OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/managed/managed_user_authenticator.h" | 5 #include "chrome/browser/chromeos/login/managed/managed_user_authenticator.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/strings/string_number_conversions.h" | 8 #include "base/strings/string_number_conversions.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "chrome/browser/chromeos/boot_times_loader.h" | 10 #include "chrome/browser/chromeos/boot_times_loader.h" |
11 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" | 11 #include "chrome/browser/chromeos/login/auth/key.h" |
12 #include "chromeos/cryptohome/async_method_caller.h" | 12 #include "chromeos/cryptohome/async_method_caller.h" |
13 #include "chromeos/cryptohome/cryptohome_parameters.h" | 13 #include "chromeos/cryptohome/cryptohome_parameters.h" |
14 #include "chromeos/cryptohome/system_salt_getter.h" | 14 #include "chromeos/cryptohome/system_salt_getter.h" |
15 #include "chromeos/dbus/cryptohome_client.h" | 15 #include "chromeos/dbus/cryptohome_client.h" |
16 #include "chromeos/dbus/dbus_thread_manager.h" | 16 #include "chromeos/dbus/dbus_thread_manager.h" |
17 #include "content/public/browser/browser_thread.h" | 17 #include "content/public/browser/browser_thread.h" |
18 #include "crypto/sha2.h" | 18 #include "crypto/sha2.h" |
19 #include "google_apis/gaia/gaia_auth_util.h" | 19 #include "google_apis/gaia/gaia_auth_util.h" |
20 #include "third_party/cros_system_api/dbus/service_constants.h" | 20 #include "third_party/cros_system_api/dbus/service_constants.h" |
21 | 21 |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
57 } | 57 } |
58 | 58 |
59 // Calls cryptohome's mount method. | 59 // Calls cryptohome's mount method. |
60 void Mount(ManagedUserAuthenticator::AuthAttempt* attempt, | 60 void Mount(ManagedUserAuthenticator::AuthAttempt* attempt, |
61 scoped_refptr<ManagedUserAuthenticator> resolver, | 61 scoped_refptr<ManagedUserAuthenticator> resolver, |
62 int flags, | 62 int flags, |
63 const std::string& system_salt) { | 63 const std::string& system_salt) { |
64 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 64 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
65 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 65 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( |
66 "CryptohomeMount-LMU-Start", false); | 66 "CryptohomeMount-LMU-Start", false); |
| 67 |
| 68 Key key(attempt->password); |
| 69 key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); |
67 cryptohome::AsyncMethodCaller::GetInstance()->AsyncMount( | 70 cryptohome::AsyncMethodCaller::GetInstance()->AsyncMount( |
68 attempt->username, | 71 attempt->username, |
69 ParallelAuthenticator::HashPassword(attempt->password, system_salt), | 72 key.GetSecret(), |
70 flags, | 73 flags, |
71 base::Bind(&TriggerResolveWithLoginTimeMarker, | 74 base::Bind(&TriggerResolveWithLoginTimeMarker, |
72 "CryptohomeMount-LMU-End", | 75 "CryptohomeMount-LMU-End", |
73 attempt, | 76 attempt, |
74 resolver)); | 77 resolver)); |
75 | 78 |
76 cryptohome::AsyncMethodCaller::GetInstance()->AsyncGetSanitizedUsername( | 79 cryptohome::AsyncMethodCaller::GetInstance()->AsyncGetSanitizedUsername( |
77 attempt->username, | 80 attempt->username, |
78 base::Bind(&TriggerResolveResult, attempt, resolver)); | 81 base::Bind(&TriggerResolveResult, attempt, resolver)); |
79 } | 82 } |
80 | 83 |
81 // Calls cryptohome's addKey method. | 84 // Calls cryptohome's addKey method. |
82 void AddKey(ManagedUserAuthenticator::AuthAttempt* attempt, | 85 void AddKey(ManagedUserAuthenticator::AuthAttempt* attempt, |
83 scoped_refptr<ManagedUserAuthenticator> resolver, | 86 scoped_refptr<ManagedUserAuthenticator> resolver, |
84 const std::string& master_key, | 87 const std::string& plain_text_master_key, |
85 const std::string& system_salt) { | 88 const std::string& system_salt) { |
86 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 89 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
87 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( | 90 chromeos::BootTimesLoader::Get()->AddLoginTimeMarker( |
88 "CryptohomeAddKey-LMU-Start", false); | 91 "CryptohomeAddKey-LMU-Start", false); |
| 92 |
| 93 Key user_key(attempt->password); |
| 94 user_key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); |
| 95 Key master_key(plain_text_master_key); |
| 96 master_key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, system_salt); |
89 cryptohome::AsyncMethodCaller::GetInstance()->AsyncAddKey( | 97 cryptohome::AsyncMethodCaller::GetInstance()->AsyncAddKey( |
90 attempt->username, | 98 attempt->username, |
91 ParallelAuthenticator::HashPassword(attempt->password, system_salt), | 99 user_key.GetSecret(), |
92 ParallelAuthenticator::HashPassword(master_key, system_salt), | 100 master_key.GetSecret(), |
93 base::Bind(&TriggerResolveWithLoginTimeMarker, | 101 base::Bind(&TriggerResolveWithLoginTimeMarker, |
94 "CryptohomeAddKey-LMU-End", | 102 "CryptohomeAddKey-LMU-End", |
95 attempt, | 103 attempt, |
96 resolver)); | 104 resolver)); |
97 } | 105 } |
98 | 106 |
99 } // namespace | 107 } // namespace |
100 | 108 |
101 ManagedUserAuthenticator::ManagedUserAuthenticator(AuthStatusConsumer* consumer) | 109 ManagedUserAuthenticator::ManagedUserAuthenticator(AuthStatusConsumer* consumer) |
102 : consumer_(consumer) {} | 110 : consumer_(consumer) {} |
(...skipping 218 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
321 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 329 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
322 return hash_obtained_; | 330 return hash_obtained_; |
323 } | 331 } |
324 | 332 |
325 std::string ManagedUserAuthenticator::AuthAttempt::hash() { | 333 std::string ManagedUserAuthenticator::AuthAttempt::hash() { |
326 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 334 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
327 return hash_; | 335 return hash_; |
328 } | 336 } |
329 | 337 |
330 } // namespace chromeos | 338 } // namespace chromeos |
OLD | NEW |