src/platform/cryptohome/init_cryptohome_data.sh - Issue 2051003: Initial patch from Will.

Unified Diff: src/platform/cryptohome/init_cryptohome_data.sh

Issue 2051003: Initial patch from Will. (Closed) Base URL: ssh://git@chromiumos-git/chromiumos

Patch Set: Address style nits. Created 10 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« src/platform/cryptohome/cryptohome_common.h ('K') | « src/platform/cryptohome/example_client.cc ('k') | src/platform/cryptohome/interface.h » ('j') | src/platform/cryptohome/mount.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: src/platform/cryptohome/init_cryptohome_data.sh

diff --git a/src/platform/cryptohome/init_cryptohome_data.sh b/src/platform/cryptohome/init_cryptohome_data.sh

index e7d69135888c8fa1e0bb3b64e05d4efd7fe90b58..3a9a16d292ff815686422051bec56748c372b09c 100755

--- a/src/platform/cryptohome/init_cryptohome_data.sh

+++ b/src/platform/cryptohome/init_cryptohome_data.sh

@@ -20,7 +20,6 @@ function dmsetup { exit 255; }

CH_LIB="./lib"

source "$CH_LIB/common"

source "$CH_LIB/utils/declare_commands"

-source "$CH_LIB/cryptohome"

utils::declare_commands sha256sum

@@ -90,26 +89,61 @@ USERID=$($cat "$SYSTEM_SALT_FILE" <($echo -n $USERNAME) \

$info "USERNAME: $USERNAME"

$info "USERID: $USERID"

+$mkdir -p "$IMAGE_DIR/skel/sub_path"

+echo -n "testfile" > "$IMAGE_DIR/skel/sub_path/.testfile"

$mkdir -p "$IMAGE_DIR/$USERID"

$info "Creating master keys..."

INDEX=0

for PASSWORD in $PASSWORDS; do

- HASHED_PASSWORD=$(cat <($echo -n $($xxd -p "$SYSTEM_SALT_FILE")) \

- <($echo -n "$PASSWORD") | $sha256sum | $head -c 32)

$info "PASSWORD: $PASSWORD"

- $info "HASHED_PASSWORD: $HASHED_PASSWORD"

- MASTER_KEY=$(cryptohome::create_master_key "$HASHED_PASSWORD" "$USERID" \

- "$IMAGE_DIR/$USERID/master.$INDEX")

+ ASCII_SALT=$(cat "$SYSTEM_SALT_FILE" | xxd -p)

+ echo -n "${ASCII_SALT}${PASSWORD}" | sha256sum | head -c 32 \

+ > "$IMAGE_DIR/$USERID/pwhash.$INDEX"

+ READABLE=$(cat "$IMAGE_DIR/$USERID/pwhash.$INDEX")

+ $info "HASHED_PASSWORD: $READABLE"

+ openssl rand -rand /dev/urandom \

+ -out "$IMAGE_DIR/$USERID/master.$INDEX.salt" 16

+ READABLE=$(cat "$IMAGE_DIR/$USERID/master.$INDEX.salt" |xxd -p)

+ $info "SALT: $READABLE"

+ cat "$IMAGE_DIR/$USERID/pwhash.$INDEX" \

+ | cat "$IMAGE_DIR/$USERID/master.$INDEX.salt" - \

+ | openssl sha1 > "$IMAGE_DIR/$USERID/pwwrapper.$INDEX"

+ READABLE=$(cat "$IMAGE_DIR/$USERID/pwwrapper.$INDEX")

+ $info "WRAPPER: $READABLE"

+ openssl rand -rand /dev/urandom \

+ -out "$IMAGE_DIR/$USERID/rawkey.$INDEX" 160

+ echo -n -e 'ch\0001\0001' | cat "$IMAGE_DIR/$USERID/rawkey.$INDEX" - \

+ > "$IMAGE_DIR/$USERID/keyvault.$INDEX"

+ cat "$IMAGE_DIR/$USERID/pwwrapper.$INDEX" | openssl aes-256-ecb \

+ -p \

+ -in "$IMAGE_DIR/$USERID/keyvault.$INDEX" \

+ -out "$IMAGE_DIR/$USERID/master.$INDEX" \

+ -pass fd:0 -md sha1 -e

+ rm -f "$IMAGE_DIR/$USERID/pwhash.$INDEX"

+ rm -f "$IMAGE_DIR/$USERID/pwwrapper.$INDEX"

+ rm -f "$IMAGE_DIR/$USERID/rawkey.$INDEX"

+ rm -f "$IMAGE_DIR/$USERID/keyvault.$INDEX"

EXIT=$?

if [ $EXIT != 0 ]; then

exit $EXIT

- $info "MASTER_KEY: $MASTER_KEY"

+ READABLE=$(cat "$IMAGE_DIR/$USERID/master.$INDEX" |xxd -p)

+ $info "MASTER_KEY: $READABLE"

INDEX=$(($INDEX + 1))

done

« src/platform/cryptohome/cryptohome_common.h ('K') | « src/platform/cryptohome/example_client.cc ('k') | src/platform/cryptohome/interface.h » ('j') | src/platform/cryptohome/mount.cc » ('J')