| OLD | NEW |
|---|
| (Empty) |
| 1 #!/bin/bash | |
| 2 # Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. | |
| 3 # Use of this source code is governed by a BSD-style license that can be | |
| 4 # found in the LICENSE file. | |
| 5 | |
| 6 CHLIB="$HOME/trunk/src/platform/cryptohome/lib" | |
| 7 source "$CHLIB/common" | |
| 8 source "$CHLIB/utils/declare_commands" | |
| 9 source "$CHLIB/cryptohome" | |
| 10 | |
| 11 utils::declare_commands sha256sum | |
| 12 | |
| 13 USERNAME="testuser@invalid.domain" | |
| 14 PASSWORDS="zero one two" | |
| 15 | |
| 16 function usage { | |
| 17 $echo "Usage: $0 [-q] <image-dir>" | |
| 18 $echo | |
| 19 $echo "Verifies that the cryptohome script is able to decrypt" | |
| 20 $echo "the sample data created by init_cryptohome_data.sh." | |
| 21 $echo | |
| 22 $echo "Returns an exit code of 0 on success, nonzero otherwise." | |
| 23 $echo | |
| 24 $echo " -q Quiet mode" | |
| 25 $echo " <image-dir> Directory to store cryptohome data" | |
| 26 exit 1 | |
| 27 } | |
| 28 | |
| 29 QUIET=0 | |
| 30 IMAGE_DIR="" | |
| 31 | |
| 32 while [ ! -z "$1" ]; do | |
| 33 if [ "$1" == "-q" ]; then | |
| 34 QUIET=1; shift | |
| 35 elif [ -z "$IMAGE_DIR" ]; then | |
| 36 IMAGE_DIR="$1"; shift | |
| 37 else | |
| 38 # we only take two arguments, one of which is optional | |
| 39 usage | |
| 40 fi | |
| 41 done | |
| 42 | |
| 43 if [[ -z "$IMAGE_DIR" || ${IMAGE_DIR:0:1} == "-" ]]; then | |
| 44 usage | |
| 45 fi | |
| 46 | |
| 47 if [ "$QUIET" == "0" ]; then | |
| 48 info=$echo | |
| 49 else | |
| 50 function no_echo { | |
| 51 echo -n | |
| 52 } | |
| 53 | |
| 54 info="no_echo" | |
| 55 fi | |
| 56 | |
| 57 SYSTEM_SALT_FILE="$IMAGE_DIR/salt" | |
| 58 | |
| 59 USERID=$(cat "$SYSTEM_SALT_FILE" <($echo -n $USERNAME) \ | |
| 60 | $openssl sha1) | |
| 61 | |
| 62 $info "USERNAME: $USERNAME" | |
| 63 $info "USERID: $USERID" | |
| 64 | |
| 65 RESULT=0 | |
| 66 INDEX=0 | |
| 67 for PASSWORD in $PASSWORDS; do | |
| 68 HASHED_PASSWORD=$(cat <(echo -n $($xxd -p "$SYSTEM_SALT_FILE")) \ | |
| 69 <($echo -n "$PASSWORD") | $sha256sum | $head -c 32) | |
| 70 | |
| 71 $info "Checking master.$INDEX..." | |
| 72 $info "PASSWORD: $PASSWORD" | |
| 73 $info "HASHED_PASSWORD: $HASHED_PASSWORD" | |
| 74 | |
| 75 WRAPPER=$(cryptohome::password_to_wrapper "$HASHED_PASSWORD" \ | |
| 76 "$IMAGE_DIR/$USERID/master.$INDEX.salt") | |
| 77 | |
| 78 $info "WRAPPER: $WRAPPER" | |
| 79 | |
| 80 # uncomment if you want to see the computed salt, key, and iv | |
| 81 # $openssl aes-256-ecb \ | |
| 82 # -in "$IMAGE_DIR/$USERID/master.$INDEX" \ | |
| 83 # -kfile <($echo -n "$WRAPPER") -md sha1 -d -P | |
| 84 | |
| 85 PLAINTEXT=$(cryptohome::unwrap_master_key "$HASHED_PASSWORD" "$USERID" \ | |
| 86 "$IMAGE_DIR/$USERID/master.$INDEX") | |
| 87 | |
| 88 EXIT=$? | |
| 89 | |
| 90 if [ $EXIT != 0 ]; then | |
| 91 RESULT=$EXIT | |
| 92 fi | |
| 93 | |
| 94 if [ $QUIET == 0 ]; then | |
| 95 $info "MASTER_KEY:" | |
| 96 $xxd <(echo -n "$PLAINTEXT") | |
| 97 fi | |
| 98 | |
| 99 INDEX=$(($INDEX + 1)) | |
| 100 done | |
| 101 | |
| 102 if [ $RESULT != 0 ]; then | |
| 103 $info "*** At least one decrypt failed!" | |
| 104 fi | |
| 105 | |
| 106 exit $RESULT | |
| OLD | NEW |
|---|
Chromium Code Reviews
