1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/prefs/pref_hash_calculator.h" 6 7 #include <vector> 8 9 #include "base/bind.h" 10 #include "base/json/json_string_value_serializer.h" 11 #include "base/logging.h" 12 #include "base/strings/string_number_conversions.h" 13 #include "base/strings/string_util.h" 14 #include "base/threading/thread_restrictions.h" 15 #include "base/values.h" 16 #include "chrome/browser/prefs/tracked/pref_hash_calculator_helper.h" 17 #include "crypto/hmac.h" 18 19 namespace { 20 21 // Calculates an HMAC of |message| using |key|, encoded as a hexadecimal string. 22 std::string GetDigestString(const std::string& key, 23 const std::string& message) { 24 crypto::HMAC hmac(crypto::HMAC::SHA256); 25 std::vector<uint8> digest(hmac.DigestLength()); 26 if (!hmac.Init(key) || !hmac.Sign(message, &digest[0], digest.size())) { 27 NOTREACHED(); 28 return std::string(); 29 } 30 return base::HexEncode(&digest[0], digest.size()); 31 } 32 33 // Verifies that |digest_string| is a valid HMAC of |message| using |key|. 34 // |digest_string| must be encoded as a hexadecimal string. 35 bool VerifyDigestString(const std::string& key, 36 const std::string& message, 37 const std::string& digest_string) { 38 crypto::HMAC hmac(crypto::HMAC::SHA256); 39 std::vector<uint8> digest; 40 return base::HexStringToBytes(digest_string, &digest) && 41 hmac.Init(key) && 42 hmac.Verify(message, 43 base::StringPiece(reinterpret_cast<char*>(&digest[0]), 44 digest.size())); 45 } 46 47 // Renders |value| as a string. |value| may be NULL, in which case the result 48 // is an empty string. This method can be expensive and its result should be 49 // re-used rather than recomputed where possible. 50 std::string ValueAsString(const base::Value* value) { 51 // Dictionary values may contain empty lists and sub-dictionaries. Make a 52 // deep copy with those removed to make the hash more stable. 53 const base::DictionaryValue* dict_value; 54 scoped_ptr<base::DictionaryValue> canonical_dict_value; 55 if (value && value->GetAsDictionary(&dict_value)) { 56 canonical_dict_value.reset(dict_value->DeepCopyWithoutEmptyChildren()); 57 value = canonical_dict_value.get(); 58 } 59 60 std::string value_as_string; 61 if (value) { 62 JSONStringValueSerializer serializer(&value_as_string); 63 serializer.Serialize(*value); 64 } 65 66 return value_as_string; 67 } 68 69 // Concatenates |device_id|, |path|, and |value_as_string| to give the hash 70 // input. 71 std::string GetMessage(const std::string& device_id, 72 const std::string& path, 73 const std::string& value_as_string) { 74 std::string message; 75 message.reserve(device_id.size() + path.size() + value_as_string.size()); 76 message.append(device_id); 77 message.append(path); 78 message.append(value_as_string); 79 return message; 80 } 81 82 // Generates a device ID based on the input device ID. The derived device ID has 83 // no useful properties beyond those of the input device ID except that it is 84 // consistent with previous implementations. 85 std::string GenerateDeviceIdLikePrefMetricsServiceDid( 86 const std::string& original_device_id) { 87 if (original_device_id.empty()) 88 return std::string(); 89 return StringToLowerASCII( 90 GetDigestString(original_device_id, "PrefMetricsService")); 91 } 92 93 } // namespace 94 95 PrefHashCalculator::PrefHashCalculator(const std::string& seed, 96 const std::string& device_id) 97 : seed_(seed), 98 device_id_(GenerateDeviceIdLikePrefMetricsServiceDid(device_id)), 99 raw_device_id_(device_id), 100 get_legacy_device_id_callback_(base::Bind(&GetLegacyDeviceId)) {} 101 102 PrefHashCalculator::PrefHashCalculator( 103 const std::string& seed, 104 const std::string& device_id, 105 const GetLegacyDeviceIdCallback& get_legacy_device_id_callback) 106 : seed_(seed), 107 device_id_(GenerateDeviceIdLikePrefMetricsServiceDid(device_id)), 108 raw_device_id_(device_id), 109 get_legacy_device_id_callback_(get_legacy_device_id_callback) {} 110 111 PrefHashCalculator::~PrefHashCalculator() {} 112 113 std::string PrefHashCalculator::Calculate(const std::string& path, 114 const base::Value* value) const { 115 return GetDigestString(seed_, 116 GetMessage(device_id_, path, ValueAsString(value))); 117 } 118 119 PrefHashCalculator::ValidationResult PrefHashCalculator::Validate( 120 const std::string& path, 121 const base::Value* value, 122 const std::string& digest_string) const { 123 const std::string value_as_string(ValueAsString(value)); 124 if (VerifyDigestString(seed_, GetMessage(device_id_, path, value_as_string), 125 digest_string)) { 126 return VALID; 127 } 128 if (VerifyDigestString(seed_, 129 GetMessage(RetrieveLegacyDeviceId(), path, 130 value_as_string), 131 digest_string)) { 132 return VALID_SECURE_LEGACY; 133 } 134 if (VerifyDigestString(seed_, value_as_string, digest_string)) 135 return VALID_WEAK_LEGACY; 136 return INVALID; 137 } 138 139 std::string PrefHashCalculator::RetrieveLegacyDeviceId() const { 140 if (!legacy_device_id_instance_) { 141 // Allow IO on this thread to retrieve the legacy device ID. The result of 142 // this operation is stored in |legacy_device_id_instance_| and will thus 143 // only happen at most once per PrefHashCalculator. This is not ideal, but 144 // this value is required synchronously to be able to continue loading prefs 145 // for this profile. This profile should then be migrated to a modern device 146 // ID and subsequent loads of this profile shouldn't need to run this code 147 // ever again. 148 // TODO(gab): Remove this when the legacy device ID (M33) becomes 149 // irrelevant. 150 base::ThreadRestrictions::ScopedAllowIO allow_io; 151 legacy_device_id_instance_.reset( 152 new std::string(GenerateDeviceIdLikePrefMetricsServiceDid( 153 get_legacy_device_id_callback_.Run(raw_device_id_)))); 154 } 155 return *legacy_device_id_instance_; 156 } 157
