Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(538)

Unified Diff: remoting/protocol/negotiating_authenticator_unittest.cc

Issue 1755273003: Simplify AuthenticationMethod type and PIN hash handling. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: remoting/protocol/negotiating_authenticator_unittest.cc
diff --git a/remoting/protocol/negotiating_authenticator_unittest.cc b/remoting/protocol/negotiating_authenticator_unittest.cc
index 8c570ca190d9e47954e544ddb18e0a8c76155f98..4461d1dae5aeb28d1b0b0b9637c0a71164df6eab 100644
--- a/remoting/protocol/negotiating_authenticator_unittest.cc
+++ b/remoting/protocol/negotiating_authenticator_unittest.cc
@@ -45,31 +45,31 @@ const char kTestPinBad[] = "654321";
class NegotiatingAuthenticatorTest : public AuthenticatorTestBase {
public:
- NegotiatingAuthenticatorTest() {
- }
+ NegotiatingAuthenticatorTest() {}
~NegotiatingAuthenticatorTest() override {}
protected:
- void InitAuthenticators(
- const std::string& client_id,
- const std::string& client_paired_secret,
- const std::string& client_interactive_pin,
- const std::string& host_secret,
- AuthenticationMethod::HashFunction hash_function,
- bool client_hmac_only) {
- std::string host_secret_hash = AuthenticationMethod::ApplyHashFunction(
- hash_function, kTestHostId, host_secret);
- host_ = NegotiatingHostAuthenticator::CreateWithSharedSecret(
- host_cert_, key_pair_, host_secret_hash, hash_function,
- pairing_registry_);
+ void InitAuthenticators(const std::string& client_id,
+ const std::string& client_paired_secret,
+ const std::string& client_interactive_pin,
+ const std::string& host_secret,
+ bool it2me,
+ bool client_hmac_only) {
+ if (it2me) {
+ host_ = NegotiatingHostAuthenticator::CreateForIt2Me(
+ host_cert_, key_pair_, host_secret);
+ } else {
+ std::string host_secret_hash = ApplySharedSecretHashFunction(
+ HashFunction::HMAC_SHA256, kTestHostId, host_secret);
+ host_ = NegotiatingHostAuthenticator::CreateWithPin(
+ host_cert_, key_pair_, host_secret_hash, pairing_registry_);
+ }
std::vector<AuthenticationMethod> methods;
- methods.push_back(AuthenticationMethod::Spake2Pair());
- methods.push_back(AuthenticationMethod::Spake2(
- AuthenticationMethod::HMAC_SHA256));
+ methods.push_back(AuthenticationMethod::SPAKE2_PAIR);
+ methods.push_back(AuthenticationMethod::SPAKE2_SHARED_SECRET_HMAC);
if (!client_hmac_only) {
- methods.push_back(AuthenticationMethod::Spake2(
- AuthenticationMethod::NONE));
+ methods.push_back(AuthenticationMethod::SPAKE2_SHARED_SECRET_PLAIN);
}
bool pairing_expected = pairing_registry_.get() != nullptr;
FetchSecretCallback fetch_secret_callback =
@@ -146,34 +146,29 @@ class NegotiatingAuthenticatorTest : public AuthenticatorTestBase {
DISALLOW_COPY_AND_ASSIGN(NegotiatingAuthenticatorTest);
};
-TEST_F(NegotiatingAuthenticatorTest, SuccessfulAuthHmac) {
- ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kNoClientId, kNoPairedSecret, kTestPin, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
- VerifyAccepted(
- AuthenticationMethod::Spake2(AuthenticationMethod::HMAC_SHA256));
+TEST_F(NegotiatingAuthenticatorTest, SuccessfulAuthMe2MePin) {
+ ASSERT_NO_FATAL_FAILURE(InitAuthenticators(kNoClientId, kNoPairedSecret,
+ kTestPin, kTestPin, false, false));
+ VerifyAccepted(AuthenticationMethod::SPAKE2_SHARED_SECRET_HMAC);
}
-TEST_F(NegotiatingAuthenticatorTest, SuccessfulAuthPlain) {
- ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kNoClientId, kNoPairedSecret, kTestPin, kTestPin,
- AuthenticationMethod::NONE, false));
- VerifyAccepted(AuthenticationMethod::Spake2(AuthenticationMethod::NONE));
+TEST_F(NegotiatingAuthenticatorTest, SuccessfulAuthIt2me) {
+ ASSERT_NO_FATAL_FAILURE(InitAuthenticators(kNoClientId, kNoPairedSecret,
+ kTestPin, kTestPin, true, false));
+ VerifyAccepted(AuthenticationMethod::SPAKE2_SHARED_SECRET_PLAIN);
}
-TEST_F(NegotiatingAuthenticatorTest, InvalidSecretHmac) {
+TEST_F(NegotiatingAuthenticatorTest, InvalidMe2MePin) {
ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kNoClientId, kNoPairedSecret, kTestPinBad, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ kNoClientId, kNoPairedSecret, kTestPinBad, kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
VerifyRejected(Authenticator::INVALID_CREDENTIALS);
}
-TEST_F(NegotiatingAuthenticatorTest, InvalidSecretPlain) {
+TEST_F(NegotiatingAuthenticatorTest, InvalidIt2MeAccessCode) {
ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kNoClientId, kNoPairedSecret, kTestPin, kTestPinBad,
- AuthenticationMethod::NONE, false));
+ kNoClientId, kNoPairedSecret, kTestPin, kTestPinBad, true, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
VerifyRejected(Authenticator::INVALID_CREDENTIALS);
@@ -181,45 +176,39 @@ TEST_F(NegotiatingAuthenticatorTest, InvalidSecretPlain) {
TEST_F(NegotiatingAuthenticatorTest, IncompatibleMethods) {
ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kNoClientId, kNoPairedSecret, kTestPin, kTestPinBad,
- AuthenticationMethod::NONE, true));
+ kNoClientId, kNoPairedSecret, kTestPin, kTestPinBad, true, true));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
VerifyRejected(Authenticator::PROTOCOL_ERROR);
}
TEST_F(NegotiatingAuthenticatorTest, PairingNotSupported) {
- ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kTestClientId, kTestPairedSecret, kTestPin, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ ASSERT_NO_FATAL_FAILURE(InitAuthenticators(kTestClientId, kTestPairedSecret,
+ kTestPin, kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
- VerifyAccepted(
- AuthenticationMethod::Spake2(AuthenticationMethod::HMAC_SHA256));
+ VerifyAccepted(AuthenticationMethod::SPAKE2_SHARED_SECRET_HMAC);
}
TEST_F(NegotiatingAuthenticatorTest, PairingSupportedButNotPaired) {
CreatePairingRegistry(false);
- ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kNoClientId, kNoPairedSecret, kTestPin, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ ASSERT_NO_FATAL_FAILURE(InitAuthenticators(kNoClientId, kNoPairedSecret,
+ kTestPin, kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
- VerifyAccepted(AuthenticationMethod::Spake2Pair());
+ VerifyAccepted(AuthenticationMethod::SPAKE2_PAIR);
}
TEST_F(NegotiatingAuthenticatorTest, PairingRevokedPinOkay) {
CreatePairingRegistry(false);
- ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kTestClientId, kTestPairedSecret, kTestPin, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ ASSERT_NO_FATAL_FAILURE(InitAuthenticators(kTestClientId, kTestPairedSecret,
+ kTestPin, kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
- VerifyAccepted(AuthenticationMethod::Spake2Pair());
+ VerifyAccepted(AuthenticationMethod::SPAKE2_PAIR);
}
TEST_F(NegotiatingAuthenticatorTest, PairingRevokedPinBad) {
CreatePairingRegistry(false);
ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kTestClientId, kTestPairedSecret, kTestPinBad, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ kTestClientId, kTestPairedSecret, kTestPinBad, kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
VerifyRejected(Authenticator::INVALID_CREDENTIALS);
}
@@ -227,27 +216,25 @@ TEST_F(NegotiatingAuthenticatorTest, PairingRevokedPinBad) {
TEST_F(NegotiatingAuthenticatorTest, PairingSucceeded) {
CreatePairingRegistry(true);
ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kTestClientId, kTestPairedSecret, kTestPinBad, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ kTestClientId, kTestPairedSecret, kTestPinBad, kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
- VerifyAccepted(AuthenticationMethod::Spake2Pair());
+ VerifyAccepted(AuthenticationMethod::SPAKE2_PAIR);
}
TEST_F(NegotiatingAuthenticatorTest,
PairingSucceededInvalidSecretButPinOkay) {
CreatePairingRegistry(true);
ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kTestClientId, kTestPairedSecretBad, kTestPin, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ kTestClientId, kTestPairedSecretBad, kTestPin, kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
- VerifyAccepted(AuthenticationMethod::Spake2Pair());
+ VerifyAccepted(AuthenticationMethod::SPAKE2_PAIR);
}
TEST_F(NegotiatingAuthenticatorTest, PairingFailedInvalidSecretAndPin) {
CreatePairingRegistry(true);
- ASSERT_NO_FATAL_FAILURE(InitAuthenticators(
- kTestClientId, kTestPairedSecretBad, kTestPinBad, kTestPin,
- AuthenticationMethod::HMAC_SHA256, false));
+ ASSERT_NO_FATAL_FAILURE(InitAuthenticators(kTestClientId,
+ kTestPairedSecretBad, kTestPinBad,
+ kTestPin, false, false));
ASSERT_NO_FATAL_FAILURE(RunAuthExchange());
VerifyRejected(Authenticator::INVALID_CREDENTIALS);
}

Powered by Google App Engine
This is Rietveld 408576698