Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(752)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chromeos/cryptohome/homedir_methods.cc

Issue 526353002: Merge cryptohome::RetrievedKeyData with cryptohome::KeyDefinition (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@d_2_367847_add_get_key_data_ex_to_mount_flow
Patch Set: Rebased. Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chromeos/cryptohome/homedir_methods.h ('k') | chromeos/cryptohome/homedir_methods_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chromeos/cryptohome/homedir_methods.h" 5 #include "chromeos/cryptohome/homedir_methods.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "chromeos/dbus/cryptohome/key.pb.h" 9 #include "chromeos/dbus/cryptohome/key.pb.h"
10 #include "chromeos/dbus/cryptohome/rpc.pb.h" 10 #include "chromeos/dbus/cryptohome/rpc.pb.h"
11 #include "chromeos/dbus/cryptohome_client.h" 11 #include "chromeos/dbus/cryptohome_client.h"
12 #include "chromeos/dbus/dbus_thread_manager.h" 12 #include "chromeos/dbus/dbus_thread_manager.h"
13 13
14 #if defined(USE_SYSTEM_PROTOBUF) 14 #if defined(USE_SYSTEM_PROTOBUF)
15 #include <google/protobuf/repeated_field.h> 15 #include <google/protobuf/repeated_field.h>
16 #else 16 #else
17 #include "third_party/protobuf/src/google/protobuf/repeated_field.h" 17 #include "third_party/protobuf/src/google/protobuf/repeated_field.h"
18 #endif 18 #endif
19 19
20 using chromeos::DBusThreadManager; 20 using chromeos::DBusThreadManager;
21 using google::protobuf::RepeatedPtrField; 21 using google::protobuf::RepeatedPtrField;
22 22
23 namespace cryptohome { 23 namespace cryptohome {
24 24
25 namespace { 25 namespace {
26 26
27 HomedirMethods* g_homedir_methods = NULL; 27 HomedirMethods* g_homedir_methods = NULL;
28 28
29 void FillKeyProtobuf(const KeyDefinition& key_def, Key* key) { 29 void FillKeyProtobuf(const KeyDefinition& key_def, Key* key) {
30 key->set_secret(key_def.key); 30 key->set_secret(key_def.secret);
31 KeyData* data = key->mutable_data(); 31 KeyData* data = key->mutable_data();
32 DCHECK_EQ(KeyDefinition::TYPE_PASSWORD, key_def.type);
33 data->set_type(KeyData::KEY_TYPE_PASSWORD);
32 data->set_label(key_def.label); 34 data->set_label(key_def.label);
33 35
34 if (key_def.revision > 0) 36 if (key_def.revision > 0)
35 data->set_revision(key_def.revision); 37 data->set_revision(key_def.revision);
36 38
37 if (key_def.privileges != 0) { 39 if (key_def.privileges != 0) {
38 KeyPrivileges* privileges = data->mutable_privileges(); 40 KeyPrivileges* privileges = data->mutable_privileges();
39 privileges->set_mount(key_def.privileges & PRIV_MOUNT); 41 privileges->set_mount(key_def.privileges & PRIV_MOUNT);
40 privileges->set_add(key_def.privileges & PRIV_ADD); 42 privileges->set_add(key_def.privileges & PRIV_ADD);
41 privileges->set_remove(key_def.privileges & PRIV_REMOVE); 43 privileges->set_remove(key_def.privileges & PRIV_REMOVE);
42 privileges->set_update(key_def.privileges & PRIV_MIGRATE); 44 privileges->set_update(key_def.privileges & PRIV_MIGRATE);
43 privileges->set_authorized_update(key_def.privileges & 45 privileges->set_authorized_update(key_def.privileges &
44 PRIV_AUTHORIZED_UPDATE); 46 PRIV_AUTHORIZED_UPDATE);
45 } 47 }
46 48
47 if (key_def.encryption_key.empty() && key_def.signature_key.empty()) 49 for (std::vector<KeyDefinition::AuthorizationData>::const_iterator auth_it =
48 return; 50 key_def.authorization_data.begin();
51 auth_it != key_def.authorization_data.end(); ++auth_it) {
52 KeyAuthorizationData* auth_data = data->add_authorization_data();
53 switch (auth_it->type) {
54 case KeyDefinition::AuthorizationData::TYPE_HMACSHA256:
55 auth_data->set_type(
56 KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256);
57 break;
58 case KeyDefinition::AuthorizationData::TYPE_AES256CBC_HMACSHA256:
59 auth_data->set_type(
60 KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256);
61 break;
62 default:
63 NOTREACHED();
64 break;
65 }
49 66
50 KeyAuthorizationData* auth_data = data->add_authorization_data(); 67 for (std::vector<KeyDefinition::AuthorizationData::Secret>::const_iterator
51 auth_data->set_type(KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256); 68 secret_it = auth_it->secrets.begin();
52 if (!key_def.encryption_key.empty()) { 69 secret_it != auth_it->secrets.end(); ++secret_it) {
53 KeyAuthorizationSecret* secret = auth_data->add_secrets(); 70 KeyAuthorizationSecret* secret = auth_data->add_secrets();
54 secret->mutable_usage()->set_encrypt(true); 71 secret->mutable_usage()->set_encrypt(secret_it->encrypt);
55 secret->set_symmetric_key(key_def.encryption_key); 72 secret->mutable_usage()->set_sign(secret_it->sign);
73 if (!secret_it->symmetric_key.empty())
74 secret->set_symmetric_key(secret_it->symmetric_key);
75 if (!secret_it->public_key.empty())
76 secret->set_public_key(secret_it->public_key);
77 secret->set_wrapped(secret_it->wrapped);
78 }
56 } 79 }
57 if (!key_def.signature_key.empty()) { 80
58 KeyAuthorizationSecret* secret = auth_data->add_secrets(); 81 for (std::vector<KeyDefinition::ProviderData>::const_iterator it =
59 secret->mutable_usage()->set_sign(true); 82 key_def.provider_data.begin(); it != key_def.provider_data.end();
60 secret->set_symmetric_key(key_def.signature_key); 83 ++it) {
84 KeyProviderData::Entry* entry =
85 data->mutable_provider_data()->add_entry();
86 entry->set_name(it->name);
87 if (it->number)
88 entry->set_number(*it->number);
89 if (it->bytes)
90 entry->set_bytes(*it->bytes);
61 } 91 }
62 } 92 }
63 93
64 // Fill identification protobuffer. 94 // Fill identification protobuffer.
65 void FillIdentificationProtobuf(const Identification& id, 95 void FillIdentificationProtobuf(const Identification& id,
66 cryptohome::AccountIdentifier* id_proto) { 96 cryptohome::AccountIdentifier* id_proto) {
67 id_proto->set_email(id.user_id); 97 id_proto->set_email(id.user_id);
68 } 98 }
69 99
70 // Fill authorization protobuffer. 100 // Fill authorization protobuffer.
71 void FillAuthorizationProtobuf(const Authorization& auth, 101 void FillAuthorizationProtobuf(const Authorization& auth,
72 cryptohome::AuthorizationRequest* auth_proto) { 102 cryptohome::AuthorizationRequest* auth_proto) {
73 Key* key = auth_proto->mutable_key(); 103 Key* key = auth_proto->mutable_key();
74 if (!auth.label.empty()) { 104 if (!auth.label.empty()) {
75 key->mutable_data()->set_label(auth.label); 105 key->mutable_data()->set_label(auth.label);
76 } 106 }
77 key->set_secret(auth.key); 107 key->set_secret(auth.key);
78 } 108 }
79 109
110 void ParseAuthorizationDataProtobuf(
111 const KeyAuthorizationData& authorization_data_proto,
112 KeyDefinition::AuthorizationData* authorization_data) {
113 switch (authorization_data_proto.type()) {
114 case KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256:
115 authorization_data->type =
116 KeyDefinition::AuthorizationData::TYPE_HMACSHA256;
117 break;
118 case KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256:
119 authorization_data->type =
120 KeyDefinition::AuthorizationData::TYPE_AES256CBC_HMACSHA256;
121 break;
122 default:
123 NOTREACHED();
124 return;
125 }
126
127 for (RepeatedPtrField<KeyAuthorizationSecret>::const_iterator it =
128 authorization_data_proto.secrets().begin();
129 it != authorization_data_proto.secrets().end(); ++it) {
130 authorization_data->secrets.push_back(
131 KeyDefinition::AuthorizationData::Secret(it->usage().encrypt(),
132 it->usage().sign(),
133 it->symmetric_key(),
134 it->public_key(),
135 it->wrapped()));
136 }
137 }
138
80 MountError MapError(CryptohomeErrorCode code) { 139 MountError MapError(CryptohomeErrorCode code) {
81 switch (code) { 140 switch (code) {
82 case CRYPTOHOME_ERROR_NOT_SET: 141 case CRYPTOHOME_ERROR_NOT_SET:
83 return MOUNT_ERROR_NONE; 142 return MOUNT_ERROR_NONE;
84 case CRYPTOHOME_ERROR_ACCOUNT_NOT_FOUND: 143 case CRYPTOHOME_ERROR_ACCOUNT_NOT_FOUND:
85 return MOUNT_ERROR_USER_DOES_NOT_EXIST; 144 return MOUNT_ERROR_USER_DOES_NOT_EXIST;
86 case CRYPTOHOME_ERROR_NOT_IMPLEMENTED: 145 case CRYPTOHOME_ERROR_NOT_IMPLEMENTED:
87 case CRYPTOHOME_ERROR_MOUNT_FATAL: 146 case CRYPTOHOME_ERROR_MOUNT_FATAL:
88 case CRYPTOHOME_ERROR_KEY_QUOTA_EXCEEDED: 147 case CRYPTOHOME_ERROR_KEY_QUOTA_EXCEEDED:
89 case CRYPTOHOME_ERROR_BACKING_STORE_FAILURE: 148 case CRYPTOHOME_ERROR_BACKING_STORE_FAILURE:
(...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after
250 weak_ptr_factory_.GetWeakPtr(), 309 weak_ptr_factory_.GetWeakPtr(),
251 callback)); 310 callback));
252 } 311 }
253 312
254 private: 313 private:
255 void OnGetKeyDataExCallback(const GetKeyDataCallback& callback, 314 void OnGetKeyDataExCallback(const GetKeyDataCallback& callback,
256 chromeos::DBusMethodCallStatus call_status, 315 chromeos::DBusMethodCallStatus call_status,
257 bool result, 316 bool result,
258 const BaseReply& reply) { 317 const BaseReply& reply) {
259 if (call_status != chromeos::DBUS_METHOD_CALL_SUCCESS) { 318 if (call_status != chromeos::DBUS_METHOD_CALL_SUCCESS) {
260 callback.Run(false, MOUNT_ERROR_FATAL, ScopedVector<RetrievedKeyData>()); 319 callback.Run(false, MOUNT_ERROR_FATAL, std::vector<KeyDefinition>());
261 return; 320 return;
262 } 321 }
263 if (reply.has_error()) { 322 if (reply.has_error()) {
264 if (reply.error() != CRYPTOHOME_ERROR_NOT_SET) { 323 if (reply.error() != CRYPTOHOME_ERROR_NOT_SET) {
265 callback.Run(false, 324 callback.Run(false,
266 MapError(reply.error()), 325 MapError(reply.error()),
267 ScopedVector<RetrievedKeyData>()); 326 std::vector<KeyDefinition>());
268 return; 327 return;
269 } 328 }
270 } 329 }
271 330
272 if (!reply.HasExtension(GetKeyDataReply::reply)) { 331 if (!reply.HasExtension(GetKeyDataReply::reply)) {
273 callback.Run(false, MOUNT_ERROR_FATAL, ScopedVector<RetrievedKeyData>()); 332 callback.Run(false, MOUNT_ERROR_FATAL, std::vector<KeyDefinition>());
274 return; 333 return;
275 } 334 }
276 335
277 // Extract the contents of the |KeyData| protos returned. 336 // Extract the contents of the |KeyData| protos returned.
278 const RepeatedPtrField<KeyData>& key_data_proto = 337 const RepeatedPtrField<KeyData>& key_data =
279 reply.GetExtension(GetKeyDataReply::reply).key_data(); 338 reply.GetExtension(GetKeyDataReply::reply).key_data();
280 ScopedVector<RetrievedKeyData> key_data_list; 339 std::vector<KeyDefinition> key_definitions;
281 for (RepeatedPtrField<KeyData>::const_iterator it = key_data_proto.begin(); 340 for (RepeatedPtrField<KeyData>::const_iterator it = key_data.begin();
282 it != key_data_proto.end(); ++it) { 341 it != key_data.end(); ++it) {
283 342
284 // Extract |type|, |label| and |revision|. 343 // Extract |type|, |label| and |revision|.
285 DCHECK_EQ(KeyData::KEY_TYPE_PASSWORD, it->type()); 344 DCHECK_EQ(KeyData::KEY_TYPE_PASSWORD, it->type());
286 key_data_list.push_back(new RetrievedKeyData( 345 key_definitions.push_back(KeyDefinition(std::string() /* secret */,
287 RetrievedKeyData::TYPE_PASSWORD, 346 it->label(),
288 it->label(), 347 0 /* privileges */));
289 it->revision())); 348 KeyDefinition& key_definition = key_definitions.back();
290 RetrievedKeyData* key_data = key_data_list.back(); 349 key_definition.revision = it->revision();
291 350
292 // Extract |privileges|. 351 // Extract |privileges|.
293 const KeyPrivileges& privileges = it->privileges(); 352 const KeyPrivileges& privileges = it->privileges();
294 if (privileges.mount()) 353 if (privileges.mount())
295 key_data->privileges |= PRIV_MOUNT; 354 key_definition.privileges |= PRIV_MOUNT;
296 if (privileges.add()) 355 if (privileges.add())
297 key_data->privileges |= PRIV_ADD; 356 key_definition.privileges |= PRIV_ADD;
298 if (privileges.remove()) 357 if (privileges.remove())
299 key_data->privileges |= PRIV_REMOVE; 358 key_definition.privileges |= PRIV_REMOVE;
300 if (privileges.update()) 359 if (privileges.update())
301 key_data->privileges |= PRIV_MIGRATE; 360 key_definition.privileges |= PRIV_MIGRATE;
302 if (privileges.authorized_update()) 361 if (privileges.authorized_update())
303 key_data->privileges |= PRIV_AUTHORIZED_UPDATE; 362 key_definition.privileges |= PRIV_AUTHORIZED_UPDATE;
304 363
305 // Extract |authorization_data|. 364 // Extract |authorization_data|.
306 for (RepeatedPtrField<KeyAuthorizationData>::const_iterator auth_it = 365 for (RepeatedPtrField<KeyAuthorizationData>::const_iterator auth_it =
307 it->authorization_data().begin(); 366 it->authorization_data().begin();
308 auth_it != it->authorization_data().end(); ++auth_it) { 367 auth_it != it->authorization_data().end(); ++auth_it) {
309 switch (auth_it->type()) { 368 key_definition.authorization_data.push_back(
310 case KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256: 369 KeyDefinition::AuthorizationData());
311 key_data->authorization_types.push_back( 370 ParseAuthorizationDataProtobuf(
312 RetrievedKeyData::AUTHORIZATION_TYPE_HMACSHA256); 371 *auth_it,
313 break; 372 &key_definition.authorization_data.back());
314 case KeyAuthorizationData::
315 KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256:
316 key_data->authorization_types.push_back(
317 RetrievedKeyData::AUTHORIZATION_TYPE_AES256CBC_HMACSHA256);
318 break;
319 default:
320 NOTREACHED();
321 break;
322 }
323 } 373 }
324 374
325 // Extract |provider_data|. 375 // Extract |provider_data|.
326 for (RepeatedPtrField<KeyProviderData::Entry>::const_iterator 376 for (RepeatedPtrField<KeyProviderData::Entry>::const_iterator
327 provider_data_it = it->provider_data().entry().begin(); 377 provider_data_it = it->provider_data().entry().begin();
328 provider_data_it != it->provider_data().entry().end(); 378 provider_data_it != it->provider_data().entry().end();
329 ++provider_data_it) { 379 ++provider_data_it) {
330 // Extract |name|. 380 // Extract |name|.
331 key_data->provider_data.push_back( 381 key_definition.provider_data.push_back(
332 new RetrievedKeyData::ProviderData(provider_data_it->name())); 382 KeyDefinition::ProviderData(provider_data_it->name()));
333 RetrievedKeyData::ProviderData* provider_data = 383 KeyDefinition::ProviderData& provider_data =
334 key_data->provider_data.back(); 384 key_definition.provider_data.back();
335 385
336 int data_items = 0; 386 int data_items = 0;
337 387
338 // Extract |number|. 388 // Extract |number|.
339 if (provider_data_it->has_number()) { 389 if (provider_data_it->has_number()) {
340 provider_data->number.reset(new int64(provider_data_it->number())); 390 provider_data.number.reset(new int64(provider_data_it->number()));
341 ++data_items; 391 ++data_items;
342 } 392 }
343 393
344 // Extract |bytes|. 394 // Extract |bytes|.
345 if (provider_data_it->has_bytes()) { 395 if (provider_data_it->has_bytes()) {
346 provider_data->bytes.reset( 396 provider_data.bytes.reset(
347 new std::string(provider_data_it->bytes())); 397 new std::string(provider_data_it->bytes()));
348 ++data_items; 398 ++data_items;
349 } 399 }
350 400
351 DCHECK_EQ(1, data_items); 401 DCHECK_EQ(1, data_items);
352 } 402 }
353 } 403 }
354 404
355 callback.Run(true, MOUNT_ERROR_NONE, key_data_list.Pass()); 405 callback.Run(true, MOUNT_ERROR_NONE, key_definitions);
356 } 406 }
357 407
358 void OnMountExCallback(const MountCallback& callback, 408 void OnMountExCallback(const MountCallback& callback,
359 chromeos::DBusMethodCallStatus call_status, 409 chromeos::DBusMethodCallStatus call_status,
360 bool result, 410 bool result,
361 const BaseReply& reply) { 411 const BaseReply& reply) {
362 if (call_status != chromeos::DBUS_METHOD_CALL_SUCCESS) { 412 if (call_status != chromeos::DBUS_METHOD_CALL_SUCCESS) {
363 callback.Run(false, MOUNT_ERROR_FATAL, std::string()); 413 callback.Run(false, MOUNT_ERROR_FATAL, std::string());
364 return; 414 return;
365 } 415 }
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
431 } 481 }
432 delete g_homedir_methods; 482 delete g_homedir_methods;
433 g_homedir_methods = NULL; 483 g_homedir_methods = NULL;
434 VLOG(1) << "HomedirMethods Shutdown completed"; 484 VLOG(1) << "HomedirMethods Shutdown completed";
435 } 485 }
436 486
437 // static 487 // static
438 HomedirMethods* HomedirMethods::GetInstance() { return g_homedir_methods; } 488 HomedirMethods* HomedirMethods::GetInstance() { return g_homedir_methods; }
439 489
440 } // namespace cryptohome 490 } // namespace cryptohome
OLDNEW
« no previous file with comments | « chromeos/cryptohome/homedir_methods.h ('k') | chromeos/cryptohome/homedir_methods_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698