chrome/browser/signin/local_auth.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/signin/local_auth.h"
   6
   7 #include "base/base64.h"
   8 #include "base/logging.h"
   9 #include "base/memory/scoped_ptr.h"
  10 #include "base/metrics/histogram.h"
  11 #include "base/prefs/pref_service.h"
  12 #include "base/strings/string_util.h"
  13 #include "chrome/browser/browser_process.h"
  14 #include "chrome/browser/profiles/profile.h"
  15 #include "chrome/browser/profiles/profile_manager.h"
  16 #include "chrome/common/pref_names.h"
  17 #include "components/os_crypt/os_crypt.h"
  18 #include "components/pref_registry/pref_registry_syncable.h"
  19 #include "crypto/random.h"
  20 #include "crypto/secure_util.h"
  21 #include "crypto/symmetric_key.h"
  22
  23 namespace {
  24
  25 // WARNING: Changing these values will make it impossible to do off-line
  26 // authentication until the next successful on-line authentication.  To change
  27 // these safely, change the "encoding" version below and make verification
  28 // handle multiple values.
  29 const char kHash1Encoding = '1';
  30 const unsigned kHash1Bits = 256;
  31 const unsigned kHash1Bytes = kHash1Bits / 8;
  32 const unsigned kHash1IterationCount = 100000;
  33
  34 std::string CreateSecurePasswordHash(const std::string& salt,
  35                                      const std::string& password,
  36                                      char encoding) {
  37   DCHECK_EQ(kHash1Bytes, salt.length());
  38   DCHECK_EQ(kHash1Encoding, encoding);  // Currently support only one method.
  39
  40   base::Time start_time = base::Time::Now();
  41
  42   // Library call to create secure password hash as SymmetricKey (uses PBKDF2).
  43   scoped_ptr<crypto::SymmetricKey> password_key(
  44       crypto::SymmetricKey::DeriveKeyFromPassword(
  45           crypto::SymmetricKey::AES,
  46           password, salt,
  47           kHash1IterationCount, kHash1Bits));
  48   std::string password_hash;
  49   const bool success = password_key->GetRawKey(&password_hash);
  50   DCHECK(success);
  51   DCHECK_EQ(kHash1Bytes, password_hash.length());
  52
  53   UMA_HISTOGRAM_TIMES("PasswordHash.CreateTime",
  54                       base::Time::Now() - start_time);
  55
  56   return password_hash;
  57 }
  58
  59 std::string EncodePasswordHashRecord(const std::string& record,
  60                                      char encoding) {
  61   DCHECK_EQ(kHash1Encoding, encoding);  // Currently support only one method.
  62
  63   // Encrypt the hash using the OS account-password protection (if available).
  64   std::string encoded;
  65   const bool success = OSCrypt::EncryptString(record, &encoded);
  66   DCHECK(success);
  67
  68   // Convert binary record to text for preference database.
  69   std::string encoded64;
  70   base::Base64Encode(encoded, &encoded64);
  71
  72   // Stuff the "encoding" value into the first byte.
  73   encoded64.insert(0, &encoding, sizeof(encoding));
  74
  75   return encoded64;
  76 }
  77
  78 bool DecodePasswordHashRecord(const std::string& encoded,
  79                               std::string* decoded,
  80                               char* encoding) {
  81   // Extract the "encoding" value from the first byte and validate.
  82   if (encoded.length() < 1)
  83     return false;
  84   *encoding = encoded[0];
  85   if (*encoding != kHash1Encoding)
  86     return false;
  87
  88   // Stored record is base64; convert to binary.
  89   std::string unbase64;
  90   if (!base::Base64Decode(encoded.substr(1), &unbase64))
  91     return false;
  92
  93   // Decrypt the record using the OS account-password protection (if available).
  94   return OSCrypt::DecryptString(unbase64, decoded);
  95 }
  96
  97 }  // namespace
  98
  99 namespace chrome {
 100
 101 void RegisterLocalAuthPrefs(user_prefs::PrefRegistrySyncable* registry) {
 102   registry->RegisterStringPref(
 103       prefs::kGoogleServicesPasswordHash,
 104       std::string(),
 105       user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
 106 }
 107
 108 void SetLocalAuthCredentials(size_t info_index,
 109                              const std::string& password) {
 110   DCHECK(password.length());
 111
 112   // Salt should be random data, as long as the hash length, and different with
 113   // every save.
 114   std::string salt_str;
 115   crypto::RandBytes(WriteInto(&salt_str, kHash1Bytes + 1), kHash1Bytes);
 116   DCHECK_EQ(kHash1Bytes, salt_str.length());
 117
 118   // Perform secure hash of password for storage.
 119   std::string password_hash = CreateSecurePasswordHash(
 120       salt_str, password, kHash1Encoding);
 121   DCHECK_EQ(kHash1Bytes, password_hash.length());
 122
 123   // Group all fields into a single record for storage;
 124   std::string record;
 125   record.append(salt_str);
 126   record.append(password_hash);
 127
 128   // Encode it and store it.
 129   std::string encoded = EncodePasswordHashRecord(record, kHash1Encoding);
 130   ProfileInfoCache& info =
 131       g_browser_process->profile_manager()->GetProfileInfoCache();
 132   info.SetLocalAuthCredentialsOfProfileAtIndex(info_index, encoded);
 133 }
 134
 135 void SetLocalAuthCredentials(const Profile* profile,
 136                              const std::string& password) {
 137   DCHECK(profile);
 138
 139   ProfileInfoCache& info =
 140       g_browser_process->profile_manager()->GetProfileInfoCache();
 141   size_t info_index = info.GetIndexOfProfileWithPath(profile->GetPath());
 142   if (info_index == std::string::npos) {
 143     NOTREACHED();
 144     return;
 145   }
 146   SetLocalAuthCredentials(info_index, password);
 147 }
 148
 149 bool ValidateLocalAuthCredentials(size_t info_index,
 150                                   const std::string& password) {
 151   std::string record;
 152   char encoding;
 153
 154   ProfileInfoCache& info =
 155       g_browser_process->profile_manager()->GetProfileInfoCache();
 156
 157   std::string encodedhash =
 158       info.GetLocalAuthCredentialsOfProfileAtIndex(info_index);
 159   if (encodedhash.length() == 0 && password.length() == 0)
 160     return true;
 161   if (!DecodePasswordHashRecord(encodedhash, &record, &encoding))
 162     return false;
 163
 164   std::string password_hash;
 165   const char* password_saved;
 166   const char* password_check;
 167   size_t password_length;
 168
 169   if (encoding == '1') {
 170     // Validate correct length; extract salt and password hash.
 171     if (record.length() != 2 * kHash1Bytes)
 172       return false;
 173     std::string salt_str(record.data(), kHash1Bytes);
 174     password_saved = record.data() + kHash1Bytes;
 175     password_hash = CreateSecurePasswordHash(salt_str, password, encoding);
 176     password_check = password_hash.data();
 177     password_length = kHash1Bytes;
 178   } else {
 179     // unknown encoding
 180     return false;
 181   }
 182
 183   return crypto::SecureMemEqual(password_saved, password_check,
 184                                 password_length);
 185 }
 186
 187 bool ValidateLocalAuthCredentials(const Profile* profile,
 188                                   const std::string& password) {
 189   DCHECK(profile);
 190
 191   ProfileInfoCache& info =
 192       g_browser_process->profile_manager()->GetProfileInfoCache();
 193   size_t info_index = info.GetIndexOfProfileWithPath(profile->GetPath());
 194   if (info_index == std::string::npos) {
 195     NOTREACHED();  // This should never happen but fail safely if it does.
 196     return false;
 197   }
 198   return ValidateLocalAuthCredentials(info_index, password);
 199 }
 200
 201 }  // namespace chrome