1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_LOGIN_DATABASE_H_
6#define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_LOGIN_DATABASE_H_
7
8#include <string>
9#include <vector>
10
11#include "base/files/file_path.h"
12#include "base/pickle.h"
13#include "base/strings/string16.h"
14#include "components/password_manager/core/browser/password_store_change.h"
15#include "components/password_manager/core/browser/psl_matching_helper.h"
16#include "sql/connection.h"
17#include "sql/meta_table.h"
18
19namespace password_manager {
20
21// Interface to the database storage of login information, intended as a helper
22// for PasswordStore on platforms that need internal storage of some or all of
23// the login information.
24class LoginDatabase {
25 public:
26  LoginDatabase();
27  virtual ~LoginDatabase();
28
29  // Initialize the database with an sqlite file at the given path.
30  // If false is returned, no other method should be called.
31  bool Init(const base::FilePath& db_path);
32
33  // Reports usage metrics to UMA.
34  void ReportMetrics(const std::string& sync_username);
35
36  // Adds |form| to the list of remembered password forms. Returns the list of
37  // changes applied ({}, {ADD}, {REMOVE, ADD}). If it returns {REMOVE, ADD}
38  // then the REMOVE is associated with the form that was added. Thus only the
39  // primary key columns contain the values associated with the removed form.
40  PasswordStoreChangeList AddLogin(const autofill::PasswordForm& form);
41
42  // Updates existing password form. Returns the list of applied changes
43  // ({}, {UPDATE}). The password is looked up by the tuple {origin,
44  // username_element, username_value, password_element, signon_realm}.
45  // These columns stay intact.
46  PasswordStoreChangeList UpdateLogin(const autofill::PasswordForm& form);
47
48  // Removes |form| from the list of remembered password forms.
49  bool RemoveLogin(const autofill::PasswordForm& form);
50
51  // Removes all logins created from |delete_begin| onwards (inclusive) and
52  // before |delete_end|. You may use a null Time value to do an unbounded
53  // delete in either direction.
54  bool RemoveLoginsCreatedBetween(base::Time delete_begin,
55                                  base::Time delete_end);
56
57  // Removes all logins synced from |delete_begin| onwards (inclusive) and
58  // before |delete_end|. You may use a null Time value to do an unbounded
59  // delete in either direction.
60  bool RemoveLoginsSyncedBetween(base::Time delete_begin,
61                                 base::Time delete_end);
62
63  // Loads a list of matching password forms into the specified vector |forms|.
64  // The list will contain all possibly relevant entries to the observed |form|,
65  // including blacklisted matches. The caller owns |forms| after the call.
66  bool GetLogins(const autofill::PasswordForm& form,
67                 std::vector<autofill::PasswordForm*>* forms) const;
68
69  // Loads all logins created from |begin| onwards (inclusive) and before |end|.
70  // You may use a null Time value to do an unbounded search in either
71  // direction. The caller owns |forms| after the call.
72  bool GetLoginsCreatedBetween(
73      base::Time begin,
74      base::Time end,
75      std::vector<autofill::PasswordForm*>* forms) const;
76
77  // Loads all logins synced from |begin| onwards (inclusive) and before |end|.
78  // You may use a null Time value to do an unbounded search in either
79  // direction. The caller owns |forms| after the call.
80  bool GetLoginsSyncedBetween(
81      base::Time begin,
82      base::Time end,
83      std::vector<autofill::PasswordForm*>* forms) const;
84
85  // Loads the complete list of autofillable password forms (i.e., not blacklist
86  // entries) into |forms|. The caller owns |forms| after the call.
87  bool GetAutofillableLogins(
88      std::vector<autofill::PasswordForm*>* forms) const;
89
90  // Loads the complete list of blacklist forms into |forms|. The caller owns
91  // |forms| after the call.
92  bool GetBlacklistLogins(
93      std::vector<autofill::PasswordForm*>* forms) const;
94
95  // Deletes the login database file on disk, and creates a new, empty database.
96  // This can be used after migrating passwords to some other store, to ensure
97  // that SQLite doesn't leave fragments of passwords in the database file.
98  // Returns true on success; otherwise, whether the file was deleted and
99  // whether further use of this login database will succeed is unspecified.
100  bool DeleteAndRecreateDatabaseFile();
101
102 private:
103  // Result values for encryption/decryption actions.
104  enum EncryptionResult {
105    // Success.
106    ENCRYPTION_RESULT_SUCCESS,
107    // Failure for a specific item (e.g., the encrypted value was manually
108    // moved from another machine, and can't be decrypted on this machine).
109    // This is presumed to be a permanent failure.
110    ENCRYPTION_RESULT_ITEM_FAILURE,
111    // A service-level failure (e.g., on a platform using a keyring, the keyring
112    // is temporarily unavailable).
113    // This is presumed to be a temporary failure.
114    ENCRYPTION_RESULT_SERVICE_FAILURE,
115  };
116
117  // Encrypts plain_text, setting the value of cipher_text and returning true if
118  // successful, or returning false and leaving cipher_text unchanged if
119  // encryption fails (e.g., if the underlying OS encryption system is
120  // temporarily unavailable).
121  EncryptionResult EncryptedString(const base::string16& plain_text,
122                                   std::string* cipher_text) const;
123
124  // Decrypts cipher_text, setting the value of plain_text and returning true if
125  // successful, or returning false and leaving plain_text unchanged if
126  // decryption fails (e.g., if the underlying OS encryption system is
127  // temporarily unavailable).
128  EncryptionResult DecryptedString(const std::string& cipher_text,
129                                   base::string16* plain_text) const;
130
131  bool InitLoginsTable();
132  bool MigrateOldVersionsAsNeeded();
133
134  // Fills |form| from the values in the given statement (which is assumed to
135  // be of the form used by the Get*Logins methods).
136  // Returns the EncryptionResult from decrypting the password in |s|; if not
137  // ENCRYPTION_RESULT_SUCCESS, |form| is not filled.
138  EncryptionResult InitPasswordFormFromStatement(autofill::PasswordForm* form,
139                                                 sql::Statement& s) const;
140
141  // Loads all logins whose blacklist setting matches |blacklisted| into
142  // |forms|.
143  bool GetAllLoginsWithBlacklistSetting(
144      bool blacklisted, std::vector<autofill::PasswordForm*>* forms) const;
145
146  base::FilePath db_path_;
147  mutable sql::Connection db_;
148  sql::MetaTable meta_table_;
149
150  DISALLOW_COPY_AND_ASSIGN(LoginDatabase);
151};
152
153}  // namespace password_manager
154
155#endif  // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_LOGIN_DATABASE_H_
156