1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chrome/browser/signin/local_auth.h"
6
7#include "base/base64.h"
8#include "base/logging.h"
9#include "base/memory/scoped_ptr.h"
10#include "base/metrics/histogram.h"
11#include "base/prefs/pref_service.h"
12#include "base/strings/string_util.h"
13#include "chrome/browser/browser_process.h"
14#include "chrome/browser/profiles/profile.h"
15#include "chrome/browser/profiles/profile_manager.h"
16#include "chrome/common/pref_names.h"
17#include "components/os_crypt/os_crypt.h"
18#include "components/pref_registry/pref_registry_syncable.h"
19#include "crypto/random.h"
20#include "crypto/secure_util.h"
21#include "crypto/symmetric_key.h"
22
23namespace {
24
25// WARNING: Changing these values will make it impossible to do off-line
26// authentication until the next successful on-line authentication.  To change
27// these safely, change the "encoding" version below and make verification
28// handle multiple values.
29const char kHash1Encoding = '1';
30const unsigned kHash1Bits = 256;
31const unsigned kHash1Bytes = kHash1Bits / 8;
32const unsigned kHash1IterationCount = 100000;
33
34std::string CreateSecurePasswordHash(const std::string& salt,
35                                     const std::string& password,
36                                     char encoding) {
37  DCHECK_EQ(kHash1Bytes, salt.length());
38  DCHECK_EQ(kHash1Encoding, encoding);  // Currently support only one method.
39
40  base::Time start_time = base::Time::Now();
41
42  // Library call to create secure password hash as SymmetricKey (uses PBKDF2).
43  scoped_ptr<crypto::SymmetricKey> password_key(
44      crypto::SymmetricKey::DeriveKeyFromPassword(
45          crypto::SymmetricKey::AES,
46          password, salt,
47          kHash1IterationCount, kHash1Bits));
48  std::string password_hash;
49  const bool success = password_key->GetRawKey(&password_hash);
50  DCHECK(success);
51  DCHECK_EQ(kHash1Bytes, password_hash.length());
52
53  UMA_HISTOGRAM_TIMES("PasswordHash.CreateTime",
54                      base::Time::Now() - start_time);
55
56  return password_hash;
57}
58
59std::string EncodePasswordHashRecord(const std::string& record,
60                                     char encoding) {
61  DCHECK_EQ(kHash1Encoding, encoding);  // Currently support only one method.
62
63  // Encrypt the hash using the OS account-password protection (if available).
64  std::string encoded;
65  const bool success = OSCrypt::EncryptString(record, &encoded);
66  DCHECK(success);
67
68  // Convert binary record to text for preference database.
69  std::string encoded64;
70  base::Base64Encode(encoded, &encoded64);
71
72  // Stuff the "encoding" value into the first byte.
73  encoded64.insert(0, &encoding, sizeof(encoding));
74
75  return encoded64;
76}
77
78bool DecodePasswordHashRecord(const std::string& encoded,
79                              std::string* decoded,
80                              char* encoding) {
81  // Extract the "encoding" value from the first byte and validate.
82  if (encoded.length() < 1)
83    return false;
84  *encoding = encoded[0];
85  if (*encoding != kHash1Encoding)
86    return false;
87
88  // Stored record is base64; convert to binary.
89  std::string unbase64;
90  if (!base::Base64Decode(encoded.substr(1), &unbase64))
91    return false;
92
93  // Decrypt the record using the OS account-password protection (if available).
94  return OSCrypt::DecryptString(unbase64, decoded);
95}
96
97size_t GetProfileInfoIndexOfProfile(const Profile* profile) {
98  DCHECK(profile);
99
100  ProfileInfoCache& info =
101      g_browser_process->profile_manager()->GetProfileInfoCache();
102  return info.GetIndexOfProfileWithPath(profile->GetPath());
103}
104
105}  // namespace
106
107namespace chrome {
108
109void RegisterLocalAuthPrefs(user_prefs::PrefRegistrySyncable* registry) {
110  registry->RegisterStringPref(
111      prefs::kGoogleServicesPasswordHash,
112      std::string(),
113      user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
114}
115
116void SetLocalAuthCredentials(size_t info_index,
117                             const std::string& password) {
118  if (info_index == std::string::npos) {
119    NOTREACHED();
120    return;
121  }
122  DCHECK(password.length());
123
124  // Salt should be random data, as long as the hash length, and different with
125  // every save.
126  std::string salt_str;
127  crypto::RandBytes(WriteInto(&salt_str, kHash1Bytes + 1), kHash1Bytes);
128  DCHECK_EQ(kHash1Bytes, salt_str.length());
129
130  // Perform secure hash of password for storage.
131  std::string password_hash = CreateSecurePasswordHash(
132      salt_str, password, kHash1Encoding);
133  DCHECK_EQ(kHash1Bytes, password_hash.length());
134
135  // Group all fields into a single record for storage;
136  std::string record;
137  record.append(salt_str);
138  record.append(password_hash);
139
140  // Encode it and store it.
141  std::string encoded = EncodePasswordHashRecord(record, kHash1Encoding);
142  ProfileInfoCache& info =
143      g_browser_process->profile_manager()->GetProfileInfoCache();
144  info.SetLocalAuthCredentialsOfProfileAtIndex(info_index, encoded);
145}
146
147void SetLocalAuthCredentials(const Profile* profile,
148                             const std::string& password) {
149  SetLocalAuthCredentials(GetProfileInfoIndexOfProfile(profile), password);
150}
151
152bool ValidateLocalAuthCredentials(size_t info_index,
153                                  const std::string& password) {
154  if (info_index == std::string::npos) {
155    NOTREACHED();
156    return false;
157  }
158
159  std::string record;
160  char encoding;
161
162  ProfileInfoCache& info =
163      g_browser_process->profile_manager()->GetProfileInfoCache();
164
165  std::string encodedhash =
166      info.GetLocalAuthCredentialsOfProfileAtIndex(info_index);
167  if (encodedhash.length() == 0 && password.length() == 0)
168    return true;
169  if (!DecodePasswordHashRecord(encodedhash, &record, &encoding))
170    return false;
171
172  std::string password_hash;
173  const char* password_saved;
174  const char* password_check;
175  size_t password_length;
176
177  if (encoding == '1') {
178    // Validate correct length; extract salt and password hash.
179    if (record.length() != 2 * kHash1Bytes)
180      return false;
181    std::string salt_str(record.data(), kHash1Bytes);
182    password_saved = record.data() + kHash1Bytes;
183    password_hash = CreateSecurePasswordHash(salt_str, password, encoding);
184    password_check = password_hash.data();
185    password_length = kHash1Bytes;
186  } else {
187    // unknown encoding
188    return false;
189  }
190
191  return crypto::SecureMemEqual(password_saved, password_check,
192                                password_length);
193}
194
195bool ValidateLocalAuthCredentials(const Profile* profile,
196                                  const std::string& password) {
197  return ValidateLocalAuthCredentials(GetProfileInfoIndexOfProfile(profile),
198                                      password);
199}
200
201}  // namespace chrome
202