login_database.h revision f8ee788a64d60abd8f2d742a5fdedde054ecd910
1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_LOGIN_DATABASE_H_
6#define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_LOGIN_DATABASE_H_
7
8#include <string>
9#include <vector>
10
11#include "base/files/file_path.h"
12#include "base/pickle.h"
13#include "base/strings/string16.h"
14#include "components/password_manager/core/browser/password_store_change.h"
15#include "components/password_manager/core/browser/psl_matching_helper.h"
16#include "sql/connection.h"
17#include "sql/meta_table.h"
18
19namespace password_manager {
20
21// Interface to the database storage of login information, intended as a helper
22// for PasswordStore on platforms that need internal storage of some or all of
23// the login information.
24class LoginDatabase {
25 public:
26  LoginDatabase();
27  virtual ~LoginDatabase();
28
29  // Initialize the database with an sqlite file at the given path.
30  // If false is returned, no other method should be called.
31  bool Init(const base::FilePath& db_path);
32
33  // Reports usage metrics to UMA.
34  void ReportMetrics();
35
36  // Adds |form| to the list of remembered password forms. Returns the list of
37  // changes applied ({}, {ADD}, {REMOVE, ADD}). If it returns {REMOVE, ADD}
38  // then the REMOVE is associated with the form that was added. Thus only the
39  // primary key columns contain the values associated with the removed form.
40  PasswordStoreChangeList AddLogin(const autofill::PasswordForm& form);
41
42  // Updates existing password form. Returns the list of applied changes
43  // ({}, {UPDATE}). The password is looked up by the tuple {origin,
44  // username_element, username_value, password_element, signon_realm}.
45  // These columns stay intact.
46  PasswordStoreChangeList UpdateLogin(const autofill::PasswordForm& form);
47
48  // Removes |form| from the list of remembered password forms.
49  bool RemoveLogin(const autofill::PasswordForm& form);
50
51  // Removes all logins created from |delete_begin| onwards (inclusive) and
52  // before |delete_end|. You may use a null Time value to do an unbounded
53  // delete in either direction.
54  bool RemoveLoginsCreatedBetween(const base::Time delete_begin,
55                                  const base::Time delete_end);
56
57  // Removes all logins synced from |delete_begin| onwards (inclusive) and
58  // before |delete_end|. You may use a null Time value to do an unbounded
59  // delete in either direction.
60  bool RemoveLoginsSyncedBetween(base::Time delete_begin,
61                                 base::Time delete_end);
62
63  // Loads a list of matching password forms into the specified vector |forms|.
64  // The list will contain all possibly relevant entries to the observed |form|,
65  // including blacklisted matches.
66  bool GetLogins(const autofill::PasswordForm& form,
67                 std::vector<autofill::PasswordForm*>* forms) const;
68
69  // Loads all logins created from |begin| onwards (inclusive) and before |end|.
70  // You may use a null Time value to do an unbounded search in either
71  // direction.
72  bool GetLoginsCreatedBetween(
73      base::Time begin,
74      base::Time end,
75      std::vector<autofill::PasswordForm*>* forms) const;
76
77  // Loads all logins synced from |begin| onwards (inclusive) and before |end|.
78  // You may use a null Time value to do an unbounded search in either
79  // direction.
80  bool GetLoginsSyncedBetween(
81      base::Time begin,
82      base::Time end,
83      std::vector<autofill::PasswordForm*>* forms) const;
84
85  // Loads the complete list of autofillable password forms (i.e., not blacklist
86  // entries) into |forms|.
87  bool GetAutofillableLogins(
88      std::vector<autofill::PasswordForm*>* forms) const;
89
90  // Loads the complete list of blacklist forms into |forms|.
91  bool GetBlacklistLogins(
92      std::vector<autofill::PasswordForm*>* forms) const;
93
94  // Deletes the login database file on disk, and creates a new, empty database.
95  // This can be used after migrating passwords to some other store, to ensure
96  // that SQLite doesn't leave fragments of passwords in the database file.
97  // Returns true on success; otherwise, whether the file was deleted and
98  // whether further use of this login database will succeed is unspecified.
99  bool DeleteAndRecreateDatabaseFile();
100
101 private:
102  // Result values for encryption/decryption actions.
103  enum EncryptionResult {
104    // Success.
105    ENCRYPTION_RESULT_SUCCESS,
106    // Failure for a specific item (e.g., the encrypted value was manually
107    // moved from another machine, and can't be decrypted on this machine).
108    // This is presumed to be a permanent failure.
109    ENCRYPTION_RESULT_ITEM_FAILURE,
110    // A service-level failure (e.g., on a platform using a keyring, the keyring
111    // is temporarily unavailable).
112    // This is presumed to be a temporary failure.
113    ENCRYPTION_RESULT_SERVICE_FAILURE,
114  };
115
116  // Encrypts plain_text, setting the value of cipher_text and returning true if
117  // successful, or returning false and leaving cipher_text unchanged if
118  // encryption fails (e.g., if the underlying OS encryption system is
119  // temporarily unavailable).
120  EncryptionResult EncryptedString(const base::string16& plain_text,
121                                   std::string* cipher_text) const;
122
123  // Decrypts cipher_text, setting the value of plain_text and returning true if
124  // successful, or returning false and leaving plain_text unchanged if
125  // decryption fails (e.g., if the underlying OS encryption system is
126  // temporarily unavailable).
127  EncryptionResult DecryptedString(const std::string& cipher_text,
128                                   base::string16* plain_text) const;
129
130  bool InitLoginsTable();
131  bool MigrateOldVersionsAsNeeded();
132
133  // Fills |form| from the values in the given statement (which is assumed to
134  // be of the form used by the Get*Logins methods).
135  // Returns the EncryptionResult from decrypting the password in |s|; if not
136  // ENCRYPTION_RESULT_SUCCESS, |form| is not filled.
137  EncryptionResult InitPasswordFormFromStatement(autofill::PasswordForm* form,
138                                                 sql::Statement& s) const;
139
140  // Loads all logins whose blacklist setting matches |blacklisted| into
141  // |forms|.
142  bool GetAllLoginsWithBlacklistSetting(
143      bool blacklisted, std::vector<autofill::PasswordForm*>* forms) const;
144
145  base::FilePath db_path_;
146  mutable sql::Connection db_;
147  sql::MetaTable meta_table_;
148
149  PSLMatchingHelper psl_helper_;
150
151  DISALLOW_COPY_AND_ASSIGN(LoginDatabase);
152};
153
154}  // namespace password_manager
155
156#endif  // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_LOGIN_DATABASE_H_
157