OLD | NEW |
1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Unit tests for Mount. | 5 // Unit tests for Mount. |
6 | 6 |
7 #include "mount.h" | 7 #include "mount.h" |
8 | 8 |
9 #include <openssl/sha.h> | 9 #include <openssl/sha.h> |
10 #include <pwd.h> | 10 #include <pwd.h> |
(...skipping 328 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
339 mount.set_use_tpm(false); | 339 mount.set_use_tpm(false); |
340 | 340 |
341 EXPECT_TRUE(mount.Init()); | 341 EXPECT_TRUE(mount.Init()); |
342 chromeos::Blob system_salt; | 342 chromeos::Blob system_salt; |
343 mount.GetSystemSalt(&system_salt); | 343 mount.GetSystemSalt(&system_salt); |
344 ASSERT_TRUE((system_salt.size() == system_salt_.size())); | 344 ASSERT_TRUE((system_salt.size() == system_salt_.size())); |
345 ASSERT_EQ(0, memcmp(&system_salt[0], &system_salt_[0], | 345 ASSERT_EQ(0, memcmp(&system_salt[0], &system_salt_[0], |
346 system_salt.size())); | 346 system_salt.size())); |
347 } | 347 } |
348 | 348 |
349 TEST_F(MountTest, ChangeTrackedDirs) { | |
350 // create a Mount instance that points to a good shadow root, test that it | |
351 // will re-save the vault keyset on tracked dirs change | |
352 Mount mount; | |
353 NiceMock<MockTpm> tpm; | |
354 mount.get_crypto()->set_tpm(&tpm); | |
355 mount.set_shadow_root(kImageDir); | |
356 mount.set_skel_source(kSkelDir); | |
357 mount.set_use_tpm(false); | |
358 | |
359 // Test user at index 9 has a tracked dir "DIR0" | |
360 cryptohome::SecureBlob passkey; | |
361 cryptohome::Crypto::PasswordToPasskey(kDefaultUsers[9].password, | |
362 system_salt_, &passkey); | |
363 UsernamePasskey up(kDefaultUsers[9].username, passkey); | |
364 | |
365 EXPECT_TRUE(mount.Init()); | |
366 | |
367 // Make sure the keyset has only one tracked directory, "DIR0" | |
368 VaultKeyset vault_keyset; | |
369 SerializedVaultKeyset serialized; | |
370 Mount::MountError error; | |
371 ASSERT_TRUE(mount.DecryptVaultKeyset(up, true, &vault_keyset, &serialized, | |
372 &error)); | |
373 | |
374 ASSERT_EQ(1, serialized.tracked_subdirectories_size()); | |
375 ASSERT_EQ(0, serialized.tracked_subdirectories(0).compare("DIR0")); | |
376 | |
377 // Make sure the tracked dirs change. serialized starts with DIR0 | |
378 std::vector<std::string> new_dirs; | |
379 new_dirs.push_back("DIR0"); | |
380 ASSERT_FALSE(mount.ReplaceTrackedSubdirectories(new_dirs, &serialized)); | |
381 // serialized now has "DIR0" | |
382 ASSERT_EQ(1, serialized.tracked_subdirectories_size()); | |
383 | |
384 new_dirs.clear(); | |
385 new_dirs.push_back("DIR1"); | |
386 ASSERT_TRUE(mount.ReplaceTrackedSubdirectories(new_dirs, &serialized)); | |
387 // serialized now has "DIR1" | |
388 ASSERT_EQ(1, serialized.tracked_subdirectories_size()); | |
389 | |
390 new_dirs.clear(); | |
391 new_dirs.push_back("DIR1"); | |
392 new_dirs.push_back("DIR0"); | |
393 ASSERT_TRUE(mount.ReplaceTrackedSubdirectories(new_dirs, &serialized)); | |
394 // serialized now has "DIR1", "DIR0" | |
395 ASSERT_EQ(2, serialized.tracked_subdirectories_size()); | |
396 | |
397 new_dirs.clear(); | |
398 new_dirs.push_back("DIR0"); | |
399 new_dirs.push_back("DIR1"); | |
400 ASSERT_FALSE(mount.ReplaceTrackedSubdirectories(new_dirs, &serialized)); | |
401 // serialized now has "DIR1", "DIR0" | |
402 ASSERT_EQ(2, serialized.tracked_subdirectories_size()); | |
403 | |
404 new_dirs.clear(); | |
405 new_dirs.push_back("DIR0"); | |
406 ASSERT_TRUE(mount.ReplaceTrackedSubdirectories(new_dirs, &serialized)); | |
407 // serialized now has "DIR0" | |
408 ASSERT_EQ(1, serialized.tracked_subdirectories_size()); | |
409 | |
410 new_dirs.clear(); | |
411 ASSERT_TRUE(mount.ReplaceTrackedSubdirectories(new_dirs, &serialized)); | |
412 // serialized now has nothing | |
413 ASSERT_EQ(0, serialized.tracked_subdirectories_size()); | |
414 } | |
415 | |
416 TEST_F(MountTest, MountCryptohome) { | 349 TEST_F(MountTest, MountCryptohome) { |
417 // checks that cryptohome tries to mount successfully, and tests that the | 350 // checks that cryptohome tries to mount successfully, and tests that the |
418 // tracked directories are created/replaced as expected | 351 // tracked directories are created/replaced as expected |
419 Mount mount; | 352 Mount mount; |
420 NiceMock<MockTpm> tpm; | 353 NiceMock<MockTpm> tpm; |
421 mount.get_crypto()->set_tpm(&tpm); | 354 mount.get_crypto()->set_tpm(&tpm); |
422 mount.set_shadow_root(kImageDir); | 355 mount.set_shadow_root(kImageDir); |
423 mount.set_skel_source(kSkelDir); | 356 mount.set_skel_source(kSkelDir); |
424 mount.set_use_tpm(false); | 357 mount.set_use_tpm(false); |
425 | 358 |
(...skipping 241 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
667 Mount::MountError error; | 600 Mount::MountError error; |
668 EXPECT_TRUE(mount.MountCryptohome(up, Mount::MountArgs(), &error)); | 601 EXPECT_TRUE(mount.MountCryptohome(up, Mount::MountArgs(), &error)); |
669 | 602 |
670 // Check that vault path now have pass-through version of tracked dirs. | 603 // Check that vault path now have pass-through version of tracked dirs. |
671 FilePath image_dir(kAltImageDir); | 604 FilePath image_dir(kAltImageDir); |
672 FilePath user_path = image_dir.Append(up.GetObfuscatedUsername(system_salt_)); | 605 FilePath user_path = image_dir.Append(up.GetObfuscatedUsername(system_salt_)); |
673 FilePath vault_path = user_path.Append("vault"); | 606 FilePath vault_path = user_path.Append("vault"); |
674 ASSERT_TRUE(file_util::PathExists(vault_path.Append(kCacheDir))); | 607 ASSERT_TRUE(file_util::PathExists(vault_path.Append(kCacheDir))); |
675 ASSERT_TRUE(file_util::PathExists(vault_path.Append(kDownloadsDir))); | 608 ASSERT_TRUE(file_util::PathExists(vault_path.Append(kDownloadsDir))); |
676 | 609 |
| 610 // Check that vault path does not contain user data unencrypted. |
| 611 // Note, that if we had real mount, we would see encrypted file names there; |
| 612 // but with our mock mount, we must see empty directories. |
| 613 EXPECT_TRUE(file_util::IsDirectoryEmpty(vault_path.Append(kCacheDir))); |
| 614 EXPECT_TRUE(file_util::IsDirectoryEmpty(vault_path.Append(kDownloadsDir))); |
| 615 |
677 // Check that Cache is clear (because it does not need migration) so | 616 // Check that Cache is clear (because it does not need migration) so |
678 // it should not appear in a home dir. | 617 // it should not appear in a home dir. |
679 EXPECT_FALSE(file_util::PathExists(cache_dir)); | 618 EXPECT_FALSE(file_util::PathExists(cache_dir)); |
680 | 619 |
681 // Check that Downloads is completely migrated. | 620 // Check that Downloads is completely migrated. |
682 string tested; | 621 string tested; |
683 EXPECT_TRUE(file_util::PathExists(downloads_dir)); | 622 EXPECT_TRUE(file_util::PathExists(downloads_dir)); |
684 EXPECT_TRUE(file_util::ReadFileToString( | 623 EXPECT_TRUE(file_util::ReadFileToString( |
685 downloads_dir.Append("downloaded_file"), &tested)); | 624 downloads_dir.Append("downloaded_file"), &tested)); |
686 EXPECT_EQ(contents, tested); | 625 EXPECT_EQ(contents, tested); |
687 EXPECT_TRUE(file_util::PathExists(downloads_subdir)); | 626 EXPECT_TRUE(file_util::PathExists(downloads_subdir)); |
688 tested.clear(); | 627 tested.clear(); |
689 EXPECT_TRUE(file_util::ReadFileToString( | 628 EXPECT_TRUE(file_util::ReadFileToString( |
690 downloads_subdir.Append("downloaded_file"), &tested)); | 629 downloads_subdir.Append("downloaded_file"), &tested)); |
691 EXPECT_EQ(contents, tested); | 630 EXPECT_EQ(contents, tested); |
692 | 631 |
693 // Check that we did not leave any litter. | 632 // Check that we did not leave any litter. |
694 file_util::Delete(downloads_dir, true); | 633 file_util::Delete(downloads_dir, true); |
695 EXPECT_TRUE(file_util::IsDirectoryEmpty(home_dir)); | 634 EXPECT_TRUE(file_util::IsDirectoryEmpty(home_dir)); |
696 } | 635 } |
697 | 636 |
698 } // namespace cryptohome | 637 } // namespace cryptohome |
OLD | NEW |