Implement OSCrypt for Linux.
OSCrypt for linux uses libsecret to store a randomised
encryption key.
Mentions of OSCrypt below refer to the linux version.
OSCrypt now supports a new version of encryption. If
libsecret is available, then a randomised password will be
generated, stored in libsecret and used for producing
encryption keys. The old ways of encrypting, i.e. using a
hardcoded password and using no encryption at all, are still
supported.
Data encrypted with the new version are marked with a version
prefix, "v11". That is an increment on the previous prefix,
"v10", which separated data that was encrypted with the
hardcoded password from data that were not encrypted.
To separate this new linux feature from the generic posix
implementation, a new implementation for OSCrypt was created
in os_crypt_linux.cc.
Since there is support on the way for more services in
addition to libsecret (gnome keyring, kwallet), interaction
with such services is abstracted with the KeyStorageLinux API.
The libsecret utilities that KeyStorageLinux uses
(i.e. LibsecretLoader) are also used by the PasswordManager.
Here we only actually need a subset of their features. Once
PasswordManager stops depending on them, they can be
simplified and/or hidden in the KeyStorageLibsecret
implementation.
BUG=602624
Review-Url: https://codereview.chromium.org/1973483002
Cr-Commit-Position: refs/heads/master@{#396814}
17 files changed
