login_manager/secret_util.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2019 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef LOGIN_MANAGER_SECRET_UTIL_H_
 #define LOGIN_MANAGER_SECRET_UTIL_H_

 #include <string>
 #include <vector>

 #include <base/files/scoped_file.h>
 #include <base/files/file_path.h>

 #include "libpasswordprovider/password_provider.h"

 namespace login_manager {
 namespace secret_util {

 // Maximum amount of data in bytes that can be sent through shared
 // memory using |secret_util| methods.
 extern const size_t kSharedMemorySecretSizeLimit;

 // Provides methods for reading and writing shared memory. These functions are
 // extracted into a class to be mockable from the tests.
 class SharedMemoryUtil {
  public:
   virtual ~SharedMemoryUtil();

   // Creates a shared memory region that contains the given data. Returns a file
   // descriptor of that region that can be passed to another process. Returns
   // '-1'in case of failure.
   virtual base::ScopedFD WriteDataToSharedMemory(
       const std::vector<uint8_t>& data);

   // Reads data from the |in_data_fd| shared memory region. Writes the result
   // to |out_data|. Returns 'true' if the data was successfully read, 'false'
   // otherwise.
   // TODO(crbug.com/1124567): change D-Bus generator to generate
   // SessionManagerImpl::LoginScreenStorageStore so that base::ScopedFD instead
   // of const base::ScopedFD& would be used here.
   virtual bool ReadDataFromSharedMemory(const base::ScopedFD& in_data_fd,
                                         size_t data_size,
                                         std::vector<uint8_t>* out_data);
 };

 // Creates a file descriptor pointing to a pipe that contains the given data.
 // The data size (of type |size_t|) will be inserted into the pipe first,
 // followed by the actual data. |size_t| value representation follows the host
 // byte order.
 base::ScopedFD WriteSizeAndDataToPipe(const std::vector<uint8_t>& data);

 // Saves secret written in |in_secret_fd| to |provider|. Secret must be
 // preceded by |size_t| value representing its length. Returns 'true' if the
 // data was successfully read, 'false' otherwise.
 bool SaveSecretFromPipe(password_provider::PasswordProviderInterface* provider,
                         const base::ScopedFD& in_secret_fd);

 // Gets a SHA256 hash of the given data and returns its hexadicimal
 // representation. This is used to generate a unique string that is safe to use
 // as a filename.
 base::FilePath StringToSafeFilename(std::string data);

 }  // namespace secret_util
 }  // namespace login_manager

 #endif  // LOGIN_MANAGER_SECRET_UTIL_H_
	// Copyright 2019 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef LOGIN_MANAGER_SECRET_UTIL_H_
	#define LOGIN_MANAGER_SECRET_UTIL_H_

	#include <string>
	#include <vector>

	#include <base/files/scoped_file.h>
	#include <base/files/file_path.h>

	#include "libpasswordprovider/password_provider.h"

	namespace login_manager {
	namespace secret_util {

	// Maximum amount of data in bytes that can be sent through shared
	// memory using \|secret_util\| methods.
	extern const size_t kSharedMemorySecretSizeLimit;

	// Provides methods for reading and writing shared memory. These functions are
	// extracted into a class to be mockable from the tests.
	class SharedMemoryUtil {
	public:
	virtual ~SharedMemoryUtil();

	// Creates a shared memory region that contains the given data. Returns a file
	// descriptor of that region that can be passed to another process. Returns
	// '-1'in case of failure.
	virtual base::ScopedFD WriteDataToSharedMemory(
	const std::vector<uint8_t>& data);

	// Reads data from the \|in_data_fd\| shared memory region. Writes the result
	// to \|out_data\|. Returns 'true' if the data was successfully read, 'false'
	// otherwise.
	// TODO(crbug.com/1124567): change D-Bus generator to generate
	// SessionManagerImpl::LoginScreenStorageStore so that base::ScopedFD instead
	// of const base::ScopedFD& would be used here.
	virtual bool ReadDataFromSharedMemory(const base::ScopedFD& in_data_fd,
	size_t data_size,
	std::vector<uint8_t>* out_data);
	};

	// Creates a file descriptor pointing to a pipe that contains the given data.
	// The data size (of type \|size_t\|) will be inserted into the pipe first,
	// followed by the actual data. \|size_t\| value representation follows the host
	// byte order.
	base::ScopedFD WriteSizeAndDataToPipe(const std::vector<uint8_t>& data);

	// Saves secret written in \|in_secret_fd\| to \|provider\|. Secret must be
	// preceded by \|size_t\| value representing its length. Returns 'true' if the
	// data was successfully read, 'false' otherwise.
	bool SaveSecretFromPipe(password_provider::PasswordProviderInterface* provider,
	const base::ScopedFD& in_secret_fd);

	// Gets a SHA256 hash of the given data and returns its hexadicimal
	// representation. This is used to generate a unique string that is safe to use
	// as a filename.
	base::FilePath StringToSafeFilename(std::string data);

	} // namespace secret_util
	} // namespace login_manager

	#endif // LOGIN_MANAGER_SECRET_UTIL_H_