chrome/browser/password_manager/password_manager_util_win.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 // windows.h must be first otherwise Win8 SDK breaks.
   6 #include <windows.h>
   7 #include <wincred.h>
   8 #include <LM.h>
   9
  10 // SECURITY_WIN32 must be defined in order to get
  11 // EXTENDED_NAME_FORMAT enumeration.
  12 #define SECURITY_WIN32 1
  13 #include <security.h>
  14 #undef SECURITY_WIN32
  15
  16 #include "chrome/browser/password_manager/password_manager_util.h"
  17
  18 #include "base/prefs/pref_registry_simple.h"
  19 #include "base/prefs/pref_service.h"
  20 #include "base/strings/utf_string_conversions.h"
  21 #include "base/time/time.h"
  22 #include "chrome/browser/browser_process.h"
  23 #include "chrome/browser/password_manager/password_manager.h"
  24 #include "chrome/common/pref_names.h"
  25 #include "content/public/browser/render_view_host.h"
  26 #include "content/public/browser/render_widget_host_view.h"
  27 #include "grit/chromium_strings.h"
  28 #include "grit/generated_resources.h"
  29 #include "ui/base/l10n/l10n_util.h"
  30
  31 #if defined(USE_AURA)
  32 #include "ui/aura/root_window.h"
  33 #include "ui/aura/window.h"
  34 #endif
  35
  36 // static
  37 void PasswordManager::RegisterLocalPrefs(PrefRegistrySimple* registry) {
  38   registry->RegisterInt64Pref(prefs::kOsPasswordLastChanged, 0);
  39   registry->RegisterBooleanPref(prefs::kOsPasswordBlank, false);
  40 }
  41
  42 namespace password_manager_util {
  43
  44 const unsigned kMaxPasswordRetries = 3;
  45
  46 const unsigned kCredUiDefaultFlags =
  47     CREDUI_FLAGS_GENERIC_CREDENTIALS |
  48     CREDUI_FLAGS_EXCLUDE_CERTIFICATES |
  49     CREDUI_FLAGS_KEEP_USERNAME |
  50     CREDUI_FLAGS_ALWAYS_SHOW_UI |
  51     CREDUI_FLAGS_DO_NOT_PERSIST;
  52
  53 static int64 GetPasswordLastChanged(WCHAR* username) {
  54   LPUSER_INFO_1 user_info = NULL;
  55   DWORD age = 0;
  56
  57   NET_API_STATUS ret = NetUserGetInfo(NULL, username, 1, (LPBYTE*) &user_info);
  58
  59   if (ret == NERR_Success) {
  60     // Returns seconds since last password change.
  61     age = user_info->usri1_password_age;
  62     NetApiBufferFree(user_info);
  63   } else {
  64     return -1;
  65   }
  66
  67   base::Time changed = base::Time::Now() - base::TimeDelta::FromSeconds(age);
  68
  69   return changed.ToInternalValue();
  70 }
  71
  72 static bool CheckBlankPassword(WCHAR* username) {
  73   PrefService* local_state = g_browser_process->local_state();
  74   int64 last_changed = GetPasswordLastChanged(username);
  75   bool need_recheck = true;
  76   bool blank_password = false;
  77
  78   // If we cannot determine when the password was last changed
  79   // then assume the password is not blank
  80   if (last_changed == -1)
  81     return false;
  82
  83   blank_password = local_state->GetBoolean(prefs::kOsPasswordBlank);
  84   int64 pref_last_changed =
  85       local_state->GetInt64(prefs::kOsPasswordLastChanged);
  86   if (pref_last_changed > 0 && last_changed <= pref_last_changed) {
  87     need_recheck = false;
  88   }
  89
  90   if (need_recheck) {
  91     HANDLE handle = INVALID_HANDLE_VALUE;
  92
  93     // Attempt to login using blank password.
  94     DWORD logon_result = LogonUser(username,
  95                                    L".",
  96                                    L"",
  97                                    LOGON32_LOGON_NETWORK,
  98                                    LOGON32_PROVIDER_DEFAULT,
  99                                    &handle);
 100
 101     // Win XP and later return ERROR_ACCOUNT_RESTRICTION for blank password.
 102     if (logon_result)
 103       CloseHandle(handle);
 104
 105     // In the case the password is blank, then LogonUser returns a failure,
 106     // handle is INVALID_HANDLE_VALUE, and GetLastError() is
 107     // ERROR_ACCOUNT_RESTRICTION.
 108     // http://msdn.microsoft.com/en-us/library/windows/desktop/ms681385
 109     blank_password = (logon_result ||
 110                       GetLastError() == ERROR_ACCOUNT_RESTRICTION);
 111   }
 112
 113   // Account for clock skew between pulling the password age and
 114   // writing to the preferences by adding a small skew factor here.
 115   last_changed += base::Time::kMicrosecondsPerSecond;
 116
 117   // Save the blank password status for later.
 118   local_state->SetBoolean(prefs::kOsPasswordBlank, blank_password);
 119   local_state->SetInt64(prefs::kOsPasswordLastChanged, last_changed);
 120
 121   return blank_password;
 122 }
 123
 124 OsPasswordStatus GetOsPasswordStatus() {
 125   DWORD username_length = CREDUI_MAX_USERNAME_LENGTH;
 126   WCHAR username[CREDUI_MAX_USERNAME_LENGTH+1] = {};
 127   OsPasswordStatus retVal = PASSWORD_STATUS_UNKNOWN;
 128
 129   if (GetUserNameEx(NameUserPrincipal, username, &username_length)) {
 130     // If we are on a domain, it is almost certain that the password is not
 131     // blank, but we do not actively check any further than this to avoid any
 132     // failed login attempts hitting the domain controller.
 133     retVal = PASSWORD_STATUS_WIN_DOMAIN;
 134   } else {
 135     username_length = CREDUI_MAX_USERNAME_LENGTH;
 136     if (GetUserName(username, &username_length)) {
 137       retVal = CheckBlankPassword(username) ? PASSWORD_STATUS_BLANK :
 138           PASSWORD_STATUS_NONBLANK;
 139     }
 140   }
 141
 142   return retVal;
 143 }
 144
 145 bool AuthenticateUser(gfx::NativeWindow window) {
 146   bool retval = false;
 147   CREDUI_INFO cui = {};
 148   WCHAR username[CREDUI_MAX_USERNAME_LENGTH+1] = {};
 149   WCHAR displayname[CREDUI_MAX_USERNAME_LENGTH+1] = {};
 150   WCHAR password[CREDUI_MAX_PASSWORD_LENGTH+1] = {};
 151   DWORD username_length = CREDUI_MAX_USERNAME_LENGTH;
 152   std::wstring product_name =
 153       base::UTF16ToWide(l10n_util::GetStringUTF16(IDS_PRODUCT_NAME));
 154   std::wstring password_prompt =
 155       base::UTF16ToWide(l10n_util::GetStringUTF16(
 156                             IDS_PASSWORDS_PAGE_AUTHENTICATION_PROMPT));
 157   HANDLE handle = INVALID_HANDLE_VALUE;
 158   int tries = 0;
 159   bool use_displayname = false;
 160   bool use_principalname = false;
 161   DWORD logon_result = 0;
 162
 163   // On a domain, we obtain the User Principal Name
 164   // for domain authentication.
 165   if (GetUserNameEx(NameUserPrincipal, username, &username_length)) {
 166     use_principalname = true;
 167   } else {
 168     username_length = CREDUI_MAX_USERNAME_LENGTH;
 169     // Otherwise, we're a workstation, use the plain local username.
 170     if (!GetUserName(username, &username_length)) {
 171       DLOG(ERROR) << "Unable to obtain username " << GetLastError();
 172       return false;
 173     } else {
 174       // As we are on a workstation, it's possible the user
 175       // has no password, so check here.
 176       if (CheckBlankPassword(username))
 177         return true;
 178     }
 179   }
 180
 181   // Try and obtain a friendly display name.
 182   username_length = CREDUI_MAX_USERNAME_LENGTH;
 183   if (GetUserNameEx(NameDisplay, displayname, &username_length))
 184     use_displayname = true;
 185
 186   cui.cbSize = sizeof(CREDUI_INFO);
 187   cui.hwndParent = NULL;
 188 #if defined(USE_AURA)
 189   cui.hwndParent = window->GetDispatcher()->host()->GetAcceleratedWidget();
 190 #else
 191   cui.hwndParent = window;
 192 #endif
 193
 194   cui.pszMessageText = password_prompt.c_str();
 195   cui.pszCaptionText = product_name.c_str();
 196
 197   cui.hbmBanner = NULL;
 198   BOOL save_password = FALSE;
 199   DWORD credErr = NO_ERROR;
 200
 201   do {
 202     tries++;
 203
 204     // TODO(wfh) Make sure we support smart cards here.
 205     credErr = CredUIPromptForCredentials(
 206         &cui,
 207         product_name.c_str(),
 208         NULL,
 209         0,
 210         use_displayname ? displayname : username,
 211         CREDUI_MAX_USERNAME_LENGTH+1,
 212         password,
 213         CREDUI_MAX_PASSWORD_LENGTH+1,
 214         &save_password,
 215         kCredUiDefaultFlags |
 216         (tries > 1 ? CREDUI_FLAGS_INCORRECT_PASSWORD : 0));
 217
 218     if (credErr == NO_ERROR) {
 219       logon_result = LogonUser(username,
 220                                use_principalname ? NULL : L".",
 221                                password,
 222                                LOGON32_LOGON_NETWORK,
 223                                LOGON32_PROVIDER_DEFAULT,
 224                                &handle);
 225       if (logon_result) {
 226         retval = true;
 227         CloseHandle(handle);
 228       } else {
 229         if (GetLastError() == ERROR_ACCOUNT_RESTRICTION &&
 230             wcslen(password) == 0) {
 231           // Password is blank, so permit.
 232           retval = true;
 233         } else {
 234           DLOG(WARNING) << "Unable to authenticate " << GetLastError();
 235         }
 236       }
 237       SecureZeroMemory(password, sizeof(password));
 238     }
 239   } while (credErr == NO_ERROR &&
 240            (retval == false && tries < kMaxPasswordRetries));
 241   return retval;
 242 }
 243
 244 }  // namespace password_manager_util