 key->set_name(it->first); | 152 key->set_name(it->first); |
| 153 nigori.ExportKeys(key->mutable_encryption_key(), key->mutable_mac_key()); | 153 nigori.ExportKeys(key->mutable_user_key(), key->mutable_encryption_key(), |
| 154 key->mutable_mac_key()); |
| 154 } | 155 } |
| 155 | 156 |
| 156 // Encrypt the bag with the default Nigori. | 157 // Encrypt the bag with the default Nigori. |
| 157 return Encrypt(bag, encrypted); | 158 return Encrypt(bag, encrypted); |
| 158 } | 159 } |
| 159 | 160 |
| 160 bool Cryptographer::AddKey(const KeyParams& params) { | 161 bool Cryptographer::AddKey(const KeyParams& params) { |
| 161 // Create the new Nigori and make it the default encryptor. | 162 // Create the new Nigori and make it the default encryptor. |
| 162 std::unique_ptr<Nigori> nigori(new Nigori); | 163 std::unique_ptr<Nigori> nigori(new Nigori); |
| 163 if (!nigori->InitByDerivation(params.hostname, params.username, | 164 if (!nigori->InitByDerivation(params.hostname, params.username, |
| (...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 298 return unencrypted_token; | 299 return unencrypted_token; |
| 299 } | 300 } |
| 300 | 301 |
| 301 void Cryptographer::InstallKeyBag(const sync_pb::NigoriKeyBag& bag) { | 302 void Cryptographer::InstallKeyBag(const sync_pb::NigoriKeyBag& bag) { |
| 302 int key_size = bag.key_size(); | 303 int key_size = bag.key_size(); |
| 303 for (int i = 0; i < key_size; ++i) { | 304 for (int i = 0; i < key_size; ++i) { |
| 304 const sync_pb::NigoriKey key = bag.key(i); | 305 const sync_pb::NigoriKey key = bag.key(i); |
| 305 // Only use this key if we don't already know about it. | 306 // Only use this key if we don't already know about it. |
| 306 if (nigoris_.end() == nigoris_.find(key.name())) { | 307 if (nigoris_.end() == nigoris_.find(key.name())) { |
| 307 std::unique_ptr<Nigori> new_nigori(new Nigori); | 308 std::unique_ptr<Nigori> new_nigori(new Nigori); |
| 308 if (!new_nigori->InitByImport(key.encryption_key(), key.mac_key())) { | 309 if (!new_nigori->InitByImport(key.user_key(), key.encryption_key(), |
| 310 key.mac_key())) { |
| 309 NOTREACHED(); | 311 NOTREACHED(); |
| 310 continue; | 312 continue; |
| 311 } | 313 } |
| 312 nigoris_[key.name()] = make_linked_ptr(new_nigori.release()); | 314 nigoris_[key.name()] = make_linked_ptr(new_nigori.release()); |
| 313 } | 315 } |
| 314 } | 316 } |
| 315 } | 317 } |
| 316 | 318 |
| 317 bool Cryptographer::KeybagIsStale( | 319 bool Cryptographer::KeybagIsStale( |
| 318 const sync_pb::EncryptedData& encrypted_bag) const { | 320 const sync_pb::EncryptedData& encrypted_bag) const { |
| (...skipping 20 matching lines...) Expand all Loading... |
| 339 return default_nigori_name_; | 341 return default_nigori_name_; |
| 340 } | 342 } |
| 341 | 343 |
| 342 std::string Cryptographer::GetDefaultNigoriKeyData() const { | 344 std::string Cryptographer::GetDefaultNigoriKeyData() const { |
| 343 if (!is_initialized()) | 345 if (!is_initialized()) |
| 344 return std::string(); | 346 return std::string(); |
| 345 NigoriMap::const_iterator iter = nigoris_.find(default_nigori_name_); | 347 NigoriMap::const_iterator iter = nigoris_.find(default_nigori_name_); |
| 346 if (iter == nigoris_.end()) | 348 if (iter == nigoris_.end()) |
| 347 return std::string(); | 349 return std::string(); |
| 348 sync_pb::NigoriKey key; | 350 sync_pb::NigoriKey key; |
| 349 if (!iter->second->ExportKeys(key.mutable_encryption_key(), | 351 if (!iter->second->ExportKeys(key.mutable_user_key(), |
| 352 key.mutable_encryption_key(), |
| 350 key.mutable_mac_key())) | 353 key.mutable_mac_key())) |
| 351 return std::string(); | 354 return std::string(); |
| 352 return key.SerializeAsString(); | 355 return key.SerializeAsString(); |
| 353 } | 356 } |
| 354 | 357 |
| 355 bool Cryptographer::ImportNigoriKey(const std::string& serialized_nigori_key) { | 358 bool Cryptographer::ImportNigoriKey(const std::string& serialized_nigori_key) { |
| 356 if (serialized_nigori_key.empty()) | 359 if (serialized_nigori_key.empty()) |
| 357 return false; | 360 return false; |
| 358 | 361 |
| 359 sync_pb::NigoriKey key; | 362 sync_pb::NigoriKey key; |
| 360 if (!key.ParseFromString(serialized_nigori_key)) | 363 if (!key.ParseFromString(serialized_nigori_key)) |
| 361 return false; | 364 return false; |
| 362 | 365 |
| 363 std::unique_ptr<Nigori> nigori(new Nigori); | 366 std::unique_ptr<Nigori> nigori(new Nigori); |
| 364 if (!nigori->InitByImport(key.encryption_key(), key.mac_key())) { | 367 if (!nigori->InitByImport(key.user_key(), key.encryption_key(), |
| 368 key.mac_key())) { |
| 365 NOTREACHED(); | 369 NOTREACHED(); |
| 366 return false; | 370 return false; |
| 367 } | 371 } |
| 368 | 372 |
| 369 if (!AddKeyImpl(std::move(nigori), true)) | 373 if (!AddKeyImpl(std::move(nigori), true)) |
| 370 return false; | 374 return false; |
| 371 return true; | 375 return true; |
| 372 } | 376 } |
| 373 | 377 |
| 374 } // namespace syncer | 378 } // namespace syncer |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2813453004:
[sync] Fix decryption failure caused by missing user_key (Closed)
