| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 | 5 |
| 6 #include <stdint.h> | 6 #include <stdint.h> |
| 7 #include <string> | 7 #include <string> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 248 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 259 if (key_type) { | 259 if (key_type) { |
| 260 key_definition.provider_data.push_back( | 260 key_definition.provider_data.push_back( |
| 261 cryptohome::KeyDefinition::ProviderData("type")); | 261 cryptohome::KeyDefinition::ProviderData("type")); |
| 262 key_definition.provider_data.back().number = std::move(key_type); | 262 key_definition.provider_data.back().number = std::move(key_type); |
| 263 } | 263 } |
| 264 if (salt) { | 264 if (salt) { |
| 265 key_definition.provider_data.push_back( | 265 key_definition.provider_data.push_back( |
| 266 cryptohome::KeyDefinition::ProviderData("salt")); | 266 cryptohome::KeyDefinition::ProviderData("salt")); |
| 267 key_definition.provider_data.back().bytes = std::move(salt); | 267 key_definition.provider_data.back().bytes = std::move(salt); |
| 268 } | 268 } |
| 269 EXPECT_CALL(*mock_homedir_methods_, | 269 EXPECT_CALL( |
| 270 GetKeyDataEx(cryptohome::Identification( | 270 *mock_homedir_methods_, |
| 271 user_context_.GetAccountId().GetUserEmail()), | 271 GetKeyDataEx(cryptohome::Identification(user_context_.GetAccountId()), |
| 272 kCryptohomeGAIAKeyLabel, _)) | 272 kCryptohomeGAIAKeyLabel, _)) |
| 273 .WillOnce(WithArg<2>(Invoke( | 273 .WillOnce(WithArg<2>(Invoke( |
| 274 this, &CryptohomeAuthenticatorTest::InvokeGetDataExCallback))); | 274 this, &CryptohomeAuthenticatorTest::InvokeGetDataExCallback))); |
| 275 } | 275 } |
| 276 | 276 |
| 277 void ExpectMountExCall(bool expect_create_attempt) { | 277 void ExpectMountExCall(bool expect_create_attempt) { |
| 278 const cryptohome::KeyDefinition auth_key(transformed_key_.GetSecret(), | 278 const cryptohome::KeyDefinition auth_key(transformed_key_.GetSecret(), |
| 279 std::string(), | 279 std::string(), |
| 280 cryptohome::PRIV_DEFAULT); | 280 cryptohome::PRIV_DEFAULT); |
| 281 cryptohome::MountParameters mount(false /* ephemeral */); | 281 cryptohome::MountParameters mount(false /* ephemeral */); |
| 282 if (expect_create_attempt) { | 282 if (expect_create_attempt) { |
| 283 mount.create_keys.push_back(cryptohome::KeyDefinition( | 283 mount.create_keys.push_back(cryptohome::KeyDefinition( |
| 284 transformed_key_.GetSecret(), | 284 transformed_key_.GetSecret(), |
| 285 kCryptohomeGAIAKeyLabel, | 285 kCryptohomeGAIAKeyLabel, |
| 286 cryptohome::PRIV_DEFAULT)); | 286 cryptohome::PRIV_DEFAULT)); |
| 287 } | 287 } |
| 288 EXPECT_CALL(*mock_homedir_methods_, | 288 EXPECT_CALL( |
| 289 MountEx(cryptohome::Identification( | 289 *mock_homedir_methods_, |
| 290 user_context_.GetAccountId().GetUserEmail()), | 290 MountEx(cryptohome::Identification(user_context_.GetAccountId()), |
| 291 cryptohome::Authorization(auth_key), mount, _)) | 291 cryptohome::Authorization(auth_key), mount, _)) |
| 292 .Times(1) | 292 .Times(1) |
| 293 .RetiresOnSaturation(); | 293 .RetiresOnSaturation(); |
| 294 } | 294 } |
| 295 | 295 |
| 296 void RunResolve(CryptohomeAuthenticator* auth) { | 296 void RunResolve(CryptohomeAuthenticator* auth) { |
| 297 auth->Resolve(); | 297 auth->Resolve(); |
| 298 base::MessageLoop::current()->RunUntilIdle(); | 298 base::MessageLoop::current()->RunUntilIdle(); |
| 299 } | 299 } |
| 300 | 300 |
| 301 void SetAttemptState(CryptohomeAuthenticator* auth, TestAttemptState* state) { | 301 void SetAttemptState(CryptohomeAuthenticator* auth, TestAttemptState* state) { |
| (...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 555 TEST_F(CryptohomeAuthenticatorTest, DriveDataResync) { | 555 TEST_F(CryptohomeAuthenticatorTest, DriveDataResync) { |
| 556 UserContext expected_user_context(user_context_with_transformed_key_); | 556 UserContext expected_user_context(user_context_with_transformed_key_); |
| 557 expected_user_context.SetUserIDHash( | 557 expected_user_context.SetUserIDHash( |
| 558 cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername); | 558 cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername); |
| 559 ExpectLoginSuccess(expected_user_context); | 559 ExpectLoginSuccess(expected_user_context); |
| 560 FailOnLoginFailure(); | 560 FailOnLoginFailure(); |
| 561 | 561 |
| 562 // Set up mock async method caller to respond successfully to a cryptohome | 562 // Set up mock async method caller to respond successfully to a cryptohome |
| 563 // remove attempt. | 563 // remove attempt. |
| 564 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 564 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 565 EXPECT_CALL(*mock_caller_, | 565 EXPECT_CALL( |
| 566 AsyncRemove(user_context_.GetAccountId().GetUserEmail(), _)) | 566 *mock_caller_, |
| 567 AsyncRemove(cryptohome::Identification(user_context_.GetAccountId()), _)) |
| 567 .Times(1) | 568 .Times(1) |
| 568 .RetiresOnSaturation(); | 569 .RetiresOnSaturation(); |
| 569 | 570 |
| 570 // Set up mock homedir methods to respond successfully to a cryptohome create | 571 // Set up mock homedir methods to respond successfully to a cryptohome create |
| 571 // attempt. | 572 // attempt. |
| 572 ExpectGetKeyDataExCall(scoped_ptr<int64_t>(), scoped_ptr<std::string>()); | 573 ExpectGetKeyDataExCall(scoped_ptr<int64_t>(), scoped_ptr<std::string>()); |
| 573 ExpectMountExCall(true /* expect_create_attempt */); | 574 ExpectMountExCall(true /* expect_create_attempt */); |
| 574 | 575 |
| 575 state_->PresetOnlineLoginStatus(AuthFailure::AuthFailureNone()); | 576 state_->PresetOnlineLoginStatus(AuthFailure::AuthFailureNone()); |
| 576 SetAttemptState(auth_.get(), state_.release()); | 577 SetAttemptState(auth_.get(), state_.release()); |
| 577 | 578 |
| 578 auth_->ResyncEncryptedData(); | 579 auth_->ResyncEncryptedData(); |
| 579 base::MessageLoop::current()->Run(); | 580 base::MessageLoop::current()->Run(); |
| 580 } | 581 } |
| 581 | 582 |
| 582 TEST_F(CryptohomeAuthenticatorTest, DriveResyncFail) { | 583 TEST_F(CryptohomeAuthenticatorTest, DriveResyncFail) { |
| 583 FailOnLoginSuccess(); | 584 FailOnLoginSuccess(); |
| 584 ExpectLoginFailure(AuthFailure(AuthFailure::DATA_REMOVAL_FAILED)); | 585 ExpectLoginFailure(AuthFailure(AuthFailure::DATA_REMOVAL_FAILED)); |
| 585 | 586 |
| 586 // Set up mock async method caller to fail a cryptohome remove attempt. | 587 // Set up mock async method caller to fail a cryptohome remove attempt. |
| 587 mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_NONE); | 588 mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
| 588 EXPECT_CALL(*mock_caller_, | 589 EXPECT_CALL( |
| 589 AsyncRemove(user_context_.GetAccountId().GetUserEmail(), _)) | 590 *mock_caller_, |
| 591 AsyncRemove(cryptohome::Identification(user_context_.GetAccountId()), _)) |
| 590 .Times(1) | 592 .Times(1) |
| 591 .RetiresOnSaturation(); | 593 .RetiresOnSaturation(); |
| 592 | 594 |
| 593 SetAttemptState(auth_.get(), state_.release()); | 595 SetAttemptState(auth_.get(), state_.release()); |
| 594 | 596 |
| 595 auth_->ResyncEncryptedData(); | 597 auth_->ResyncEncryptedData(); |
| 596 base::MessageLoop::current()->Run(); | 598 base::MessageLoop::current()->Run(); |
| 597 } | 599 } |
| 598 | 600 |
| 599 TEST_F(CryptohomeAuthenticatorTest, DriveRequestOldPassword) { | 601 TEST_F(CryptohomeAuthenticatorTest, DriveRequestOldPassword) { |
| 600 FailOnLoginSuccess(); | 602 FailOnLoginSuccess(); |
| 601 ExpectPasswordChange(); | 603 ExpectPasswordChange(); |
| 602 | 604 |
| 603 state_->PresetCryptohomeStatus(false, cryptohome::MOUNT_ERROR_KEY_FAILURE); | 605 state_->PresetCryptohomeStatus(false, cryptohome::MOUNT_ERROR_KEY_FAILURE); |
| 604 state_->PresetOnlineLoginStatus(AuthFailure::AuthFailureNone()); | 606 state_->PresetOnlineLoginStatus(AuthFailure::AuthFailureNone()); |
| 605 SetAttemptState(auth_.get(), state_.release()); | 607 SetAttemptState(auth_.get(), state_.release()); |
| 606 | 608 |
| 607 RunResolve(auth_.get()); | 609 RunResolve(auth_.get()); |
| 608 } | 610 } |
| 609 | 611 |
| 610 TEST_F(CryptohomeAuthenticatorTest, DriveDataRecover) { | 612 TEST_F(CryptohomeAuthenticatorTest, DriveDataRecover) { |
| 611 UserContext expected_user_context(user_context_with_transformed_key_); | 613 UserContext expected_user_context(user_context_with_transformed_key_); |
| 612 expected_user_context.SetUserIDHash( | 614 expected_user_context.SetUserIDHash( |
| 613 cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername); | 615 cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername); |
| 614 ExpectLoginSuccess(expected_user_context); | 616 ExpectLoginSuccess(expected_user_context); |
| 615 FailOnLoginFailure(); | 617 FailOnLoginFailure(); |
| 616 | 618 |
| 617 // Set up mock async method caller to respond successfully to a key migration. | 619 // Set up mock async method caller to respond successfully to a key migration. |
| 618 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 620 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 619 EXPECT_CALL(*mock_caller_, | 621 EXPECT_CALL( |
| 620 AsyncMigrateKey(user_context_.GetAccountId().GetUserEmail(), _, | 622 *mock_caller_, |
| 621 transformed_key_.GetSecret(), _)) | 623 AsyncMigrateKey(cryptohome::Identification(user_context_.GetAccountId()), |
| 624 _, transformed_key_.GetSecret(), _)) |
| 622 .Times(1) | 625 .Times(1) |
| 623 .RetiresOnSaturation(); | 626 .RetiresOnSaturation(); |
| 624 | 627 |
| 625 // Set up mock homedir methods to respond successfully to a cryptohome mount | 628 // Set up mock homedir methods to respond successfully to a cryptohome mount |
| 626 // attempt. | 629 // attempt. |
| 627 ExpectGetKeyDataExCall(scoped_ptr<int64_t>(), scoped_ptr<std::string>()); | 630 ExpectGetKeyDataExCall(scoped_ptr<int64_t>(), scoped_ptr<std::string>()); |
| 628 ExpectMountExCall(false /* expect_create_attempt */); | 631 ExpectMountExCall(false /* expect_create_attempt */); |
| 629 | 632 |
| 630 state_->PresetOnlineLoginStatus(AuthFailure::AuthFailureNone()); | 633 state_->PresetOnlineLoginStatus(AuthFailure::AuthFailureNone()); |
| 631 SetAttemptState(auth_.get(), state_.release()); | 634 SetAttemptState(auth_.get(), state_.release()); |
| 632 | 635 |
| 633 auth_->RecoverEncryptedData(std::string()); | 636 auth_->RecoverEncryptedData(std::string()); |
| 634 base::MessageLoop::current()->Run(); | 637 base::MessageLoop::current()->Run(); |
| 635 } | 638 } |
| 636 | 639 |
| 637 TEST_F(CryptohomeAuthenticatorTest, DriveDataRecoverButFail) { | 640 TEST_F(CryptohomeAuthenticatorTest, DriveDataRecoverButFail) { |
| 638 FailOnLoginSuccess(); | 641 FailOnLoginSuccess(); |
| 639 ExpectPasswordChange(); | 642 ExpectPasswordChange(); |
| 640 | 643 |
| 641 // Set up mock async method caller to fail a key migration attempt, | 644 // Set up mock async method caller to fail a key migration attempt, |
| 642 // asserting that the wrong password was used. | 645 // asserting that the wrong password was used. |
| 643 mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_KEY_FAILURE); | 646 mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_KEY_FAILURE); |
| 644 EXPECT_CALL(*mock_caller_, | 647 EXPECT_CALL( |
| 645 AsyncMigrateKey(user_context_.GetAccountId().GetUserEmail(), _, | 648 *mock_caller_, |
| 646 transformed_key_.GetSecret(), _)) | 649 AsyncMigrateKey(cryptohome::Identification(user_context_.GetAccountId()), |
| 650 _, transformed_key_.GetSecret(), _)) |
| 647 .Times(1) | 651 .Times(1) |
| 648 .RetiresOnSaturation(); | 652 .RetiresOnSaturation(); |
| 649 | 653 |
| 650 SetAttemptState(auth_.get(), state_.release()); | 654 SetAttemptState(auth_.get(), state_.release()); |
| 651 | 655 |
| 652 auth_->RecoverEncryptedData(std::string()); | 656 auth_->RecoverEncryptedData(std::string()); |
| 653 base::MessageLoop::current()->Run(); | 657 base::MessageLoop::current()->Run(); |
| 654 } | 658 } |
| 655 | 659 |
| 656 TEST_F(CryptohomeAuthenticatorTest, ResolveNoMountToFailedMount) { | 660 TEST_F(CryptohomeAuthenticatorTest, ResolveNoMountToFailedMount) { |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 725 RunResolve(auth_.get()); | 729 RunResolve(auth_.get()); |
| 726 } | 730 } |
| 727 | 731 |
| 728 TEST_F(CryptohomeAuthenticatorTest, DriveUnlock) { | 732 TEST_F(CryptohomeAuthenticatorTest, DriveUnlock) { |
| 729 ExpectLoginSuccess(user_context_); | 733 ExpectLoginSuccess(user_context_); |
| 730 FailOnLoginFailure(); | 734 FailOnLoginFailure(); |
| 731 | 735 |
| 732 // Set up mock async method caller to respond successfully to a cryptohome | 736 // Set up mock async method caller to respond successfully to a cryptohome |
| 733 // key-check attempt. | 737 // key-check attempt. |
| 734 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 738 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 735 EXPECT_CALL(*mock_caller_, | 739 EXPECT_CALL( |
| 736 AsyncCheckKey(user_context_.GetAccountId().GetUserEmail(), _, _)) | 740 *mock_caller_, |
| 741 AsyncCheckKey(cryptohome::Identification(user_context_.GetAccountId()), _, |
| 742 _)) |
| 737 .Times(1) | 743 .Times(1) |
| 738 .RetiresOnSaturation(); | 744 .RetiresOnSaturation(); |
| 739 | 745 |
| 740 auth_->AuthenticateToUnlock(user_context_); | 746 auth_->AuthenticateToUnlock(user_context_); |
| 741 base::MessageLoop::current()->Run(); | 747 base::MessageLoop::current()->Run(); |
| 742 } | 748 } |
| 743 | 749 |
| 744 TEST_F(CryptohomeAuthenticatorTest, DriveLoginWithPreHashedPassword) { | 750 TEST_F(CryptohomeAuthenticatorTest, DriveLoginWithPreHashedPassword) { |
| 745 CreateTransformedKey(Key::KEY_TYPE_SALTED_SHA256, kSalt); | 751 CreateTransformedKey(Key::KEY_TYPE_SALTED_SHA256, kSalt); |
| 746 | 752 |
| (...skipping 27 matching lines...) Expand all Loading... |
| 774 // salt. | 780 // salt. |
| 775 ExpectGetKeyDataExCall( | 781 ExpectGetKeyDataExCall( |
| 776 make_scoped_ptr(new int64_t(Key::KEY_TYPE_SALTED_SHA256)), | 782 make_scoped_ptr(new int64_t(Key::KEY_TYPE_SALTED_SHA256)), |
| 777 scoped_ptr<std::string>()); | 783 scoped_ptr<std::string>()); |
| 778 | 784 |
| 779 auth_->AuthenticateToLogin(NULL, user_context_); | 785 auth_->AuthenticateToLogin(NULL, user_context_); |
| 780 base::RunLoop().Run(); | 786 base::RunLoop().Run(); |
| 781 } | 787 } |
| 782 | 788 |
| 783 } // namespace chromeos | 789 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1693383003:
ChromeOS cryptohome should be able to use gaia id as user identifier. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master