service,cryptohome: wire up lockbox to dbus

cryptohome.cc

 // Copyright (c) 2009 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Cryptohome client that uses the dbus client interface
 
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>
@@ skipping 31 matching lines @@
     "migrate_key",
     "remove",
     "obfuscate_user",
     "dump_keyset",
     "tpm_status",
     "status",
     "remove_tracked_subdirs",
     "tpm_take_ownership",
     "tpm_clear_stored_password",
     "tpm_wait_ownership",
+    "lockbox_test",
     NULL };
   enum ActionEnum {
     ACTION_MOUNT,
     ACTION_MOUNT_GUEST,
     ACTION_UNMOUNT,
     ACTION_MOUNTED,
     ACTION_TEST_AUTH,
     ACTION_MIGRATE_KEY,
     ACTION_REMOVE,
     ACTION_OBFUSCATE_USER,
     ACTION_DUMP_KEYSET,
     ACTION_TPM_STATUS,
     ACTION_STATUS,
     ACTION_REMOVE_TRACKED_SUBDIRS,
     ACTION_TPM_TAKE_OWNERSHIP,
     ACTION_TPM_CLEAR_STORED_PASSWORD,
-    ACTION_TPM_WAIT_OWNERSHIP };
+    ACTION_TPM_WAIT_OWNERSHIP,
+    ACTION_LOCKBOX_TEST };
   static const char kUserSwitch[] = "user";
   static const char kPasswordSwitch[] = "password";
   static const char kOldPasswordSwitch[] = "old_password";
   static const char kForceSwitch[] = "force";
   static const char kAsyncSwitch[] = "async";
   static const char kCreateSwitch[] = "create";
 }  // namespace switches
 
 chromeos::Blob GetSystemSalt(const chromeos::dbus::Proxy& proxy) {
   chromeos::glib::ScopedError error;
@@ skipping 583 matching lines @@
   } else if (!strcmp(
       switches::kActions[switches::ACTION_TPM_CLEAR_STORED_PASSWORD],
       action.c_str())) {
     chromeos::glib::ScopedError error;
     if (!org_chromium_CryptohomeInterface_tpm_clear_stored_password(
         proxy.gproxy(),
         &chromeos::Resetter(&error).lvalue())) {
       printf("TpmClearStoredPassword call failed: %s.\n", error->message);
     }
   } else if (!strcmp(
+      switches::kActions[switches::ACTION_LOCKBOX_TEST],
+      action.c_str())) {
+    chromeos::glib::ScopedError error;
+    gboolean result;
+    if (!org_chromium_CryptohomeInterface_lockbox_is_ready(
+        proxy.gproxy(),
+        &result,
+        &chromeos::Resetter(&error).lvalue())) {
+      printf("LockboxIsReady call failed: %s.\n", error->message);
+    }
+    if (result == FALSE) {
+      printf("Lockbox not ready for use.\n");
+      return 1;
+    }
+    printf("Lockbox is ready\n");
+    if (!org_chromium_CryptohomeInterface_lockbox_is_locked(
+        proxy.gproxy(),
+        &result,
+        &chromeos::Resetter(&error).lvalue())) {
+      printf("LockboxIsLocked call failed: %s.\n", error->message);
+    }
+    bool locked = result;
+    printf("Lockbox is locked: %d\n", result);
+    const char* kTestNameA = "LockboxTest.IsManaged";
+    const char* kTestValueA = "TRUE";
+    const char* kTestNameB = "LockboxTest.Foo";
+    const char* kTestValueB = "Bar";
+    if (result == FALSE) {
+      // Set a value!
+      GArray *value = g_array_new(FALSE, FALSE, sizeof(char));
+      g_array_append_vals(value, kTestValueA, strlen(kTestValueA));
+      if (!org_chromium_CryptohomeInterface_lockbox_set(
+         proxy.gproxy(),
+         kTestNameA,
+         value,
+         &result,
+         &chromeos::Resetter(&error).lvalue())) {
+        printf("LockboxSet call failed: %s.\n", error->message);
+      }
+      g_array_free(value, false);
+      printf("LockboxSet(%s,%s): %d\n", kTestNameA, kTestValueA, result);
+      // Set a value!
+      value = g_array_new(FALSE, FALSE, sizeof(char));
+      g_array_append_vals(value, kTestValueB, strlen(kTestValueB));
+      if (!org_chromium_CryptohomeInterface_lockbox_set(
+         proxy.gproxy(),
+         kTestNameB,
+         value,
+         &result,
+         &chromeos::Resetter(&error).lvalue())) {
+        printf("LockboxSet call failed: %s.\n", error->message);
+      }
+      g_array_free(value, false);
+      printf("LockboxSet(%s,%s): %d\n", kTestNameB, kTestValueB, result);
+    }
+    // Grab the value and emit it.
+    // Set a value!
+    GArray *value = NULL;
+    if (!org_chromium_CryptohomeInterface_lockbox_get(
+        proxy.gproxy(),
+        kTestNameA,
+        &value,
+        &result,
+        &chromeos::Resetter(&error).lvalue())) {
+       printf("LockboxGet call failed: %s.\n", error->message);
+    }
+    std::string value_str(value->data, value->len);
+    printf("LockboxGet(%s,%s): %d\n", kTestNameA, value_str.c_str(), result);
+    g_array_free(value, false);
+    if (locked)
+      return 0;
+    // Lock it down.
+    if (!org_chromium_CryptohomeInterface_lockbox_lock(
+        proxy.gproxy(),
+        &result,
+        &chromeos::Resetter(&error).lvalue())) {
+      printf("LockboxLock call failed: %s.\n", error->message);
+    }
+    printf("Lockbox has been locked (%d).\n", result);
+  } else if (!strcmp(
       switches::kActions[switches::ACTION_TPM_WAIT_OWNERSHIP],
       action.c_str())) {
     TpmWaitLoop client_loop;
     client_loop.Initialize(proxy);
     gboolean result;
     chromeos::glib::ScopedError error;
     if (!org_chromium_CryptohomeInterface_tpm_is_being_owned(proxy.gproxy(),
         &result,
         &chromeos::Resetter(&error).lvalue())) {
       printf("TpmIsBeingOwned call failed: %s.\n", error->message);
     } else {
       if (result) {
         printf("Waiting for TPM to be owned...\n");
         client_loop.Run();
       } else {
         printf("TPM is not currently being owned.\n");
       }
     }
   } else {
     printf("Unknown action or no action given.  Available actions:\n");
     for(int i = 0; /* loop forever */; i++) {
       if(!switches::kActions[i]) {
         break;
       }
       printf("  --action=%s\n", switches::kActions[i]);
     }
   }
   return 0;
 }