// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/importer/nss_decryptor.h" #include <string> #include <vector> #include "app/sql/connection.h" #include "app/sql/statement.h" #include "base/base64.h" #include "base/memory/scoped_ptr.h" #include "base/string_split.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" #include "webkit/glue/password_form.h" #if defined(USE_NSS) #include <pk11pub.h> #include <pk11sdr.h> #endif // defined(USE_NSS) // This method is based on some Firefox code in // security/manager/ssl/src/nsSDR.cpp // The license block is: /* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is the Netscape security libraries. * * The Initial Developer of the Original Code is * Netscape Communications Corporation. * Portions created by the Initial Developer are Copyright (C) 1994-2000 * the Initial Developer. All Rights Reserved. * * Contributor(s): * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ string16 NSSDecryptor::Decrypt(const std::string& crypt) const { // Do nothing if NSS is not loaded. if (!is_nss_initialized_) return string16(); // The old style password is encoded in base64. They are identified // by a leading '~'. Otherwise, we should decrypt the text. std::string plain; if (crypt[0] != '~') { std::string decoded_data; base::Base64Decode(crypt, &decoded_data); PK11SlotInfo* slot = GetKeySlotForDB(); SECStatus result = PK11_Authenticate(slot, PR_TRUE, NULL); if (result != SECSuccess) { FreeSlot(slot); return string16(); } SECItem request; request.data = reinterpret_cast<unsigned char*>( const_cast<char*>(decoded_data.data())); request.len = static_cast<unsigned int>(decoded_data.size()); SECItem reply; reply.data = NULL; reply.len = 0; #if defined(USE_NSS) result = PK11SDR_DecryptWithSlot(slot, &request, &reply, NULL); #else result = PK11SDR_Decrypt(&request, &reply, NULL); #endif // defined(USE_NSS) if (result == SECSuccess) plain.assign(reinterpret_cast<char*>(reply.data), reply.len); SECITEM_FreeItem(&reply, PR_FALSE); FreeSlot(slot); } else { // Deletes the leading '~' before decoding. base::Base64Decode(crypt.substr(1), &plain); } return UTF8ToUTF16(plain); } // There are three versions of password files. They store saved user // names and passwords. // References: // http://kb.mozillazine.org/Signons.txt // http://kb.mozillazine.org/Signons2.txt // http://kb.mozillazine.org/Signons3.txt void NSSDecryptor::ParseSignons(const std::string& content, std::vector<webkit_glue::PasswordForm>* forms) { forms->clear(); // Splits the file content into lines. std::vector<std::string> lines; base::SplitString(content, '\n', &lines); // The first line is the file version. We skip the unknown versions. if (lines.empty()) return; int version; if (lines[0] == "#2c") version = 1; else if (lines[0] == "#2d") version = 2; else if (lines[0] == "#2e") version = 3; else return; GURL::Replacements rep; rep.ClearQuery(); rep.ClearRef(); rep.ClearUsername(); rep.ClearPassword(); // Reads never-saved list. Domains are stored one per line. size_t i; for (i = 1; i < lines.size() && lines[i].compare(".") != 0; ++i) { webkit_glue::PasswordForm form; form.origin = GURL(lines[i]).ReplaceComponents(rep); form.signon_realm = form.origin.GetOrigin().spec(); form.blacklisted_by_user = true; forms->push_back(form); } ++i; // Reads saved passwords. The information is stored in blocks // seperated by lines that only contain a dot. We find a block // by the seperator and parse them one by one. while (i < lines.size()) { size_t begin = i; size_t end = i + 1; while (end < lines.size() && lines[end].compare(".") != 0) ++end; i = end + 1; // A block has at least five lines. if (end - begin < 5) continue; webkit_glue::PasswordForm form; // The first line is the site URL. // For HTTP authentication logins, the URL may contain http realm, // which will be in bracket: // sitename:8080 (realm) GURL url; std::string realm; const char kRealmBracketBegin[] = " ("; const char kRealmBracketEnd[] = ")"; if (lines[begin].find(kRealmBracketBegin) != std::string::npos) { // In this case, the scheme may not exsit. We assume that the // scheme is HTTP. if (lines[begin].find("://") == std::string::npos) lines[begin] = "http://" + lines[begin]; size_t start = lines[begin].find(kRealmBracketBegin); url = GURL(lines[begin].substr(0, start)); start += std::string(kRealmBracketBegin).size(); size_t end = lines[begin].rfind(kRealmBracketEnd); realm = lines[begin].substr(start, end - start); } else { // Don't have http realm. It is the URL that the following passwords // belong to. url = GURL(lines[begin]); } // Skips this block if the URL is not valid. if (!url.is_valid()) continue; form.origin = url.ReplaceComponents(rep); form.signon_realm = form.origin.GetOrigin().spec(); if (!realm.empty()) form.signon_realm += realm; form.ssl_valid = form.origin.SchemeIsSecure(); ++begin; // There may be multiple username/password pairs for this site. // In this case, they are saved in one block without a seperated // line (contains a dot). while (begin + 4 < end) { // The user name. form.username_element = UTF8ToUTF16(lines[begin++]); form.username_value = Decrypt(lines[begin++]); // The element name has a leading '*'. if (lines[begin].at(0) == '*') { form.password_element = UTF8ToUTF16(lines[begin++].substr(1)); form.password_value = Decrypt(lines[begin++]); } else { // Maybe the file is bad, we skip to next block. break; } // The action attribute from the form element. This line exists // in versin 2 or above. if (version >= 2) { if (begin < end) form.action = GURL(lines[begin]).ReplaceComponents(rep); ++begin; } // Version 3 has an extra line for further use. if (version == 3) { ++begin; } forms->push_back(form); } } } bool NSSDecryptor::ReadAndParseSignons(const FilePath& sqlite_file, std::vector<webkit_glue::PasswordForm>* forms) { sql::Connection db; if (!db.Open(sqlite_file)) return false; const char* query = "SELECT hostname FROM moz_disabledHosts"; sql::Statement s(db.GetUniqueStatement(query)); if (!s) return false; GURL::Replacements rep; rep.ClearQuery(); rep.ClearRef(); rep.ClearUsername(); rep.ClearPassword(); // Read domains for which passwords are never saved. while (s.Step()) { webkit_glue::PasswordForm form; form.origin = GURL(s.ColumnString(0)).ReplaceComponents(rep); form.signon_realm = form.origin.GetOrigin().spec(); form.blacklisted_by_user = true; forms->push_back(form); } const char* query2 = "SELECT hostname, httpRealm, formSubmitURL, " "usernameField, passwordField, encryptedUsername, " "encryptedPassword FROM moz_logins"; sql::Statement s2(db.GetUniqueStatement(query2)); if (!s2) return false; while (s2.Step()) { GURL url; std::string realm(s2.ColumnString(1)); if (!realm.empty()) { // In this case, the scheme may not exsit. Assume HTTP. std::string host(s2.ColumnString(0)); if (host.find("://") == std::string::npos) host = "http://" + host; url = GURL(host); } else { url = GURL(s2.ColumnString(0)); } // Skip this row if the URL is not valid. if (!url.is_valid()) continue; webkit_glue::PasswordForm form; form.origin = url.ReplaceComponents(rep); form.signon_realm = form.origin.GetOrigin().spec(); if (!realm.empty()) form.signon_realm += realm; form.ssl_valid = form.origin.SchemeIsSecure(); // The user name, password and action. form.username_element = s2.ColumnString16(3); form.username_value = Decrypt(s2.ColumnString(5)); form.password_element = s2.ColumnString16(4); form.password_value = Decrypt(s2.ColumnString(6)); form.action = GURL(s2.ColumnString(2)).ReplaceComponents(rep); forms->push_back(form); } return true; }