Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add experimental cookie encryption support on macOS
- Loading branch information
1 parent
ed126ec
commit 3810333
Showing
8 changed files
with
89 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
53 changes: 53 additions & 0 deletions
53
patches/chromium/make_keychainpassword_service_name_and_service_name_mutable_strings.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 | ||
From: Samuel Attard <sattard@slack-corp.com> | ||
Date: Wed, 27 Jan 2021 15:43:35 -0800 | ||
Subject: make KeychainPassword::service_name and service_name mutable strings | ||
|
||
This should be upstreamable, it's just a type change that makes it | ||
possible for embedders to adjust the service name for the keychain | ||
credential storage. | ||
|
||
diff --git a/components/os_crypt/keychain_password_mac.h b/components/os_crypt/keychain_password_mac.h | ||
index 6fda0244667c4eb5d1abb973f4b72d9c59ed2165..45c815620e3e095366de8586ef6a6872b8e04c0b 100644 | ||
--- a/components/os_crypt/keychain_password_mac.h | ||
+++ b/components/os_crypt/keychain_password_mac.h | ||
@@ -28,8 +28,8 @@ class COMPONENT_EXPORT(OS_CRYPT) KeychainPassword { | ||
std::string GetPassword() const; | ||
|
||
// The service and account names used in Chrome's Safe Storage keychain item. | ||
- static COMPONENT_EXPORT(OS_CRYPT) const char service_name[]; | ||
- static COMPONENT_EXPORT(OS_CRYPT) const char account_name[]; | ||
+ static COMPONENT_EXPORT(OS_CRYPT) std::string service_name; | ||
+ static COMPONENT_EXPORT(OS_CRYPT) std::string account_name; | ||
|
||
private: | ||
const crypto::AppleKeychain& keychain_; | ||
diff --git a/components/os_crypt/keychain_password_mac.mm b/components/os_crypt/keychain_password_mac.mm | ||
index 3b8543488d0bb0ae7c0996db70f9527bc5e34cd8..0214a676ce5e49c59d8e618aa8a56c241ffc1adb 100644 | ||
--- a/components/os_crypt/keychain_password_mac.mm | ||
+++ b/components/os_crypt/keychain_password_mac.mm | ||
@@ -48,11 +48,11 @@ | ||
// the encryption keyword. So as to not lose encrypted data when system | ||
// locale changes we DO NOT LOCALIZE. | ||
#if BUILDFLAG(GOOGLE_CHROME_BRANDING) | ||
-const char KeychainPassword::service_name[] = "Chrome Safe Storage"; | ||
-const char KeychainPassword::account_name[] = "Chrome"; | ||
+std::string KeychainPassword::service_name = "Chrome Safe Storage"; | ||
+std::string KeychainPassword::account_name = "Chrome"; | ||
#else | ||
-const char KeychainPassword::service_name[] = "Chromium Safe Storage"; | ||
-const char KeychainPassword::account_name[] = "Chromium"; | ||
+std::string KeychainPassword::service_name = "Chromium Safe Storage"; | ||
+std::string KeychainPassword::account_name = "Chromium"; | ||
#endif | ||
|
||
KeychainPassword::KeychainPassword(const AppleKeychain& keychain) | ||
@@ -64,7 +64,7 @@ | ||
UInt32 password_length = 0; | ||
void* password_data = nullptr; | ||
OSStatus error = keychain_.FindGenericPassword( | ||
- strlen(service_name), service_name, strlen(account_name), account_name, | ||
+ service_name.length(), service_name.c_str(), account_name.length(), account_name.c_str(), | ||
&password_length, &password_data, nullptr); | ||
|
||
if (error == noErr) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters