| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/internal_auth.h" | 5 #include "chrome/browser/internal_auth.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <deque> | 8 #include <deque> |
| 9 | 9 |
| 10 #include "base/base64.h" | 10 #include "base/base64.h" |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 133 return true; | 133 return true; |
| 134 } | 134 } |
| 135 | 135 |
| 136 void ConvertVarValueMapToBlob(const VarValueMap& map, std::string* out) { | 136 void ConvertVarValueMapToBlob(const VarValueMap& map, std::string* out) { |
| 137 out->clear(); | 137 out->clear(); |
| 138 DCHECK(IsVarValueMapSane(map)); | 138 DCHECK(IsVarValueMapSane(map)); |
| 139 for (VarValueMap::const_iterator it = map.begin(); it != map.end(); ++it) | 139 for (VarValueMap::const_iterator it = map.begin(); it != map.end(); ++it) |
| 140 *out += it->first + kVarValueSeparator + it->second + kItemSeparator; | 140 *out += it->first + kVarValueSeparator + it->second + kItemSeparator; |
| 141 } | 141 } |
| 142 | 142 |
| 143 void CreatePassport( | 143 void CreatePassport(const std::string& domain, |
| 144 const std::string& domain, | 144 const VarValueMap& map, |
| 145 const VarValueMap& map, | 145 int64 tick, |
| 146 int64 tick, | 146 const crypto::HMAC* engine, |
| 147 const crypto::HMAC* engine, | 147 std::string* out) { |
| 148 std::string* out) { | |
| 149 DCHECK(engine); | 148 DCHECK(engine); |
| 150 DCHECK(out); | 149 DCHECK(out); |
| 151 DCHECK(IsDomainSane(domain)); | 150 DCHECK(IsDomainSane(domain)); |
| 152 DCHECK(IsVarValueMapSane(map)); | 151 DCHECK(IsVarValueMapSane(map)); |
| 153 | 152 |
| 154 out->clear(); | 153 out->clear(); |
| 155 std::string result(kPassportSize, '0'); | 154 std::string result(kPassportSize, '0'); |
| 156 | 155 |
| 157 std::string blob; | 156 std::string blob; |
| 158 blob = domain + kItemSeparator; | 157 blob = domain + kItemSeparator; |
| (...skipping 25 matching lines...) Expand all Loading... |
| 184 std::copy( | 183 std::copy( |
| 185 tick_decimal.begin(), | 184 tick_decimal.begin(), |
| 186 tick_decimal.end(), | 185 tick_decimal.end(), |
| 187 result.begin() + kPassportSize - tick_decimal.size()); | 186 result.begin() + kPassportSize - tick_decimal.size()); |
| 188 | 187 |
| 189 out->swap(result); | 188 out->swap(result); |
| 190 } | 189 } |
| 191 | 190 |
| 192 } // namespace | 191 } // namespace |
| 193 | 192 |
| 194 namespace browser { | 193 namespace chrome { |
| 195 | 194 |
| 196 class InternalAuthVerificationService { | 195 class InternalAuthVerificationService { |
| 197 public: | 196 public: |
| 198 InternalAuthVerificationService() | 197 InternalAuthVerificationService() |
| 199 : key_change_tick_(0), | 198 : key_change_tick_(0), |
| 200 dark_tick_(0) { | 199 dark_tick_(0) { |
| 201 } | 200 } |
| 202 | 201 |
| 203 bool VerifyPassport( | 202 bool VerifyPassport( |
| 204 const std::string& passport, | 203 const std::string& passport, |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 313 // ticks. | 312 // ticks. |
| 314 std::deque<int64> used_ticks_; | 313 std::deque<int64> used_ticks_; |
| 315 | 314 |
| 316 // Some ticks before |dark_tick_| were purged from |used_ticks_| container. | 315 // Some ticks before |dark_tick_| were purged from |used_ticks_| container. |
| 317 // That means that we must not trust any tick less than or equal to dark tick. | 316 // That means that we must not trust any tick less than or equal to dark tick. |
| 318 int64 dark_tick_; | 317 int64 dark_tick_; |
| 319 | 318 |
| 320 DISALLOW_COPY_AND_ASSIGN(InternalAuthVerificationService); | 319 DISALLOW_COPY_AND_ASSIGN(InternalAuthVerificationService); |
| 321 }; | 320 }; |
| 322 | 321 |
| 323 } // namespace browser | 322 } // namespace chrome |
| 324 | 323 |
| 325 namespace { | 324 namespace { |
| 326 | 325 |
| 327 static base::LazyInstance<browser::InternalAuthVerificationService> | 326 static base::LazyInstance<chrome::InternalAuthVerificationService> |
| 328 g_verification_service = LAZY_INSTANCE_INITIALIZER; | 327 g_verification_service = LAZY_INSTANCE_INITIALIZER; |
| 329 static base::LazyInstance<base::Lock>::Leaky | 328 static base::LazyInstance<base::Lock>::Leaky |
| 330 g_verification_service_lock = LAZY_INSTANCE_INITIALIZER; | 329 g_verification_service_lock = LAZY_INSTANCE_INITIALIZER; |
| 331 | 330 |
| 332 } // namespace | 331 } // namespace |
| 333 | 332 |
| 334 namespace browser { | 333 namespace chrome { |
| 335 | 334 |
| 336 class InternalAuthGenerationService : public base::ThreadChecker { | 335 class InternalAuthGenerationService : public base::ThreadChecker { |
| 337 public: | 336 public: |
| 338 InternalAuthGenerationService() : key_regeneration_tick_(0) { | 337 InternalAuthGenerationService() : key_regeneration_tick_(0) { |
| 339 GenerateNewKey(); | 338 GenerateNewKey(); |
| 340 } | 339 } |
| 341 | 340 |
| 342 void GenerateNewKey() { | 341 void GenerateNewKey() { |
| 343 DCHECK(CalledOnValidThread()); | 342 DCHECK(CalledOnValidThread()); |
| 344 scoped_ptr<crypto::HMAC> new_engine(new crypto::HMAC(crypto::HMAC::SHA256)); | 343 scoped_ptr<crypto::HMAC> new_engine(new crypto::HMAC(crypto::HMAC::SHA256)); |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 420 return InternalAuthVerification::get_verification_window_ticks(); | 419 return InternalAuthVerification::get_verification_window_ticks(); |
| 421 } | 420 } |
| 422 | 421 |
| 423 scoped_ptr<crypto::HMAC> engine_; | 422 scoped_ptr<crypto::HMAC> engine_; |
| 424 int64 key_regeneration_tick_; | 423 int64 key_regeneration_tick_; |
| 425 std::deque<int64> used_ticks_; | 424 std::deque<int64> used_ticks_; |
| 426 | 425 |
| 427 DISALLOW_COPY_AND_ASSIGN(InternalAuthGenerationService); | 426 DISALLOW_COPY_AND_ASSIGN(InternalAuthGenerationService); |
| 428 }; | 427 }; |
| 429 | 428 |
| 430 } // namespace browser | 429 } // namespace chrome |
| 431 | 430 |
| 432 namespace { | 431 namespace { |
| 433 | 432 |
| 434 static base::LazyInstance<browser::InternalAuthGenerationService> | 433 static base::LazyInstance<chrome::InternalAuthGenerationService> |
| 435 g_generation_service = LAZY_INSTANCE_INITIALIZER; | 434 g_generation_service = LAZY_INSTANCE_INITIALIZER; |
| 436 | 435 |
| 437 } // namespace | 436 } // namespace |
| 438 | 437 |
| 439 namespace browser { | 438 namespace chrome { |
| 440 | 439 |
| 441 // static | 440 // static |
| 442 bool InternalAuthVerification::VerifyPassport( | 441 bool InternalAuthVerification::VerifyPassport( |
| 443 const std::string& passport, | 442 const std::string& passport, |
| 444 const std::string& domain, | 443 const std::string& domain, |
| 445 const VarValueMap& var_value_map) { | 444 const VarValueMap& var_value_map) { |
| 446 base::AutoLock alk(g_verification_service_lock.Get()); | 445 base::AutoLock alk(g_verification_service_lock.Get()); |
| 447 return g_verification_service.Get().VerifyPassport( | 446 return g_verification_service.Get().VerifyPassport( |
| 448 passport, domain, var_value_map); | 447 passport, domain, var_value_map); |
| 449 } | 448 } |
| (...skipping 19 matching lines...) Expand all Loading... |
| 469 std::string InternalAuthGeneration::GeneratePassport( | 468 std::string InternalAuthGeneration::GeneratePassport( |
| 470 const std::string& domain, const VarValueMap& var_value_map) { | 469 const std::string& domain, const VarValueMap& var_value_map) { |
| 471 return g_generation_service.Get().GeneratePassport(domain, var_value_map, 0); | 470 return g_generation_service.Get().GeneratePassport(domain, var_value_map, 0); |
| 472 } | 471 } |
| 473 | 472 |
| 474 // static | 473 // static |
| 475 void InternalAuthGeneration::GenerateNewKey() { | 474 void InternalAuthGeneration::GenerateNewKey() { |
| 476 g_generation_service.Get().GenerateNewKey(); | 475 g_generation_service.Get().GenerateNewKey(); |
| 477 } | 476 } |
| 478 | 477 |
| 479 } // namespace browser | 478 } // namespace chrome |
| OLD | NEW |