cryptohome: Unit test coverage for KeysetManagement

Adds unit test coverage for KeysetManagement::
GetPublicMountPassKey. KeysetManagementTest.GetPublicMountPassKey
reads the public salt file and generates a passkey for a public
mount user. KeysetManagementTest.GetPublicMountKeyPassFail
fails reading the saltfile and generates an empty passkey.

TEST=FEATURES=test emerge-${BOARD} cryptohome

Change-Id: I60880b0a287fa5d569065748537dd6fb7d90fcb8
Reviewed-by: Hardik Goyal <>
Reviewed-by: Greg Kerr <>
Tested-by: Thomas Cedeno <>
Commit-Queue: Thomas Cedeno <>
1 file changed
tree: 615111fa2dd4e429f6dafe53690353d0eaf6bea7
  1. arc/
  2. attestation/
  3. authpolicy/
  4. avtest_label_detect/
  5. biod/
  6. bootid-logger/
  7. bootstat/
  8. buffet/
  9. camera/
  10. cfm-dfu-notification/
  11. chaps/
  12. chromeos-common-script/
  13. chromeos-config/
  14. chromeos-dbus-bindings/
  15. chromeos-nvt-tcon-updater/
  16. codelab/
  17. common-mk/
  18. crash-reporter/
  19. cronista/
  20. cros-disks/
  21. crosdns/
  22. crosh/
  23. croslog/
  24. cryptohome/
  25. cups_proxy/
  26. debugd/
  27. dev-install/
  28. diagnostics/
  29. disk_updater/
  30. dlcservice/
  31. dlp/
  32. dns-proxy/
  33. easy-unlock/
  34. featured/
  35. federated/
  36. feedback/
  37. fitpicker/
  38. foomatic_shell/
  39. fusebox/
  40. glib-bridge/
  41. goldfishd/
  42. hammerd/
  43. hardware_verifier/
  44. hermes/
  45. hps/
  46. hwsec-test-utils/
  47. iioservice/
  48. image-burner/
  49. imageloader/
  50. init/
  51. installer/
  52. ippusb_bridge/
  53. kerberos/
  54. libbrillo/
  55. libchromeos-rs/
  56. libchromeos-ui/
  57. libcontainer/
  58. libec/
  59. libhwsec/
  60. libhwsec-foundation/
  61. libipp/
  62. libmems/
  63. libpasswordprovider/
  64. libtpmcrypto/
  65. login_manager/
  66. lorgnette/
  67. media_capabilities/
  68. media_perception/
  69. mems_setup/
  70. metrics/
  71. midis/
  72. minios/
  73. missive/
  74. mist/
  75. ml/
  76. ml_benchmark/
  77. modem-utilities/
  78. modemfwd/
  79. mtpd/
  80. nnapi/
  81. ocr/
  82. oobe_config/
  83. os_install_service/
  84. p2p/
  85. patchpanel/
  86. pciguard/
  87. perfetto_simple_producer/
  88. permission_broker/
  89. policy_proto/
  90. policy_utils/
  91. power_manager/
  92. print_tools/
  93. regions/
  94. resourced/
  95. rmad/
  96. run_oci/
  97. runtime_probe/
  98. screen-capture-utils/
  99. sealed_storage/
  100. secanomalyd/
  101. secure-wipe/
  102. secure_erase_file/
  103. sepolicy/
  104. shill/
  105. sirenia/
  106. smbfs/
  107. smbprovider/
  108. smogcheck/
  109. spaced/
  110. st_flash/
  111. storage_info/
  112. syslog-cat/
  113. system-proxy/
  114. system_api/
  115. thd/
  116. timberslide/
  117. touch_firmware_calibration/
  118. tpm2-simulator/
  119. tpm_manager/
  120. tpm_softclear_utils/
  121. trim/
  122. trunks/
  123. typecd/
  124. u2fd/
  125. ureadahead-diff/
  126. usb_bouncer/
  127. userfeedback/
  128. verity/
  129. virtual_file_provider/
  130. vm_tools/
  131. vpn-manager/
  132. webserver/
  133. wifi-testbed/
  134. .clang-format
  135. .gitignore
  136. .gn
  137. CPPLINT.cfg
  138. LICENSE
  140. OWNERS
  141. PRESUBMIT.cfg
  143. pylintrc
  145. unblocked_terms.txt

The Chromium OS Platform

This repo holds (most) of the custom code that makes up the Chromium OS platform. That largely covers daemons, programs, and libraries that were written specifically for Chromium OS.

We moved from multiple separate repos in platform/ to a single repo in platform2/ for a number of reasons:

  • Make it easier to work across multiple projects simultaneously
  • Increase code re-use (via common libs) rather than duplicate utility functions multiple items over
  • Share the same build system

While most projects were merged, not all of them were. Some projects were standalone already (such as vboot), or never got around to being folded in (such as imageloader). Some day those extra projects might get merged in.

Similarly, some projects that were merged in, were then merged back out. This was due to the evolution of the Brillo project and collaboration with Android. That means the AOSP repos are the upstream and Chromium OS carries copies.

Local Project Directory

arcTools/deamons/init-scripts to run ARC
attestationDaemon and client for managing remote attestation
authpolicyDaemon for integrating with Microsoft Active Directory (AD) domains
avtest_label_detectTest tool for OCRing device labels
biodBiometrics daemon
bootid-loggerSimple command to record the current boot id to the log.
bootstatTools for tracking points in the overall boot process (for metrics)
buffetDaemon for reacting to cloud messages
cameraChrome OS Camera daemon
cfm-dfu-notificationCFM specific library for DFU notifications
chapsPKCS #11 implementation for TPM 1 devices
chromeos-common-scriptShared scripts for partitions and basic disk information
chromeos-configCrOS unified build runtime config manager
chromeos-dbus-bindingsSimplifies the implementation of D-Bus daemons and proxies
chromeos-nvt-tcon-updaterLibrary for integrating the Novatek TCON firmware updater into a CrOS device
codelabCodelab exercise
common-mkCommon build & test logic for platform2 projects
crash-reporterThe system crash handler & reporter
cronistaTamper evident storage daemon
cros-disksDaemon for mounting removable media (e.g. USB sticks and SD cards)
crosdnsHostname resolution service for Chrome OS
croshThe Chromium OS shell
croslogThe log manipulation command
cryptohomeDaemon and tools for managing encrypted /home and /var directories
cups_proxyDaemon for proxying CUPS printing request
debugdCentralized debug daemon for random tools
dev-installTools & settings for managing the developer environment on the device
diagnosticsDevice telemetry and diagnostics daemons
disk_updaterUtility for updating root disk firmware (e.g. SSDs and eMMC)
dlcserviceDownloadable Content (DLC) Service daemon
dlpDate Leak Prevention (DLP) daemon
dns-proxyDNS Proxy daemon
easy-unlockDaemon for handling Easy Unlock requests (e.g. unlocking Chromebooks with an Android device)
featuredFeature daemon for enabling and managing platform features
federatedFederated computation service (Federated Analytics & Federated Learning)
feedbackDaemon for headless systems that want to gather feedback (normally Chrome manages it)
foomatic_shellSimple shell used by the foomatic-rip package
fuseboxFuseBox service
glib-bridgelibrary for libchrome-glib message loop interoperation
goldfishdAndroid Emulator Daemon
hammerdFirmware updater utility for hammer hardware
hardware_verifierHardware verifier tool
hermesChrome OS LPA implementation for eSIM hardware support
hpsChrome OS HPS daemon and utilities
hwsec-test-utilsHwsec-related test-only features
iioserviceDaemon and libraries that provide sensor data to all processes
image-burnerDaemon for writing disk images (e.g. recovery) to USB sticks & SD cards
imageloaderDaemon for mounting signed disk images
initCrOS common startup init scripts and boot time helpers
installerCrOS installer utility (for AU/recovery/etc...)
ippusb_bridgeHTTP proxy to IPP-enabled printers
kerberosDaemon for managing Kerberos tickets
libbrilloCommon platform utility library
libchromeos-rsCommon platform utility library for Rust
libecLibrary for interacting with EC
libhwsecLibrary for the utility functions of all TPM related daemons except for trunks and trousers
libhwsec-foundationLibrary for the utility functions of all TPM related daemons and libraries
libippLibrary for building and parsing IPP (Internet Printing Protocol) frames
libmemsUtility library to configure, manage and retrieve events from IIO sensors
libpasswordproviderPassword Provider library for securely managing credentials with system services
libtpmcryptoLibrary for AES256-GCM encryption with TPM sealed keys
login_managerSession manager for handling the life cycle of the main session (e.g. Chrome)
lorgnetteDaemon for managing attached USB scanners via SANE
media_capabilitiesCommand line tool to show video and camera capabilities
media_perceptionMedia perception service for select platforms
memdDaemon that logs memory-related data and events
mems_setupBoot-time initializer tool for sensors
metricsClient side user metrics collection
midisMIDI service
miniosA minimal OS used during recovery
missiveDaemon for the storage of encrypted records for managed devices.
mistModem USB Interface Switching Tool
mlMachine learning service
ml_benchmarkML performance benchmark for Chrome OS
modemfwdDaemon for managing modem firmware updaters
mtpdDaemon for handling Media Transfer Protocol (MTP) with devices (e.g. phones)
nnapiImplementation of the Android Neural Networks API
ocrOptical Character Recognition (OCR) service for Chrome OS
oobe_configUtilities for saving and restoring OOBE config state
os_install_serviceService that can be triggered by the UI to install CrOS to disk from a USB device
p2pService for sharing files between CrOS devices (e.g. updates)
patchpanelPlatform networking daemons
pciguardDaemon to secure external PCI devices (thunderbolt etc)
perfetto_simple_producerA simple producer of perfetto: An example demonstrating how to produce Perfetto performance trace data
policy_protoBuild file to compile policy proto file
policy_utilsTools and related library to set or override device policies
power_managerUserspace power management daemon and associated tools
print_toolsVarious tools related to the native printing system
resourcedResource Management Daemon
rmadChrome OS RMA Daemon
run_ociMinimalistic container runtime
runtime_probeRuntime probe tool for ChromeOS
screen-capture-utilsUtilities for screen capturing (screenshot)
sealed_storageLibrary for sealing data to device identity and state
secanomalydDaemon for detecting and reporting security anomalies
secure-wipeSecure disk wipe
secure_erase_fileHelper tools for securely erasing files from storage (e.g. keys and PII data)
sepolicySELinux policy for Chrome OS
shillChrome OS Connection Manager
sireniaMinimalistic init written in Rust
smbfsFUSE-based filesystem for accessing Samba / Windows networking shares
smbproviderDaemon for connecting Samba / Windows networking shares to the
smogcheckDeveloper library for working with raw I2C devices
spacedDisk space information daemon
storage_infoHelper shell functions for retrieving disk information)
syslog-catHelper command to forward stdout/stderr from process to syslog
system-proxyDaemon for web proxy authentication support on Chrome OS
system_apiHeaders and .proto files etc. to be shared with chromium
thdThermal daemon to help keep systems running cool
timberslideTool for working with EC crashes for reporting purposes
tpm2-simulatorA software TPM 2.0 implementation (for testing/debugging)
tpm_managerDaemon and client for managing TPM setup and operations
tpm_softclear_utilsUtilities that soft-clear TPM (for testing only)
trimService to manage filesystem trim operations in the background
trunksMiddleware and resource manager for interfacing with TPM 2.0 hardware
typecdSystem daemon to keep track of USB Type C state
u2fdU2FHID emulation daemon for systems with secure elements (not TPMs)
ureadahead-diffTool to calculate difference between 2 ureadahead packs
usb_bouncerTools for managing USBGuard white-lists and configuration on Chrome OS
userfeedbackVarious utilities to gather extended data for user feedback reports
verityUserspace tools for working dm-verity (verified disk images)
vm_toolsUtilities for Virtual Machine (VM) orchestration
vpn-managerChrome OS Native L2TP/IPsec VPN Daemon
webserverSmall web server with D-Bus client backends
wifi-testbedTools for creating a WiFi testbed image

AOSP Project Directory

These projects can be found here: