// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "components/trusted_vault/standalone_trusted_vault_backend.h" #include <algorithm> #include <memory> #include <utility> #include <vector> #include "base/containers/flat_set.h" #include "base/containers/span.h" #include "base/feature_list.h" #include "base/files/file_util.h" #include "base/files/important_file_writer.h" #include "base/functional/callback_forward.h" #include "base/functional/callback_helpers.h" #include "base/hash/md5.h" #include "base/logging.h" #include "base/memory/scoped_refptr.h" #include "base/metrics/histogram_functions.h" #include "base/ranges/algorithm.h" #include "base/sequence_checker.h" #include "base/stl_util.h" #include "base/task/sequenced_task_runner.h" #include "base/time/clock.h" #include "base/time/default_clock.h" #include "base/time/time.h" #include "components/signin/public/identity_manager/account_info.h" #include "components/signin/public/identity_manager/accounts_in_cookie_jar_info.h" #include "components/trusted_vault/features.h" #include "components/trusted_vault/proto/local_trusted_vault.pb.h" #include "components/trusted_vault/proto_string_bytes_conversion.h" #include "components/trusted_vault/proto_time_conversion.h" #include "components/trusted_vault/recovery_key_store_connection_impl.h" #include "components/trusted_vault/recovery_key_store_controller.h" #include "components/trusted_vault/securebox.h" #include "components/trusted_vault/trusted_vault_connection.h" #include "components/trusted_vault/trusted_vault_histograms.h" #include "components/trusted_vault/trusted_vault_server_constants.h" #include "google_apis/gaia/gaia_auth_util.h" #include "google_apis/gaia/google_service_auth_error.h" namespace trusted_vault { namespace { constexpr int kCurrentLocalTrustedVaultVersion = …; constexpr int kCurrentDeviceRegistrationVersion = …; trusted_vault_pb::LocalTrustedVault ReadDataFromDiskImpl( const base::FilePath& file_path) { … } void WriteDataToDiskImpl(const trusted_vault_pb::LocalTrustedVault& data, const base::FilePath& file_path) { … } bool HasNonConstantKey( const trusted_vault_pb::LocalTrustedVaultPerUser& per_user_vault) { … } std::vector<std::vector<uint8_t>> GetAllVaultKeys( const trusted_vault_pb::LocalTrustedVaultPerUser& per_user_vault) { … } base::flat_set<std::string> GetGaiaIDs( const std::vector<gaia::ListedAccount>& listed_accounts) { … } // Note that it returns false upon transition from kUnknown to // kNoPersistentAuthErrors. bool PersistentAuthErrorWasResolved( StandaloneTrustedVaultBackend::RefreshTokenErrorState previous_refresh_token_error_state, StandaloneTrustedVaultBackend::RefreshTokenErrorState current_refresh_token_error_state) { … } TrustedVaultDeviceRegistrationOutcomeForUMA GetDeviceRegistrationOutcomeForUMAFromResponse( TrustedVaultRegistrationStatus response_status) { … } // Version 0 may contain corrupted data: missing constant key if the client // was affected by crbug.com/1267391, this function injects constant key if it's // not stored and there is exactly one non-constant key. |local_trusted_vault| // must not be null and must have |version| set to 0. void UpgradeToVersion1( trusted_vault_pb::LocalTrustedVault* local_trusted_vault) { … } // Version 1 may contain `keys_marked_as_stale_by_consumer` (before the field // was renamed) accidentally set to true, upgrade to version 2 resets it to // false. void UpgradeToVersion2( trusted_vault_pb::LocalTrustedVault* local_trusted_vault) { … } } // namespace StandaloneTrustedVaultBackend::PendingTrustedRecoveryMethod:: PendingTrustedRecoveryMethod() = default; StandaloneTrustedVaultBackend::PendingTrustedRecoveryMethod:: PendingTrustedRecoveryMethod(PendingTrustedRecoveryMethod&&) = default; StandaloneTrustedVaultBackend::PendingTrustedRecoveryMethod& StandaloneTrustedVaultBackend::PendingTrustedRecoveryMethod::operator=( PendingTrustedRecoveryMethod&&) = default; StandaloneTrustedVaultBackend::PendingTrustedRecoveryMethod:: ~PendingTrustedRecoveryMethod() = default; StandaloneTrustedVaultBackend::PendingGetIsRecoverabilityDegraded:: PendingGetIsRecoverabilityDegraded() = default; StandaloneTrustedVaultBackend::PendingGetIsRecoverabilityDegraded:: PendingGetIsRecoverabilityDegraded(PendingGetIsRecoverabilityDegraded&&) = default; StandaloneTrustedVaultBackend::PendingGetIsRecoverabilityDegraded& StandaloneTrustedVaultBackend::PendingGetIsRecoverabilityDegraded::operator=( PendingGetIsRecoverabilityDegraded&&) = default; StandaloneTrustedVaultBackend::PendingGetIsRecoverabilityDegraded:: ~PendingGetIsRecoverabilityDegraded() = default; StandaloneTrustedVaultBackend::OngoingFetchKeys::OngoingFetchKeys() = default; StandaloneTrustedVaultBackend::OngoingFetchKeys::OngoingFetchKeys( OngoingFetchKeys&&) = default; StandaloneTrustedVaultBackend::OngoingFetchKeys& StandaloneTrustedVaultBackend::OngoingFetchKeys::operator=(OngoingFetchKeys&&) = default; StandaloneTrustedVaultBackend::OngoingFetchKeys::~OngoingFetchKeys() = default; // static TrustedVaultDownloadKeysStatusForUMA StandaloneTrustedVaultBackend::GetDownloadKeysStatusForUMAFromResponse( TrustedVaultDownloadKeysStatus response_status) { … } StandaloneTrustedVaultBackend::StandaloneTrustedVaultBackend( const base::FilePath& file_path, std::unique_ptr<Delegate> delegate, std::unique_ptr<TrustedVaultConnection> connection, std::unique_ptr<RecoveryKeyStoreController::RecoveryKeyProvider> recovery_key_provider, std::unique_ptr<RecoveryKeyStoreConnection> recovery_key_store_connection) : … { … } StandaloneTrustedVaultBackend::StandaloneTrustedVaultBackend( const base::FilePath& file_path, std::unique_ptr<Delegate> delegate, std::unique_ptr<TrustedVaultConnection> connection) : … { … } StandaloneTrustedVaultBackend::~StandaloneTrustedVaultBackend() = default; void StandaloneTrustedVaultBackend::WriteDegradedRecoverabilityState( const trusted_vault_pb::LocalTrustedVaultDegradedRecoverabilityState& degraded_recoverability_state) { … } void StandaloneTrustedVaultBackend::OnDegradedRecoverabilityChanged() { … } void StandaloneTrustedVaultBackend::ReadDataFromDisk() { … } void StandaloneTrustedVaultBackend::FetchKeys( const CoreAccountInfo& account_info, FetchKeysCallback callback) { … } void StandaloneTrustedVaultBackend::StoreKeys( const std::string& gaia_id, const std::vector<std::vector<uint8_t>>& keys, int last_key_version) { … } void StandaloneTrustedVaultBackend::SetPrimaryAccount( const std::optional<CoreAccountInfo>& primary_account, RefreshTokenErrorState refresh_token_error_state) { … } void StandaloneTrustedVaultBackend::UpdateAccountsInCookieJarInfo( const signin::AccountsInCookieJarInfo& accounts_in_cookie_jar_info) { … } bool StandaloneTrustedVaultBackend::MarkLocalKeysAsStale( const CoreAccountInfo& account_info) { … } void StandaloneTrustedVaultBackend::GetIsRecoverabilityDegraded( const CoreAccountInfo& account_info, base::OnceCallback<void(bool)> cb) { … } void StandaloneTrustedVaultBackend::AddTrustedRecoveryMethod( const std::string& gaia_id, const std::vector<uint8_t>& public_key, int method_type_hint, base::OnceClosure cb) { … } void StandaloneTrustedVaultBackend::ClearLocalDataForAccount( const CoreAccountInfo& account_info) { … } void StandaloneTrustedVaultBackend::SetRecoveryKeyStoreUploadEnabled( const CoreAccountInfo& account_info, bool is_enabled) { … } void StandaloneTrustedVaultBackend::MaybeStartRecoveryKeyStoreUploads() { … } std::optional<CoreAccountInfo> StandaloneTrustedVaultBackend::GetPrimaryAccountForTesting() const { … } trusted_vault_pb::LocalDeviceRegistrationInfo StandaloneTrustedVaultBackend::GetDeviceRegistrationInfoForTesting( const std::string& gaia_id) { … } std::vector<uint8_t> StandaloneTrustedVaultBackend::GetLastAddedRecoveryMethodPublicKeyForTesting() const { … } int StandaloneTrustedVaultBackend::GetLastKeyVersionForTesting( const std::string& gaia_id) { … } void StandaloneTrustedVaultBackend::SetDeviceRegisteredVersionForTesting( const std::string& gaia_id, int version) { … } void StandaloneTrustedVaultBackend:: SetLastRegistrationReturnedLocalDataObsoleteForTesting( const std::string& gaia_id) { … } void StandaloneTrustedVaultBackend::SetClockForTesting(base::Clock* clock) { … } bool StandaloneTrustedVaultBackend::HasPendingTrustedRecoveryMethodForTesting() const { … } bool StandaloneTrustedVaultBackend::AreConnectionRequestsThrottledForTesting() { … } std::optional<TrustedVaultDeviceRegistrationStateForUMA> StandaloneTrustedVaultBackend::MaybeRegisterDevice() { … } void StandaloneTrustedVaultBackend::MaybeProcessPendingTrustedRecoveryMethod() { … } void StandaloneTrustedVaultBackend::OnDeviceRegistered( TrustedVaultRegistrationStatus status, int key_version_unused) { … } void StandaloneTrustedVaultBackend::OnDeviceRegisteredWithoutKeys( TrustedVaultRegistrationStatus status, int key_version) { … } void StandaloneTrustedVaultBackend::OnKeysDownloaded( TrustedVaultDownloadKeysStatus status, const std::vector<std::vector<uint8_t>>& downloaded_vault_keys, int last_vault_key_version) { … } void StandaloneTrustedVaultBackend::OnTrustedRecoveryMethodAdded( base::OnceClosure cb) { … } void StandaloneTrustedVaultBackend::FulfillOngoingFetchKeys( std::optional<TrustedVaultDownloadKeysStatusForUMA> status_for_uma) { … } void StandaloneTrustedVaultBackend::FulfillFetchKeys( const std::string& gaia_id, FetchKeysCallback callback, std::optional<TrustedVaultDownloadKeysStatusForUMA> status_for_uma) { … } bool StandaloneTrustedVaultBackend::AreConnectionRequestsThrottled() { … } void StandaloneTrustedVaultBackend:: RecordFailedConnectionRequestForThrottling() { … } void StandaloneTrustedVaultBackend:: RemoveNonPrimaryAccountKeysIfMarkedForDeletion() { … } trusted_vault_pb::LocalTrustedVaultPerUser* StandaloneTrustedVaultBackend::FindUserVault(const std::string& gaia_id) { … } void StandaloneTrustedVaultBackend::WriteDataToDisk() { … } void StandaloneTrustedVaultBackend::WriteRecoveryKeyStoreState( const trusted_vault_pb::RecoveryKeyStoreState& state) { … } void StandaloneTrustedVaultBackend::AddRecoveryKeyToSecurityDomain( const std::vector<uint8_t>& public_key_bytes, RecoveryKeyRegistrationCallback callback) { … } void StandaloneTrustedVaultBackend::OnRecoveryKeyAddedToSecurityDomain( RecoveryKeyRegistrationCallback callback, TrustedVaultRegistrationStatus status, int key_version_unused) { … } } // namespace trusted_vault
Codebase Browser
chromium