| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/auth/extended_authenticator.h" | 5 #include "chrome/browser/chromeos/login/auth/extended_authenticator.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/strings/string_number_conversions.h" | 8 #include "base/strings/string_number_conversions.h" |
| 9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 10 #include "chrome/browser/chromeos/boot_times_loader.h" | 10 #include "chrome/browser/chromeos/boot_times_loader.h" |
| 11 #include "chrome/browser/chromeos/login/auth/key.h" |
| 11 #include "chrome/browser/chromeos/login/auth/login_status_consumer.h" | 12 #include "chrome/browser/chromeos/login/auth/login_status_consumer.h" |
| 12 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" | |
| 13 #include "chrome/browser/chromeos/login/auth/user_context.h" | 13 #include "chrome/browser/chromeos/login/auth/user_context.h" |
| 14 #include "chromeos/cryptohome/async_method_caller.h" | 14 #include "chromeos/cryptohome/async_method_caller.h" |
| 15 #include "chromeos/cryptohome/cryptohome_parameters.h" | 15 #include "chromeos/cryptohome/cryptohome_parameters.h" |
| 16 #include "chromeos/cryptohome/homedir_methods.h" | 16 #include "chromeos/cryptohome/homedir_methods.h" |
| 17 #include "chromeos/cryptohome/system_salt_getter.h" | 17 #include "chromeos/cryptohome/system_salt_getter.h" |
| 18 #include "chromeos/dbus/cryptohome_client.h" | 18 #include "chromeos/dbus/cryptohome_client.h" |
| 19 #include "chromeos/dbus/dbus_thread_manager.h" | 19 #include "chromeos/dbus/dbus_thread_manager.h" |
| 20 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
| 21 #include "crypto/sha2.h" | 21 #include "crypto/sha2.h" |
| 22 #include "google_apis/gaia/gaia_auth_util.h" | 22 #include "google_apis/gaia/gaia_auth_util.h" |
| (...skipping 26 matching lines...) Expand all Loading... |
| 49 SystemSaltGetter::Get()->GetSystemSalt( | 49 SystemSaltGetter::Get()->GetSystemSalt( |
| 50 base::Bind(&ExtendedAuthenticator::OnSaltObtained, this)); | 50 base::Bind(&ExtendedAuthenticator::OnSaltObtained, this)); |
| 51 } | 51 } |
| 52 | 52 |
| 53 ExtendedAuthenticator::ExtendedAuthenticator(LoginStatusConsumer* consumer) | 53 ExtendedAuthenticator::ExtendedAuthenticator(LoginStatusConsumer* consumer) |
| 54 : salt_obtained_(false), consumer_(NULL), old_consumer_(consumer) { | 54 : salt_obtained_(false), consumer_(NULL), old_consumer_(consumer) { |
| 55 SystemSaltGetter::Get()->GetSystemSalt( | 55 SystemSaltGetter::Get()->GetSystemSalt( |
| 56 base::Bind(&ExtendedAuthenticator::OnSaltObtained, this)); | 56 base::Bind(&ExtendedAuthenticator::OnSaltObtained, this)); |
| 57 } | 57 } |
| 58 | 58 |
| 59 ExtendedAuthenticator::~ExtendedAuthenticator() {} | |
| 60 | |
| 61 void ExtendedAuthenticator::SetConsumer(LoginStatusConsumer* consumer) { | 59 void ExtendedAuthenticator::SetConsumer(LoginStatusConsumer* consumer) { |
| 62 old_consumer_ = consumer; | 60 old_consumer_ = consumer; |
| 63 } | 61 } |
| 64 | 62 |
| 65 void ExtendedAuthenticator::OnSaltObtained(const std::string& system_salt) { | |
| 66 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 67 | |
| 68 salt_obtained_ = true; | |
| 69 system_salt_ = system_salt; | |
| 70 for (size_t i = 0; i < hashing_queue_.size(); i++) { | |
| 71 hashing_queue_[i].Run(system_salt); | |
| 72 } | |
| 73 hashing_queue_.clear(); | |
| 74 } | |
| 75 | |
| 76 void ExtendedAuthenticator::AuthenticateToMount( | 63 void ExtendedAuthenticator::AuthenticateToMount( |
| 77 const UserContext& context, | 64 const UserContext& context, |
| 78 const HashSuccessCallback& success_callback) { | 65 const ResultCallback& success_callback) { |
| 79 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 66 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 80 TransformContext(context, | 67 TransformKeyIfNeeded(context, |
| 81 base::Bind(&ExtendedAuthenticator::DoAuthenticateToMount, | 68 base::Bind(&ExtendedAuthenticator::DoAuthenticateToMount, |
| 82 this, | 69 this, |
| 83 success_callback)); | 70 success_callback)); |
| 84 } | 71 } |
| 85 | 72 |
| 86 void ExtendedAuthenticator::AuthenticateToCheck( | 73 void ExtendedAuthenticator::AuthenticateToCheck( |
| 87 const UserContext& context, | 74 const UserContext& context, |
| 88 const base::Closure& success_callback) { | 75 const base::Closure& success_callback) { |
| 89 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 76 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 90 | 77 TransformKeyIfNeeded(context, |
| 91 TransformContext(context, | 78 base::Bind(&ExtendedAuthenticator::DoAuthenticateToCheck, |
| 92 base::Bind(&ExtendedAuthenticator::DoAuthenticateToCheck, | 79 this, |
| 93 this, | 80 success_callback)); |
| 94 success_callback)); | |
| 95 } | 81 } |
| 96 | 82 |
| 97 void ExtendedAuthenticator::CreateMount( | 83 void ExtendedAuthenticator::CreateMount( |
| 98 const std::string& user_id, | 84 const std::string& user_id, |
| 99 const std::vector<cryptohome::KeyDefinition>& keys, | 85 const std::vector<cryptohome::KeyDefinition>& keys, |
| 100 const HashSuccessCallback& success_callback) { | 86 const ResultCallback& success_callback) { |
| 101 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 87 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 102 | 88 |
| 103 RecordStartMarker("MountEx"); | 89 RecordStartMarker("MountEx"); |
| 104 | 90 |
| 105 std::string canonicalized = gaia::CanonicalizeEmail(user_id); | 91 std::string canonicalized = gaia::CanonicalizeEmail(user_id); |
| 106 cryptohome::Identification id(canonicalized); | 92 cryptohome::Identification id(canonicalized); |
| 107 cryptohome::Authorization auth(keys.front()); | 93 cryptohome::Authorization auth(keys.front()); |
| 108 cryptohome::MountParameters mount(false); | 94 cryptohome::MountParameters mount(false); |
| 109 for (size_t i = 0; i < keys.size(); i++) { | 95 for (size_t i = 0; i < keys.size(); i++) { |
| 110 mount.create_keys.push_back(keys[i]); | 96 mount.create_keys.push_back(keys[i]); |
| 111 } | 97 } |
| 112 UserContext context(user_id); | 98 UserContext context(user_id); |
| 113 context.SetPassword(keys.front().key); | 99 Key key(keys.front().key); |
| 114 context.SetKeyLabel(keys.front().label); | 100 key.SetLabel(keys.front().label); |
| 101 context.SetKey(key); |
| 115 | 102 |
| 116 cryptohome::HomedirMethods::GetInstance()->MountEx( | 103 cryptohome::HomedirMethods::GetInstance()->MountEx( |
| 117 id, | 104 id, |
| 118 auth, | 105 auth, |
| 119 mount, | 106 mount, |
| 120 base::Bind(&ExtendedAuthenticator::OnMountComplete, | 107 base::Bind(&ExtendedAuthenticator::OnMountComplete, |
| 121 this, | 108 this, |
| 122 "MountEx", | 109 "MountEx", |
| 123 context, | 110 context, |
| 124 success_callback)); | 111 success_callback)); |
| 125 } | 112 } |
| 126 | 113 |
| 127 void ExtendedAuthenticator::AddKey(const UserContext& context, | 114 void ExtendedAuthenticator::AddKey(const UserContext& context, |
| 128 const cryptohome::KeyDefinition& key, | 115 const cryptohome::KeyDefinition& key, |
| 129 bool replace_existing, | 116 bool replace_existing, |
| 130 const base::Closure& success_callback) { | 117 const base::Closure& success_callback) { |
| 131 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 118 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 132 TransformContext(context, | 119 TransformKeyIfNeeded(context, |
| 133 base::Bind(&ExtendedAuthenticator::DoAddKey, | 120 base::Bind(&ExtendedAuthenticator::DoAddKey, |
| 134 this, | 121 this, |
| 135 key, | 122 key, |
| 136 replace_existing, | 123 replace_existing, |
| 137 success_callback)); | 124 success_callback)); |
| 138 } | 125 } |
| 139 | 126 |
| 140 void ExtendedAuthenticator::UpdateKeyAuthorized( | 127 void ExtendedAuthenticator::UpdateKeyAuthorized( |
| 141 const UserContext& context, | 128 const UserContext& context, |
| 142 const cryptohome::KeyDefinition& key, | 129 const cryptohome::KeyDefinition& key, |
| 143 const std::string& signature, | 130 const std::string& signature, |
| 144 const base::Closure& success_callback) { | 131 const base::Closure& success_callback) { |
| 145 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 132 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 146 TransformContext(context, | 133 TransformKeyIfNeeded(context, |
| 147 base::Bind(&ExtendedAuthenticator::DoUpdateKeyAuthorized, | 134 base::Bind(&ExtendedAuthenticator::DoUpdateKeyAuthorized, |
| 148 this, | 135 this, |
| 149 key, | 136 key, |
| 150 signature, | 137 signature, |
| 151 success_callback)); | 138 success_callback)); |
| 152 } | 139 } |
| 153 | 140 |
| 154 void ExtendedAuthenticator::RemoveKey(const UserContext& context, | 141 void ExtendedAuthenticator::RemoveKey(const UserContext& context, |
| 155 const std::string& key_to_remove, | 142 const std::string& key_to_remove, |
| 156 const base::Closure& success_callback) { | 143 const base::Closure& success_callback) { |
| 157 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 144 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 158 TransformContext(context, | 145 TransformKeyIfNeeded(context, |
| 159 base::Bind(&ExtendedAuthenticator::DoRemoveKey, | 146 base::Bind(&ExtendedAuthenticator::DoRemoveKey, |
| 160 this, | 147 this, |
| 161 key_to_remove, | 148 key_to_remove, |
| 162 success_callback)); | 149 success_callback)); |
| 150 } |
| 151 |
| 152 void ExtendedAuthenticator::TransformKeyIfNeeded( |
| 153 const UserContext& user_context, |
| 154 const ContextCallback& callback) { |
| 155 if (user_context.GetKey()->GetKeyType() != Key::KEY_TYPE_PASSWORD_PLAIN) { |
| 156 callback.Run(user_context); |
| 157 return; |
| 158 } |
| 159 |
| 160 if (!salt_obtained_) { |
| 161 system_salt_callbacks_.push_back(base::Bind( |
| 162 &ExtendedAuthenticator::TransformKeyIfNeeded, |
| 163 this, |
| 164 user_context, |
| 165 callback)); |
| 166 return; |
| 167 } |
| 168 |
| 169 UserContext transformed_context = user_context; |
| 170 transformed_context.GetKey()->Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, |
| 171 system_salt_); |
| 172 callback.Run(transformed_context); |
| 173 } |
| 174 |
| 175 ExtendedAuthenticator::~ExtendedAuthenticator() { |
| 176 } |
| 177 |
| 178 void ExtendedAuthenticator::OnSaltObtained(const std::string& system_salt) { |
| 179 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 180 |
| 181 salt_obtained_ = true; |
| 182 system_salt_ = system_salt; |
| 183 for (std::vector<base::Closure>::const_iterator it = |
| 184 system_salt_callbacks_.begin(); |
| 185 it != system_salt_callbacks_.end(); ++it) { |
| 186 it->Run(); |
| 187 } |
| 188 system_salt_callbacks_.clear(); |
| 163 } | 189 } |
| 164 | 190 |
| 165 void ExtendedAuthenticator::DoAuthenticateToMount( | 191 void ExtendedAuthenticator::DoAuthenticateToMount( |
| 166 const HashSuccessCallback& success_callback, | 192 const ResultCallback& success_callback, |
| 167 const UserContext& user_context) { | 193 const UserContext& user_context) { |
| 168 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 194 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 169 | 195 |
| 170 RecordStartMarker("MountEx"); | 196 RecordStartMarker("MountEx"); |
| 171 | 197 |
| 172 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); | 198 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); |
| 173 cryptohome::Identification id(canonicalized); | 199 cryptohome::Identification id(canonicalized); |
| 174 cryptohome::Authorization auth(user_context.GetPassword(), | 200 const Key* const key = user_context.GetKey(); |
| 175 user_context.GetKeyLabel()); | 201 cryptohome::Authorization auth(key->GetSecret(), key->GetLabel()); |
| 176 cryptohome::MountParameters mount(false); | 202 cryptohome::MountParameters mount(false); |
| 177 | 203 |
| 178 cryptohome::HomedirMethods::GetInstance()->MountEx( | 204 cryptohome::HomedirMethods::GetInstance()->MountEx( |
| 179 id, | 205 id, |
| 180 auth, | 206 auth, |
| 181 mount, | 207 mount, |
| 182 base::Bind(&ExtendedAuthenticator::OnMountComplete, | 208 base::Bind(&ExtendedAuthenticator::OnMountComplete, |
| 183 this, | 209 this, |
| 184 "MountEx", | 210 "MountEx", |
| 185 user_context, | 211 user_context, |
| 186 success_callback)); | 212 success_callback)); |
| 187 } | 213 } |
| 188 | 214 |
| 189 void ExtendedAuthenticator::DoAuthenticateToCheck( | 215 void ExtendedAuthenticator::DoAuthenticateToCheck( |
| 190 const base::Closure& success_callback, | 216 const base::Closure& success_callback, |
| 191 const UserContext& user_context) { | 217 const UserContext& user_context) { |
| 192 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 218 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 193 | 219 |
| 194 RecordStartMarker("CheckKeyEx"); | 220 RecordStartMarker("CheckKeyEx"); |
| 195 | 221 |
| 196 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); | 222 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); |
| 197 cryptohome::Identification id(canonicalized); | 223 cryptohome::Identification id(canonicalized); |
| 198 cryptohome::Authorization auth(user_context.GetPassword(), | 224 const Key* const key = user_context.GetKey(); |
| 199 user_context.GetKeyLabel()); | 225 cryptohome::Authorization auth(key->GetSecret(), key->GetLabel()); |
| 200 | 226 |
| 201 cryptohome::HomedirMethods::GetInstance()->CheckKeyEx( | 227 cryptohome::HomedirMethods::GetInstance()->CheckKeyEx( |
| 202 id, | 228 id, |
| 203 auth, | 229 auth, |
| 204 base::Bind(&ExtendedAuthenticator::OnOperationComplete, | 230 base::Bind(&ExtendedAuthenticator::OnOperationComplete, |
| 205 this, | 231 this, |
| 206 "CheckKeyEx", | 232 "CheckKeyEx", |
| 207 user_context, | 233 user_context, |
| 208 success_callback)); | 234 success_callback)); |
| 209 } | 235 } |
| 210 | 236 |
| 211 void ExtendedAuthenticator::DoAddKey(const cryptohome::KeyDefinition& key, | 237 void ExtendedAuthenticator::DoAddKey(const cryptohome::KeyDefinition& key, |
| 212 bool replace_existing, | 238 bool replace_existing, |
| 213 const base::Closure& success_callback, | 239 const base::Closure& success_callback, |
| 214 const UserContext& user_context) { | 240 const UserContext& user_context) { |
| 215 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 241 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 216 | 242 |
| 217 RecordStartMarker("AddKeyEx"); | 243 RecordStartMarker("AddKeyEx"); |
| 218 | 244 |
| 219 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); | 245 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); |
| 220 cryptohome::Identification id(canonicalized); | 246 cryptohome::Identification id(canonicalized); |
| 221 cryptohome::Authorization auth(user_context.GetPassword(), | 247 const Key* const auth_key = user_context.GetKey(); |
| 222 user_context.GetKeyLabel()); | 248 cryptohome::Authorization auth(auth_key->GetSecret(), auth_key->GetLabel()); |
| 223 | 249 |
| 224 cryptohome::HomedirMethods::GetInstance()->AddKeyEx( | 250 cryptohome::HomedirMethods::GetInstance()->AddKeyEx( |
| 225 id, | 251 id, |
| 226 auth, | 252 auth, |
| 227 key, | 253 key, |
| 228 replace_existing, | 254 replace_existing, |
| 229 base::Bind(&ExtendedAuthenticator::OnOperationComplete, | 255 base::Bind(&ExtendedAuthenticator::OnOperationComplete, |
| 230 this, | 256 this, |
| 231 "AddKeyEx", | 257 "AddKeyEx", |
| 232 user_context, | 258 user_context, |
| 233 success_callback)); | 259 success_callback)); |
| 234 } | 260 } |
| 235 | 261 |
| 236 void ExtendedAuthenticator::DoUpdateKeyAuthorized( | 262 void ExtendedAuthenticator::DoUpdateKeyAuthorized( |
| 237 const cryptohome::KeyDefinition& key, | 263 const cryptohome::KeyDefinition& key, |
| 238 const std::string& signature, | 264 const std::string& signature, |
| 239 const base::Closure& success_callback, | 265 const base::Closure& success_callback, |
| 240 const UserContext& user_context) { | 266 const UserContext& user_context) { |
| 241 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 267 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 242 RecordStartMarker("UpdateKeyAuthorized"); | 268 RecordStartMarker("UpdateKeyAuthorized"); |
| 243 | 269 |
| 244 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); | 270 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); |
| 245 cryptohome::Identification id(canonicalized); | 271 cryptohome::Identification id(canonicalized); |
| 246 cryptohome::Authorization auth(user_context.GetPassword(), | 272 const Key* const auth_key = user_context.GetKey(); |
| 247 user_context.GetKeyLabel()); | 273 cryptohome::Authorization auth(auth_key->GetSecret(), auth_key->GetLabel()); |
| 248 | 274 |
| 249 cryptohome::HomedirMethods::GetInstance()->UpdateKeyEx( | 275 cryptohome::HomedirMethods::GetInstance()->UpdateKeyEx( |
| 250 id, | 276 id, |
| 251 auth, | 277 auth, |
| 252 key, | 278 key, |
| 253 signature, | 279 signature, |
| 254 base::Bind(&ExtendedAuthenticator::OnOperationComplete, | 280 base::Bind(&ExtendedAuthenticator::OnOperationComplete, |
| 255 this, | 281 this, |
| 256 "UpdateKeyAuthorized", | 282 "UpdateKeyAuthorized", |
| 257 user_context, | 283 user_context, |
| 258 success_callback)); | 284 success_callback)); |
| 259 } | 285 } |
| 260 | 286 |
| 261 void ExtendedAuthenticator::DoRemoveKey(const std::string& key_to_remove, | 287 void ExtendedAuthenticator::DoRemoveKey(const std::string& key_to_remove, |
| 262 const base::Closure& success_callback, | 288 const base::Closure& success_callback, |
| 263 const UserContext& user_context) { | 289 const UserContext& user_context) { |
| 264 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 290 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 265 | 291 |
| 266 RecordStartMarker("RemoveKeyEx"); | 292 RecordStartMarker("RemoveKeyEx"); |
| 267 | 293 |
| 268 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); | 294 std::string canonicalized = gaia::CanonicalizeEmail(user_context.GetUserID()); |
| 269 cryptohome::Identification id(canonicalized); | 295 cryptohome::Identification id(canonicalized); |
| 270 cryptohome::Authorization auth(user_context.GetPassword(), | 296 const Key* const auth_key = user_context.GetKey(); |
| 271 user_context.GetKeyLabel()); | 297 cryptohome::Authorization auth(auth_key->GetSecret(), auth_key->GetLabel()); |
| 272 | 298 |
| 273 cryptohome::HomedirMethods::GetInstance()->RemoveKeyEx( | 299 cryptohome::HomedirMethods::GetInstance()->RemoveKeyEx( |
| 274 id, | 300 id, |
| 275 auth, | 301 auth, |
| 276 key_to_remove, | 302 key_to_remove, |
| 277 base::Bind(&ExtendedAuthenticator::OnOperationComplete, | 303 base::Bind(&ExtendedAuthenticator::OnOperationComplete, |
| 278 this, | 304 this, |
| 279 "RemoveKeyEx", | 305 "RemoveKeyEx", |
| 280 user_context, | 306 user_context, |
| 281 success_callback)); | 307 success_callback)); |
| 282 } | 308 } |
| 283 | 309 |
| 284 void ExtendedAuthenticator::OnMountComplete( | 310 void ExtendedAuthenticator::OnMountComplete( |
| 285 const std::string& time_marker, | 311 const std::string& time_marker, |
| 286 const UserContext& user_context, | 312 const UserContext& user_context, |
| 287 const HashSuccessCallback& success_callback, | 313 const ResultCallback& success_callback, |
| 288 bool success, | 314 bool success, |
| 289 cryptohome::MountError return_code, | 315 cryptohome::MountError return_code, |
| 290 const std::string& mount_hash) { | 316 const std::string& mount_hash) { |
| 291 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 317 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 292 | 318 |
| 293 RecordEndMarker(time_marker); | 319 RecordEndMarker(time_marker); |
| 294 UserContext copy = user_context; | 320 UserContext copy = user_context; |
| 295 copy.SetUserIDHash(mount_hash); | 321 copy.SetUserIDHash(mount_hash); |
| 296 if (return_code == cryptohome::MOUNT_ERROR_NONE) { | 322 if (return_code == cryptohome::MOUNT_ERROR_NONE) { |
| 297 if (!success_callback.is_null()) | 323 if (!success_callback.is_null()) |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 347 | 373 |
| 348 if (consumer_) | 374 if (consumer_) |
| 349 consumer_->OnAuthenticationFailure(state); | 375 consumer_->OnAuthenticationFailure(state); |
| 350 | 376 |
| 351 if (old_consumer_) { | 377 if (old_consumer_) { |
| 352 LoginFailure failure(LoginFailure::UNLOCK_FAILED); | 378 LoginFailure failure(LoginFailure::UNLOCK_FAILED); |
| 353 old_consumer_->OnLoginFailure(failure); | 379 old_consumer_->OnLoginFailure(failure); |
| 354 } | 380 } |
| 355 } | 381 } |
| 356 | 382 |
| 357 void ExtendedAuthenticator::HashPasswordWithSalt( | |
| 358 const std::string& password, | |
| 359 const HashSuccessCallback& success_callback) { | |
| 360 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 361 DCHECK(consumer_) << "This is a part of new API"; | |
| 362 | |
| 363 DoHashWithSalt(password, success_callback, system_salt_); | |
| 364 } | |
| 365 | |
| 366 void ExtendedAuthenticator::TransformContext(const UserContext& user_context, | |
| 367 const ContextCallback& callback) { | |
| 368 if (!user_context.DoesNeedPasswordHashing()) { | |
| 369 callback.Run(user_context); | |
| 370 } else { | |
| 371 DoHashWithSalt(user_context.GetPassword(), | |
| 372 base::Bind(&ExtendedAuthenticator::DidTransformContext, | |
| 373 this, | |
| 374 user_context, | |
| 375 callback), | |
| 376 system_salt_); | |
| 377 } | |
| 378 } | |
| 379 | |
| 380 void ExtendedAuthenticator::DidTransformContext( | |
| 381 const UserContext& user_context, | |
| 382 const ContextCallback& callback, | |
| 383 const std::string& hashed_password) { | |
| 384 DCHECK(user_context.DoesNeedPasswordHashing()); | |
| 385 UserContext context = user_context; | |
| 386 context.SetPassword(hashed_password); | |
| 387 context.SetDoesNeedPasswordHashing(false); | |
| 388 callback.Run(context); | |
| 389 } | |
| 390 | |
| 391 void ExtendedAuthenticator::DoHashWithSalt(const std::string& password, | |
| 392 const HashSuccessCallback& callback, | |
| 393 const std::string& system_salt) { | |
| 394 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
| 395 | |
| 396 if (salt_obtained_) { | |
| 397 std::string hash = | |
| 398 ParallelAuthenticator::HashPassword(password, system_salt); | |
| 399 callback.Run(hash); | |
| 400 return; | |
| 401 } | |
| 402 hashing_queue_.push_back(base::Bind( | |
| 403 &ExtendedAuthenticator::DoHashWithSalt, this, password, callback)); | |
| 404 } | |
| 405 | |
| 406 } // namespace chromeos | 383 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
