| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" | 5 #include "base/bind.h" |
| 6 #include "base/memory/scoped_ptr.h" | 6 #include "base/memory/scoped_ptr.h" |
| 7 #include "base/run_loop.h" | 7 #include "base/run_loop.h" |
| 8 #include "chromeos/attestation/mock_attestation_flow.h" | 8 #include "chromeos/attestation/mock_attestation_flow.h" |
| 9 #include "chromeos/cryptohome/mock_async_method_caller.h" | 9 #include "chromeos/cryptohome/mock_async_method_caller.h" |
| 10 #include "chromeos/dbus/mock_cryptohome_client.h" | 10 #include "chromeos/dbus/mock_cryptohome_client.h" |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 | 34 |
| 35 void DBusCallbackFail(const BoolDBusMethodCallback& callback) { | 35 void DBusCallbackFail(const BoolDBusMethodCallback& callback) { |
| 36 MessageLoop::current()->PostTask( | 36 MessageLoop::current()->PostTask( |
| 37 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_FAILURE, false)); | 37 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_FAILURE, false)); |
| 38 } | 38 } |
| 39 | 39 |
| 40 void AsyncCallbackFalse(cryptohome::AsyncMethodCaller::Callback callback) { | 40 void AsyncCallbackFalse(cryptohome::AsyncMethodCaller::Callback callback) { |
| 41 callback.Run(false, cryptohome::MOUNT_ERROR_NONE); | 41 callback.Run(false, cryptohome::MOUNT_ERROR_NONE); |
| 42 } | 42 } |
| 43 | 43 |
| 44 class FakeDBusData { |
| 45 public: |
| 46 explicit FakeDBusData(const std::string& data) : data_(data) {} |
| 47 |
| 48 void operator() (const CryptohomeClient::DataMethodCallback& callback) { |
| 49 MessageLoop::current()->PostTask( |
| 50 FROM_HERE, |
| 51 base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true, data_)); |
| 52 } |
| 53 |
| 54 private: |
| 55 std::string data_; |
| 56 }; |
| 57 |
| 44 } // namespace | 58 } // namespace |
| 45 | 59 |
| 46 class AttestationFlowTest : public testing::Test { | 60 class AttestationFlowTest : public testing::Test { |
| 47 protected: | 61 protected: |
| 48 void Run() { | 62 void Run() { |
| 49 base::RunLoop run_loop; | 63 base::RunLoop run_loop; |
| 50 run_loop.RunUntilIdle(); | 64 run_loop.RunUntilIdle(); |
| 51 } | 65 } |
| 52 MessageLoop message_loop_; | 66 MessageLoop message_loop_; |
| 53 }; | 67 }; |
| (...skipping 22 matching lines...) Expand all Loading... |
| 76 _)).Times(1) | 90 _)).Times(1) |
| 77 .InSequence(flow_order); | 91 .InSequence(flow_order); |
| 78 | 92 |
| 79 std::string fake_enroll_response = | 93 std::string fake_enroll_response = |
| 80 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; | 94 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; |
| 81 fake_enroll_response += "_response"; | 95 fake_enroll_response += "_response"; |
| 82 EXPECT_CALL(async_caller, AsyncTpmAttestationEnroll(fake_enroll_response, _)) | 96 EXPECT_CALL(async_caller, AsyncTpmAttestationEnroll(fake_enroll_response, _)) |
| 83 .Times(1) | 97 .Times(1) |
| 84 .InSequence(flow_order); | 98 .InSequence(flow_order); |
| 85 | 99 |
| 86 int options = CryptohomeClient::INCLUDE_DEVICE_STATE; | 100 EXPECT_CALL( |
| 87 EXPECT_CALL(async_caller, | 101 async_caller, |
| 88 AsyncTpmAttestationCreateCertRequest(options, _)) | 102 AsyncTpmAttestationCreateCertRequest(CERTIFICATE_INCLUDE_DEVICE_STATE, _)) |
| 89 .Times(1) | 103 .Times(1) |
| 90 .InSequence(flow_order); | 104 .InSequence(flow_order); |
| 91 | 105 |
| 92 EXPECT_CALL(*proxy, SendCertificateRequest( | 106 EXPECT_CALL(*proxy, SendCertificateRequest( |
| 93 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, | 107 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, |
| 94 _)).Times(1) | 108 _)).Times(1) |
| 95 .InSequence(flow_order); | 109 .InSequence(flow_order); |
| 96 | 110 |
| 97 std::string fake_cert_response = | 111 std::string fake_cert_response = |
| 98 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; | 112 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; |
| 99 fake_cert_response += "_response"; | 113 fake_cert_response += "_response"; |
| 100 EXPECT_CALL(async_caller, | 114 EXPECT_CALL(async_caller, |
| 101 AsyncTpmAttestationFinishCertRequest(fake_cert_response, | 115 AsyncTpmAttestationFinishCertRequest(fake_cert_response, |
| 102 CryptohomeClient::USER_KEY, | 116 KEY_USER, |
| 103 "test", | 117 kEnterpriseUserKey, |
| 104 _)) | 118 _)) |
| 105 .Times(1) | 119 .Times(1) |
| 106 .InSequence(flow_order); | 120 .InSequence(flow_order); |
| 107 | 121 |
| 108 StrictMock<MockObserver> observer; | 122 StrictMock<MockObserver> observer; |
| 109 EXPECT_CALL(observer, MockCertificateCallback( | 123 EXPECT_CALL(observer, MockCertificateCallback( |
| 110 true, | 124 true, |
| 111 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) | 125 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) |
| 112 .Times(1) | 126 .Times(1) |
| 113 .InSequence(flow_order); | 127 .InSequence(flow_order); |
| 114 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 128 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 115 &MockObserver::MockCertificateCallback, | 129 &MockObserver::MockCertificateCallback, |
| 116 base::Unretained(&observer)); | 130 base::Unretained(&observer)); |
| 117 | 131 |
| 118 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 132 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 119 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 133 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 120 flow.GetCertificate("test", mock_callback); | 134 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, true, mock_callback); |
| 121 Run(); | 135 Run(); |
| 122 } | 136 } |
| 123 | 137 |
| 124 TEST_F(AttestationFlowTest, GetCertificate_NoEK) { | 138 TEST_F(AttestationFlowTest, GetCertificate_NoEK) { |
| 125 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 139 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 126 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); | 140 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
| 127 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) | 141 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) |
| 128 .Times(1); | 142 .Times(1); |
| 129 | 143 |
| 130 chromeos::MockCryptohomeClient client; | 144 chromeos::MockCryptohomeClient client; |
| 131 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 145 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 132 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 146 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 133 | 147 |
| 134 // We're not expecting any server calls in this case; StrictMock will verify. | 148 // We're not expecting any server calls in this case; StrictMock will verify. |
| 135 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 149 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 136 | 150 |
| 137 StrictMock<MockObserver> observer; | 151 StrictMock<MockObserver> observer; |
| 138 EXPECT_CALL(observer, MockCertificateCallback(false, "")) | 152 EXPECT_CALL(observer, MockCertificateCallback(false, "")) |
| 139 .Times(1); | 153 .Times(1); |
| 140 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 154 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 141 &MockObserver::MockCertificateCallback, | 155 &MockObserver::MockCertificateCallback, |
| 142 base::Unretained(&observer)); | 156 base::Unretained(&observer)); |
| 143 | 157 |
| 144 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 158 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 145 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 159 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 146 flow.GetCertificate("test", mock_callback); | 160 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, true, mock_callback); |
| 147 Run(); | 161 Run(); |
| 148 } | 162 } |
| 149 | 163 |
| 150 TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { | 164 TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { |
| 151 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 165 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 152 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 166 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 153 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) | 167 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) |
| 154 .Times(1); | 168 .Times(1); |
| 155 | 169 |
| 156 chromeos::MockCryptohomeClient client; | 170 chromeos::MockCryptohomeClient client; |
| 157 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 171 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 158 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 172 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 159 | 173 |
| 160 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 174 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 161 proxy->DeferToFake(false); | 175 proxy->DeferToFake(false); |
| 162 EXPECT_CALL(*proxy, SendEnrollRequest( | 176 EXPECT_CALL(*proxy, SendEnrollRequest( |
| 163 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, | 177 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, |
| 164 _)).Times(1); | 178 _)).Times(1); |
| 165 | 179 |
| 166 StrictMock<MockObserver> observer; | 180 StrictMock<MockObserver> observer; |
| 167 EXPECT_CALL(observer, MockCertificateCallback(false, "")) | 181 EXPECT_CALL(observer, MockCertificateCallback(false, "")) |
| 168 .Times(1); | 182 .Times(1); |
| 169 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 183 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 170 &MockObserver::MockCertificateCallback, | 184 &MockObserver::MockCertificateCallback, |
| 171 base::Unretained(&observer)); | 185 base::Unretained(&observer)); |
| 172 | 186 |
| 173 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 187 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 174 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 188 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 175 flow.GetCertificate("test", mock_callback); | 189 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, true, mock_callback); |
| 176 Run(); | 190 Run(); |
| 177 } | 191 } |
| 178 | 192 |
| 179 TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { | 193 TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { |
| 180 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 194 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 181 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 195 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 182 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) | 196 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) |
| 183 .Times(1); | 197 .Times(1); |
| 184 std::string fake_enroll_response = | 198 std::string fake_enroll_response = |
| 185 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; | 199 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; |
| (...skipping 12 matching lines...) Expand all Loading... |
| 198 _)).Times(1); | 212 _)).Times(1); |
| 199 | 213 |
| 200 StrictMock<MockObserver> observer; | 214 StrictMock<MockObserver> observer; |
| 201 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 215 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
| 202 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 216 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 203 &MockObserver::MockCertificateCallback, | 217 &MockObserver::MockCertificateCallback, |
| 204 base::Unretained(&observer)); | 218 base::Unretained(&observer)); |
| 205 | 219 |
| 206 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 220 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 207 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 221 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 208 flow.GetCertificate("test", mock_callback); | 222 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, true, mock_callback); |
| 209 Run(); | 223 Run(); |
| 210 } | 224 } |
| 211 | 225 |
| 212 TEST_F(AttestationFlowTest, GetOwnerCertificateAlreadyEnrolled) { | 226 TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { |
| 213 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 227 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 214 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 228 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 215 int options = CryptohomeClient::INCLUDE_DEVICE_STATE | | 229 int options = CERTIFICATE_INCLUDE_DEVICE_STATE | |
| 216 CryptohomeClient::INCLUDE_STABLE_ID; | 230 CERTIFICATE_INCLUDE_STABLE_ID; |
| 217 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest(options, _)) | 231 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest(options, _)) |
| 218 .Times(1); | 232 .Times(1); |
| 219 std::string fake_cert_response = | 233 std::string fake_cert_response = |
| 220 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; | 234 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; |
| 221 fake_cert_response += "_response"; | 235 fake_cert_response += "_response"; |
| 222 EXPECT_CALL(async_caller, | 236 EXPECT_CALL(async_caller, |
| 223 AsyncTpmAttestationFinishCertRequest(fake_cert_response, | 237 AsyncTpmAttestationFinishCertRequest(fake_cert_response, |
| 224 CryptohomeClient::DEVICE_KEY, | 238 KEY_DEVICE, |
| 225 "attest-ent-machine", | 239 kEnterpriseMachineKey, |
| 226 _)) | 240 _)) |
| 227 .Times(1); | 241 .Times(1); |
| 228 | 242 |
| 229 chromeos::MockCryptohomeClient client; | 243 chromeos::MockCryptohomeClient client; |
| 230 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 244 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 231 .WillRepeatedly(Invoke(DBusCallbackTrue)); | 245 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
| 232 | 246 |
| 233 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 247 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 234 proxy->DeferToFake(true); | 248 proxy->DeferToFake(true); |
| 235 EXPECT_CALL(*proxy, SendCertificateRequest( | 249 EXPECT_CALL(*proxy, SendCertificateRequest( |
| 236 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, | 250 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, |
| 237 _)).Times(1); | 251 _)).Times(1); |
| 238 | 252 |
| 239 StrictMock<MockObserver> observer; | 253 StrictMock<MockObserver> observer; |
| 240 EXPECT_CALL(observer, MockCertificateCallback( | 254 EXPECT_CALL(observer, MockCertificateCallback( |
| 241 true, | 255 true, |
| 242 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); | 256 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); |
| 243 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 257 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 244 &MockObserver::MockCertificateCallback, | 258 &MockObserver::MockCertificateCallback, |
| 245 base::Unretained(&observer)); | 259 base::Unretained(&observer)); |
| 246 | 260 |
| 247 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 261 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 248 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 262 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 249 flow.GetCertificate("attest-ent-machine", mock_callback); | 263 flow.GetCertificate(PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, |
| 264 true, mock_callback); |
| 250 Run(); | 265 Run(); |
| 251 } | 266 } |
| 252 | 267 |
| 253 TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { | 268 TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { |
| 254 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 269 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 255 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); | 270 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
| 256 int options = CryptohomeClient::INCLUDE_DEVICE_STATE; | 271 int options = CERTIFICATE_INCLUDE_DEVICE_STATE; |
| 257 EXPECT_CALL(async_caller, | 272 EXPECT_CALL(async_caller, |
| 258 AsyncTpmAttestationCreateCertRequest(options, _)) | 273 AsyncTpmAttestationCreateCertRequest(options, _)) |
| 259 .Times(1); | 274 .Times(1); |
| 260 | 275 |
| 261 chromeos::MockCryptohomeClient client; | 276 chromeos::MockCryptohomeClient client; |
| 262 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 277 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 263 .WillRepeatedly(Invoke(DBusCallbackTrue)); | 278 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
| 264 | 279 |
| 265 // We're not expecting any server calls in this case; StrictMock will verify. | 280 // We're not expecting any server calls in this case; StrictMock will verify. |
| 266 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 281 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 267 | 282 |
| 268 StrictMock<MockObserver> observer; | 283 StrictMock<MockObserver> observer; |
| 269 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 284 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
| 270 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 285 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 271 &MockObserver::MockCertificateCallback, | 286 &MockObserver::MockCertificateCallback, |
| 272 base::Unretained(&observer)); | 287 base::Unretained(&observer)); |
| 273 | 288 |
| 274 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 289 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 275 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 290 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 276 flow.GetCertificate("test", mock_callback); | 291 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, true, mock_callback); |
| 277 Run(); | 292 Run(); |
| 278 } | 293 } |
| 279 | 294 |
| 280 TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { | 295 TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { |
| 281 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 296 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 282 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 297 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 283 int options = CryptohomeClient::INCLUDE_DEVICE_STATE; | 298 int options = CERTIFICATE_INCLUDE_DEVICE_STATE; |
| 284 EXPECT_CALL(async_caller, | 299 EXPECT_CALL(async_caller, |
| 285 AsyncTpmAttestationCreateCertRequest(options, _)) | 300 AsyncTpmAttestationCreateCertRequest(options, _)) |
| 286 .Times(1); | 301 .Times(1); |
| 287 | 302 |
| 288 chromeos::MockCryptohomeClient client; | 303 chromeos::MockCryptohomeClient client; |
| 289 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 304 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 290 .WillRepeatedly(Invoke(DBusCallbackTrue)); | 305 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
| 291 | 306 |
| 292 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 307 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 293 proxy->DeferToFake(false); | 308 proxy->DeferToFake(false); |
| 294 EXPECT_CALL(*proxy, SendCertificateRequest( | 309 EXPECT_CALL(*proxy, SendCertificateRequest( |
| 295 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, | 310 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, |
| 296 _)).Times(1); | 311 _)).Times(1); |
| 297 | 312 |
| 298 StrictMock<MockObserver> observer; | 313 StrictMock<MockObserver> observer; |
| 299 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 314 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
| 300 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 315 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 301 &MockObserver::MockCertificateCallback, | 316 &MockObserver::MockCertificateCallback, |
| 302 base::Unretained(&observer)); | 317 base::Unretained(&observer)); |
| 303 | 318 |
| 304 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 319 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 305 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 320 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 306 flow.GetCertificate("test", mock_callback); | 321 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, true, mock_callback); |
| 307 Run(); | 322 Run(); |
| 308 } | 323 } |
| 309 | 324 |
| 310 TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { | 325 TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { |
| 311 // We're not expecting any server calls in this case; StrictMock will verify. | 326 // We're not expecting any async calls in this case; StrictMock will verify. |
| 312 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 327 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 313 | 328 |
| 314 chromeos::MockCryptohomeClient client; | 329 chromeos::MockCryptohomeClient client; |
| 315 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 330 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 316 .WillRepeatedly(Invoke(DBusCallbackFail)); | 331 .WillRepeatedly(Invoke(DBusCallbackFail)); |
| 317 | 332 |
| 318 // We're not expecting any server calls in this case; StrictMock will verify. | 333 // We're not expecting any server calls in this case; StrictMock will verify. |
| 319 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 334 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 320 | 335 |
| 321 StrictMock<MockObserver> observer; | 336 StrictMock<MockObserver> observer; |
| 322 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 337 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
| 323 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 338 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 324 &MockObserver::MockCertificateCallback, | 339 &MockObserver::MockCertificateCallback, |
| 325 base::Unretained(&observer)); | 340 base::Unretained(&observer)); |
| 326 | 341 |
| 327 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); | 342 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 328 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); | 343 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 329 flow.GetCertificate("test", mock_callback); | 344 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, true, mock_callback); |
| 330 Run(); | 345 Run(); |
| 331 } | 346 } |
| 332 | 347 |
| 348 TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { |
| 349 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 350 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 351 int options = CERTIFICATE_INCLUDE_DEVICE_STATE; |
| 352 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest(options, _)) |
| 353 .Times(1); |
| 354 std::string fake_cert_response = |
| 355 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; |
| 356 fake_cert_response += "_response"; |
| 357 EXPECT_CALL(async_caller, |
| 358 AsyncTpmAttestationFinishCertRequest(fake_cert_response, |
| 359 KEY_USER, |
| 360 kEnterpriseUserKey, |
| 361 _)) |
| 362 .Times(1); |
| 363 |
| 364 chromeos::MockCryptohomeClient client; |
| 365 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 366 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
| 367 EXPECT_CALL(client, |
| 368 TpmAttestationDoesKeyExist(KEY_USER, kEnterpriseUserKey, _)) |
| 369 .WillRepeatedly(WithArgs<2>(Invoke(DBusCallbackFalse))); |
| 370 |
| 371 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 372 proxy->DeferToFake(true); |
| 373 EXPECT_CALL(*proxy, SendCertificateRequest( |
| 374 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, |
| 375 _)).Times(1); |
| 376 |
| 377 StrictMock<MockObserver> observer; |
| 378 EXPECT_CALL(observer, MockCertificateCallback( |
| 379 true, |
| 380 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); |
| 381 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 382 &MockObserver::MockCertificateCallback, |
| 383 base::Unretained(&observer)); |
| 384 |
| 385 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 386 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 387 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, |
| 388 false, mock_callback); |
| 389 Run(); |
| 390 } |
| 391 |
| 392 TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { |
| 393 // We're not expecting any async calls in this case; StrictMock will verify. |
| 394 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 395 |
| 396 chromeos::MockCryptohomeClient client; |
| 397 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 398 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
| 399 EXPECT_CALL(client, |
| 400 TpmAttestationDoesKeyExist(KEY_USER, kEnterpriseUserKey, _)) |
| 401 .WillRepeatedly(WithArgs<2>(Invoke(DBusCallbackTrue))); |
| 402 EXPECT_CALL(client, |
| 403 TpmAttestationGetCertificate(KEY_USER, kEnterpriseUserKey, _)) |
| 404 .WillRepeatedly(WithArgs<2>(Invoke(FakeDBusData("fake_cert")))); |
| 405 |
| 406 // We're not expecting any server calls in this case; StrictMock will verify. |
| 407 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 408 |
| 409 StrictMock<MockObserver> observer; |
| 410 EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1); |
| 411 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 412 &MockObserver::MockCertificateCallback, |
| 413 base::Unretained(&observer)); |
| 414 |
| 415 scoped_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 416 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); |
| 417 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, |
| 418 false, mock_callback); |
| 419 Run(); |
| 420 } |
| 421 |
| 333 } // namespace attestation | 422 } // namespace attestation |
| 334 } // namespace chromeos | 423 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14305009:
Enhanced and refactored the AttestationFlow interface. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src