Chromium Code Reviews Chromium Code Reviews
Issue 554043003:
cros: Create cryptohome keys for Easy sign-in. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/cryptohome/homedir_methods.h" | 5 #include "chromeos/cryptohome/homedir_methods.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "chromeos/dbus/cryptohome/key.pb.h" | 9 #include "chromeos/dbus/cryptohome/key.pb.h" |
| 10 #include "chromeos/dbus/cryptohome/rpc.pb.h" | 10 #include "chromeos/dbus/cryptohome/rpc.pb.h" |
| (...skipping 26 matching lines...) Expand all Loading... | |
| 37 if (key_def.privileges != 0) { | 37 if (key_def.privileges != 0) { |
| 38 KeyPrivileges* privileges = data->mutable_privileges(); | 38 KeyPrivileges* privileges = data->mutable_privileges(); |
| 39 privileges->set_mount(key_def.privileges & PRIV_MOUNT); | 39 privileges->set_mount(key_def.privileges & PRIV_MOUNT); |
| 40 privileges->set_add(key_def.privileges & PRIV_ADD); | 40 privileges->set_add(key_def.privileges & PRIV_ADD); |
| 41 privileges->set_remove(key_def.privileges & PRIV_REMOVE); | 41 privileges->set_remove(key_def.privileges & PRIV_REMOVE); |
| 42 privileges->set_update(key_def.privileges & PRIV_MIGRATE); | 42 privileges->set_update(key_def.privileges & PRIV_MIGRATE); |
| 43 privileges->set_authorized_update(key_def.privileges & | 43 privileges->set_authorized_update(key_def.privileges & |
| 44 PRIV_AUTHORIZED_UPDATE); | 44 PRIV_AUTHORIZED_UPDATE); |
| 45 } | 45 } |
| 46 | 46 |
| 47 if (key_def.encryption_key.empty() && key_def.signature_key.empty()) | 47 const bool has_auth_data = |
| 48 return; | 48 !key_def.encryption_key.empty() || !key_def.signature_key.empty(); |
| 49 if (has_auth_data) { | |
| 50 KeyAuthorizationData* auth_data = data->add_authorization_data(); | |
| 51 auth_data->set_type( | |
| 52 KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256); | |
| 53 if (!key_def.encryption_key.empty()) { | |
| 54 KeyAuthorizationSecret* secret = auth_data->add_secrets(); | |
| 55 secret->mutable_usage()->set_encrypt(true); | |
| 56 secret->set_symmetric_key(key_def.encryption_key); | |
| 57 } | |
| 58 if (!key_def.signature_key.empty()) { | |
| 59 KeyAuthorizationSecret* secret = auth_data->add_secrets(); | |
| 60 secret->mutable_usage()->set_sign(true); | |
| 61 secret->set_symmetric_key(key_def.signature_key); | |
| 62 } | |
| 63 } | |
|
Darren Krahn
2014/09/12 16:35:17
Also collides with https://codereview.chromium.org
xiyuan
2014/09/12 19:10:12
Rebased.
| |
| 49 | 64 |
| 50 KeyAuthorizationData* auth_data = data->add_authorization_data(); | 65 if (!key_def.provider_data.empty()) { |
| 51 auth_data->set_type(KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256); | 66 KeyProviderData* provider_data = data->mutable_provider_data(); |
| 52 if (!key_def.encryption_key.empty()) { | 67 for (size_t i = 0; i < key_def.provider_data.size(); ++i) { |
| 53 KeyAuthorizationSecret* secret = auth_data->add_secrets(); | 68 const ProviderDataEntry& entry_data = key_def.provider_data[i]; |
| 54 secret->mutable_usage()->set_encrypt(true); | 69 |
| 55 secret->set_symmetric_key(key_def.encryption_key); | 70 KeyProviderData_Entry* entry = provider_data->add_entry(); |
| 56 } | 71 entry->set_name(entry_data.name); |
| 57 if (!key_def.signature_key.empty()) { | 72 if (entry_data.has_number) |
| 58 KeyAuthorizationSecret* secret = auth_data->add_secrets(); | 73 entry->set_number(entry_data.number); |
| 59 secret->mutable_usage()->set_sign(true); | 74 if (entry_data.has_bytes) |
| 60 secret->set_symmetric_key(key_def.signature_key); | 75 entry->set_bytes(entry_data.bytes); |
| 76 } | |
| 61 } | 77 } |
| 62 } | 78 } |
| 63 | 79 |
| 64 // Fill identification protobuffer. | 80 // Fill identification protobuffer. |
| 65 void FillIdentificationProtobuf(const Identification& id, | 81 void FillIdentificationProtobuf(const Identification& id, |
| 66 cryptohome::AccountIdentifier* id_proto) { | 82 cryptohome::AccountIdentifier* id_proto) { |
| 67 id_proto->set_email(id.user_id); | 83 id_proto->set_email(id.user_id); |
| 68 } | 84 } |
| 69 | 85 |
| 70 // Fill authorization protobuffer. | 86 // Fill authorization protobuffer. |
| (...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 322 } | 338 } |
| 323 } | 339 } |
| 324 | 340 |
| 325 // Extract |provider_data|. | 341 // Extract |provider_data|. |
| 326 for (RepeatedPtrField<KeyProviderData::Entry>::const_iterator | 342 for (RepeatedPtrField<KeyProviderData::Entry>::const_iterator |
| 327 provider_data_it = it->provider_data().entry().begin(); | 343 provider_data_it = it->provider_data().entry().begin(); |
| 328 provider_data_it != it->provider_data().entry().end(); | 344 provider_data_it != it->provider_data().entry().end(); |
| 329 ++provider_data_it) { | 345 ++provider_data_it) { |
| 330 // Extract |name|. | 346 // Extract |name|. |
| 331 key_data->provider_data.push_back( | 347 key_data->provider_data.push_back( |
| 332 new RetrievedKeyData::ProviderData(provider_data_it->name())); | 348 ProviderDataEntry(provider_data_it->name())); |
| 333 RetrievedKeyData::ProviderData* provider_data = | 349 ProviderDataEntry* provider_data = &key_data->provider_data.back(); |
| 334 key_data->provider_data.back(); | |
| 335 | 350 |
| 336 int data_items = 0; | 351 int data_items = 0; |
| 337 | 352 |
| 338 // Extract |number|. | 353 // Extract |number|. |
| 339 if (provider_data_it->has_number()) { | 354 if (provider_data_it->has_number()) { |
| 340 provider_data->number.reset(new int64(provider_data_it->number())); | 355 provider_data->SetNumber(provider_data_it->number()); |
| 341 ++data_items; | 356 ++data_items; |
| 342 } | 357 } |
| 343 | 358 |
| 344 // Extract |bytes|. | 359 // Extract |bytes|. |
| 345 if (provider_data_it->has_bytes()) { | 360 if (provider_data_it->has_bytes()) { |
| 346 provider_data->bytes.reset( | 361 provider_data->SetBytes(provider_data_it->bytes()); |
| 347 new std::string(provider_data_it->bytes())); | |
| 348 ++data_items; | 362 ++data_items; |
| 349 } | 363 } |
| 350 | 364 |
| 351 DCHECK_EQ(1, data_items); | 365 DCHECK_EQ(1, data_items); |
| 352 } | 366 } |
| 353 } | 367 } |
| 354 | 368 |
| 355 callback.Run(true, MOUNT_ERROR_NONE, key_data_list.Pass()); | 369 callback.Run(true, MOUNT_ERROR_NONE, key_data_list.Pass()); |
| 356 } | 370 } |
| 357 | 371 |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 431 } | 445 } |
| 432 delete g_homedir_methods; | 446 delete g_homedir_methods; |
| 433 g_homedir_methods = NULL; | 447 g_homedir_methods = NULL; |
| 434 VLOG(1) << "HomedirMethods Shutdown completed"; | 448 VLOG(1) << "HomedirMethods Shutdown completed"; |
| 435 } | 449 } |
| 436 | 450 |
| 437 // static | 451 // static |
| 438 HomedirMethods* HomedirMethods::GetInstance() { return g_homedir_methods; } | 452 HomedirMethods* HomedirMethods::GetInstance() { return g_homedir_methods; } |
| 439 | 453 |
| 440 } // namespace cryptohome | 454 } // namespace cryptohome |
| OLD | NEW |
