| OLD | NEW |
|---|
| 1 // Copyright (c) 2009 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Cryptohome client that uses the dbus client interface | 5 // Cryptohome client that uses the dbus client interface |
| 6 | 6 |
| 7 #include <openssl/err.h> | 7 #include <openssl/err.h> |
| 8 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
| 9 #include <openssl/rand.h> | 9 #include <openssl/rand.h> |
| 10 #include <openssl/sha.h> | 10 #include <openssl/sha.h> |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 "migrate_key", | 42 "migrate_key", |
| 43 "remove", | 43 "remove", |
| 44 "obfuscate_user", | 44 "obfuscate_user", |
| 45 "dump_keyset", | 45 "dump_keyset", |
| 46 "tpm_status", | 46 "tpm_status", |
| 47 "status", | 47 "status", |
| 48 "remove_tracked_subdirs", | 48 "remove_tracked_subdirs", |
| 49 "tpm_take_ownership", | 49 "tpm_take_ownership", |
| 50 "tpm_clear_stored_password", | 50 "tpm_clear_stored_password", |
| 51 "tpm_wait_ownership", | 51 "tpm_wait_ownership", |
| 52 "install_attributes_set", |
| 53 "install_attributes_get", |
| 54 "install_attributes_finalize", |
| 52 NULL }; | 55 NULL }; |
| 53 enum ActionEnum { | 56 enum ActionEnum { |
| 54 ACTION_MOUNT, | 57 ACTION_MOUNT, |
| 55 ACTION_MOUNT_GUEST, | 58 ACTION_MOUNT_GUEST, |
| 56 ACTION_UNMOUNT, | 59 ACTION_UNMOUNT, |
| 57 ACTION_MOUNTED, | 60 ACTION_MOUNTED, |
| 58 ACTION_TEST_AUTH, | 61 ACTION_TEST_AUTH, |
| 59 ACTION_MIGRATE_KEY, | 62 ACTION_MIGRATE_KEY, |
| 60 ACTION_REMOVE, | 63 ACTION_REMOVE, |
| 61 ACTION_OBFUSCATE_USER, | 64 ACTION_OBFUSCATE_USER, |
| 62 ACTION_DUMP_KEYSET, | 65 ACTION_DUMP_KEYSET, |
| 63 ACTION_TPM_STATUS, | 66 ACTION_TPM_STATUS, |
| 64 ACTION_STATUS, | 67 ACTION_STATUS, |
| 65 ACTION_REMOVE_TRACKED_SUBDIRS, | 68 ACTION_REMOVE_TRACKED_SUBDIRS, |
| 66 ACTION_TPM_TAKE_OWNERSHIP, | 69 ACTION_TPM_TAKE_OWNERSHIP, |
| 67 ACTION_TPM_CLEAR_STORED_PASSWORD, | 70 ACTION_TPM_CLEAR_STORED_PASSWORD, |
| 68 ACTION_TPM_WAIT_OWNERSHIP }; | 71 ACTION_TPM_WAIT_OWNERSHIP, |
| 72 ACTION_INSTALL_ATTRIBUTES_SET, |
| 73 ACTION_INSTALL_ATTRIBUTES_GET, |
| 74 ACTION_INSTALL_ATTRIBUTES_FINALIZE }; |
| 69 static const char kUserSwitch[] = "user"; | 75 static const char kUserSwitch[] = "user"; |
| 70 static const char kPasswordSwitch[] = "password"; | 76 static const char kPasswordSwitch[] = "password"; |
| 71 static const char kOldPasswordSwitch[] = "old_password"; | 77 static const char kOldPasswordSwitch[] = "old_password"; |
| 72 static const char kForceSwitch[] = "force"; | 78 static const char kForceSwitch[] = "force"; |
| 73 static const char kAsyncSwitch[] = "async"; | 79 static const char kAsyncSwitch[] = "async"; |
| 74 static const char kCreateSwitch[] = "create"; | 80 static const char kCreateSwitch[] = "create"; |
| 81 static const char kAttrNameSwitch[] = "name"; |
| 82 static const char kAttrValueSwitch[] = "value"; |
| 75 } // namespace switches | 83 } // namespace switches |
| 76 | 84 |
| 77 chromeos::Blob GetSystemSalt(const chromeos::dbus::Proxy& proxy) { | 85 chromeos::Blob GetSystemSalt(const chromeos::dbus::Proxy& proxy) { |
| 78 chromeos::glib::ScopedError error; | 86 chromeos::glib::ScopedError error; |
| 79 GArray* salt; | 87 GArray* salt; |
| 80 if (!org_chromium_CryptohomeInterface_get_system_salt(proxy.gproxy(), | 88 if (!org_chromium_CryptohomeInterface_get_system_salt(proxy.gproxy(), |
| 81 &salt, | 89 &salt, |
| 82 &chromeos::Resetter(&error).lvalue())) { | 90 &chromeos::Resetter(&error).lvalue())) { |
| 83 LOG(ERROR) << "GetSystemSalt failed: " << error->message; | 91 LOG(ERROR) << "GetSystemSalt failed: " << error->message; |
| 84 return chromeos::Blob(); | 92 return chromeos::Blob(); |
| 85 } | 93 } |
| 86 | 94 |
| 87 chromeos::Blob system_salt; | 95 chromeos::Blob system_salt; |
| 88 system_salt.resize(salt->len); | 96 system_salt.resize(salt->len); |
| 89 if(system_salt.size() == salt->len) { | 97 if(system_salt.size() == salt->len) { |
| 90 memcpy(&system_salt[0], static_cast<const void*>(salt->data), salt->len); | 98 memcpy(&system_salt[0], static_cast<const void*>(salt->data), salt->len); |
| 91 } else { | 99 } else { |
| 92 system_salt.clear(); | 100 system_salt.clear(); |
| 93 } | 101 } |
| 94 g_array_free(salt, false); | 102 g_array_free(salt, false); |
| 95 return system_salt; | 103 return system_salt; |
| 96 } | 104 } |
| 97 | 105 |
| 106 bool GetAttrName(const CommandLine* cl, std::string* name_out) { |
| 107 *name_out = cl->GetSwitchValueASCII(switches::kAttrNameSwitch); |
| 108 |
| 109 if (name_out->length() == 0) { |
| 110 printf("No install attribute name specified (--name=<name>)\n"); |
| 111 return false; |
| 112 } |
| 113 return true; |
| 114 } |
| 115 |
| 116 bool GetAttrValue(const CommandLine* cl, std::string* value_out) { |
| 117 *value_out = cl->GetSwitchValueASCII(switches::kAttrValueSwitch); |
| 118 |
| 119 if (value_out->length() == 0) { |
| 120 printf("No install attribute value specified (--value=<value>)\n"); |
| 121 return false; |
| 122 } |
| 123 return true; |
| 124 } |
| 125 |
| 98 bool GetUsername(const CommandLine* cl, std::string* user_out) { | 126 bool GetUsername(const CommandLine* cl, std::string* user_out) { |
| 99 *user_out = cl->GetSwitchValueASCII(switches::kUserSwitch); | 127 *user_out = cl->GetSwitchValueASCII(switches::kUserSwitch); |
| 100 | 128 |
| 101 if(user_out->length() == 0) { | 129 if(user_out->length() == 0) { |
| 102 printf("No user specified (--user=<user>)\n"); | 130 printf("No user specified (--user=<user>)\n"); |
| 103 return false; | 131 return false; |
| 104 } | 132 } |
| 105 return true; | 133 return true; |
| 106 } | 134 } |
| 107 | 135 |
| (...skipping 560 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 668 } else if (!strcmp( | 696 } else if (!strcmp( |
| 669 switches::kActions[switches::ACTION_TPM_CLEAR_STORED_PASSWORD], | 697 switches::kActions[switches::ACTION_TPM_CLEAR_STORED_PASSWORD], |
| 670 action.c_str())) { | 698 action.c_str())) { |
| 671 chromeos::glib::ScopedError error; | 699 chromeos::glib::ScopedError error; |
| 672 if (!org_chromium_CryptohomeInterface_tpm_clear_stored_password( | 700 if (!org_chromium_CryptohomeInterface_tpm_clear_stored_password( |
| 673 proxy.gproxy(), | 701 proxy.gproxy(), |
| 674 &chromeos::Resetter(&error).lvalue())) { | 702 &chromeos::Resetter(&error).lvalue())) { |
| 675 printf("TpmClearStoredPassword call failed: %s.\n", error->message); | 703 printf("TpmClearStoredPassword call failed: %s.\n", error->message); |
| 676 } | 704 } |
| 677 } else if (!strcmp( | 705 } else if (!strcmp( |
| 706 switches::kActions[switches::ACTION_INSTALL_ATTRIBUTES_GET], |
| 707 action.c_str())) { |
| 708 std::string name; |
| 709 if (!GetAttrName(cl, &name)) { |
| 710 printf("No attribute name specified.\n"); |
| 711 return 1; |
| 712 } |
| 713 |
| 714 chromeos::glib::ScopedError error; |
| 715 gboolean result; |
| 716 if (!org_chromium_CryptohomeInterface_install_attributes_is_ready( |
| 717 proxy.gproxy(), |
| 718 &result, |
| 719 &chromeos::Resetter(&error).lvalue())) { |
| 720 printf("IsReady call failed: %s.\n", error->message); |
| 721 } |
| 722 if (result == FALSE) { |
| 723 printf("InstallAttributes() is not ready.\n"); |
| 724 return 1; |
| 725 } |
| 726 |
| 727 GArray *value = NULL; |
| 728 if (!org_chromium_CryptohomeInterface_install_attributes_get( |
| 729 proxy.gproxy(), |
| 730 name.c_str(), |
| 731 &value, |
| 732 &result, |
| 733 &chromeos::Resetter(&error).lvalue())) { |
| 734 printf("Get() failed: %s.\n", error->message); |
| 735 } |
| 736 std::string value_str(value->data, value->len); |
| 737 if (result == TRUE) { |
| 738 printf("%s\n", value_str.c_str()); |
| 739 } else { |
| 740 return 1; |
| 741 } |
| 742 g_array_free(value, false); |
| 743 } else if (!strcmp( |
| 744 switches::kActions[switches::ACTION_INSTALL_ATTRIBUTES_SET], |
| 745 action.c_str())) { |
| 746 std::string name; |
| 747 if (!GetAttrName(cl, &name)) { |
| 748 printf("No attribute name specified.\n"); |
| 749 return 1; |
| 750 } |
| 751 std::string value; |
| 752 if (!GetAttrValue(cl, &value)) { |
| 753 printf("No attribute value specified.\n"); |
| 754 return 1; |
| 755 } |
| 756 |
| 757 chromeos::glib::ScopedError error; |
| 758 gboolean result; |
| 759 if (!org_chromium_CryptohomeInterface_install_attributes_is_ready( |
| 760 proxy.gproxy(), |
| 761 &result, |
| 762 &chromeos::Resetter(&error).lvalue())) { |
| 763 printf("IsReady call failed: %s.\n", error->message); |
| 764 } |
| 765 |
| 766 if (result == FALSE) { |
| 767 printf("InstallAttributes() is not ready.\n"); |
| 768 return 1; |
| 769 } |
| 770 |
| 771 GArray *value_ary = g_array_new(FALSE, FALSE, sizeof(char)); |
| 772 g_array_append_vals(value_ary, value.c_str(), value.size()); |
| 773 if (!org_chromium_CryptohomeInterface_install_attributes_set( |
| 774 proxy.gproxy(), |
| 775 name.c_str(), |
| 776 value_ary, |
| 777 &result, |
| 778 &chromeos::Resetter(&error).lvalue())) { |
| 779 printf("Set() failed: %s.\n", error->message); |
| 780 } |
| 781 g_array_free(value_ary, false); |
| 782 if (result == FALSE) |
| 783 return 1; |
| 784 } else if (!strcmp( |
| 785 switches::kActions[switches::ACTION_INSTALL_ATTRIBUTES_FINALIZE], |
| 786 action.c_str())) { |
| 787 chromeos::glib::ScopedError error; |
| 788 gboolean result; |
| 789 if (!org_chromium_CryptohomeInterface_install_attributes_is_ready( |
| 790 proxy.gproxy(), |
| 791 &result, |
| 792 &chromeos::Resetter(&error).lvalue())) { |
| 793 printf("IsReady call failed: %s.\n", error->message); |
| 794 } |
| 795 if (result == FALSE) { |
| 796 printf("InstallAttributes is not ready.\n"); |
| 797 return 1; |
| 798 } |
| 799 if (!org_chromium_CryptohomeInterface_install_attributes_finalize( |
| 800 proxy.gproxy(), |
| 801 &result, |
| 802 &chromeos::Resetter(&error).lvalue())) { |
| 803 printf("Finalize() failed: %s.\n", error->message); |
| 804 } |
| 805 printf("InstallAttributesFinalize(): %d\n", result); |
| 806 } else if (!strcmp( |
| 678 switches::kActions[switches::ACTION_TPM_WAIT_OWNERSHIP], | 807 switches::kActions[switches::ACTION_TPM_WAIT_OWNERSHIP], |
| 679 action.c_str())) { | 808 action.c_str())) { |
| 680 TpmWaitLoop client_loop; | 809 TpmWaitLoop client_loop; |
| 681 client_loop.Initialize(proxy); | 810 client_loop.Initialize(proxy); |
| 682 gboolean result; | 811 gboolean result; |
| 683 chromeos::glib::ScopedError error; | 812 chromeos::glib::ScopedError error; |
| 684 if (!org_chromium_CryptohomeInterface_tpm_is_being_owned(proxy.gproxy(), | 813 if (!org_chromium_CryptohomeInterface_tpm_is_being_owned(proxy.gproxy(), |
| 685 &result, | 814 &result, |
| 686 &chromeos::Resetter(&error).lvalue())) { | 815 &chromeos::Resetter(&error).lvalue())) { |
| 687 printf("TpmIsBeingOwned call failed: %s.\n", error->message); | 816 printf("TpmIsBeingOwned call failed: %s.\n", error->message); |
| 688 } else { | 817 } else { |
| 689 if (result) { | 818 if (result) { |
| 690 printf("Waiting for TPM to be owned...\n"); | 819 printf("Waiting for TPM to be owned...\n"); |
| 691 client_loop.Run(); | 820 client_loop.Run(); |
| 692 } else { | 821 } else { |
| 693 printf("TPM is not currently being owned.\n"); | 822 printf("TPM is not currently being owned.\n"); |
| 694 } | 823 } |
| 695 } | 824 } |
| 696 } else { | 825 } else { |
| 697 printf("Unknown action or no action given. Available actions:\n"); | 826 printf("Unknown action or no action given. Available actions:\n"); |
| 698 for(int i = 0; /* loop forever */; i++) { | 827 for(int i = 0; /* loop forever */; i++) { |
| 699 if(!switches::kActions[i]) { | 828 if(!switches::kActions[i]) { |
| 700 break; | 829 break; |
| 701 } | 830 } |
| 702 printf(" --action=%s\n", switches::kActions[i]); | 831 printf(" --action=%s\n", switches::kActions[i]); |
| 703 } | 832 } |
| 704 } | 833 } |
| 705 return 0; | 834 return 0; |
| 706 } | 835 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6801020:
service,cryptohome: wire up lockbox to dbus (Closed)
