Google Git
Sign in
chromium / chromium / src / refs/heads/main / . / components / os_crypt / sync
tree: b2903fb5bc5f23112d2002a4be1462964e23f341 [path history] [tgz]
  1. BUILD.gn
  2. DEPS
  3. features.gni
  4. key_storage_config_linux.cc
  5. key_storage_config_linux.h
  6. key_storage_kwallet.cc
  7. key_storage_kwallet.h
  8. key_storage_kwallet_unittest.cc
  9. key_storage_libsecret.cc
  10. key_storage_libsecret.h
  11. key_storage_libsecret_unittest.cc
  12. key_storage_linux.cc
  13. key_storage_linux.h
  14. key_storage_linux_unittest.cc
  15. key_storage_util_linux.cc
  16. key_storage_util_linux.h
  17. key_storage_util_linux_unittest.cc
  18. keychain_password_mac.h
  19. keychain_password_mac.mm
  20. keychain_password_mac_unittest.mm
  21. kwallet_dbus.cc
  22. kwallet_dbus.h
  23. kwallet_dbus_unittest.cc
  24. libsecret_util_linux.cc
  25. libsecret_util_linux.h
  26. os_crypt.h
  27. os_crypt_linux.cc
  28. os_crypt_linux_unittest.cc
  29. os_crypt_mac.mm
  30. os_crypt_mocker.cc
  31. os_crypt_mocker.h
  32. os_crypt_mocker_linux.cc
  33. os_crypt_mocker_linux.h
  34. os_crypt_posix.cc
  35. os_crypt_switches.cc
  36. os_crypt_switches.h
  37. os_crypt_unittest.cc
  38. os_crypt_win.cc
  39. README
  40. README.md
components/os_crypt/sync/README.md

OS Crypt (Sync)

This directory contains an OSCrypt implementation that supports cryptographic primitives that allow binding data to the OS user.

os_crypt.h contains the main interface.

The interface supports both instance based and a singleton interface, most callers will use the singleton interface via convenience functions that handle obtaining the singleton and calling directly into it. Advanced usage can directly create an OSCryptImpl if needed, or access the singleton via GetInstance.

Initialization is done per-process and can is usually done by calling the platform-specific initialization function, which should take place before any calls to encrypt or decrypt data occur.

  • Linux - SetConfig
  • Windows - Init

Alternatively, OSCrypt can be initialized with a key directly by using SetRawEncryptionKey (or InitWithExistingKey - Windows only). This can also be used to initialize OSCrypt in a non-browser process using a key supplied by the browser.

The main functions are EncryptString and DecryptString. These can be called on any thread and will return a user-bound encrypted string. It is guaranteed that a string encrypted with EncryptString will be able to successfully decrypt if DecryptString is called in the same user context. The exact definition of user context is OS defined.