[EasyUnlock] Serialize and store BeaconSeeds along as cryptohome key metadata.

chrome/browser/signin/easy_unlock_service_signin_chromeos.cc

Index: chrome/browser/signin/easy_unlock_service_signin_chromeos.cc
diff --git a/chrome/browser/signin/easy_unlock_service_signin_chromeos.cc b/chrome/browser/signin/easy_unlock_service_signin_chromeos.cc
index fc71efaa6848bfb8eb039ef278b3b3623ded45a0..3ebe864b8c47a146a6c20ef2ae186cab2af6176f 100644
--- a/chrome/browser/signin/easy_unlock_service_signin_chromeos.cc
+++ b/chrome/browser/signin/easy_unlock_service_signin_chromeos.cc
@@ -9,6 +9,7 @@
 #include "base/base64url.h"
 #include "base/bind.h"
 #include "base/command_line.h"
+#include "base/json/json_string_value_serializer.h"
 #include "base/location.h"
 #include "base/logging.h"
 #include "base/memory/ptr_util.h"
@@ -93,6 +94,56 @@ void LoadDataForUser(
       base::Bind(&RetryDataLoadOnError, account_id, backoff_ms, callback));
 }
 
+// Deserializes a vector of BeaconSeeds. If an error occurs, an empty vector
+// will be returned. Note: The logic to serialize BeaconSeeds lives in
+// EasyUnlockServiceRegular.
+std::vector<cryptauth::BeaconSeed> DeserializeBeaconSeeds(

[Ryan Hansberry, 2017/05/09 02:44:08]

Why should serialization and deserialization logic not live in something more
generic, like in cryptauth?

[Tim Song, 2017/05/10 18:23:26]

This would require some refactoring. Essentially, these values are stored
outside of the user session (as cryptohome key metadata) where CryptAuthService
is not available. 

Indeed, we should ideally have one serialization algorithm for both these use
cases, but the problem right now is that CryptAuth serializes from the
ExternalDeviceInfo proto, whereas we have some custom data scheme here.

It is a bigger refactoring effort (but probably worth it) to store the
serialized ExternalDeviceInfos in the cryptohome key metadata rather than these
custom fields. 

[Ryan Hansberry, 2017/05/15 15:36:41]

Got it. Can you please add a comment explaining this background?

[Tim Song, 2017/05/17 19:18:07]

Done.

+    const std::string& serialized_beacon_seeds) {
+  std::vector<cryptauth::BeaconSeed> beacon_seeds;
+
+  JSONStringValueDeserializer deserializer(serialized_beacon_seeds);
+  std::string error;
+  std::unique_ptr<base::Value> deserialized_value =
+      deserializer.Deserialize(nullptr, &error);
+  if (!deserialized_value) {
+    PA_LOG(ERROR) << "Unable to deserialize BeaconSeeds: " << error;
+    return beacon_seeds;
+  }
+
+  base::ListValue* beacon_seed_list;
+  if (!deserialized_value->GetAsList(&beacon_seed_list)) {
+    PA_LOG(ERROR) << "Deserialized BeaconSeeds value is not list.";
+    return beacon_seeds;
+  }
+
+  for (size_t i = 0; i < beacon_seed_list->GetSize(); ++i) {
+    std::string b64_beacon_seed;
+    if (!beacon_seed_list->GetString(i, &b64_beacon_seed)) {
+      PA_LOG(ERROR) << "Expected Base64 BeaconSeed.";
+      continue;
+    }
+
+    std::string proto_serialized_beacon_seed;
+    if (!base::Base64UrlDecode(b64_beacon_seed,
+                               base::Base64UrlDecodePolicy::REQUIRE_PADDING,
+                               &proto_serialized_beacon_seed)) {
+      PA_LOG(ERROR) << "Unable to Base64 decode BeaconSeed.";
+      continue;
+    }
+
+    cryptauth::BeaconSeed beacon_seed;
+    if (!beacon_seed.ParseFromString(proto_serialized_beacon_seed)) {
+      PA_LOG(ERROR) << "Unable to parse BeaconSeed proto.";
+      continue;
+    }
+
+    beacon_seeds.push_back(beacon_seed);
+  }
+
+  PA_LOG(INFO) << "Deserialized " << beacon_seeds.size() << " BeaconSeeds.";
+  return beacon_seeds;
+}
+
 }  // namespace
 
 EasyUnlockServiceSignin::UserData::UserData()
@@ -436,17 +487,25 @@ void EasyUnlockServiceSignin::OnUserDataLoaded(
                                &decoded_public_key) ||
         !base::Base64UrlDecode(device.psk,
                                base::Base64UrlDecodePolicy::REQUIRE_PADDING,
-                               &decoded_psk) ||
-        !base::Base64UrlDecode(device.challenge,
-                               base::Base64UrlDecodePolicy::REQUIRE_PADDING,
-                               &decoded_challenge)) {
-      PA_LOG(ERROR) << "Unable base64url decode stored remote device: "
-                    << device.public_key;
+                               &decoded_psk)) {
+      PA_LOG(ERROR) << "Unable base64url decode stored remote device:\n"
+                    << "  public_key: " << device.public_key << "\n"
+                    << "  psk: " << device.psk;
       continue;
     }
     cryptauth::RemoteDevice remote_device(
         account_id.GetUserEmail(), std::string(), decoded_public_key,
         device.bluetooth_address, decoded_psk, decoded_challenge);
+
+    if (!device.serialized_beacon_seeds.empty()) {
+      PA_LOG(INFO) << "Deserializing BeaconSeeds: "
+                   << device.serialized_beacon_seeds;
+      // TODO(tengs): Assign deserialized BeaconSeeds to the RemoteDevice.
+      DeserializeBeaconSeeds(device.serialized_beacon_seeds);
+    } else {
+      PA_LOG(WARNING) << "No BeaconSeeds were loaded.";
+    }
+
     remote_devices.push_back(remote_device);
     PA_LOG(INFO) << "Loaded Remote Device:\n"
                  << "  user id: " << remote_device.user_id << "\n"