| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/owner_manager.h" | 5 #include "chrome/browser/chromeos/login/owner_key_utils.h" |
| 6 | 6 |
| 7 #include <cert.h> | 7 #include <cert.h> |
| 8 #include <keyhi.h> | 8 #include <keyhi.h> |
| 9 #include <keythi.h> // KeyType enum | 9 #include <keythi.h> // KeyType enum |
| 10 #include <pk11pub.h> | 10 #include <pk11pub.h> |
| 11 #include <stdlib.h> | 11 #include <stdlib.h> |
| 12 | 12 |
| 13 #include <string> | 13 #include <string> |
| 14 | 14 |
| 15 #include "base/file_path.h" | 15 #include "base/file_path.h" |
| 16 #include "base/file_util.h" | 16 #include "base/file_util.h" |
| 17 #include "base/logging.h" | 17 #include "base/logging.h" |
| 18 #include "base/nss_util_internal.h" | 18 #include "base/nss_util_internal.h" |
| 19 #include "base/nss_util.h" | 19 #include "base/nss_util.h" |
| 20 #include "base/scoped_ptr.h" |
| 20 #include "base/scoped_temp_dir.h" | 21 #include "base/scoped_temp_dir.h" |
| 21 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
| 22 #include "testing/gmock/include/gmock/gmock.h" | 23 #include "testing/gmock/include/gmock/gmock.h" |
| 23 | 24 |
| 24 namespace chromeos { | 25 namespace chromeos { |
| 25 | 26 |
| 26 class OwnerManagerTest : public ::testing::Test { | 27 class OwnerKeyUtilsTest : public ::testing::Test { |
| 27 public: | 28 public: |
| 28 OwnerManagerTest() | 29 OwnerKeyUtilsTest() |
| 29 : private_key_(NULL), | 30 : private_key_(NULL), |
| 30 public_key_(NULL) { | 31 public_key_(NULL), |
| 32 utils_(OwnerKeyUtils::Create()) { |
| 31 | 33 |
| 32 } | 34 } |
| 33 virtual ~OwnerManagerTest() {} | 35 virtual ~OwnerKeyUtilsTest() {} |
| 34 | 36 |
| 35 virtual void SetUp() { | 37 virtual void SetUp() { |
| 36 base::OpenPersistentNSSDB(); | 38 base::OpenPersistentNSSDB(); |
| 37 } | 39 } |
| 38 | 40 |
| 39 virtual void TearDown() { | 41 virtual void TearDown() { |
| 40 if (private_key_) { | 42 if (private_key_) { |
| 41 PK11_DestroyTokenObject(private_key_->pkcs11Slot, private_key_->pkcs11ID); | 43 PK11_DestroyTokenObject(private_key_->pkcs11Slot, private_key_->pkcs11ID); |
| 42 SECKEY_DestroyPrivateKey(private_key_); | 44 SECKEY_DestroyPrivateKey(private_key_); |
| 43 } | 45 } |
| 44 if (public_key_) { | 46 if (public_key_) { |
| 45 PK11_DestroyTokenObject(public_key_->pkcs11Slot, public_key_->pkcs11ID); | 47 PK11_DestroyTokenObject(public_key_->pkcs11Slot, public_key_->pkcs11ID); |
| 46 SECKEY_DestroyPublicKey(public_key_); | 48 SECKEY_DestroyPublicKey(public_key_); |
| 47 } | 49 } |
| 48 } | 50 } |
| 49 | 51 |
| 50 SECKEYPrivateKey* private_key_; | 52 SECKEYPrivateKey* private_key_; |
| 51 SECKEYPublicKey* public_key_; | 53 SECKEYPublicKey* public_key_; |
| 54 scoped_ptr<OwnerKeyUtils> utils_; |
| 52 }; | 55 }; |
| 53 | 56 |
| 54 TEST_F(OwnerManagerTest, KeyGenerate) { | 57 TEST_F(OwnerKeyUtilsTest, KeyGenerate) { |
| 55 EXPECT_TRUE(OwnerManager::GenerateKeyPair(&private_key_, &public_key_)); | 58 EXPECT_TRUE(utils_->GenerateKeyPair(&private_key_, &public_key_)); |
| 56 EXPECT_TRUE(private_key_ != NULL); | 59 EXPECT_TRUE(private_key_ != NULL); |
| 57 ASSERT_TRUE(public_key_ != NULL); | 60 ASSERT_TRUE(public_key_ != NULL); |
| 58 EXPECT_EQ(public_key_->keyType, rsaKey); | 61 EXPECT_EQ(public_key_->keyType, rsaKey); |
| 59 } | 62 } |
| 60 | 63 |
| 61 TEST_F(OwnerManagerTest, ExportImportPublicKey) { | 64 TEST_F(OwnerKeyUtilsTest, ExportImportPublicKey) { |
| 62 EXPECT_TRUE(OwnerManager::GenerateKeyPair(&private_key_, &public_key_)); | 65 EXPECT_TRUE(utils_->GenerateKeyPair(&private_key_, &public_key_)); |
| 63 | 66 |
| 64 ScopedTempDir tmpdir; | 67 ScopedTempDir tmpdir; |
| 65 FilePath tmpfile; | 68 FilePath tmpfile; |
| 66 ASSERT_TRUE(tmpdir.CreateUniqueTempDir()); | 69 ASSERT_TRUE(tmpdir.CreateUniqueTempDir()); |
| 67 ASSERT_TRUE(file_util::CreateTemporaryFileInDir(tmpdir.path(), &tmpfile)); | 70 ASSERT_TRUE(file_util::CreateTemporaryFileInDir(tmpdir.path(), &tmpfile)); |
| 68 | 71 |
| 69 EXPECT_TRUE(OwnerManager::ExportPublicKey(public_key_, tmpfile)); | 72 EXPECT_TRUE(utils_->ExportPublicKey(public_key_, tmpfile)); |
| 70 | 73 |
| 71 // Now, verify that we can look up the private key, given the public key | 74 // Now, verify that we can look up the private key, given the public key |
| 72 // we exported. We'll create | 75 // we exported. We'll create |
| 73 // an ID from the key, and then use that ID to query the token in the | 76 // an ID from the key, and then use that ID to query the token in the |
| 74 // default slot for a matching private key. Then we'll make sure it's | 77 // default slot for a matching private key. Then we'll make sure it's |
| 75 // the same as |private_key_| | 78 // the same as |private_key_| |
| 76 PK11SlotInfo* slot = NULL; | 79 PK11SlotInfo* slot = NULL; |
| 77 SECItem* ck_id = NULL; | 80 SECItem* ck_id = NULL; |
| 78 SECKEYPublicKey* from_disk = NULL; | 81 SECKEYPublicKey* from_disk = NULL; |
| 79 SECKEYPrivateKey* found = NULL; | 82 SECKEYPrivateKey* found = NULL; |
| 80 | 83 |
| 81 slot = base::GetDefaultNSSKeySlot(); | 84 slot = base::GetDefaultNSSKeySlot(); |
| 82 EXPECT_TRUE(slot != NULL); | 85 EXPECT_TRUE(slot != NULL); |
| 83 if (NULL == slot) | 86 if (NULL == slot) |
| 84 goto cleanup; | 87 goto cleanup; |
| 85 | 88 |
| 86 from_disk = OwnerManager::ImportPublicKey(tmpfile); | 89 from_disk = utils_->ImportPublicKey(tmpfile); |
| 87 ASSERT_TRUE(from_disk != NULL); | 90 ASSERT_TRUE(from_disk != NULL); |
| 88 | 91 |
| 89 ck_id = PK11_MakeIDFromPubKey(&(from_disk->u.rsa.modulus)); | 92 ck_id = PK11_MakeIDFromPubKey(&(from_disk->u.rsa.modulus)); |
| 90 EXPECT_TRUE(ck_id != NULL); | 93 EXPECT_TRUE(ck_id != NULL); |
| 91 if (NULL == ck_id) | 94 if (NULL == ck_id) |
| 92 goto cleanup; | 95 goto cleanup; |
| 93 | 96 |
| 94 found = PK11_FindKeyByKeyID(slot, ck_id, NULL); | 97 found = PK11_FindKeyByKeyID(slot, ck_id, NULL); |
| 95 EXPECT_TRUE(found != NULL); | 98 EXPECT_TRUE(found != NULL); |
| 96 if (NULL == found) | 99 if (NULL == found) |
| 97 goto cleanup; | 100 goto cleanup; |
| 98 | 101 |
| 99 EXPECT_EQ(private_key_->pkcs11ID, found->pkcs11ID); | 102 EXPECT_EQ(private_key_->pkcs11ID, found->pkcs11ID); |
| 100 | 103 |
| 101 cleanup: | 104 cleanup: |
| 102 if (slot) | 105 if (slot) |
| 103 PK11_FreeSlot(slot); | 106 PK11_FreeSlot(slot); |
| 104 if (from_disk) | 107 if (from_disk) |
| 105 SECKEY_DestroyPublicKey(from_disk); | 108 SECKEY_DestroyPublicKey(from_disk); |
| 106 if (found) | 109 if (found) |
| 107 SECKEY_DestroyPrivateKey(found); | 110 SECKEY_DestroyPrivateKey(found); |
| 108 if (ck_id) | 111 if (ck_id) |
| 109 SECITEM_ZfreeItem(ck_id, PR_TRUE); | 112 SECITEM_ZfreeItem(ck_id, PR_TRUE); |
| 110 } | 113 } |
| 111 | 114 |
| 112 } // namespace chromeos | 115 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3017020:
Refactoring key generation and export util code to make mocking possible. (Closed)
