Chromium Code Reviews Chromium Code Reviews
Issue 6801020:
service,cryptohome: wire up lockbox to dbus (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2009 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Cryptohome client that uses the dbus client interface | 5 // Cryptohome client that uses the dbus client interface |
| 6 | 6 |
| 7 #include <openssl/err.h> | 7 #include <openssl/err.h> |
| 8 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
| 9 #include <openssl/rand.h> | 9 #include <openssl/rand.h> |
| 10 #include <openssl/sha.h> | 10 #include <openssl/sha.h> |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 42 "migrate_key", | 42 "migrate_key", |
| 43 "remove", | 43 "remove", |
| 44 "obfuscate_user", | 44 "obfuscate_user", |
| 45 "dump_keyset", | 45 "dump_keyset", |
| 46 "tpm_status", | 46 "tpm_status", |
| 47 "status", | 47 "status", |
| 48 "remove_tracked_subdirs", | 48 "remove_tracked_subdirs", |
| 49 "tpm_take_ownership", | 49 "tpm_take_ownership", |
| 50 "tpm_clear_stored_password", | 50 "tpm_clear_stored_password", |
| 51 "tpm_wait_ownership", | 51 "tpm_wait_ownership", |
| 52 "install_attributes_test", | |
| 52 NULL }; | 53 NULL }; |
| 53 enum ActionEnum { | 54 enum ActionEnum { |
| 54 ACTION_MOUNT, | 55 ACTION_MOUNT, |
| 55 ACTION_MOUNT_GUEST, | 56 ACTION_MOUNT_GUEST, |
| 56 ACTION_UNMOUNT, | 57 ACTION_UNMOUNT, |
| 57 ACTION_MOUNTED, | 58 ACTION_MOUNTED, |
| 58 ACTION_TEST_AUTH, | 59 ACTION_TEST_AUTH, |
| 59 ACTION_MIGRATE_KEY, | 60 ACTION_MIGRATE_KEY, |
| 60 ACTION_REMOVE, | 61 ACTION_REMOVE, |
| 61 ACTION_OBFUSCATE_USER, | 62 ACTION_OBFUSCATE_USER, |
| 62 ACTION_DUMP_KEYSET, | 63 ACTION_DUMP_KEYSET, |
| 63 ACTION_TPM_STATUS, | 64 ACTION_TPM_STATUS, |
| 64 ACTION_STATUS, | 65 ACTION_STATUS, |
| 65 ACTION_REMOVE_TRACKED_SUBDIRS, | 66 ACTION_REMOVE_TRACKED_SUBDIRS, |
| 66 ACTION_TPM_TAKE_OWNERSHIP, | 67 ACTION_TPM_TAKE_OWNERSHIP, |
| 67 ACTION_TPM_CLEAR_STORED_PASSWORD, | 68 ACTION_TPM_CLEAR_STORED_PASSWORD, |
| 68 ACTION_TPM_WAIT_OWNERSHIP }; | 69 ACTION_TPM_WAIT_OWNERSHIP, |
| 70 ACTION_INSTALL_ATTRIBUTES_TEST }; | |
|
gauravsh
2011/04/14 07:39:52
Can you make this more general instead of making t
Will Drewry
2011/04/15 01:31:49
Done.
| |
| 69 static const char kUserSwitch[] = "user"; | 71 static const char kUserSwitch[] = "user"; |
| 70 static const char kPasswordSwitch[] = "password"; | 72 static const char kPasswordSwitch[] = "password"; |
| 71 static const char kOldPasswordSwitch[] = "old_password"; | 73 static const char kOldPasswordSwitch[] = "old_password"; |
| 72 static const char kForceSwitch[] = "force"; | 74 static const char kForceSwitch[] = "force"; |
| 73 static const char kAsyncSwitch[] = "async"; | 75 static const char kAsyncSwitch[] = "async"; |
| 74 static const char kCreateSwitch[] = "create"; | 76 static const char kCreateSwitch[] = "create"; |
| 75 } // namespace switches | 77 } // namespace switches |
| 76 | 78 |
| 77 chromeos::Blob GetSystemSalt(const chromeos::dbus::Proxy& proxy) { | 79 chromeos::Blob GetSystemSalt(const chromeos::dbus::Proxy& proxy) { |
| 78 chromeos::glib::ScopedError error; | 80 chromeos::glib::ScopedError error; |
| (...skipping 494 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 573 blob.resize(serialized.tpm_public_key_hash().length()); | 575 blob.resize(serialized.tpm_public_key_hash().length()); |
| 574 serialized.tpm_public_key_hash().copy(static_cast<char*>(blob.data()), | 576 serialized.tpm_public_key_hash().copy(static_cast<char*>(blob.data()), |
| 575 serialized.tpm_key().length(), 0); | 577 serialized.tpm_key().length(), 0); |
| 576 printf(" TPM Public Key Hash:\n"); | 578 printf(" TPM Public Key Hash:\n"); |
| 577 printf(" %s\n", chromeos::AsciiEncode(blob).c_str()); | 579 printf(" %s\n", chromeos::AsciiEncode(blob).c_str()); |
| 578 } | 580 } |
| 579 if (serialized.has_password_rounds()) { | 581 if (serialized.has_password_rounds()) { |
| 580 printf(" Password rounds:\n"); | 582 printf(" Password rounds:\n"); |
| 581 printf(" %d\n", serialized.password_rounds()); | 583 printf(" %d\n", serialized.password_rounds()); |
| 582 } | 584 } |
| 583 if (serialized.has_last_activity_timestamp()) { | 585 if (serialized.has_last_activity_timestamp()) { |
|
gauravsh
2011/04/14 07:39:52
believe this is not a part of your CL, right?
Will Drewry
2011/04/15 01:31:49
Done.
| |
| 584 const base::Time last_activity = | 586 const base::Time last_activity = |
| 585 base::Time::FromInternalValue(serialized.last_activity_timestamp()); | 587 base::Time::FromInternalValue(serialized.last_activity_timestamp()); |
| 586 printf(" Last activity (days ago):\n"); | 588 printf(" Last activity (days ago):\n"); |
| 587 printf(" %d\n", (base::Time::Now() - last_activity).InDays()); | 589 printf(" %d\n", (base::Time::Now() - last_activity).InDays()); |
| 588 } | 590 } |
| 589 } else if (!strcmp(switches::kActions[switches::ACTION_TPM_STATUS], | 591 } else if (!strcmp(switches::kActions[switches::ACTION_TPM_STATUS], |
| 590 action.c_str())) { | 592 action.c_str())) { |
| 591 chromeos::glib::ScopedError error; | 593 chromeos::glib::ScopedError error; |
| 592 gboolean result = false; | 594 gboolean result = false; |
| 593 if (!org_chromium_CryptohomeInterface_tpm_is_enabled(proxy.gproxy(), | 595 if (!org_chromium_CryptohomeInterface_tpm_is_enabled(proxy.gproxy(), |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 668 } else if (!strcmp( | 670 } else if (!strcmp( |
| 669 switches::kActions[switches::ACTION_TPM_CLEAR_STORED_PASSWORD], | 671 switches::kActions[switches::ACTION_TPM_CLEAR_STORED_PASSWORD], |
| 670 action.c_str())) { | 672 action.c_str())) { |
| 671 chromeos::glib::ScopedError error; | 673 chromeos::glib::ScopedError error; |
| 672 if (!org_chromium_CryptohomeInterface_tpm_clear_stored_password( | 674 if (!org_chromium_CryptohomeInterface_tpm_clear_stored_password( |
| 673 proxy.gproxy(), | 675 proxy.gproxy(), |
| 674 &chromeos::Resetter(&error).lvalue())) { | 676 &chromeos::Resetter(&error).lvalue())) { |
| 675 printf("TpmClearStoredPassword call failed: %s.\n", error->message); | 677 printf("TpmClearStoredPassword call failed: %s.\n", error->message); |
| 676 } | 678 } |
| 677 } else if (!strcmp( | 679 } else if (!strcmp( |
| 680 switches::kActions[switches::ACTION_INSTALL_ATTRIBUTES_TEST], | |
| 681 action.c_str())) { | |
| 682 chromeos::glib::ScopedError error; | |
| 683 gboolean result; | |
| 684 if (!org_chromium_CryptohomeInterface_install_attributes_is_ready( | |
| 685 proxy.gproxy(), | |
| 686 &result, | |
| 687 &chromeos::Resetter(&error).lvalue())) { | |
| 688 printf("IsReady call failed: %s.\n", error->message); | |
| 689 } | |
| 690 if (result == FALSE) { | |
| 691 printf("Not ready.\n"); | |
| 692 return 1; | |
| 693 } | |
| 694 printf("Ready!\n"); | |
| 695 if (!org_chromium_CryptohomeInterface_install_attributes_is_first_install( | |
| 696 proxy.gproxy(), | |
| 697 &result, | |
| 698 &chromeos::Resetter(&error).lvalue())) { | |
| 699 printf("IsFirstInstall() call failed: %s.\n", error->message); | |
| 700 } | |
| 701 bool is_first_install = result; | |
| 702 printf("First Install? %d\n", result); | |
| 703 const char* kTestNameA = "Test.IsManaged"; | |
| 704 const char* kTestValueA = "TRUE"; | |
| 705 const char* kTestNameB = "Test.Foo"; | |
| 706 const char* kTestValueB = "Bar"; | |
| 707 if (is_first_install) { | |
| 708 // Set a value! | |
| 709 GArray *value = g_array_new(FALSE, FALSE, sizeof(char)); | |
| 710 g_array_append_vals(value, kTestValueA, strlen(kTestValueA)); | |
| 711 if (!org_chromium_CryptohomeInterface_install_attributes_set( | |
| 712 proxy.gproxy(), | |
| 713 kTestNameA, | |
| 714 value, | |
| 715 &result, | |
| 716 &chromeos::Resetter(&error).lvalue())) { | |
| 717 printf("Set() failed: %s.\n", error->message); | |
| 718 } | |
| 719 g_array_free(value, false); | |
| 720 printf("Set(%s,%s): %d\n", kTestNameA, kTestValueA, result); | |
| 721 // Set a value! | |
| 722 value = g_array_new(FALSE, FALSE, sizeof(char)); | |
| 723 g_array_append_vals(value, kTestValueB, strlen(kTestValueB)); | |
| 724 if (!org_chromium_CryptohomeInterface_install_attributes_set( | |
| 725 proxy.gproxy(), | |
| 726 kTestNameB, | |
| 727 value, | |
| 728 &result, | |
| 729 &chromeos::Resetter(&error).lvalue())) { | |
| 730 printf("Set() failed: %s.\n", error->message); | |
| 731 } | |
| 732 g_array_free(value, false); | |
| 733 printf("Set(%s,%s): %d\n", kTestNameB, kTestValueB, result); | |
| 734 } | |
| 735 // Grab the value and emit it. | |
| 736 // Set a value! | |
| 737 GArray *value = NULL; | |
| 738 if (!org_chromium_CryptohomeInterface_install_attributes_get( | |
| 739 proxy.gproxy(), | |
| 740 kTestNameA, | |
| 741 &value, | |
| 742 &result, | |
| 743 &chromeos::Resetter(&error).lvalue())) { | |
| 744 printf("Get() failed: %s.\n", error->message); | |
| 745 } | |
| 746 std::string value_str(value->data, value->len); | |
| 747 printf("Get(%s,%s): %d\n", kTestNameA, value_str.c_str(), result); | |
| 748 g_array_free(value, false); | |
| 749 if (!is_first_install) | |
| 750 return 0; | |
| 751 // Lock it down. | |
| 752 if (!org_chromium_CryptohomeInterface_install_attributes_finalize( | |
| 753 proxy.gproxy(), | |
| 754 &result, | |
| 755 &chromeos::Resetter(&error).lvalue())) { | |
| 756 printf("Finalize() failed: %s.\n", error->message); | |
| 757 } | |
| 758 printf("Finalize(): %d\n", result); | |
| 759 } else if (!strcmp( | |
| 678 switches::kActions[switches::ACTION_TPM_WAIT_OWNERSHIP], | 760 switches::kActions[switches::ACTION_TPM_WAIT_OWNERSHIP], |
| 679 action.c_str())) { | 761 action.c_str())) { |
| 680 TpmWaitLoop client_loop; | 762 TpmWaitLoop client_loop; |
| 681 client_loop.Initialize(proxy); | 763 client_loop.Initialize(proxy); |
| 682 gboolean result; | 764 gboolean result; |
| 683 chromeos::glib::ScopedError error; | 765 chromeos::glib::ScopedError error; |
| 684 if (!org_chromium_CryptohomeInterface_tpm_is_being_owned(proxy.gproxy(), | 766 if (!org_chromium_CryptohomeInterface_tpm_is_being_owned(proxy.gproxy(), |
| 685 &result, | 767 &result, |
| 686 &chromeos::Resetter(&error).lvalue())) { | 768 &chromeos::Resetter(&error).lvalue())) { |
| 687 printf("TpmIsBeingOwned call failed: %s.\n", error->message); | 769 printf("TpmIsBeingOwned call failed: %s.\n", error->message); |
| 688 } else { | 770 } else { |
| 689 if (result) { | 771 if (result) { |
| 690 printf("Waiting for TPM to be owned...\n"); | 772 printf("Waiting for TPM to be owned...\n"); |
| 691 client_loop.Run(); | 773 client_loop.Run(); |
| 692 } else { | 774 } else { |
| 693 printf("TPM is not currently being owned.\n"); | 775 printf("TPM is not currently being owned.\n"); |
| 694 } | 776 } |
| 695 } | 777 } |
| 696 } else { | 778 } else { |
| 697 printf("Unknown action or no action given. Available actions:\n"); | 779 printf("Unknown action or no action given. Available actions:\n"); |
| 698 for(int i = 0; /* loop forever */; i++) { | 780 for(int i = 0; /* loop forever */; i++) { |
| 699 if(!switches::kActions[i]) { | 781 if(!switches::kActions[i]) { |
| 700 break; | 782 break; |
| 701 } | 783 } |
| 702 printf(" --action=%s\n", switches::kActions[i]); | 784 printf(" --action=%s\n", switches::kActions[i]); |
| 703 } | 785 } |
| 704 } | 786 } |
| 705 return 0; | 787 return 0; |
| 706 } | 788 } |
| OLD | NEW |
