1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/signin/local_auth.h" 6 7 #include "base/base64.h" 8 #include "base/logging.h" 9 #include "base/memory/scoped_ptr.h" 10 #include "base/metrics/histogram.h" 11 #include "base/prefs/pref_service.h" 12 #include "base/strings/string_util.h" 13 #include "chrome/browser/browser_process.h" 14 #include "chrome/browser/profiles/profile.h" 15 #include "chrome/browser/profiles/profile_manager.h" 16 #include "chrome/common/pref_names.h" 17 #include "components/os_crypt/os_crypt.h" 18 #include "components/pref_registry/pref_registry_syncable.h" 19 #include "crypto/random.h" 20 #include "crypto/secure_util.h" 21 #include "crypto/symmetric_key.h" 22 23 namespace { 24 25 // WARNING: Changing these values will make it impossible to do off-line 26 // authentication until the next successful on-line authentication. To change 27 // these safely, change the "encoding" version below and make verification 28 // handle multiple values. 29 const char kHash1Encoding = '1'; 30 const unsigned kHash1Bits = 256; 31 const unsigned kHash1Bytes = kHash1Bits / 8; 32 const unsigned kHash1IterationCount = 100000; 33 34 std::string CreateSecurePasswordHash(const std::string& salt, 35 const std::string& password, 36 char encoding) { 37 DCHECK_EQ(kHash1Bytes, salt.length()); 38 DCHECK_EQ(kHash1Encoding, encoding); // Currently support only one method. 39 40 base::Time start_time = base::Time::Now(); 41 42 // Library call to create secure password hash as SymmetricKey (uses PBKDF2). 43 scoped_ptr<crypto::SymmetricKey> password_key( 44 crypto::SymmetricKey::DeriveKeyFromPassword( 45 crypto::SymmetricKey::AES, 46 password, salt, 47 kHash1IterationCount, kHash1Bits)); 48 std::string password_hash; 49 const bool success = password_key->GetRawKey(&password_hash); 50 DCHECK(success); 51 DCHECK_EQ(kHash1Bytes, password_hash.length()); 52 53 UMA_HISTOGRAM_TIMES("PasswordHash.CreateTime", 54 base::Time::Now() - start_time); 55 56 return password_hash; 57 } 58 59 std::string EncodePasswordHashRecord(const std::string& record, 60 char encoding) { 61 DCHECK_EQ(kHash1Encoding, encoding); // Currently support only one method. 62 63 // Encrypt the hash using the OS account-password protection (if available). 64 std::string encoded; 65 const bool success = OSCrypt::EncryptString(record, &encoded); 66 DCHECK(success); 67 68 // Convert binary record to text for preference database. 69 std::string encoded64; 70 base::Base64Encode(encoded, &encoded64); 71 72 // Stuff the "encoding" value into the first byte. 73 encoded64.insert(0, &encoding, sizeof(encoding)); 74 75 return encoded64; 76 } 77 78 bool DecodePasswordHashRecord(const std::string& encoded, 79 std::string* decoded, 80 char* encoding) { 81 // Extract the "encoding" value from the first byte and validate. 82 if (encoded.length() < 1) 83 return false; 84 *encoding = encoded[0]; 85 if (*encoding != kHash1Encoding) 86 return false; 87 88 // Stored record is base64; convert to binary. 89 std::string unbase64; 90 if (!base::Base64Decode(encoded.substr(1), &unbase64)) 91 return false; 92 93 // Decrypt the record using the OS account-password protection (if available). 94 return OSCrypt::DecryptString(unbase64, decoded); 95 } 96 97 } // namespace 98 99 namespace chrome { 100 101 void RegisterLocalAuthPrefs(user_prefs::PrefRegistrySyncable* registry) { 102 registry->RegisterStringPref( 103 prefs::kGoogleServicesPasswordHash, 104 std::string(), 105 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); 106 } 107 108 void SetLocalAuthCredentials(size_t info_index, 109 const std::string& password) { 110 DCHECK(password.length()); 111 112 // Salt should be random data, as long as the hash length, and different with 113 // every save. 114 std::string salt_str; 115 crypto::RandBytes(WriteInto(&salt_str, kHash1Bytes + 1), kHash1Bytes); 116 DCHECK_EQ(kHash1Bytes, salt_str.length()); 117 118 // Perform secure hash of password for storage. 119 std::string password_hash = CreateSecurePasswordHash( 120 salt_str, password, kHash1Encoding); 121 DCHECK_EQ(kHash1Bytes, password_hash.length()); 122 123 // Group all fields into a single record for storage; 124 std::string record; 125 record.append(salt_str); 126 record.append(password_hash); 127 128 // Encode it and store it. 129 std::string encoded = EncodePasswordHashRecord(record, kHash1Encoding); 130 ProfileInfoCache& info = 131 g_browser_process->profile_manager()->GetProfileInfoCache(); 132 info.SetLocalAuthCredentialsOfProfileAtIndex(info_index, encoded); 133 } 134 135 void SetLocalAuthCredentials(const Profile* profile, 136 const std::string& password) { 137 DCHECK(profile); 138 139 ProfileInfoCache& info = 140 g_browser_process->profile_manager()->GetProfileInfoCache(); 141 size_t info_index = info.GetIndexOfProfileWithPath(profile->GetPath()); 142 if (info_index == std::string::npos) { 143 NOTREACHED(); 144 return; 145 } 146 SetLocalAuthCredentials(info_index, password); 147 } 148 149 bool ValidateLocalAuthCredentials(size_t info_index, 150 const std::string& password) { 151 std::string record; 152 char encoding; 153 154 ProfileInfoCache& info = 155 g_browser_process->profile_manager()->GetProfileInfoCache(); 156 157 std::string encodedhash = 158 info.GetLocalAuthCredentialsOfProfileAtIndex(info_index); 159 if (encodedhash.length() == 0 && password.length() == 0) 160 return true; 161 if (!DecodePasswordHashRecord(encodedhash, &record, &encoding)) 162 return false; 163 164 std::string password_hash; 165 const char* password_saved; 166 const char* password_check; 167 size_t password_length; 168 169 if (encoding == '1') { 170 // Validate correct length; extract salt and password hash. 171 if (record.length() != 2 * kHash1Bytes) 172 return false; 173 std::string salt_str(record.data(), kHash1Bytes); 174 password_saved = record.data() + kHash1Bytes; 175 password_hash = CreateSecurePasswordHash(salt_str, password, encoding); 176 password_check = password_hash.data(); 177 password_length = kHash1Bytes; 178 } else { 179 // unknown encoding 180 return false; 181 } 182 183 return crypto::SecureMemEqual(password_saved, password_check, 184 password_length); 185 } 186 187 bool ValidateLocalAuthCredentials(const Profile* profile, 188 const std::string& password) { 189 DCHECK(profile); 190 191 ProfileInfoCache& info = 192 g_browser_process->profile_manager()->GetProfileInfoCache(); 193 size_t info_index = info.GetIndexOfProfileWithPath(profile->GetPath()); 194 if (info_index == std::string::npos) { 195 NOTREACHED(); // This should never happen but fail safely if it does. 196 return false; 197 } 198 return ValidateLocalAuthCredentials(info_index, password); 199 } 200 201 } // namespace chrome 202
