shill: Infrastucture for encrypting/decrypting/scrambling store values.
This adds a CryptoProvider that registers and provides access to different
prioritized crypto modules (currently DES-CBC and ROT47). Use the provider in
KeyFileStore to provide an API for getting and setting crypted string values.
BUG=chromium-os:16963
TEST=unit tests
Change-Id: I492516890eb3f527758d354cd8890088cb99dea4
Reviewed-on: http://gerrit.chromium.org/gerrit/3395
Tested-by: Darin Petkov <petkov@chromium.org>
Reviewed-by: Chris Masone <cmasone@chromium.org>
diff --git a/key_file_store.cc b/key_file_store.cc
index d844e7e..cce5ea7 100644
--- a/key_file_store.cc
+++ b/key_file_store.cc
@@ -12,7 +12,10 @@
namespace shill {
-KeyFileStore::KeyFileStore(GLib *glib) : glib_(glib), key_file_(NULL) {}
+KeyFileStore::KeyFileStore(GLib *glib)
+ : glib_(glib),
+ crypto_(glib),
+ key_file_(NULL) {}
KeyFileStore::~KeyFileStore() {
ReleaseKeyFile();
@@ -28,6 +31,7 @@
bool KeyFileStore::Open() {
CHECK(!path_.empty());
CHECK(!key_file_);
+ crypto_.Init();
key_file_ = glib_->KeyFileNew();
int64 file_size = 0;
if (!file_util::GetFileSize(path_, &file_size) || file_size == 0) {
@@ -109,7 +113,7 @@
GError *error = NULL;
glib_->KeyFileRemoveGroup(key_file_, group.c_str(), &error);
if (error) {
- LOG(ERROR) << "Failed to delete group " << group << "): "
+ LOG(ERROR) << "Failed to delete group " << group << ": "
<< glib_->ConvertErrorToMessage(error);
return false;
}
@@ -192,4 +196,22 @@
return true;
}
+bool KeyFileStore::GetCryptedString(const string &group,
+ const string &key,
+ string *value) {
+ if (!GetString(group, key, value)) {
+ return false;
+ }
+ if (value) {
+ *value = crypto_.Decrypt(*value);
+ }
+ return true;
+}
+
+bool KeyFileStore::SetCryptedString(const string &group,
+ const string &key,
+ const string &value) {
+ return SetString(group, key, crypto_.Encrypt(value));
+}
+
} // namespace shill