1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
This directory contains the interface to the application-bound encryption
primitives that are implemented by the elevation service in
[src/chrome/elevation_service].
`EncryptAppBoundString` and `DecryptAppBoundString` act like
`OSCrypt::EncryptString` and `OSCrypt::DecryptString` implemented by
[src/components/os_crypt] except that, unlike `OSCrypt`, which binds encrypted
data to the current user using DPAPI, this API will bind the encrypted data
with a `ProtectionLevel` specified by the caller.
`ProtectionLevels` are defined by chrome/elevation_service and are currently:
- `ProtectionLevel::PROTECTION_NONE`
This acts identically to DPAPI in that the protection level is user-bound.
Only a `DecryptAppBoundString` call that comes from the same user principle
as the original `EncryptAppBoundString` call with succeed.
- `ProtectionLevel::PROTECTION_PATH_VALIDATION`
This adds an additional protection that the path of the calling application
will be validated. Only a `DecryptAppBoundString` call that comes from the
same user principle, calling from the same Application (with the same file
path) as the original `EncryptAppBoundString` call with succeed. It is only
safe to call this from an application that is installed into a 'Trusted
Path' such as `C:\Program Files`, otherwise protection can be trivially
bypassed by renaming/placing a file into the required location.
|
