OLD | NEW |
(Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "extensions/browser/api/lock_screen_data/data_item.h" |
| 6 |
| 7 #include <utility> |
| 8 |
| 9 #include "base/base64.h" |
| 10 #include "base/bind.h" |
| 11 #include "base/files/file.h" |
| 12 #include "base/files/file_path.h" |
| 13 #include "base/files/file_util.h" |
| 14 #include "base/location.h" |
| 15 #include "base/memory/ptr_util.h" |
| 16 #include "base/sequenced_task_runner.h" |
| 17 #include "base/task_scheduler/post_task.h" |
| 18 #include "base/values.h" |
| 19 #include "crypto/encryptor.h" |
| 20 #include "crypto/symmetric_key.h" |
| 21 #include "extensions/browser/api/lock_screen_data/operation_result.h" |
| 22 #include "extensions/browser/api/storage/local_value_store_cache.h" |
| 23 #include "extensions/browser/extension_registry.h" |
| 24 #include "extensions/browser/value_store/value_store.h" |
| 25 |
| 26 namespace extensions { |
| 27 namespace lock_screen_data { |
| 28 |
| 29 namespace { |
| 30 |
| 31 // Key for the dictionary in the value store containing all items registered |
| 32 // for the extension. |
| 33 const char kStoreKeyRegisteredItems[] = "registered_items"; |
| 34 |
| 35 constexpr int kAesInitializationVectorLength = 16; |
| 36 |
| 37 // Encrypts |data| with AES key |raw_key|. Returns whether the encryption was |
| 38 // successful, in which case |*result| will be set to the encrypted data. |
| 39 bool EncryptData(const std::vector<char> data, |
| 40 const std::string& raw_key, |
| 41 std::string* result) { |
| 42 std::string initialization_vector(kAesInitializationVectorLength, ' '); |
| 43 std::unique_ptr<crypto::SymmetricKey> key = |
| 44 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, raw_key); |
| 45 if (!key) |
| 46 return false; |
| 47 |
| 48 crypto::Encryptor encryptor; |
| 49 if (!encryptor.Init(key.get(), crypto::Encryptor::CBC, initialization_vector)) |
| 50 return false; |
| 51 |
| 52 return encryptor.Encrypt(std::string(data.data(), data.size()), result); |
| 53 } |
| 54 |
| 55 // Decrypts |data| content using AES key |raw_key|. Returns the operation result |
| 56 // code. On success, |*result| will be set to the clear-text data. |
| 57 OperationResult DecryptData(const std::string& data, |
| 58 const std::string& raw_key, |
| 59 std::vector<char>* result) { |
| 60 std::string initialization_vector(kAesInitializationVectorLength, ' '); |
| 61 std::unique_ptr<crypto::SymmetricKey> key = |
| 62 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, raw_key); |
| 63 if (!key) |
| 64 return OperationResult::kInvalidKey; |
| 65 |
| 66 crypto::Encryptor encryptor; |
| 67 if (!encryptor.Init(key.get(), crypto::Encryptor::CBC, initialization_vector)) |
| 68 return OperationResult::kInvalidKey; |
| 69 |
| 70 std::string decrypted; |
| 71 if (!encryptor.Decrypt(data, &decrypted)) |
| 72 return OperationResult::kWrongKey; |
| 73 |
| 74 *result = |
| 75 std::vector<char>(decrypted.data(), decrypted.data() + decrypted.size()); |
| 76 |
| 77 return OperationResult::kSuccess; |
| 78 } |
| 79 |
| 80 // Returns whether the value store |store| contains a registered item with ID |
| 81 // |item_id|. |
| 82 bool IsItemRegistered(ValueStore* store, const std::string& item_id) { |
| 83 ValueStore::ReadResult read = store->Get(kStoreKeyRegisteredItems); |
| 84 |
| 85 const base::DictionaryValue* registered_items = nullptr; |
| 86 return read->status().ok() && |
| 87 read->settings().GetDictionary(kStoreKeyRegisteredItems, |
| 88 ®istered_items) && |
| 89 registered_items->HasKey(item_id); |
| 90 } |
| 91 |
| 92 // Gets a dictionary value that contains set of all registered data items from |
| 93 // the values store |store|. |
| 94 // |result| - the item fetch operation status code. |
| 95 // |value| - on success, set to the dictionary containing registered data items. |
| 96 // Note that the dictionary will not contain data item content. |
| 97 void GetRegisteredItems(OperationResult* result, |
| 98 base::DictionaryValue* values, |
| 99 ValueStore* store) { |
| 100 ValueStore::ReadResult read = store->Get(kStoreKeyRegisteredItems); |
| 101 |
| 102 values->Clear(); |
| 103 |
| 104 std::unique_ptr<base::Value> registered_items; |
| 105 if (!read->status().ok()) { |
| 106 *result = OperationResult::kFailed; |
| 107 return; |
| 108 } |
| 109 |
| 110 // Using remove to pass ownership of registered_item dict to |
| 111 // |registered_items| (and avoid doing a copy |read->settings()| |
| 112 // sub-dictionary). |
| 113 if (!read->settings().Remove(kStoreKeyRegisteredItems, ®istered_items)) { |
| 114 // If the registered items dictionary cannot be found, assume no items have |
| 115 // yet been registered, and return empty result. |
| 116 *result = OperationResult::kSuccess; |
| 117 return; |
| 118 } |
| 119 |
| 120 std::unique_ptr<base::DictionaryValue> items_dict = |
| 121 base::DictionaryValue::From(std::move(registered_items)); |
| 122 |
| 123 *result = |
| 124 items_dict.get() ? OperationResult::kSuccess : OperationResult::kFailed; |
| 125 if (items_dict) |
| 126 values->Swap(items_dict.get()); |
| 127 } |
| 128 |
| 129 // Registers a data item with ID |item_id| in value store |store|. |
| 130 void RegisterItem(OperationResult* result, |
| 131 const std::string& item_id, |
| 132 ValueStore* store) { |
| 133 ValueStore::ReadResult read = store->Get(kStoreKeyRegisteredItems); |
| 134 |
| 135 std::unique_ptr<base::Value> registered_items; |
| 136 if (!read->status().ok()) { |
| 137 *result = OperationResult::kFailed; |
| 138 return; |
| 139 } |
| 140 if (!read->settings().Remove(kStoreKeyRegisteredItems, ®istered_items)) |
| 141 registered_items = base::MakeUnique<base::DictionaryValue>(); |
| 142 |
| 143 std::unique_ptr<base::DictionaryValue> dict = |
| 144 base::DictionaryValue::From(std::move(registered_items)); |
| 145 if (!dict) { |
| 146 *result = OperationResult::kFailed; |
| 147 return; |
| 148 } |
| 149 |
| 150 if (dict->HasKey(item_id)) { |
| 151 *result = OperationResult::kAlreadyRegistered; |
| 152 return; |
| 153 } |
| 154 |
| 155 dict->Set(item_id, base::MakeUnique<base::DictionaryValue>()); |
| 156 |
| 157 ValueStore::WriteResult write = |
| 158 store->Set(ValueStore::DEFAULTS, kStoreKeyRegisteredItems, *dict); |
| 159 *result = write->status().ok() ? OperationResult::kSuccess |
| 160 : OperationResult::kFailed; |
| 161 } |
| 162 |
| 163 // Encrypts |data| with AES key |encryption_key| and saved it as |item_id| |
| 164 // content to the value store |store|. The encrypted data is saved base64 |
| 165 // encoded. |
| 166 void WriteImpl(OperationResult* result, |
| 167 const std::string item_id, |
| 168 const std::vector<char>& data, |
| 169 const std::string& encryption_key, |
| 170 ValueStore* store) { |
| 171 if (!IsItemRegistered(store, item_id)) { |
| 172 *result = OperationResult::kNotFound; |
| 173 return; |
| 174 } |
| 175 |
| 176 std::string encrypted; |
| 177 if (!EncryptData(data, encryption_key, &encrypted)) { |
| 178 *result = OperationResult::kInvalidKey; |
| 179 return; |
| 180 } |
| 181 base::Base64Encode(encrypted, &encrypted); |
| 182 |
| 183 ValueStore::WriteResult write = store->Set(ValueStore::DEFAULTS, item_id, |
| 184 base::Value(std::move(encrypted))); |
| 185 |
| 186 *result = write->status().ok() ? OperationResult::kSuccess |
| 187 : OperationResult::kFailed; |
| 188 } |
| 189 |
| 190 // Gets content of the data item with ID |item_id| from value store |store|, |
| 191 // and decrypts it using |decryption_key|. On success, the decrypted data is |
| 192 // returned as |*data| contents. Note that this method expects the encrypted |
| 193 // data content in the value store is base64 encoded. |
| 194 void ReadImpl(OperationResult* result, |
| 195 std::vector<char>* data, |
| 196 const std::string& item_id, |
| 197 const std::string& decryption_key, |
| 198 ValueStore* store) { |
| 199 if (!IsItemRegistered(store, item_id)) { |
| 200 *result = OperationResult::kNotFound; |
| 201 return; |
| 202 } |
| 203 |
| 204 ValueStore::ReadResult read = store->Get(item_id); |
| 205 if (!read->status().ok()) { |
| 206 *result = OperationResult::kNotFound; |
| 207 return; |
| 208 } |
| 209 |
| 210 const base::Value* item; |
| 211 if (!read->settings().Get(item_id, &item)) { |
| 212 *result = OperationResult::kSuccess; |
| 213 *data = std::vector<char>(); |
| 214 return; |
| 215 } |
| 216 |
| 217 std::string read_data; |
| 218 if (!item->is_string() || |
| 219 !base::Base64Decode(item->GetString(), &read_data)) { |
| 220 *result = OperationResult::kFailed; |
| 221 return; |
| 222 } |
| 223 |
| 224 *result = DecryptData(read_data, decryption_key, data); |
| 225 } |
| 226 |
| 227 // Unregisters and deletes the item with |item_id| from the |valus_store|. |
| 228 void DeleteImpl(OperationResult* result, |
| 229 const std::string& item_id, |
| 230 ValueStore* store) { |
| 231 ValueStore::WriteResult remove = |
| 232 store->Remove(std::vector<std::string>({item_id})); |
| 233 if (!remove->status().ok()) { |
| 234 *result = OperationResult::kFailed; |
| 235 return; |
| 236 } |
| 237 |
| 238 ValueStore::ReadResult read = store->Get(kStoreKeyRegisteredItems); |
| 239 if (!read->status().ok()) { |
| 240 *result = OperationResult::kFailed; |
| 241 return; |
| 242 } |
| 243 |
| 244 base::DictionaryValue* registered_items = nullptr; |
| 245 if (!read->settings().GetDictionary(kStoreKeyRegisteredItems, |
| 246 ®istered_items) || |
| 247 !registered_items->Remove(item_id, nullptr)) { |
| 248 *result = OperationResult::kNotFound; |
| 249 return; |
| 250 } |
| 251 |
| 252 ValueStore::WriteResult write = store->Set( |
| 253 ValueStore::DEFAULTS, kStoreKeyRegisteredItems, *registered_items); |
| 254 *result = write->status().ok() ? OperationResult::kSuccess |
| 255 : OperationResult::kFailed; |
| 256 } |
| 257 |
| 258 void OnGetRegisteredValues(const DataItem::RegisteredValuesCallback& callback, |
| 259 std::unique_ptr<OperationResult> result, |
| 260 std::unique_ptr<base::DictionaryValue> values) { |
| 261 callback.Run(*result, std::move(values)); |
| 262 } |
| 263 |
| 264 } // namespace |
| 265 |
| 266 // static |
| 267 void DataItem::GetRegisteredValuesForExtension( |
| 268 content::BrowserContext* context, |
| 269 ValueStoreCache* value_store_cache, |
| 270 base::SequencedTaskRunner* task_runner, |
| 271 const std::string& extension_id, |
| 272 const RegisteredValuesCallback& callback) { |
| 273 scoped_refptr<const Extension> extension = |
| 274 ExtensionRegistry::Get(context)->GetExtensionById( |
| 275 extension_id, ExtensionRegistry::ENABLED); |
| 276 if (!extension) { |
| 277 callback.Run(OperationResult::kUnknownExtension, nullptr); |
| 278 return; |
| 279 } |
| 280 |
| 281 std::unique_ptr<OperationResult> result = |
| 282 base::MakeUnique<OperationResult>(OperationResult::kFailed); |
| 283 OperationResult* result_ptr = result.get(); |
| 284 std::unique_ptr<base::DictionaryValue> values = |
| 285 base::MakeUnique<base::DictionaryValue>(); |
| 286 base::DictionaryValue* values_ptr = values.get(); |
| 287 |
| 288 task_runner->PostTaskAndReply( |
| 289 FROM_HERE, |
| 290 base::BindOnce(&ValueStoreCache::RunWithValueStoreForExtension, |
| 291 base::Unretained(value_store_cache), |
| 292 base::Bind(&GetRegisteredItems, result_ptr, values_ptr), |
| 293 extension), |
| 294 base::BindOnce(&OnGetRegisteredValues, callback, std::move(result), |
| 295 std::move(values))); |
| 296 } |
| 297 |
| 298 // static |
| 299 void DataItem::DeleteAllItemsForExtension( |
| 300 content::BrowserContext* context, |
| 301 ValueStoreCache* value_store_cache, |
| 302 base::SequencedTaskRunner* task_runner, |
| 303 const std::string& extension_id, |
| 304 const base::Closure& callback) { |
| 305 task_runner->PostTaskAndReply( |
| 306 FROM_HERE, |
| 307 base::BindOnce(&ValueStoreCache::DeleteStorageSoon, |
| 308 base::Unretained(value_store_cache), extension_id), |
| 309 callback); |
| 310 } |
| 311 |
| 312 DataItem::DataItem(const std::string& id, |
| 313 const std::string& extension_id, |
| 314 content::BrowserContext* context, |
| 315 ValueStoreCache* value_store_cache, |
| 316 base::SequencedTaskRunner* task_runner, |
| 317 const std::string& crypto_key) |
| 318 : id_(id), |
| 319 extension_id_(extension_id), |
| 320 context_(context), |
| 321 value_store_cache_(value_store_cache), |
| 322 task_runner_(task_runner), |
| 323 crypto_key_(crypto_key), |
| 324 weak_ptr_factory_(this) {} |
| 325 |
| 326 DataItem::~DataItem() = default; |
| 327 |
| 328 void DataItem::Register(const WriteCallback& callback) { |
| 329 scoped_refptr<const Extension> extension = |
| 330 ExtensionRegistry::Get(context_)->GetExtensionById( |
| 331 extension_id_, ExtensionRegistry::ENABLED); |
| 332 if (!extension) { |
| 333 callback.Run(OperationResult::kUnknownExtension); |
| 334 return; |
| 335 } |
| 336 |
| 337 std::unique_ptr<OperationResult> result = |
| 338 base::MakeUnique<OperationResult>(OperationResult::kFailed); |
| 339 OperationResult* result_ptr = result.get(); |
| 340 |
| 341 task_runner_->PostTaskAndReply( |
| 342 FROM_HERE, |
| 343 base::BindOnce(&ValueStoreCache::RunWithValueStoreForExtension, |
| 344 base::Unretained(value_store_cache_), |
| 345 base::Bind(&RegisterItem, result_ptr, id()), extension), |
| 346 base::BindOnce(&DataItem::OnWriteDone, weak_ptr_factory_.GetWeakPtr(), |
| 347 callback, std::move(result))); |
| 348 } |
| 349 |
| 350 void DataItem::Write(const std::vector<char>& data, |
| 351 const WriteCallback& callback) { |
| 352 scoped_refptr<const Extension> extension = |
| 353 ExtensionRegistry::Get(context_)->GetExtensionById( |
| 354 extension_id_, ExtensionRegistry::ENABLED); |
| 355 if (!extension) { |
| 356 callback.Run(OperationResult::kUnknownExtension); |
| 357 return; |
| 358 } |
| 359 |
| 360 std::unique_ptr<OperationResult> result = |
| 361 base::MakeUnique<OperationResult>(OperationResult::kFailed); |
| 362 OperationResult* result_ptr = result.get(); |
| 363 |
| 364 task_runner_->PostTaskAndReply( |
| 365 FROM_HERE, |
| 366 base::BindOnce(&ValueStoreCache::RunWithValueStoreForExtension, |
| 367 base::Unretained(value_store_cache_), |
| 368 base::Bind(&WriteImpl, result_ptr, id_, data, crypto_key_), |
| 369 extension), |
| 370 base::BindOnce(&DataItem::OnWriteDone, weak_ptr_factory_.GetWeakPtr(), |
| 371 callback, std::move(result))); |
| 372 } |
| 373 |
| 374 void DataItem::Read(const ReadCallback& callback) { |
| 375 scoped_refptr<const Extension> extension = |
| 376 ExtensionRegistry::Get(context_)->GetExtensionById( |
| 377 extension_id_, ExtensionRegistry::ENABLED); |
| 378 if (!extension) { |
| 379 callback.Run(OperationResult::kUnknownExtension, nullptr); |
| 380 return; |
| 381 } |
| 382 |
| 383 std::unique_ptr<OperationResult> result = |
| 384 base::MakeUnique<OperationResult>(OperationResult::kFailed); |
| 385 OperationResult* result_ptr = result.get(); |
| 386 |
| 387 std::unique_ptr<std::vector<char>> data = |
| 388 base::MakeUnique<std::vector<char>>(); |
| 389 std::vector<char>* data_ptr = data.get(); |
| 390 |
| 391 task_runner_->PostTaskAndReply( |
| 392 FROM_HERE, |
| 393 base::BindOnce( |
| 394 &ValueStoreCache::RunWithValueStoreForExtension, |
| 395 base::Unretained(value_store_cache_), |
| 396 base::Bind(&ReadImpl, result_ptr, data_ptr, id_, crypto_key_), |
| 397 extension), |
| 398 base::BindOnce(&DataItem::OnReadDone, weak_ptr_factory_.GetWeakPtr(), |
| 399 callback, std::move(result), std::move(data))); |
| 400 } |
| 401 |
| 402 void DataItem::Delete(const WriteCallback& callback) { |
| 403 scoped_refptr<const Extension> extension = |
| 404 ExtensionRegistry::Get(context_)->GetExtensionById( |
| 405 extension_id_, ExtensionRegistry::ENABLED); |
| 406 if (!extension) { |
| 407 callback.Run(OperationResult::kUnknownExtension); |
| 408 return; |
| 409 } |
| 410 std::unique_ptr<OperationResult> result = |
| 411 base::MakeUnique<OperationResult>(OperationResult::kFailed); |
| 412 OperationResult* result_ptr = result.get(); |
| 413 |
| 414 task_runner_->PostTaskAndReply( |
| 415 FROM_HERE, |
| 416 base::BindOnce(&ValueStoreCache::RunWithValueStoreForExtension, |
| 417 base::Unretained(value_store_cache_), |
| 418 base::Bind(&DeleteImpl, result_ptr, id_), extension), |
| 419 base::BindOnce(&DataItem::OnWriteDone, weak_ptr_factory_.GetWeakPtr(), |
| 420 callback, std::move(result))); |
| 421 } |
| 422 |
| 423 void DataItem::OnWriteDone(const DataItem::WriteCallback& callback, |
| 424 std::unique_ptr<OperationResult> success) { |
| 425 callback.Run(*success); |
| 426 } |
| 427 |
| 428 void DataItem::OnReadDone(const DataItem::ReadCallback& callback, |
| 429 std::unique_ptr<OperationResult> success, |
| 430 std::unique_ptr<std::vector<char>> data) { |
| 431 callback.Run(*success, std::move(data)); |
| 432 } |
| 433 |
| 434 } // namespace lock_screen_data |
| 435 } // namespace extensions |
OLD | NEW |