1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/prefs/pref_hash_calculator.h"
10 #include "base/json/json_string_value_serializer.h"
11 #include "base/logging.h"
12 #include "base/strings/string_number_conversions.h"
13 #include "base/strings/string_util.h"
14 #include "base/threading/thread_restrictions.h"
15 #include "base/values.h"
16 #include "chrome/browser/prefs/tracked/pref_hash_calculator_helper.h"
17 #include "crypto/hmac.h"
21 // Calculates an HMAC of |message| using |key|, encoded as a hexadecimal string.
22 std::string
GetDigestString(const std::string
& key
,
23 const std::string
& message
) {
24 crypto::HMAC
hmac(crypto::HMAC::SHA256
);
25 std::vector
<uint8
> digest(hmac
.DigestLength());
26 if (!hmac
.Init(key
) || !hmac
.Sign(message
, &digest
[0], digest
.size())) {
30 return base::HexEncode(&digest
[0], digest
.size());
33 // Verifies that |digest_string| is a valid HMAC of |message| using |key|.
34 // |digest_string| must be encoded as a hexadecimal string.
35 bool VerifyDigestString(const std::string
& key
,
36 const std::string
& message
,
37 const std::string
& digest_string
) {
38 crypto::HMAC
hmac(crypto::HMAC::SHA256
);
39 std::vector
<uint8
> digest
;
40 return base::HexStringToBytes(digest_string
, &digest
) &&
43 base::StringPiece(reinterpret_cast<char*>(&digest
[0]),
47 // Renders |value| as a string. |value| may be NULL, in which case the result
48 // is an empty string. This method can be expensive and its result should be
49 // re-used rather than recomputed where possible.
50 std::string
ValueAsString(const base::Value
* value
) {
51 // Dictionary values may contain empty lists and sub-dictionaries. Make a
52 // deep copy with those removed to make the hash more stable.
53 const base::DictionaryValue
* dict_value
;
54 scoped_ptr
<base::DictionaryValue
> canonical_dict_value
;
55 if (value
&& value
->GetAsDictionary(&dict_value
)) {
56 canonical_dict_value
.reset(dict_value
->DeepCopyWithoutEmptyChildren());
57 value
= canonical_dict_value
.get();
60 std::string value_as_string
;
62 JSONStringValueSerializer
serializer(&value_as_string
);
63 serializer
.Serialize(*value
);
66 return value_as_string
;
69 // Concatenates |device_id|, |path|, and |value_as_string| to give the hash
71 std::string
GetMessage(const std::string
& device_id
,
72 const std::string
& path
,
73 const std::string
& value_as_string
) {
75 message
.reserve(device_id
.size() + path
.size() + value_as_string
.size());
76 message
.append(device_id
);
78 message
.append(value_as_string
);
82 // Generates a device ID based on the input device ID. The derived device ID has
83 // no useful properties beyond those of the input device ID except that it is
84 // consistent with previous implementations.
85 std::string
GenerateDeviceIdLikePrefMetricsServiceDid(
86 const std::string
& original_device_id
) {
87 if (original_device_id
.empty())
89 return StringToLowerASCII(
90 GetDigestString(original_device_id
, "PrefMetricsService"));
95 PrefHashCalculator::PrefHashCalculator(const std::string
& seed
,
96 const std::string
& device_id
)
98 device_id_(GenerateDeviceIdLikePrefMetricsServiceDid(device_id
)),
99 raw_device_id_(device_id
),
100 get_legacy_device_id_callback_(base::Bind(&GetLegacyDeviceId
)) {}
102 PrefHashCalculator::PrefHashCalculator(
103 const std::string
& seed
,
104 const std::string
& device_id
,
105 const GetLegacyDeviceIdCallback
& get_legacy_device_id_callback
)
107 device_id_(GenerateDeviceIdLikePrefMetricsServiceDid(device_id
)),
108 raw_device_id_(device_id
),
109 get_legacy_device_id_callback_(get_legacy_device_id_callback
) {}
111 PrefHashCalculator::~PrefHashCalculator() {}
113 std::string
PrefHashCalculator::Calculate(const std::string
& path
,
114 const base::Value
* value
) const {
115 return GetDigestString(seed_
,
116 GetMessage(device_id_
, path
, ValueAsString(value
)));
119 PrefHashCalculator::ValidationResult
PrefHashCalculator::Validate(
120 const std::string
& path
,
121 const base::Value
* value
,
122 const std::string
& digest_string
) const {
123 const std::string
value_as_string(ValueAsString(value
));
124 if (VerifyDigestString(seed_
, GetMessage(device_id_
, path
, value_as_string
),
128 if (VerifyDigestString(seed_
,
129 GetMessage(RetrieveLegacyDeviceId(), path
,
132 return VALID_SECURE_LEGACY
;
134 if (VerifyDigestString(seed_
, value_as_string
, digest_string
))
135 return VALID_WEAK_LEGACY
;
139 std::string
PrefHashCalculator::RetrieveLegacyDeviceId() const {
140 if (!legacy_device_id_instance_
) {
141 // Allow IO on this thread to retrieve the legacy device ID. The result of
142 // this operation is stored in |legacy_device_id_instance_| and will thus
143 // only happen at most once per PrefHashCalculator. This is not ideal, but
144 // this value is required synchronously to be able to continue loading prefs
145 // for this profile. This profile should then be migrated to a modern device
146 // ID and subsequent loads of this profile shouldn't need to run this code
148 // TODO(gab): Remove this when the legacy device ID (M33) becomes
150 base::ThreadRestrictions::ScopedAllowIO allow_io
;
151 legacy_device_id_instance_
.reset(
152 new std::string(GenerateDeviceIdLikePrefMetricsServiceDid(
153 get_legacy_device_id_callback_
.Run(raw_device_id_
))));
155 return *legacy_device_id_instance_
;
