Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / net / cookie_store_util.cc
blobd3882ef9ef5b99482a2b1e2f5b4f664ec476c71e
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/net/cookie_store_util.h"
7 #include "base/lazy_instance.h"
8 #include "chrome/browser/browser_process.h"
9 #include "chrome/common/chrome_constants.h"
10 #include "chrome/common/chrome_switches.h"
11 #include "components/os_crypt/os_crypt.h"
12 #include "content/public/common/content_constants.h"
13 #include "extensions/common/constants.h"
14 #include "net/extras/sqlite/cookie_crypto_delegate.h"
16 namespace chrome_browser_net {
18 #if defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX)
19 namespace {
21 // Use the operating system's mechanisms to encrypt cookies before writing
22 // them to persistent store. Currently this only is done with desktop OS's
23 // because ChromeOS and Android already protect the entire profile contents.
24 class CookieOSCryptoDelegate : public net::CookieCryptoDelegate {
25 public:
26 bool ShouldEncrypt() override;
27 bool EncryptString(const std::string& plaintext,
28 std::string* ciphertext) override;
29 bool DecryptString(const std::string& ciphertext,
30 std::string* plaintext) override;
33 bool CookieOSCryptoDelegate::ShouldEncrypt() {
34 #if defined(OS_IOS)
35 // Cookie encryption is not necessary on iOS, due to OS-protected storage.
36 // However, due to https://codereview.chromium.org/135183021/, cookies were
37 // accidentally encrypted. In order to allow these cookies to still be used,a
38 // a CookieCryptoDelegate is provided that can decrypt existing cookies.
39 // However, new cookies will not be encrypted. The alternatives considered
40 // were not supplying a delegate at all (thus invalidating all existing
41 // encrypted cookies) or in migrating all cookies at once, which may impose
42 // startup costs. Eventually, all cookies will get migrated as they are
43 // rewritten.
44 return false;
45 #else
46 return true;
47 #endif
50 bool CookieOSCryptoDelegate::EncryptString(const std::string& plaintext,
51 std::string* ciphertext) {
52 return OSCrypt::EncryptString(plaintext, ciphertext);
55 bool CookieOSCryptoDelegate::DecryptString(const std::string& ciphertext,
56 std::string* plaintext) {
57 return OSCrypt::DecryptString(ciphertext, plaintext);
60 // Using a LazyInstance is safe here because this class is stateless and
61 // requires 0 initialization.
62 base::LazyInstance<CookieOSCryptoDelegate> g_cookie_crypto_delegate =
63 LAZY_INSTANCE_INITIALIZER;
65 } // namespace
67 net::CookieCryptoDelegate* GetCookieCryptoDelegate() {
68 return g_cookie_crypto_delegate.Pointer();
70 #else // defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX)
71 net::CookieCryptoDelegate* GetCookieCryptoDelegate() {
72 return NULL;
74 #endif // defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX)
76 } // namespace chrome_browser_net