This sub-task of bug 806788 tracks the actual implementation of mount-related operations in cryptohomed.
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/683bd4cddeabb5784147bc1f67ab78563a22b8ea commit 683bd4cddeabb5784147bc1f67ab78563a22b8ea Author: Maksim Ivanov <emaxx@google.com> Date: Tue May 15 18:28:03 2018 cryptohome: Move existence check into HomeDirs Move the code that checks cryptohome existence from the Mount class into the HomeDirs class. This refactoring allows to choose between the new cryptohome creation and the existing cryptohome mounting in advance, without the need to obtain an instance of Mount (which is conceptually associated with already mounted cryptohome). This will be necessary for implementing the challenge-response cryptohome mounts, as for them the flow needs to be known before the asynchronous challenge-response dance happens. BUG=chromium:842791 TEST=existing unit tests (homedirs_unittest.cc, mount_unittest.cc) Change-Id: Ic0802afa6074c425706832c4ed1044645af77624 Reviewed-on: https://chromium-review.googlesource.com/1057630 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/683bd4cddeabb5784147bc1f67ab78563a22b8ea/cryptohome/mount.h [modify] https://crrev.com/683bd4cddeabb5784147bc1f67ab78563a22b8ea/cryptohome/mount_unittest.cc [modify] https://crrev.com/683bd4cddeabb5784147bc1f67ab78563a22b8ea/cryptohome/mount.cc [modify] https://crrev.com/683bd4cddeabb5784147bc1f67ab78563a22b8ea/cryptohome/homedirs.cc [modify] https://crrev.com/683bd4cddeabb5784147bc1f67ab78563a22b8ea/cryptohome/homedirs.h
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/c5396f3b401aefcdfa9955c7dfea14f345df92cd commit c5396f3b401aefcdfa9955c7dfea14f345df92cd Author: Maksim Ivanov <emaxx@chromium.org> Date: Wed May 16 19:41:41 2018 cryptohome: Extract obfuscated username building Extract obfuscated username building code from the UsernamePasskey class into a standalone function. This allows to write a code that operates with the obfuscated username before the passkey, needed for building an instance of Credentials, is obtained. This CL will be followed up with CLs that will replace the uses of Credentials with the use of the obfuscated_username string, where that's possible. BUG=chromium:842791 TEST=new unit test (ObfuscatedUsername.*), existing unit tests (UsernamePasskeyTest.*) Change-Id: Iba3167ad581d5e7f6325e28a3df0786f05df4ed6 Reviewed-on: https://chromium-review.googlesource.com/1057272 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org> [modify] https://crrev.com/c5396f3b401aefcdfa9955c7dfea14f345df92cd/cryptohome/cryptohome-libs.gypi [modify] https://crrev.com/c5396f3b401aefcdfa9955c7dfea14f345df92cd/cryptohome/username_passkey.cc [add] https://crrev.com/c5396f3b401aefcdfa9955c7dfea14f345df92cd/cryptohome/obfuscated_username.h [add] https://crrev.com/c5396f3b401aefcdfa9955c7dfea14f345df92cd/cryptohome/obfuscated_username.cc [add] https://crrev.com/c5396f3b401aefcdfa9955c7dfea14f345df92cd/cryptohome/obfuscated_username_unittest.cc [modify] https://crrev.com/c5396f3b401aefcdfa9955c7dfea14f345df92cd/cryptohome/cryptohome.gyp
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/7e95afa09c4108e4a42eb40c28c216a4f216a622 commit 7e95afa09c4108e4a42eb40c28c216a4f216a622 Author: Maksim Ivanov <emaxx@chromium.org> Date: Wed May 16 19:41:51 2018 cryptohome: Rename kVaultDir into kEcryptfsVaultDir This refactoring makes the constant name be a bit more specific - this constant is only used for the old-style eCryptfs based cryptohomes. BUG=chromium:842791 TEST=existing unit tests Change-Id: Ide2402e40ffa990e5729f49eb3293ac9299b36ac Reviewed-on: https://chromium-review.googlesource.com/1059154 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/7e95afa09c4108e4a42eb40c28c216a4f216a622/cryptohome/homedirs_unittest.cc [modify] https://crrev.com/7e95afa09c4108e4a42eb40c28c216a4f216a622/cryptohome/homedirs.cc [modify] https://crrev.com/7e95afa09c4108e4a42eb40c28c216a4f216a622/cryptohome/homedirs.h
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/556e10fd3ebcbf74a6b88834aa31f32f4129573f commit 556e10fd3ebcbf74a6b88834aa31f32f4129573f Author: Maksim Ivanov <emaxx@chromium.org> Date: Fri May 18 05:21:16 2018 cryptohome: Always store system salt in Service Make |Service.system_salt_| be assigned during Service's initialization (with value from HomeDirs). This allows for easy use of the system salt in the Service code without additional method calls. This will be employed for implementing challenge-response keys, for which the salt will be involved in some operations called from Service. BUG=chromium:842791 TEST=existing unit tests Change-Id: Ie8434ad3e17d8b5a1db381710c4ffa4d0900abbb Reviewed-on: https://chromium-review.googlesource.com/1063390 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/service_unittest.cc [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/mount.cc [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/service.h [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/crypto.h [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/crypto.cc [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/service_distributed.cc [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/service.cc [modify] https://crrev.com/556e10fd3ebcbf74a6b88834aa31f32f4129573f/cryptohome/homedirs.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/b9f1f870700e67c91e7efeadf8ae8c38d25221ed commit b9f1f870700e67c91e7efeadf8ae8c38d25221ed Author: Maksim Ivanov <emaxx@chromium.org> Date: Sat May 19 00:19:58 2018 cryptohome: Use BuildObfuscatedUsername() more * Simply call BuildObfuscatedUsername() instead of construction of UsernamePasskey with empty password and calling its GetObfuscatedUsername(). * Stop passing |Credentials| to methods which only used the obfuscated username. Instead, pass only the obfuscated username string in such cases. Besides a small cleanup, this change will also help for implementation of challenge-response mounts, for which it'll be necessary to do some operations with a username *before* the secret passkey is built and a real |Credentials| instance may be constructed. BUG=chromium:842791 TEST=existing unit tests Change-Id: I3f2f1cd0ef7fddcf410f8860ec9aec73edf9897f Reviewed-on: https://chromium-review.googlesource.com/1063391 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/mock_homedirs.h [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/homedirs.h [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/cryptohome.cc [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/mount.cc [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/service_unittest.cc [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/homedirs_unittest.cc [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/service.cc [modify] https://crrev.com/b9f1f870700e67c91e7efeadf8ae8c38d25221ed/cryptohome/homedirs.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/0a71b103c2b098ca83db117ec8a6a20fd7e05462 commit 0a71b103c2b098ca83db117ec8a6a20fd7e05462 Author: Maksim Ivanov <emaxx@chromium.org> Date: Wed May 30 08:02:43 2018 cryptohome: Use policy methods from HomeDirs Make the Mount class use methods from HomeDirs for dealing with device policy, and remove its own methods which were essentially duplicating that functionality. BUG=chromium:842791 TEST=existing unit tests Change-Id: If2aefd2679fb28c86cead9643de47e2f78aa837b Reviewed-on: https://chromium-review.googlesource.com/1068933 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/0a71b103c2b098ca83db117ec8a6a20fd7e05462/cryptohome/mount.h [modify] https://crrev.com/0a71b103c2b098ca83db117ec8a6a20fd7e05462/cryptohome/mount.cc [modify] https://crrev.com/0a71b103c2b098ca83db117ec8a6a20fd7e05462/cryptohome/homedirs.h
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/6237111b1c6804ae4d4274a0bd54fb280ac16200 commit 6237111b1c6804ae4d4274a0bd54fb280ac16200 Author: Maksim Ivanov <emaxx@google.com> Date: Wed May 30 08:02:53 2018 cryptohome: Mock for SignatureSealingBackend Add mock class for SignatureSealingBackend and for its UnsealingSession, for future use in tests. BUG=chromium:842791 TEST=none Change-Id: I8a9fa94f95ff7328a13ae3740f17486b4d8836ac Reviewed-on: https://chromium-review.googlesource.com/1076208 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org> [add] https://crrev.com/6237111b1c6804ae4d4274a0bd54fb280ac16200/cryptohome/mock_signature_sealing_backend.h [modify] https://crrev.com/6237111b1c6804ae4d4274a0bd54fb280ac16200/cryptohome/cryptohome.gyp [add] https://crrev.com/6237111b1c6804ae4d4274a0bd54fb280ac16200/cryptohome/mock_signature_sealing_backend.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/b67c7de294c863ecc48f0e4aac99842621db18f1 commit b67c7de294c863ecc48f0e4aac99842621db18f1 Author: Maksim Ivanov <emaxx@chromium.org> Date: Thu May 31 19:26:07 2018 cryptohome: Decide on ephemeral mount in Service Extract the logic of deciding on ephemeral mount from the Mount class into the Service class. This refactoring allows to know earlier, before calling into Mount, whether the mount will be ephemeral - so that we will be able to know in case of challenge-response credentials that we need neither to unseal credentials from an existing serialized vault keyset nor to generate fresh credentials. BUG=chromium:842791 TEST=existing unit tests Change-Id: Id884bb75d4e9083537967ca71e071a135a9ddaa4 Reviewed-on: https://chromium-review.googlesource.com/1065684 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/b67c7de294c863ecc48f0e4aac99842621db18f1/cryptohome/service.h [modify] https://crrev.com/b67c7de294c863ecc48f0e4aac99842621db18f1/cryptohome/mount.cc [modify] https://crrev.com/b67c7de294c863ecc48f0e4aac99842621db18f1/cryptohome/homedirs.h [modify] https://crrev.com/b67c7de294c863ecc48f0e4aac99842621db18f1/cryptohome/mount_unittest.cc [modify] https://crrev.com/b67c7de294c863ecc48f0e4aac99842621db18f1/cryptohome/mount.h [modify] https://crrev.com/b67c7de294c863ecc48f0e4aac99842621db18f1/cryptohome/service.cc [modify] https://crrev.com/b67c7de294c863ecc48f0e4aac99842621db18f1/cryptohome/homedirs.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/7b733b6d1f1e5db5d7dab919a93b1e735bdb66ba commit 7b733b6d1f1e5db5d7dab919a93b1e735bdb66ba Author: Maksim Ivanov <emaxx@chromium.org> Date: Thu Jun 07 20:11:32 2018 cryptohome: Use BuildObfuscatedUsername for ephemeral mounts Replace use of Credentials in Mount::MountEphemeralCryptohome() as only username is actually used; the passkey is not used for the mount. This will show clearer which places in the code do care about the passkey and which don't. BUG=chromium:842791 TEST=existing unit tests Change-Id: Ic163135653a62a79b1cf9790a31260912af63dd4 Reviewed-on: https://chromium-review.googlesource.com/1065633 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/7b733b6d1f1e5db5d7dab919a93b1e735bdb66ba/cryptohome/mount.h [modify] https://crrev.com/7b733b6d1f1e5db5d7dab919a93b1e735bdb66ba/cryptohome/mount.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/0096dc29e1658bcc66a9f2d95c15763598c39428 commit 0096dc29e1658bcc66a9f2d95c15763598c39428 Author: Maksim Ivanov <emaxx@chromium.org> Date: Tue Jun 19 04:14:30 2018 cryptohome: Challenge credentials - decryption operation Implementation of decryption of challenge credentials. It will be used both for the new vault keyset creation (as the freshly created secrets are encrypted and need to be immediately decrypted) and for the existing vault keyset decryption. The implementation consists of combining the signature of salt with the secret which is unsealed (decrypted via a challenge-response dance involving the TPM). BUG=chromium:842791 TEST=none (unit tests will be in a follow-up) Change-Id: Iacfc8704a89a8dfec8803eab22bf05ee127911e0 Reviewed-on: https://chromium-review.googlesource.com/1074748 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/cryptohome-libs.gypi [modify] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/challenge_credentials/challenge_credentials_helper.h [add] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/challenge_credentials/challenge_credentials_decrypt_operation.cc [add] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/challenge_credentials/challenge_credentials_decrypt_operation.h [add] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/key_challenge_service.h [modify] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/challenge_credentials/challenge_credentials_helper.cc [add] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/challenge_credentials/challenge_credentials_operation.h [add] https://crrev.com/0096dc29e1658bcc66a9f2d95c15763598c39428/cryptohome/challenge_credentials/challenge_credentials_operation.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/435b8feed2d2920981fcad5619a1fd7c13e88018 commit 435b8feed2d2920981fcad5619a1fd7c13e88018 Author: Maksim Ivanov <emaxx@chromium.org> Date: Thu Jun 21 23:30:55 2018 cryptohome: Test utils for SignatureSealingBackend Add test helpers that ease the use of mock'ed SignatureSealingBackend. BUG=chromium:842791 TEST=none (will be used in future unit tests) Change-Id: Iddb777122c4400d92d7d13782ff475c44af5a258 Reviewed-on: https://chromium-review.googlesource.com/1089339 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org> [add] https://crrev.com/435b8feed2d2920981fcad5619a1fd7c13e88018/cryptohome/signature_sealing_backend_test_utils.cc [add] https://crrev.com/435b8feed2d2920981fcad5619a1fd7c13e88018/cryptohome/signature_sealing_backend_test_utils.h [add] https://crrev.com/435b8feed2d2920981fcad5619a1fd7c13e88018/cryptohome/protobuf_test_utils.h [modify] https://crrev.com/435b8feed2d2920981fcad5619a1fd7c13e88018/cryptohome/cryptohome.gyp
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/b2970d84855694e04b9405b2420e84ac6bb0585e commit b2970d84855694e04b9405b2420e84ac6bb0585e Author: Maksim Ivanov <emaxx@chromium.org> Date: Thu Jun 21 23:30:56 2018 cryptohome: Test utils for challenge-response credetials Add MockKeyChallengeService and test helpers that ease its usage. Also add test helpers for simplifying the testing of the ChallengeCredentialsDecryptOperation class. BUG=chromium:842791 TEST=none (will be used in future unit tests) Change-Id: I4f49709fae5fa6cad425d34863bd5b66f032e98d Reviewed-on: https://chromium-review.googlesource.com/1105039 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [add] https://crrev.com/b2970d84855694e04b9405b2420e84ac6bb0585e/cryptohome/mock_key_challenge_service.h [add] https://crrev.com/b2970d84855694e04b9405b2420e84ac6bb0585e/cryptohome/mock_key_challenge_service.cc [modify] https://crrev.com/b2970d84855694e04b9405b2420e84ac6bb0585e/cryptohome/cryptohome.gyp [add] https://crrev.com/b2970d84855694e04b9405b2420e84ac6bb0585e/cryptohome/challenge_credentials/challenge_credentials_test_utils.cc [add] https://crrev.com/b2970d84855694e04b9405b2420e84ac6bb0585e/cryptohome/challenge_credentials/challenge_credentials_test_utils.h
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/de278abdd89d118e95676bb73fc8a34ce346e56c commit de278abdd89d118e95676bb73fc8a34ce346e56c Author: Maksim Ivanov <emaxx@chromium.org> Date: Fri Jun 22 21:13:22 2018 cryptohome: Basic unit test for decryption of challenge creds A unit test for the ChallengeCredentialsDecryptOperation class which performs the decryption of challenge-response protected credentials. The test only covers the basic scenario, with more elaborate tests to be added in a follow-up. BUG=chromium:842791 TEST=new unit tests (ChallengeCredentialsDecryptOperation*.*) Change-Id: I703f2d7bb0f41fc6256245f884d15fc3fb1f6714 Reviewed-on: https://chromium-review.googlesource.com/1076007 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/de278abdd89d118e95676bb73fc8a34ce346e56c/cryptohome/cryptohome.gyp [add] https://crrev.com/de278abdd89d118e95676bb73fc8a34ce346e56c/cryptohome/challenge_credentials/challenge_credentials_decrypt_operation_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/1423d96773bc2dee94f78452b9906c8a3ea15298 commit 1423d96773bc2dee94f78452b9906c8a3ea15298 Author: Maksim Ivanov <emaxx@chromium.org> Date: Mon Jun 25 17:52:51 2018 cryptohome: More tests for decryption of challenge creds More elaborate tests for the ChallengeCredentialsDecryptOperation class which performs the decryption of challenge-response protected credentials. BUG=chromium:842791 TEST=new unit tests (ChallengeCredentialsDecryptOperation*.*) Change-Id: I4c9fdfe5559a4f089311b5193cb232a47a6b2b45 Reviewed-on: https://chromium-review.googlesource.com/1105040 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Maksim Ivanov <emaxx@chromium.org> [modify] https://crrev.com/1423d96773bc2dee94f78452b9906c8a3ea15298/cryptohome/challenge_credentials/challenge_credentials_decrypt_operation_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/663e1902e8359a5fdf4de75d78e1fc155ae7872e commit 663e1902e8359a5fdf4de75d78e1fc155ae7872e Author: Maksim Ivanov <emaxx@google.com> Date: Thu Jul 12 01:48:53 2018 cryptohome: ASAN fix for test of signature-sealing backend This fixes failures of the ChallengeCredentialsDecryptOperationBasicTest unit tests under ASAN, as stack-buffer-overflow was happening when constructing an std::string from an array of char which was not null-terminated. BUG= chromium:857596 ,chromium:842791 TEST=existing unit tests Change-Id: I958c5cbd380ef5a10d57e0baabb06090355236dc Reviewed-on: https://chromium-review.googlesource.com/1131945 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org> [modify] https://crrev.com/663e1902e8359a5fdf4de75d78e1fc155ae7872e/cryptohome/signature_sealing_backend_test_utils.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/2ed45321b27543f97563a3de94499be91ef3e641 commit 2ed45321b27543f97563a3de94499be91ef3e641 Author: Maksim Ivanov <emaxx@chromium.org> Date: Tue Nov 27 04:31:26 2018 cryptohome: Stylistic cleanup in challenge-response code Fix wording in comments, reapply clang-format, other tiny cleanups. BUG=chromium:842791 TEST=existing unit tests Change-Id: Ibafbc51481a6b9ee0a45782d2039e89976ee3dc2 Reviewed-on: https://chromium-review.googlesource.com/1349576 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org> [modify] https://crrev.com/2ed45321b27543f97563a3de94499be91ef3e641/cryptohome/signature_sealing_backend_tpm1_impl.cc [modify] https://crrev.com/2ed45321b27543f97563a3de94499be91ef3e641/cryptohome/challenge_credentials/challenge_credentials_helper.h [modify] https://crrev.com/2ed45321b27543f97563a3de94499be91ef3e641/cryptohome/signature_sealing_backend_tpm2_impl.cc [modify] https://crrev.com/2ed45321b27543f97563a3de94499be91ef3e641/cryptohome/signature_sealing_backend.h [modify] https://crrev.com/2ed45321b27543f97563a3de94499be91ef3e641/cryptohome/challenge_credentials/challenge_credentials_decrypt_operation.h [modify] https://crrev.com/2ed45321b27543f97563a3de94499be91ef3e641/cryptohome/challenge_credentials/challenge_credentials_helper.cc [modify] https://crrev.com/2ed45321b27543f97563a3de94499be91ef3e641/cryptohome/signature_sealing_backend_tpm1_impl.h
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/43477a9e5b4f51c9962e16990bc03b87bd0d8c81 commit 43477a9e5b4f51c9962e16990bc03b87bd0d8c81 Author: Maksim Ivanov <emaxx@chromium.org> Date: Mon Jan 14 17:26:30 2019 cryptohome: Implement key challenging over D-Bus Implement the KeyChallengeService by forwarding the key challenge requests to the specified D-Bus endpoint. Note that this CL doesn't introduce yet usages of the KeyChallengeService implementation in the production code - this will be done in follow-ups. BUG=chromium:842791 TEST=check cryptohome builds Change-Id: I717083c05b56046d8cca8c60d911150374b6302e Reviewed-on: https://chromium-review.googlesource.com/1356742 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/43477a9e5b4f51c9962e16990bc03b87bd0d8c81/cryptohome/libs/BUILD.gn [add] https://crrev.com/43477a9e5b4f51c9962e16990bc03b87bd0d8c81/cryptohome/key_challenge_service_impl.cc [add] https://crrev.com/43477a9e5b4f51c9962e16990bc03b87bd0d8c81/cryptohome/key_challenge_service_impl.h
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/06d4d5edcedd69fe13c7d051f18496cd1a152ec5 commit 06d4d5edcedd69fe13c7d051f18496cd1a152ec5 Author: Maksim Ivanov <emaxx@chromium.org> Date: Mon Jan 14 17:26:30 2019 cryptohome: Clean up ownership of KeyChallengeService Make KeyChallengeService be owned by the same class that manages operations that use it - the ChallengeCredentialsHelper class. This allows to manage its lifetime in a clear fashion and to ensure that the same KeyChallengeService isn't wrongly reused by previous/subsequent operations. BUG=chromium:842791 TEST=check cryptohome builds Change-Id: Ifa4a383a21b9e5e65db3cf7df1ac24eb67e6b1de Reviewed-on: https://chromium-review.googlesource.com/1394763 Commit-Ready: Maksim Ivanov <emaxx@chromium.org> Tested-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> [modify] https://crrev.com/06d4d5edcedd69fe13c7d051f18496cd1a152ec5/cryptohome/challenge_credentials/challenge_credentials_helper.h [modify] https://crrev.com/06d4d5edcedd69fe13c7d051f18496cd1a152ec5/cryptohome/key_challenge_service.h [modify] https://crrev.com/06d4d5edcedd69fe13c7d051f18496cd1a152ec5/cryptohome/mock_key_challenge_service.h [modify] https://crrev.com/06d4d5edcedd69fe13c7d051f18496cd1a152ec5/cryptohome/challenge_credentials/challenge_credentials_helper.cc
Comment 1 by bugdroid1@chromium.org
, May 15 2018