Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(40)

Side by Side Diff: src/platform/cryptohome/check_cryptohome_data.sh

Issue 2051003: Initial patch from Will. (Closed) Base URL: ssh://git@chromiumos-git/chromiumos
Patch Set: Address style nits. Created 10 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 #!/bin/bash
2 # Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file.
5
6 CHLIB="$HOME/trunk/src/platform/cryptohome/lib"
7 source "$CHLIB/common"
8 source "$CHLIB/utils/declare_commands"
9 source "$CHLIB/cryptohome"
10
11 utils::declare_commands sha256sum
12
13 USERNAME="testuser@invalid.domain"
14 PASSWORDS="zero one two"
15
16 function usage {
17 $echo "Usage: $0 [-q] <image-dir>"
18 $echo
19 $echo "Verifies that the cryptohome script is able to decrypt"
20 $echo "the sample data created by init_cryptohome_data.sh."
21 $echo
22 $echo "Returns an exit code of 0 on success, nonzero otherwise."
23 $echo
24 $echo " -q Quiet mode"
25 $echo " <image-dir> Directory to store cryptohome data"
26 exit 1
27 }
28
29 QUIET=0
30 IMAGE_DIR=""
31
32 while [ ! -z "$1" ]; do
33 if [ "$1" == "-q" ]; then
34 QUIET=1; shift
35 elif [ -z "$IMAGE_DIR" ]; then
36 IMAGE_DIR="$1"; shift
37 else
38 # we only take two arguments, one of which is optional
39 usage
40 fi
41 done
42
43 if [[ -z "$IMAGE_DIR" || ${IMAGE_DIR:0:1} == "-" ]]; then
44 usage
45 fi
46
47 if [ "$QUIET" == "0" ]; then
48 info=$echo
49 else
50 function no_echo {
51 echo -n
52 }
53
54 info="no_echo"
55 fi
56
57 SYSTEM_SALT_FILE="$IMAGE_DIR/salt"
58
59 USERID=$(cat "$SYSTEM_SALT_FILE" <($echo -n $USERNAME) \
60 | $openssl sha1)
61
62 $info "USERNAME: $USERNAME"
63 $info "USERID: $USERID"
64
65 RESULT=0
66 INDEX=0
67 for PASSWORD in $PASSWORDS; do
68 HASHED_PASSWORD=$(cat <(echo -n $($xxd -p "$SYSTEM_SALT_FILE")) \
69 <($echo -n "$PASSWORD") | $sha256sum | $head -c 32)
70
71 $info "Checking master.$INDEX..."
72 $info "PASSWORD: $PASSWORD"
73 $info "HASHED_PASSWORD: $HASHED_PASSWORD"
74
75 WRAPPER=$(cryptohome::password_to_wrapper "$HASHED_PASSWORD" \
76 "$IMAGE_DIR/$USERID/master.$INDEX.salt")
77
78 $info "WRAPPER: $WRAPPER"
79
80 # uncomment if you want to see the computed salt, key, and iv
81 # $openssl aes-256-ecb \
82 # -in "$IMAGE_DIR/$USERID/master.$INDEX" \
83 # -kfile <($echo -n "$WRAPPER") -md sha1 -d -P
84
85 PLAINTEXT=$(cryptohome::unwrap_master_key "$HASHED_PASSWORD" "$USERID" \
86 "$IMAGE_DIR/$USERID/master.$INDEX")
87
88 EXIT=$?
89
90 if [ $EXIT != 0 ]; then
91 RESULT=$EXIT
92 fi
93
94 if [ $QUIET == 0 ]; then
95 $info "MASTER_KEY:"
96 $xxd <(echo -n "$PLAINTEXT")
97 fi
98
99 INDEX=$(($INDEX + 1))
100 done
101
102 if [ $RESULT != 0 ]; then
103 $info "*** At least one decrypt failed!"
104 fi
105
106 exit $RESULT
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698