Google Git
Sign in
chromium / chromiumos / platform / cryptohome / stabilize-5680.B
commit6b7f6d0647f4f6de0b4018d5a765f091710b0718[log] [tgz]
authorWill Drewry <wad@chromium.org>Fri Mar 21 05:34:18 2014
committerchrome-internal-fetch <chrome-internal-fetch@google.com>Sat Mar 22 06:23:33 2014
tree54fc781cfee81937587bc5f22f1a72a464cabd84
parent29e65b32d557ee5f5ea7c8950428613fade1cdd8 [diff]
service, homedirs: Add a new DBus call: RemoveKeyEx

RemoveKeyEx allows a single key to be removed by label.
The caller must use a key that is authorized (KeyPrivileges)
to remove keys and may remove itself.

Initially, cryptohome only allowed mass key removal by account
removal or migration to avoid orphaned keys.  This is still a
legitimate concern, but as richer semantics for creating and
managing keys have been added, it is not possible to maintain
that approach.

The addition of a call that lists keys (ListKeysEx) will allow
Chrome or other clients to actively manage the keys and help avoid
orphans or unexpected keys (e.g., attacker persisted backdoor).

TEST=compile, auto, unit, manual with action=remove_key_ex
BUG=chromium:316189
CQ-DEPEND=CL:191027

Change-Id: I77ab8e2e904ff2d7ddf4f27583b8907398fd6620
Reviewed-on: https://chromium-review.googlesource.com/191050
Reviewed-by: Will Drewry <wad@chromium.org>
Commit-Queue: Will Drewry <wad@chromium.org>
Tested-by: Will Drewry <wad@chromium.org>
12 files changed
tree: 54fc781cfee81937587bc5f22f1a72a464cabd84
  1. etc/
  2. init/
  3. attestation.cc
  4. attestation.h
  5. attestation.proto
  6. attestation_task.cc
  7. attestation_task.h
  8. attestation_unittest.cc
  9. common.mk
  10. credentials.h
  11. crypto.cc
  12. crypto.h
  13. crypto_unittest.cc
  14. cryptohome-path.cc
  15. cryptohome.cc
  16. cryptohome.xml
  17. cryptohome_common.h
  18. cryptohome_event_source.cc
  19. cryptohome_event_source.h
  20. cryptohome_event_source_unittest.cc
  21. cryptohome_testrunner.cc
  22. cryptohomed.cc
  23. cryptolib.cc
  24. cryptolib.h
  25. dbus_transition.cc
  26. dbus_transition.h
  27. email_to_image
  28. homedirs.cc
  29. homedirs.h
  30. homedirs_unittest.cc
  31. inherit-review-settings-ok
  32. install_attributes.cc
  33. install_attributes.h
  34. install_attributes.proto
  35. install_attributes_unittest.cc
  36. interface.cc
  37. interface.h
  38. keystore.h
  39. LICENSE
  40. lockbox-cache-main.cc
  41. lockbox-cache-tpm.cc
  42. lockbox-cache-tpm.h
  43. lockbox-cache.cc
  44. lockbox-cache.h
  45. lockbox.cc
  46. lockbox.h
  47. lockbox_unittest.cc
  48. make_tests.cc
  49. make_tests.h
  50. make_tests.sh
  51. Makefile
  52. marshal.list
  53. mock_attestation.h
  54. mock_crypto.h
  55. mock_dbus_transition.h
  56. mock_homedirs.cc
  57. mock_homedirs.h
  58. mock_install_attributes.cc
  59. mock_install_attributes.h
  60. mock_keystore.cc
  61. mock_keystore.h
  62. mock_lockbox.cc
  63. mock_lockbox.h
  64. mock_mount.cc
  65. mock_mount.h
  66. mock_mount_factory.h
  67. mock_pkcs11_init.cc
  68. mock_pkcs11_init.h
  69. mock_platform.cc
  70. mock_platform.h
  71. mock_service.cc
  72. mock_service.h
  73. mock_tpm.cc
  74. mock_tpm.h
  75. mock_user_oldest_activity_timestamp_cache.cc
  76. mock_user_oldest_activity_timestamp_cache.h
  77. mock_user_session.cc
  78. mock_user_session.h
  79. mock_vault_keyset.cc
  80. mock_vault_keyset.h
  81. mock_vault_keyset_factory.h
  82. mount-encrypted.c
  83. mount-encrypted.h
  84. mount-helpers.c
  85. mount-helpers.h
  86. mount.cc
  87. mount.h
  88. mount_factory.cc
  89. mount_factory.h
  90. mount_stack.cc
  91. mount_stack.h
  92. mount_stack_unittest.cc
  93. mount_task.cc
  94. mount_task.h
  95. mount_task_unittest.cc
  96. mount_unittest.cc
  97. OWNERS
  98. pam_mount.conf.xml
  99. pkcs11_init.cc
  100. pkcs11_init.h
  101. pkcs11_keystore.cc
  102. pkcs11_keystore.h
  103. pkcs11_keystore_unittest.cc
  104. platform.cc
  105. platform.h
  106. README
  107. README.dbus
  108. README.homedirs
  109. README.lockbox
  110. README.tpm
  111. service.cc
  112. service.h
  113. service_unittest.cc
  114. stateful_recovery.cc
  115. stateful_recovery.h
  116. stateful_recovery_unittest.cc
  117. stub_tpm.h
  118. tpm.cc
  119. tpm.h
  120. tpm_init.cc
  121. tpm_init.h
  122. tpm_status.proto
  123. user_oldest_activity_timestamp_cache.cc
  124. user_oldest_activity_timestamp_cache.h
  125. user_oldest_activity_timestamp_cache_unittest.cc
  126. user_session.cc
  127. user_session.h
  128. user_session_unittest.cc
  129. username_passkey.cc
  130. username_passkey.h
  131. username_passkey_unittest.cc
  132. vault_keyset.cc
  133. vault_keyset.h
  134. vault_keyset.proto
  135. vault_keyset_factory.cc
  136. vault_keyset_factory.h
  137. vault_keyset_unittest.cc
  138. WATCHLISTS