Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(942)

Unified Diff: src/platform/cryptohome/init_cryptohome_data.sh

Issue 2051003: Initial patch from Will. (Closed) Base URL: ssh://git@chromiumos-git/chromiumos
Patch Set: Address style nits. Created 10 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: src/platform/cryptohome/init_cryptohome_data.sh
diff --git a/src/platform/cryptohome/init_cryptohome_data.sh b/src/platform/cryptohome/init_cryptohome_data.sh
index e7d69135888c8fa1e0bb3b64e05d4efd7fe90b58..3a9a16d292ff815686422051bec56748c372b09c 100755
--- a/src/platform/cryptohome/init_cryptohome_data.sh
+++ b/src/platform/cryptohome/init_cryptohome_data.sh
@@ -20,7 +20,6 @@ function dmsetup { exit 255; }
CH_LIB="./lib"
source "$CH_LIB/common"
source "$CH_LIB/utils/declare_commands"
-source "$CH_LIB/cryptohome"
utils::declare_commands sha256sum
@@ -90,26 +89,61 @@ USERID=$($cat "$SYSTEM_SALT_FILE" <($echo -n $USERNAME) \
$info "USERNAME: $USERNAME"
$info "USERID: $USERID"
+$mkdir -p "$IMAGE_DIR/skel/sub_path"
+echo -n "testfile" > "$IMAGE_DIR/skel/sub_path/.testfile"
+
$mkdir -p "$IMAGE_DIR/$USERID"
$info "Creating master keys..."
INDEX=0
for PASSWORD in $PASSWORDS; do
- HASHED_PASSWORD=$(cat <($echo -n $($xxd -p "$SYSTEM_SALT_FILE")) \
- <($echo -n "$PASSWORD") | $sha256sum | $head -c 32)
-
$info "PASSWORD: $PASSWORD"
- $info "HASHED_PASSWORD: $HASHED_PASSWORD"
- MASTER_KEY=$(cryptohome::create_master_key "$HASHED_PASSWORD" "$USERID" \
- "$IMAGE_DIR/$USERID/master.$INDEX")
+ ASCII_SALT=$(cat "$SYSTEM_SALT_FILE" | xxd -p)
+
+ echo -n "${ASCII_SALT}${PASSWORD}" | sha256sum | head -c 32 \
+ > "$IMAGE_DIR/$USERID/pwhash.$INDEX"
+
+ READABLE=$(cat "$IMAGE_DIR/$USERID/pwhash.$INDEX")
+ $info "HASHED_PASSWORD: $READABLE"
+
+ openssl rand -rand /dev/urandom \
+ -out "$IMAGE_DIR/$USERID/master.$INDEX.salt" 16
+
+ READABLE=$(cat "$IMAGE_DIR/$USERID/master.$INDEX.salt" |xxd -p)
+ $info "SALT: $READABLE"
+
+ cat "$IMAGE_DIR/$USERID/pwhash.$INDEX" \
+ | cat "$IMAGE_DIR/$USERID/master.$INDEX.salt" - \
+ | openssl sha1 > "$IMAGE_DIR/$USERID/pwwrapper.$INDEX"
+
+ READABLE=$(cat "$IMAGE_DIR/$USERID/pwwrapper.$INDEX")
+ $info "WRAPPER: $READABLE"
+
+ openssl rand -rand /dev/urandom \
+ -out "$IMAGE_DIR/$USERID/rawkey.$INDEX" 160
+
+ echo -n -e 'ch\0001\0001' | cat "$IMAGE_DIR/$USERID/rawkey.$INDEX" - \
+ > "$IMAGE_DIR/$USERID/keyvault.$INDEX"
+
+ cat "$IMAGE_DIR/$USERID/pwwrapper.$INDEX" | openssl aes-256-ecb \
+ -p \
+ -in "$IMAGE_DIR/$USERID/keyvault.$INDEX" \
+ -out "$IMAGE_DIR/$USERID/master.$INDEX" \
+ -pass fd:0 -md sha1 -e
+
+ rm -f "$IMAGE_DIR/$USERID/pwhash.$INDEX"
+ rm -f "$IMAGE_DIR/$USERID/pwwrapper.$INDEX"
+ rm -f "$IMAGE_DIR/$USERID/rawkey.$INDEX"
+ rm -f "$IMAGE_DIR/$USERID/keyvault.$INDEX"
EXIT=$?
if [ $EXIT != 0 ]; then
exit $EXIT
fi
- $info "MASTER_KEY: $MASTER_KEY"
+ READABLE=$(cat "$IMAGE_DIR/$USERID/master.$INDEX" |xxd -p)
+ $info "MASTER_KEY: $READABLE"
INDEX=$(($INDEX + 1))
done

Powered by Google App Engine
This is Rietveld 408576698