1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
|
// Copyright 2016 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/os_crypt/os_crypt.h"
#include <stddef.h>
#include <algorithm>
#include <iterator>
#include <memory>
#include "base/lazy_instance.h"
#include "base/logging.h"
#include "base/strings/string_util.h"
#include "base/strings/utf_string_conversions.h"
#include "base/synchronization/lock.h"
#include "components/os_crypt/key_storage_linux.h"
#include "crypto/encryptor.h"
#include "crypto/symmetric_key.h"
namespace {
// Salt for Symmetric key derivation.
const char kSalt[] = "saltysalt";
// Key size required for 128 bit AES.
const size_t kDerivedKeySizeInBits = 128;
// Constant for Symmetic key derivation.
const size_t kEncryptionIterations = 1;
// Size of initialization vector for AES 128-bit.
const size_t kIVBlockSizeAES128 = 16;
// Password version. V10 means that the hardcoded password will be used.
// V11 means that a password is/will be stored using an OS-level library (e.g
// Libsecret). V11 will not be used if such a library is not available.
// Used for array indexing.
enum Version {
V10 = 0,
V11 = 1,
};
// Prefix for cipher text returned by obfuscation version. We prefix the
// ciphertext with this string so that future data migration can detect
// this and migrate to full encryption without data loss.
const char kObfuscationPrefix[][4] = {
"v10", "v11",
};
struct Cache {
std::unique_ptr<KeyStorageLinux> key_storage_cache;
std::unique_ptr<std::string> password_v10_cache;
std::unique_ptr<std::string> password_v11_cache;
bool is_key_storage_cached;
bool is_password_v11_cached;
// Guards access to |g_cache|, making lazy initialization of individual parts
// thread safe.
base::Lock lock;
};
base::LazyInstance<Cache>::Leaky g_cache = LAZY_INSTANCE_INITIALIZER;
// Lazy acquisition and caching of a KeyStorage. Will be null if no service is
// found.
KeyStorageLinux* GetKeyStorage() {
if (!g_cache.Get().is_key_storage_cached) {
g_cache.Get().is_key_storage_cached = true;
g_cache.Get().key_storage_cache = KeyStorageLinux::CreateService();
}
return g_cache.Get().key_storage_cache.get();
}
// Pointer to a function that creates and returns the |KeyStorage| instance to
// be used. The function maintains ownership of the pointer.
KeyStorageLinux* (*g_key_storage_provider)() = &GetKeyStorage;
// Returns a cached string of "peanuts". Is thread-safe.
std::string* GetPasswordV10() {
base::AutoLock auto_lock(g_cache.Get().lock);
if (!g_cache.Get().password_v10_cache.get()) {
g_cache.Get().password_v10_cache.reset(new std::string("peanuts"));
}
return g_cache.Get().password_v10_cache.get();
}
// Caches and returns the password from the KeyStorage or null if there is no
// service. Is thread-safe.
std::string* GetPasswordV11() {
base::AutoLock auto_lock(g_cache.Get().lock);
if (!g_cache.Get().is_password_v11_cached) {
g_cache.Get().password_v11_cache.reset(
g_key_storage_provider()
? new std::string(g_key_storage_provider()->GetKey())
: nullptr);
g_cache.Get().is_password_v11_cached = true;
}
return g_cache.Get().password_v11_cache.get();
}
// Pointers to functions that return a password for deriving the encryption key.
// One function for each supported password version (see Version enum).
std::string* (*g_get_password[])() = {
&GetPasswordV10, &GetPasswordV11,
};
// Generates a newly allocated SymmetricKey object based on a password.
// Ownership of the key is passed to the caller. Returns null key if a key
// generation error occurs.
std::unique_ptr<crypto::SymmetricKey> GetEncryptionKey(Version version) {
std::string salt(kSalt);
std::string* password = g_get_password[version]();
if (!password)
return nullptr;
// Create an encryption key from our password and salt.
std::unique_ptr<crypto::SymmetricKey> encryption_key(
crypto::SymmetricKey::DeriveKeyFromPassword(
crypto::SymmetricKey::AES, *password, salt, kEncryptionIterations,
kDerivedKeySizeInBits));
DCHECK(encryption_key);
return encryption_key;
}
} // namespace
// static
bool OSCrypt::EncryptString16(const base::string16& plaintext,
std::string* ciphertext) {
return EncryptString(base::UTF16ToUTF8(plaintext), ciphertext);
}
// static
bool OSCrypt::DecryptString16(const std::string& ciphertext,
base::string16* plaintext) {
std::string utf8;
if (!DecryptString(ciphertext, &utf8))
return false;
*plaintext = base::UTF8ToUTF16(utf8);
return true;
}
// static
bool OSCrypt::EncryptString(const std::string& plaintext,
std::string* ciphertext) {
if (plaintext.empty()) {
ciphertext->clear();
return true;
}
// If we are able to create a V11 key (i.e. a KeyStorage was available), then
// we'll use it. If not, we'll use V10.
Version version = Version::V11;
std::unique_ptr<crypto::SymmetricKey> encryption_key(
GetEncryptionKey(version));
if (!encryption_key) {
version = Version::V10;
encryption_key = GetEncryptionKey(version);
}
if (!encryption_key)
return false;
std::string iv(kIVBlockSizeAES128, ' ');
crypto::Encryptor encryptor;
if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
return false;
if (!encryptor.Encrypt(plaintext, ciphertext))
return false;
// Prefix the cipher text with version information.
ciphertext->insert(0, kObfuscationPrefix[version]);
return true;
}
// static
bool OSCrypt::DecryptString(const std::string& ciphertext,
std::string* plaintext) {
if (ciphertext.empty()) {
plaintext->clear();
return true;
}
// Check that the incoming ciphertext was encrypted and with what version.
// Credit card numbers are current legacy unencrypted data, so false match
// with prefix won't happen.
Version version;
if (base::StartsWith(ciphertext, kObfuscationPrefix[Version::V10],
base::CompareCase::SENSITIVE)) {
version = Version::V10;
} else if (base::StartsWith(ciphertext, kObfuscationPrefix[Version::V11],
base::CompareCase::SENSITIVE)) {
version = Version::V11;
} else {
// If the prefix is not found then we'll assume we're dealing with
// old data saved as clear text and we'll return it directly.
*plaintext = ciphertext;
return true;
}
std::unique_ptr<crypto::SymmetricKey> encryption_key(
GetEncryptionKey(version));
if (!encryption_key)
return false;
std::string iv(kIVBlockSizeAES128, ' ');
crypto::Encryptor encryptor;
if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
return false;
// Strip off the versioning prefix before decrypting.
std::string raw_ciphertext =
ciphertext.substr(strlen(kObfuscationPrefix[version]));
if (!encryptor.Decrypt(raw_ciphertext, plaintext))
return false;
return true;
}
// static
void OSCrypt::SetStore(const std::string& store_type) {
// Changing the targeted password store makes no sense after initializing.
DCHECK(!g_cache.Get().is_key_storage_cached);
KeyStorageLinux::SetStore(store_type);
}
// static
void OSCrypt::SetProductName(const std::string& product_name) {
// Setting the product name makes no sense after initializing.
DCHECK(!g_cache.Get().is_key_storage_cached);
KeyStorageLinux::SetProductName(product_name);
}
// static
void OSCrypt::SetMainThreadRunner(
scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner) {
// Setting the task runner makes no sense after initializing.
DCHECK(!g_cache.Get().is_key_storage_cached);
KeyStorageLinux::SetMainThreadRunner(main_thread_runner);
}
void UseMockKeyStorageForTesting(KeyStorageLinux* (*get_key_storage_mock)(),
std::string* (*get_password_v11_mock)()) {
// Save the real implementation to restore it later.
static bool is_get_password_saved = false;
static std::string* (*get_password_save[arraysize(g_get_password)])();
if (!is_get_password_saved) {
std::copy(std::begin(g_get_password), std::end(g_get_password),
std::begin(get_password_save));
is_get_password_saved = true;
}
if (get_key_storage_mock && get_password_v11_mock) {
// Bypass calling KeyStorage::CreateService and caching of the key for V11
if (get_password_v11_mock)
g_get_password[Version::V11] = get_password_v11_mock;
// OSCrypt will determine the encryption version by checking if a
// |KeyStorage| instance can be created. Enable V11 by returning the mock.
if (get_key_storage_mock)
g_key_storage_provider = get_key_storage_mock;
} else {
// Restore real implementation
std::copy(std::begin(get_password_save), std::end(get_password_save),
std::begin(g_get_password));
g_key_storage_provider = &GetKeyStorage;
}
}
|
