OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/signin/easy_unlock_service_signin_chromeos.h" | 5 #include "chrome/browser/signin/easy_unlock_service_signin_chromeos.h" |
6 | 6 |
7 #include <stdint.h> | 7 #include <stdint.h> |
8 | 8 |
9 #include "base/base64url.h" | 9 #include "base/base64url.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/command_line.h" | 11 #include "base/command_line.h" |
| 12 #include "base/json/json_string_value_serializer.h" |
12 #include "base/location.h" | 13 #include "base/location.h" |
13 #include "base/logging.h" | 14 #include "base/logging.h" |
14 #include "base/memory/ptr_util.h" | 15 #include "base/memory/ptr_util.h" |
15 #include "base/sys_info.h" | 16 #include "base/sys_info.h" |
16 #include "base/threading/thread_task_runner_handle.h" | 17 #include "base/threading/thread_task_runner_handle.h" |
17 #include "base/time/time.h" | 18 #include "base/time/time.h" |
18 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_challenge_wrappe
r.h" | 19 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_challenge_wrappe
r.h" |
19 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_key_manager.h" | 20 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_key_manager.h" |
20 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager.
h" | 21 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager.
h" |
21 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager_
factory.h" | 22 #include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager_
factory.h" |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
86 const chromeos::EasyUnlockKeyManager::GetDeviceDataListCallback& callback) { | 87 const chromeos::EasyUnlockKeyManager::GetDeviceDataListCallback& callback) { |
87 chromeos::EasyUnlockKeyManager* key_manager = | 88 chromeos::EasyUnlockKeyManager* key_manager = |
88 chromeos::UserSessionManager::GetInstance()->GetEasyUnlockKeyManager(); | 89 chromeos::UserSessionManager::GetInstance()->GetEasyUnlockKeyManager(); |
89 DCHECK(key_manager); | 90 DCHECK(key_manager); |
90 | 91 |
91 key_manager->GetDeviceDataList( | 92 key_manager->GetDeviceDataList( |
92 chromeos::UserContext(account_id), | 93 chromeos::UserContext(account_id), |
93 base::Bind(&RetryDataLoadOnError, account_id, backoff_ms, callback)); | 94 base::Bind(&RetryDataLoadOnError, account_id, backoff_ms, callback)); |
94 } | 95 } |
95 | 96 |
| 97 // Deserializes a vector of BeaconSeeds. If an error occurs, an empty vector |
| 98 // will be returned. Note: The logic to serialize BeaconSeeds lives in |
| 99 // EasyUnlockServiceRegular. |
| 100 // Note: The serialization of device data inside a user session is different |
| 101 // than outside the user session (sign-in). RemoteDevices are serialized as |
| 102 // protocol buffers inside the user session, but we have a custom serialization |
| 103 // scheme for sign-in due to slightly different data requirements. |
| 104 std::vector<cryptauth::BeaconSeed> DeserializeBeaconSeeds( |
| 105 const std::string& serialized_beacon_seeds) { |
| 106 std::vector<cryptauth::BeaconSeed> beacon_seeds; |
| 107 |
| 108 JSONStringValueDeserializer deserializer(serialized_beacon_seeds); |
| 109 std::string error; |
| 110 std::unique_ptr<base::Value> deserialized_value = |
| 111 deserializer.Deserialize(nullptr, &error); |
| 112 if (!deserialized_value) { |
| 113 PA_LOG(ERROR) << "Unable to deserialize BeaconSeeds: " << error; |
| 114 return beacon_seeds; |
| 115 } |
| 116 |
| 117 base::ListValue* beacon_seed_list; |
| 118 if (!deserialized_value->GetAsList(&beacon_seed_list)) { |
| 119 PA_LOG(ERROR) << "Deserialized BeaconSeeds value is not list."; |
| 120 return beacon_seeds; |
| 121 } |
| 122 |
| 123 for (size_t i = 0; i < beacon_seed_list->GetSize(); ++i) { |
| 124 std::string b64_beacon_seed; |
| 125 if (!beacon_seed_list->GetString(i, &b64_beacon_seed)) { |
| 126 PA_LOG(ERROR) << "Expected Base64 BeaconSeed."; |
| 127 continue; |
| 128 } |
| 129 |
| 130 std::string proto_serialized_beacon_seed; |
| 131 if (!base::Base64UrlDecode(b64_beacon_seed, |
| 132 base::Base64UrlDecodePolicy::REQUIRE_PADDING, |
| 133 &proto_serialized_beacon_seed)) { |
| 134 PA_LOG(ERROR) << "Unable to decode BeaconSeed."; |
| 135 continue; |
| 136 } |
| 137 |
| 138 cryptauth::BeaconSeed beacon_seed; |
| 139 if (!beacon_seed.ParseFromString(proto_serialized_beacon_seed)) { |
| 140 PA_LOG(ERROR) << "Unable to parse BeaconSeed proto."; |
| 141 continue; |
| 142 } |
| 143 |
| 144 beacon_seeds.push_back(beacon_seed); |
| 145 } |
| 146 |
| 147 PA_LOG(INFO) << "Deserialized " << beacon_seeds.size() << " BeaconSeeds."; |
| 148 return beacon_seeds; |
| 149 } |
| 150 |
96 } // namespace | 151 } // namespace |
97 | 152 |
98 EasyUnlockServiceSignin::UserData::UserData() | 153 EasyUnlockServiceSignin::UserData::UserData() |
99 : state(EasyUnlockServiceSignin::USER_DATA_STATE_INITIAL) { | 154 : state(EasyUnlockServiceSignin::USER_DATA_STATE_INITIAL) { |
100 } | 155 } |
101 | 156 |
102 EasyUnlockServiceSignin::UserData::~UserData() {} | 157 EasyUnlockServiceSignin::UserData::~UserData() {} |
103 | 158 |
104 EasyUnlockServiceSignin::EasyUnlockServiceSignin(Profile* profile) | 159 EasyUnlockServiceSignin::EasyUnlockServiceSignin(Profile* profile) |
105 : EasyUnlockService(profile), | 160 : EasyUnlockService(profile), |
(...skipping 323 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
429 return; | 484 return; |
430 | 485 |
431 cryptauth::RemoteDeviceList remote_devices; | 486 cryptauth::RemoteDeviceList remote_devices; |
432 for (const auto& device : devices) { | 487 for (const auto& device : devices) { |
433 std::string decoded_public_key, decoded_psk, decoded_challenge; | 488 std::string decoded_public_key, decoded_psk, decoded_challenge; |
434 if (!base::Base64UrlDecode(device.public_key, | 489 if (!base::Base64UrlDecode(device.public_key, |
435 base::Base64UrlDecodePolicy::REQUIRE_PADDING, | 490 base::Base64UrlDecodePolicy::REQUIRE_PADDING, |
436 &decoded_public_key) || | 491 &decoded_public_key) || |
437 !base::Base64UrlDecode(device.psk, | 492 !base::Base64UrlDecode(device.psk, |
438 base::Base64UrlDecodePolicy::REQUIRE_PADDING, | 493 base::Base64UrlDecodePolicy::REQUIRE_PADDING, |
439 &decoded_psk) || | 494 &decoded_psk)) { |
440 !base::Base64UrlDecode(device.challenge, | 495 PA_LOG(ERROR) << "Unable to decode stored remote device:\n" |
441 base::Base64UrlDecodePolicy::REQUIRE_PADDING, | 496 << " public_key: " << device.public_key << "\n" |
442 &decoded_challenge)) { | 497 << " psk: " << device.psk; |
443 PA_LOG(ERROR) << "Unable base64url decode stored remote device: " | |
444 << device.public_key; | |
445 continue; | 498 continue; |
446 } | 499 } |
447 cryptauth::RemoteDevice remote_device( | 500 cryptauth::RemoteDevice remote_device( |
448 account_id.GetUserEmail(), std::string(), decoded_public_key, | 501 account_id.GetUserEmail(), std::string(), decoded_public_key, |
449 device.bluetooth_address, decoded_psk, decoded_challenge); | 502 device.bluetooth_address, decoded_psk, decoded_challenge); |
| 503 |
| 504 if (!device.serialized_beacon_seeds.empty()) { |
| 505 PA_LOG(INFO) << "Deserializing BeaconSeeds: " |
| 506 << device.serialized_beacon_seeds; |
| 507 // TODO(tengs): Assign deserialized BeaconSeeds to the RemoteDevice. |
| 508 DeserializeBeaconSeeds(device.serialized_beacon_seeds); |
| 509 } else { |
| 510 PA_LOG(WARNING) << "No BeaconSeeds were loaded."; |
| 511 } |
| 512 |
450 remote_devices.push_back(remote_device); | 513 remote_devices.push_back(remote_device); |
451 PA_LOG(INFO) << "Loaded Remote Device:\n" | 514 PA_LOG(INFO) << "Loaded Remote Device:\n" |
452 << " user id: " << remote_device.user_id << "\n" | 515 << " user id: " << remote_device.user_id << "\n" |
453 << " name: " << remote_device.name << "\n" | 516 << " name: " << remote_device.name << "\n" |
454 << " public key" << device.public_key << "\n" | 517 << " public key" << device.public_key << "\n" |
455 << " bt_addr:" << remote_device.bluetooth_address; | 518 << " bt_addr:" << remote_device.bluetooth_address; |
456 } | 519 } |
457 | 520 |
458 SetProximityAuthDevices(account_id, remote_devices); | 521 SetProximityAuthDevices(account_id, remote_devices); |
459 } | 522 } |
460 | 523 |
461 const EasyUnlockServiceSignin::UserData* | 524 const EasyUnlockServiceSignin::UserData* |
462 EasyUnlockServiceSignin::FindLoadedDataForCurrentUser() const { | 525 EasyUnlockServiceSignin::FindLoadedDataForCurrentUser() const { |
463 if (!account_id_.is_valid()) | 526 if (!account_id_.is_valid()) |
464 return nullptr; | 527 return nullptr; |
465 | 528 |
466 const auto it = user_data_.find(account_id_); | 529 const auto it = user_data_.find(account_id_); |
467 if (it == user_data_.end()) | 530 if (it == user_data_.end()) |
468 return nullptr; | 531 return nullptr; |
469 if (it->second->state != USER_DATA_STATE_LOADED) | 532 if (it->second->state != USER_DATA_STATE_LOADED) |
470 return nullptr; | 533 return nullptr; |
471 return it->second.get(); | 534 return it->second.get(); |
472 } | 535 } |
OLD | NEW |