OLD | NEW |
(Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/chromeos/system/drm_settings.h" |
| 6 |
| 7 #include "base/bind.h" |
| 8 #include "base/chromeos/chromeos_version.h" |
| 9 #include "base/command_line.h" |
| 10 #include "base/file_path.h" |
| 11 #include "base/file_util.h" |
| 12 #include "base/path_service.h" |
| 13 #include "chrome/browser/chromeos/cros/cros_library.h" |
| 14 #include "chrome/browser/chromeos/cros/cryptohome_library.h" |
| 15 #include "chrome/browser/chromeos/login/user_manager.h" |
| 16 #include "chrome/common/chrome_paths.h" |
| 17 #include "chrome/common/chrome_switches.h" |
| 18 #include "content/public/browser/browser_thread.h" |
| 19 |
| 20 using content::BrowserThread; |
| 21 |
| 22 namespace { |
| 23 |
| 24 // This constant is mirrored in |
| 25 // content/browser/renderer_host/pepper_message_filter.cc |
| 26 // for OnGetDeviceID. |
| 27 // |
| 28 // This ID file is solely for use via the private pepper API. |
| 29 // |
| 30 // NOTE! Changing this value will also change the generated value |
| 31 // do not do so without accounting for the change. |
| 32 const char kDRMIdentifierFile[] = "Pepper DRM ID.0"; |
| 33 |
| 34 void ManageDrmIdentifierOnFileThread(bool enable, const std::string& email) { |
| 35 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); |
| 36 |
| 37 // Drop the file under <data>/<profile>/<drm id file>. |
| 38 // TODO(wad) get the profile directory in a more succinct fashion. |
| 39 FilePath drm_id_file; |
| 40 PathService::Get(chrome::DIR_USER_DATA, &drm_id_file); |
| 41 const CommandLine& cmd_line = *CommandLine::ForCurrentProcess(); |
| 42 FilePath profile = cmd_line.GetSwitchValuePath(switches::kLoginProfile); |
| 43 if (profile.empty()) { |
| 44 LOG(ERROR) << "called with no login-profile!"; |
| 45 return; |
| 46 } |
| 47 drm_id_file = drm_id_file.AppendASCII(profile.value()); |
| 48 drm_id_file = drm_id_file.AppendASCII(kDRMIdentifierFile); |
| 49 |
| 50 // The file will be regenerated or deleted at toggle-time. |
| 51 file_util::Delete(drm_id_file, false); |
| 52 |
| 53 // If DRM support is disabled, then do nothing else. |
| 54 if (!enable) |
| 55 return; |
| 56 |
| 57 // Build the identifier as follows: |
| 58 // SHA256(system-salt||SHA256(system-salt||email)||service-id) |
| 59 chromeos::CryptohomeLibrary* c_home = |
| 60 chromeos::CrosLibrary::Get()->GetCryptohomeLibrary(); |
| 61 std::string id = c_home->HashPassword(email); |
| 62 id.append(kDRMIdentifierFile); |
| 63 id = c_home->HashPassword(id); |
| 64 |
| 65 if (file_util::WriteFile(drm_id_file, id.c_str(), id.length()) != |
| 66 static_cast<int>(id.length())) { |
| 67 LOG(ERROR) << "Failed to write " << drm_id_file.value(); |
| 68 return; |
| 69 } |
| 70 } |
| 71 |
| 72 } // namespace |
| 73 |
| 74 namespace chromeos { |
| 75 namespace system { |
| 76 namespace drm_settings { |
| 77 |
| 78 void ToggleDrm(bool enable) { |
| 79 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 80 |
| 81 // Never generate the file in Guest mode. |
| 82 if (UserManager::Get()->IsLoggedInAsGuest() || |
| 83 UserManager::Get()->IsLoggedInAsDemoUser()) |
| 84 return; |
| 85 |
| 86 // The user email address is included in the hash to keep the identifier |
| 87 // from being the same across users. |
| 88 std::string email = UserManager::Get()->GetLoggedInUser().email(); |
| 89 DCHECK(email.length() == 0); |
| 90 |
| 91 // Generate a DRM identifier on the FILE thread. |
| 92 // The DRM identifier is a per-user, per-OS-install identifier that is used |
| 93 // by privileged pepper plugins specifically for deriving |
| 94 // per-content-provider identifiers. The user must be able to clear it, |
| 95 // reset it, and deny its use. |
| 96 BrowserThread::PostTask( |
| 97 BrowserThread::FILE, FROM_HERE, |
| 98 base::Bind(&ManageDrmIdentifierOnFileThread, enable, email)); |
| 99 } |
| 100 |
| 101 } // namespace drm_settings |
| 102 } // namespace system |
| 103 } // namespace chromeos |
OLD | NEW |