chrome/browser/password_manager/password_store_mac_internal.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_STORE_MAC_INTERNAL_H_
   6 #define CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_STORE_MAC_INTERNAL_H_
   7
   8 #include <Security/Security.h>
   9
  10 #include <string>
  11 #include <vector>
  12
  13 #include "base/memory/scoped_vector.h"
  14 #include "components/autofill/core/common/password_form.h"
  15 #include "crypto/apple_keychain.h"
  16
  17 using crypto::AppleKeychain;
  18
  19 // Adapter that wraps a AppleKeychain and provides interaction in terms of
  20 // PasswordForms instead of Keychain items.
  21 class MacKeychainPasswordFormAdapter {
  22  public:
  23   // Creates an adapter for |keychain|. This class does not take ownership of
  24   // |keychain|, so the caller must make sure that the keychain outlives the
  25   // created object.
  26   explicit MacKeychainPasswordFormAdapter(const AppleKeychain* keychain);
  27
  28   // Returns all keychain entries matching |signon_realm| and |scheme|.
  29   ScopedVector<autofill::PasswordForm> PasswordsFillingForm(
  30       const std::string& signon_realm,
  31       autofill::PasswordForm::Scheme scheme);
  32
  33   // Returns true if there is the Keychain entry that matches |query_form| on
  34   // all of the fields that uniquely identify a Keychain item.
  35   bool HasPasswordExactlyMatchingForm(const autofill::PasswordForm& query_form);
  36
  37   // Returns true if the keychain contains any items that are mergeable with
  38   // |query_form|. This is different from actually extracting the passwords
  39   // and checking the return count, since doing that would require reading the
  40   // passwords from the keychain, thus potentially triggering authorizaiton UI,
  41   // whereas this won't.
  42   bool HasPasswordsMergeableWithForm(
  43       const autofill::PasswordForm& query_form);
  44
  45   // Returns all keychain items of types corresponding to password forms.
  46   std::vector<SecKeychainItemRef> GetAllPasswordFormKeychainItems();
  47
  48   // Returns all keychain entries corresponding to password forms.
  49   // TODO(vabr): This is only used in tests, should be moved there.
  50   ScopedVector<autofill::PasswordForm> GetAllPasswordFormPasswords();
  51
  52   // Creates a new keychain entry from |form|, or updates the password of an
  53   // existing keychain entry if there is a collision. Returns true if a keychain
  54   // entry was successfully added/updated.
  55   bool AddPassword(const autofill::PasswordForm& form);
  56
  57   // Removes the keychain password matching |form| if any. Returns true if a
  58   // keychain item was found and successfully removed.
  59   bool RemovePassword(const autofill::PasswordForm& form);
  60
  61   // Controls whether or not Chrome will restrict Keychain searches to items
  62   // that it created. Defaults to false.
  63   void SetFindsOnlyOwnedItems(bool finds_only_owned);
  64
  65  private:
  66   // Returns PasswordForm instances transformed from |items|. Also calls
  67   // AppleKeychain::Free on all of the keychain items and clears |items|.
  68   ScopedVector<autofill::PasswordForm> ConvertKeychainItemsToForms(
  69       std::vector<SecKeychainItemRef>* items);
  70
  71   // Searches |keychain| for the specific keychain entry that corresponds to the
  72   // given form, and returns it (or NULL if no match is found). The caller is
  73   // responsible for calling AppleKeychain::Free on on the returned item.
  74   SecKeychainItemRef KeychainItemForForm(
  75       const autofill::PasswordForm& form);
  76
  77   // Returns the Keychain items matching the given signon_realm, scheme, and
  78   // optionally path and username (either of both can be NULL).
  79   // The caller is responsible for calling AppleKeychain::Free on the
  80   // returned items.
  81   std::vector<SecKeychainItemRef> MatchingKeychainItems(
  82       const std::string& signon_realm,
  83       autofill::PasswordForm::Scheme scheme,
  84       const char* path,
  85       const char* username);
  86
  87   // Returns the Keychain SecAuthenticationType type corresponding to |scheme|.
  88   SecAuthenticationType AuthTypeForScheme(
  89       autofill::PasswordForm::Scheme scheme);
  90
  91   // Changes the password for keychain_item to |password|; returns true if the
  92   // password was successfully changed.
  93   bool SetKeychainItemPassword(const SecKeychainItemRef& keychain_item,
  94                                const std::string& password);
  95
  96   // Sets the creator code of keychain_item to creator_code; returns true if the
  97   // creator code was successfully set.
  98   bool SetKeychainItemCreatorCode(const SecKeychainItemRef& keychain_item,
  99                                   OSType creator_code);
 100
 101   // Returns the creator code to be used for a Keychain search, depending on
 102   // whether this object was instructed to search only for items it created.
 103   // If searches should be restricted in this way, the application-specific
 104   // creator code will be returned. Otherwise, 0 will be returned, indicating
 105   // a search of all items, regardless of creator.
 106   OSType CreatorCodeForSearch();
 107
 108   const AppleKeychain* keychain_;
 109
 110   // If true, Keychain searches are restricted to items created by Chrome.
 111   bool finds_only_owned_;
 112
 113   DISALLOW_COPY_AND_ASSIGN(MacKeychainPasswordFormAdapter);
 114 };
 115
 116 namespace internal_keychain_helpers {
 117
 118 // Pair of pointers to a SecKeychainItemRef and a corresponding PasswordForm.
 119 typedef std::pair<SecKeychainItemRef*, autofill::PasswordForm*> ItemFormPair;
 120
 121 // Sets the fields of |form| based on the keychain data from |keychain_item|.
 122 // Fields that can't be determined from |keychain_item| will be unchanged. If
 123 // |extract_password_data| is true, the password data will be copied from
 124 // |keychain_item| in addition to its attributes, and the |blacklisted_by_user|
 125 // field will be set to true for empty passwords ("" or " ").
 126 // If |extract_password_data| is false, only the password attributes will be
 127 // copied, and the |blacklisted_by_user| field will always be false.
 128 //
 129 // IMPORTANT: If |extract_password_data| is true, this function can cause the OS
 130 // to trigger UI (to allow access to the keychain item if we aren't trusted for
 131 // the item), and block until the UI is dismissed.
 132 //
 133 // If excessive prompting for access to other applications' keychain items
 134 // becomes an issue, the password storage API will need to intially call this
 135 // function with |extract_password_data| set to false, and retrieve the password
 136 // later (accessing other fields doesn't require authorization).
 137 bool FillPasswordFormFromKeychainItem(const AppleKeychain& keychain,
 138                                       const SecKeychainItemRef& keychain_item,
 139                                       autofill::PasswordForm* form,
 140                                       bool extract_password_data);
 141
 142 // Use FormMatchStrictness to configure which forms are considered a match by
 143 // FormsMatchForMerge:
 144 enum FormMatchStrictness {
 145   STRICT_FORM_MATCH,  // Match only forms with the same scheme, signon realm and
 146                       // username value.
 147   FUZZY_FORM_MATCH,   // Also match cases where the first form's
 148                       // original_signon_realm is nonempty and matches the
 149                       // second form's signon_realm.
 150 };
 151
 152 // Returns true if the two given forms are suitable for merging (see
 153 // MergePasswordForms).
 154 bool FormsMatchForMerge(const autofill::PasswordForm& form_a,
 155                         const autofill::PasswordForm& form_b,
 156                         FormMatchStrictness strictness);
 157
 158 // Populates merged_forms by combining the password data from keychain_forms and
 159 // the metadata from database_forms, removing used entries from the two source
 160 // lists.
 161 //
 162 // On return, database_forms and keychain_forms will have only unused
 163 // entries; for database_forms that means entries for which no corresponding
 164 // password can be found (and which aren't blacklist entries), and for
 165 // keychain_forms its entries that weren't merged into at least one database
 166 // form.
 167 void MergePasswordForms(ScopedVector<autofill::PasswordForm>* keychain_forms,
 168                         ScopedVector<autofill::PasswordForm>* database_forms,
 169                         ScopedVector<autofill::PasswordForm>* merged_forms);
 170
 171 // For every form in |database_forms|, if such a form has a corresponding entry
 172 // in |keychain|, this adds the password from the entry and moves that form from
 173 // |database_forms| into |passwords|.
 174 void GetPasswordsForForms(const AppleKeychain& keychain,
 175                           ScopedVector<autofill::PasswordForm>* database_forms,
 176                           ScopedVector<autofill::PasswordForm>* passwords);
 177
 178 // Loads all items in the system keychain into |keychain_items|, creates for
 179 // each keychain item a corresponding PasswordForm that doesn't contain any
 180 // password data, and returns the two collections as a vector of ItemFormPairs.
 181 // Used by GetPasswordsForForms for optimized matching of keychain items with
 182 // PasswordForms in the database.
 183 // Note: Since no password data is loaded here, the resulting PasswordForms
 184 // will include blacklist entries, which will have to be filtered out later.
 185 // Caller owns the SecKeychainItemRefs and PasswordForms that are returned.
 186 // This operation does not require OS authorization.
 187 std::vector<ItemFormPair> ExtractAllKeychainItemAttributesIntoPasswordForms(
 188     std::vector<SecKeychainItemRef>* keychain_items,
 189     const AppleKeychain& keychain);
 190
 191 // Takes a PasswordForm's signon_realm and parses it into its component parts,
 192 // which are returned though the appropriate out parameters.
 193 // Returns true if it can be successfully parsed, in which case all out params
 194 // that are non-NULL will be set. If there is no port, port will be 0.
 195 // If the return value is false, the state of the out params is undefined.
 196 bool ExtractSignonRealmComponents(const std::string& signon_realm,
 197                                   std::string* server,
 198                                   UInt32* port,
 199                                   bool* is_secure,
 200                                   std::string* security_domain);
 201
 202 // Returns true if the signon_realm of |query_form| can be successfully parsed
 203 // by ExtractSignonRealmComponents, and if |query_form| matches |other_form|.
 204 bool FormIsValidAndMatchesOtherForm(const autofill::PasswordForm& query_form,
 205                                     const autofill::PasswordForm& other_form);
 206
 207 // Returns PasswordForm instances populated with password data for each keychain
 208 // entry in |item_form_pairs| that could be merged with |query_form|.
 209 ScopedVector<autofill::PasswordForm> ExtractPasswordsMergeableWithForm(
 210     const AppleKeychain& keychain,
 211     const std::vector<ItemFormPair>& item_form_pairs,
 212     const autofill::PasswordForm& query_form);
 213
 214 }  // namespace internal_keychain_helpers
 215
 216 #endif  // CHROME_BROWSER_PASSWORD_MANAGER_PASSWORD_STORE_MAC_INTERNAL_H_