[OSCrypt] Add utility tool which is used to check if an encryption key was created in the past

This CL includes:
- Add build rule +components/prefs to os_crypt component.
- Add a preference key creation.
- Implement utility tool to get/set the preference.

Bug: 791541
Change-Id: I50835a6edeb62aaef28566d08162accf7789c8eb
Reviewed-on: https://chromium-review.googlesource.com/1183361Reviewed-by: Dominic Battré <battre@chromium.org>
Reviewed-by: Christos Froussios <cfroussios@chromium.org>
Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org>
Commit-Queue: Tonko Sabolčec <tsabolcec@google.com>
Cr-Commit-Position: refs/heads/master@{#585760}

components/os_crypt/BUILD.gn

@@ -34,10 +34,14 @@ component("os_crypt") {
   sources = [
     "ie7_password_win.cc",
     "ie7_password_win.h",
+    "key_creation_util_mac.cc",
+    "key_creation_util_mac.h",
     "keychain_password_mac.h",
     "keychain_password_mac.mm",
     "os_crypt.h",
     "os_crypt_mac.mm",
+    "os_crypt_pref_names_mac.cc",
+    "os_crypt_pref_names_mac.h",
     "os_crypt_switches.cc",
     "os_crypt_switches.h",
     "os_crypt_win.cc",
@@ -45,6 +49,7 @@ component("os_crypt") {
 
   deps = [
     "//base",
+    "//components/prefs",
     "//crypto",
 
     # TODO(tfarina): Remove this dep when http://crbug.com/363749 is fixed.

components/os_crypt/DEPS

 include_rules = [
+  "+components/prefs",
   "+crypto",
   "+dbus",
 ]

components/os_crypt/key_creation_util_mac.cc

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/os_crypt/key_creation_util_mac.h"
+
+#include "base/bind.h"
+#include "base/single_thread_task_runner.h"
+#include "components/os_crypt/os_crypt_pref_names_mac.h"
+#include "components/prefs/pref_service.h"
+
+namespace os_crypt {
+
+KeyCreationUtilMac::KeyCreationUtilMac(
+    PrefService* local_state,
+    scoped_refptr<base::SingleThreadTaskRunner> main_thread_task_runner)
+    : local_state_(local_state),
+      main_thread_task_runner_(main_thread_task_runner),
+      key_already_created_(local_state_->GetBoolean(prefs::kKeyCreated)) {}
+
+KeyCreationUtilMac::~KeyCreationUtilMac() = default;
+
+void KeyCreationUtilMac::OnKeyWasStored() {
+  if (key_already_created_)
+    return;
+  key_already_created_ = true;
+  main_thread_task_runner_->PostTask(
+      FROM_HERE, base::BindOnce(
+                     [](PrefService* local_state) {
+                       local_state->SetBoolean(prefs::kKeyCreated, true);
+                     },
+                     local_state_));
+}
+
+}  // namespace os_crypt

components/os_crypt/key_creation_util_mac.h

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_OS_CRYPT_KEY_CREATION_UTIL_MAC_H_
+#define COMPONENTS_OS_CRYPT_KEY_CREATION_UTIL_MAC_H_
+
+#include "base/memory/scoped_refptr.h"
+
+class PrefService;
+
+namespace base {
+class SingleThreadTaskRunner;
+}  // namespace base
+
+namespace os_crypt {
+
+// A utility class which provides a method to check whether the encryption key
+// should be available in the Keychain (meaning it was created in the past).
+class KeyCreationUtilMac {
+ public:
+  // This class has to be initialized on the main UI thread since it uses
+  // the local state.
+  KeyCreationUtilMac(
+      PrefService* local_state,
+      scoped_refptr<base::SingleThreadTaskRunner> main_thread_task_runner);
+  ~KeyCreationUtilMac();
+
+  // This method doesn't need to be called on the main thread.
+  bool key_already_created() { return key_already_created_; }
+
+  // This asynchronously updates the preference on the main thread that the key
+  // was created. This method is called when key is added to the Keychain, or
+  // the first time the key is successfully retrieved from the Keychain and the
+  // preference hasn't been set yet. This method doesn't need to be called on
+  // the main thread.
+  void OnKeyWasStored();
+
+ private:
+  PrefService* local_state_;
+  scoped_refptr<base::SingleThreadTaskRunner> main_thread_task_runner_;
+  volatile bool key_already_created_;
+};
+
+}  // namespace os_crypt
+
+#endif  // COMPONENTS_OS_CRYPT_KEY_CREATION_UTIL_MAC_H_

components/os_crypt/os_crypt_pref_names_mac.cc

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/os_crypt/os_crypt_pref_names_mac.h"
+
+namespace os_crypt {
+namespace prefs {
+
+const char kKeyCreated[] = "os_crypt.key_created";
+
+}  // namespace prefs
+}  // namespace os_crypt

components/os_crypt/os_crypt_pref_names_mac.h

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_OS_CRYPT_OS_CRYPT_PREF_NAMES_MAC_H_
+#define COMPONENTS_OS_CRYPT_OS_CRYPT_PREF_NAMES_MAC_H_
+
+#include "build/build_config.h"
+
+namespace os_crypt {
+namespace prefs {
+
+// The boolean which indicates the existence of the encryption key in the
+// Keychain.
+// Sometimes when the Keychain seems to be available, it may happen that Chrome
+// fails to retrieve the key from the Keychain, which causes Chrome to overwrite
+// the old key with a newly generated key. Overwriting the encryption key can
+// cause various problems, so there should be another mechanism to make sure
+// that the key is not overwritten. This flag should be set to true once the
+// encryption key is generated or successfully retrieved. If this flag is set to
+// true and Chrome couldn't get the encryption key from the Keychain, encryption
+// should be temporarily unavailable instead of generating a new key.
+extern const char kKeyCreated[];
+
+}  // namespace prefs
+}  // namespace os_crypt
+
+#endif  // COMPONENTS_OS_CRYPT_OS_CRYPT_PREF_NAMES_MAC_H_