Google Git
Sign in
chromium / chromium / src.git / 5bb3b4684b7531e852b7d3faeaef9bd0fb8d3d39^! / . / components / os_crypt / encryption_key_creation_util.h
commit5bb3b4684b7531e852b7d3faeaef9bd0fb8d3d39[log] [tgz]
authorVasilii Sukhanov <[email protected]>Tue Dec 04 12:00:04 2018
committerCommit Bot <[email protected]>Tue Dec 04 12:00:04 2018
treeb7f27b286fe57946da1473739794cfe3cea1dde9
parentecd91717488546b0213a4540f5c6afb2d4939d3b [diff] [blame]
Add additional metrics in case the encryption key isn't found in the Keychain.

- record an error code from SecKeychainFindGenericPassword.
- record result of the second lookup for the case when the encryption key isn't found but had been created.
It may be useful because the second call doesn't actually try to get the password value.

Bug: 791541
Change-Id: I3501c32fcb9b3c4e2719601ff6ea2393516dea41
Reviewed-on: https://chromium-review.googlesource.com/c/1355187
Reviewed-by: Christos Froussios <[email protected]>
Reviewed-by: Ilya Sherman <[email protected]>
Commit-Queue: Vasilii Sukhanov <[email protected]>
Cr-Commit-Position: refs/heads/master@{#613514}
diff --git a/components/os_crypt/encryption_key_creation_util.h b/components/os_crypt/encryption_key_creation_util.h
index 53e38fb48..e171ab3 100644
--- a/components/os_crypt/encryption_key_creation_util.h
+++ b/components/os_crypt/encryption_key_creation_util.h

@@ -7,6 +7,10 @@
 
 #include "base/component_export.h"
 
+namespace crypto {
+class AppleKeychain;
+}
+
 namespace os_crypt {
 
 // An interface for the utility that logs statistics on the encryption key on
@@ -38,6 +42,16 @@
     kMaxValue = kNewKeyAddError,
   };
 
+  // Result of FindGenericPassword. This enum is used for reporting metrics.
+  // These values are persisted to logs. Entries should not be renumbered and
+  // numeric values should never be reused.
+  enum class FindPasswordResult {
+    kOtherError = 0,
+    kFound = 1,
+    kNotFound = 2,
+    kMaxValue = kNotFound,
+  };
+
   virtual ~EncryptionKeyCreationUtil() = default;
 
   // This method is called when the encryption key is successfully retrieved
@@ -46,15 +60,19 @@
   // created. This method doesn't need to be called on the main thread.
   virtual void OnKeyWasFound() = 0;
 
+  // Called when the encryption key was not in the Keychain just before a new
+  // key is stored. This method doesn't need to be called on the main thread.
+  virtual void OnKeyNotFound(const crypto::AppleKeychain& keychain) = 0;
+
   // Called when the encryption key was not in the Keychain. |new_key_stored|
   // is true iff a new key was stored successfully. This method doesn't need to
   // be called on the main thread.
-  virtual void OnKeyNotFound(bool new_key_stored) = 0;
+  virtual void OnKeyStored(bool new_key_stored) = 0;
 
   // This method is called when the Keychain returns error other than
   // errSecItemNotFound (e.g., user is not authorized to use Keychain, or
   // Keychain is unavailable for some other reasons).
-  virtual void OnKeychainLookupFailed() = 0;
+  virtual void OnKeychainLookupFailed(int error) = 0;
 };
 
 }  // namespace os_crypt