| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/gcm_driver/crypto/gcm_key_store.h" | 5 #include "components/gcm_driver/crypto/gcm_key_store.h" |
| 6 | 6 |
| 7 #include <string> |
| 8 |
| 7 #include "base/bind.h" | 9 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| 9 #include "base/files/scoped_temp_dir.h" | 11 #include "base/files/scoped_temp_dir.h" |
| 10 #include "base/message_loop/message_loop.h" | 12 #include "base/message_loop/message_loop.h" |
| 11 #include "base/run_loop.h" | 13 #include "base/run_loop.h" |
| 12 #include "base/test/histogram_tester.h" | 14 #include "base/test/histogram_tester.h" |
| 13 #include "base/thread_task_runner_handle.h" | 15 #include "base/thread_task_runner_handle.h" |
| 14 #include "components/gcm_driver/crypto/p256_key_util.h" | 16 #include "components/gcm_driver/crypto/p256_key_util.h" |
| 17 #include "net/test/gtest_util.h" |
| 15 #include "testing/gtest/include/gtest/gtest.h" | 18 #include "testing/gtest/include/gtest/gtest.h" |
| 16 | 19 |
| 17 namespace gcm { | 20 namespace gcm { |
| 18 | 21 |
| 19 namespace { | 22 namespace { |
| 20 | 23 |
| 21 const char kFakeAppId[] = "my_app_id"; | 24 const char kFakeAppId[] = "my_app_id"; |
| 22 const char kSecondFakeAppId[] = "my_other_app_id"; | 25 const char kSecondFakeAppId[] = "my_other_app_id"; |
| 26 const char kFakeAuthorizedEntity[] = "my_sender_id"; |
| 27 const char kSecondFakeAuthorizedEntity[] = "my_other_sender_id"; |
| 23 | 28 |
| 24 class GCMKeyStoreTest : public ::testing::Test { | 29 class GCMKeyStoreTest : public ::testing::Test { |
| 25 public: | 30 public: |
| 26 GCMKeyStoreTest() {} | 31 GCMKeyStoreTest() {} |
| 27 ~GCMKeyStoreTest() override {} | 32 ~GCMKeyStoreTest() override {} |
| 28 | 33 |
| 29 void SetUp() override { | 34 void SetUp() override { |
| 30 ASSERT_TRUE(scoped_temp_dir_.CreateUniqueTempDir()); | 35 ASSERT_TRUE(scoped_temp_dir_.CreateUniqueTempDir()); |
| 31 CreateKeyStore(); | 36 CreateKeyStore(); |
| 32 } | 37 } |
| 33 | 38 |
| 34 void TearDown() override { | 39 void TearDown() override { |
| 35 gcm_key_store_.reset(); | 40 gcm_key_store_.reset(); |
| 36 | 41 |
| 37 // |gcm_key_store_| owns a ProtoDatabaseImpl whose destructor deletes the | 42 // |gcm_key_store_| owns a ProtoDatabaseImpl whose destructor deletes the |
| 38 // underlying LevelDB database on the task runner. | 43 // underlying LevelDB database on the task runner. |
| 39 base::RunLoop().RunUntilIdle(); | 44 base::RunLoop().RunUntilIdle(); |
| 40 } | 45 } |
| 41 | 46 |
| 42 // Creates the GCM Key Store instance. May be called from within a test's body | 47 // Creates the GCM Key Store instance. May be called from within a test's body |
| 43 // to re-create the key store, causing the database to re-open. | 48 // to re-create the key store, causing the database to re-open. |
| 44 void CreateKeyStore() { | 49 void CreateKeyStore() { |
| 45 gcm_key_store_.reset( | 50 gcm_key_store_.reset( |
| 46 new GCMKeyStore(scoped_temp_dir_.path(), message_loop_.task_runner())); | 51 new GCMKeyStore(scoped_temp_dir_.path(), message_loop_.task_runner())); |
| 47 } | 52 } |
| 48 | 53 |
| 49 // Callback to use with GCMKeyStore::{GetKeys, CreateKeys} calls. | 54 // Callback to use with GCMKeyStore::{GetKeys, CreateKeys} calls. |
| 50 void GotKeys(KeyPair* pair_out, std::string* auth_secret_out, | 55 void GotKeys(KeyPair* pair_out, std::string* auth_secret_out, |
| 51 const KeyPair& pair, const std::string& auth_secret) { | 56 const KeyPair& pair, const std::string& auth_secret) { |
| 52 *pair_out = pair; | 57 if (pair_out) |
| 53 *auth_secret_out = auth_secret; | 58 *pair_out = pair; |
| 59 if (auth_secret_out) |
| 60 *auth_secret_out = auth_secret; |
| 54 } | 61 } |
| 55 | 62 |
| 56 protected: | 63 protected: |
| 57 GCMKeyStore* gcm_key_store() { return gcm_key_store_.get(); } | 64 GCMKeyStore* gcm_key_store() { return gcm_key_store_.get(); } |
| 58 base::HistogramTester* histogram_tester() { return &histogram_tester_; } | 65 base::HistogramTester* histogram_tester() { return &histogram_tester_; } |
| 59 | 66 |
| 60 private: | 67 private: |
| 61 base::MessageLoop message_loop_; | 68 base::MessageLoop message_loop_; |
| 62 base::ScopedTempDir scoped_temp_dir_; | 69 base::ScopedTempDir scoped_temp_dir_; |
| 63 base::HistogramTester histogram_tester_; | 70 base::HistogramTester histogram_tester_; |
| 64 | 71 |
| 65 std::unique_ptr<GCMKeyStore> gcm_key_store_; | 72 std::unique_ptr<GCMKeyStore> gcm_key_store_; |
| 66 }; | 73 }; |
| 67 | 74 |
| 68 TEST_F(GCMKeyStoreTest, EmptyByDefault) { | 75 TEST_F(GCMKeyStoreTest, EmptyByDefault) { |
| 69 // The key store is initialized lazily, so this histogram confirms that | 76 // The key store is initialized lazily, so this histogram confirms that |
| 70 // calling the constructor does not in fact cause initialization. | 77 // calling the constructor does not in fact cause initialization. |
| 71 histogram_tester()->ExpectTotalCount( | 78 histogram_tester()->ExpectTotalCount( |
| 72 "GCM.Crypto.InitKeyStoreSuccessRate", 0); | 79 "GCM.Crypto.InitKeyStoreSuccessRate", 0); |
| 73 | 80 |
| 74 KeyPair pair; | 81 KeyPair pair; |
| 75 std::string auth_secret; | 82 std::string auth_secret; |
| 76 gcm_key_store()->GetKeys(kFakeAppId, | 83 gcm_key_store()->GetKeys( |
| 77 base::Bind(&GCMKeyStoreTest::GotKeys, | 84 kFakeAppId, kFakeAuthorizedEntity, |
| 78 base::Unretained(this), &pair, | 85 false /* fallback_to_empty_authorized_entity */, |
| 79 &auth_secret)); | 86 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 87 &auth_secret)); |
| 80 | 88 |
| 81 base::RunLoop().RunUntilIdle(); | 89 base::RunLoop().RunUntilIdle(); |
| 82 | 90 |
| 83 ASSERT_FALSE(pair.IsInitialized()); | 91 ASSERT_FALSE(pair.IsInitialized()); |
| 84 EXPECT_FALSE(pair.has_type()); | 92 EXPECT_FALSE(pair.has_type()); |
| 85 EXPECT_EQ(0u, auth_secret.size()); | 93 EXPECT_EQ(0u, auth_secret.size()); |
| 86 | 94 |
| 87 histogram_tester()->ExpectBucketCount( | 95 histogram_tester()->ExpectBucketCount( |
| 88 "GCM.Crypto.GetKeySuccessRate", 0, 1); // failure | 96 "GCM.Crypto.GetKeySuccessRate", 0, 1); // failure |
| 89 } | 97 } |
| 90 | 98 |
| 91 TEST_F(GCMKeyStoreTest, CreateAndGetKeys) { | 99 TEST_F(GCMKeyStoreTest, CreateAndGetKeys) { |
| 92 KeyPair pair; | 100 KeyPair pair; |
| 93 std::string auth_secret; | 101 std::string auth_secret; |
| 94 gcm_key_store()->CreateKeys(kFakeAppId, | 102 gcm_key_store()->CreateKeys( |
| 95 base::Bind(&GCMKeyStoreTest::GotKeys, | 103 kFakeAppId, kFakeAuthorizedEntity, |
| 96 base::Unretained(this), &pair, | 104 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 97 &auth_secret)); | 105 &auth_secret)); |
| 98 | 106 |
| 99 base::RunLoop().RunUntilIdle(); | 107 base::RunLoop().RunUntilIdle(); |
| 100 | 108 |
| 101 ASSERT_TRUE(pair.IsInitialized()); | 109 ASSERT_TRUE(pair.IsInitialized()); |
| 102 ASSERT_TRUE(pair.has_private_key()); | 110 ASSERT_TRUE(pair.has_private_key()); |
| 103 ASSERT_TRUE(pair.has_public_key()); | 111 ASSERT_TRUE(pair.has_public_key()); |
| 104 | 112 |
| 105 EXPECT_GT(pair.public_key().size(), 0u); | 113 EXPECT_GT(pair.public_key().size(), 0u); |
| 106 EXPECT_GT(pair.private_key().size(), 0u); | 114 EXPECT_GT(pair.private_key().size(), 0u); |
| 107 | 115 |
| 108 ASSERT_GT(auth_secret.size(), 0u); | 116 ASSERT_GT(auth_secret.size(), 0u); |
| 109 | 117 |
| 110 histogram_tester()->ExpectBucketCount( | 118 histogram_tester()->ExpectBucketCount( |
| 111 "GCM.Crypto.CreateKeySuccessRate", 1, 1); // success | 119 "GCM.Crypto.CreateKeySuccessRate", 1, 1); // success |
| 112 | 120 |
| 113 KeyPair read_pair; | 121 KeyPair read_pair; |
| 114 std::string read_auth_secret; | 122 std::string read_auth_secret; |
| 115 gcm_key_store()->GetKeys(kFakeAppId, | 123 gcm_key_store()->GetKeys( |
| 116 base::Bind(&GCMKeyStoreTest::GotKeys, | 124 kFakeAppId, kFakeAuthorizedEntity, |
| 117 base::Unretained(this), &read_pair, | 125 false /* fallback_to_empty_authorized_entity */, |
| 118 &read_auth_secret)); | 126 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 127 &read_auth_secret)); |
| 119 | 128 |
| 120 base::RunLoop().RunUntilIdle(); | 129 base::RunLoop().RunUntilIdle(); |
| 121 | 130 |
| 122 ASSERT_TRUE(read_pair.IsInitialized()); | 131 ASSERT_TRUE(read_pair.IsInitialized()); |
| 123 | 132 |
| 124 EXPECT_EQ(pair.type(), read_pair.type()); | 133 EXPECT_EQ(pair.type(), read_pair.type()); |
| 125 EXPECT_EQ(pair.private_key(), read_pair.private_key()); | 134 EXPECT_EQ(pair.private_key(), read_pair.private_key()); |
| 126 EXPECT_EQ(pair.public_key(), read_pair.public_key()); | 135 EXPECT_EQ(pair.public_key(), read_pair.public_key()); |
| 127 | 136 |
| 128 EXPECT_EQ(auth_secret, read_auth_secret); | 137 EXPECT_EQ(auth_secret, read_auth_secret); |
| 129 | 138 |
| 130 histogram_tester()->ExpectBucketCount( | 139 histogram_tester()->ExpectBucketCount("GCM.Crypto.GetKeySuccessRate", 1, |
| 131 "GCM.Crypto.GetKeySuccessRate", 1, 1); // failure | 140 1); // success |
| 141 |
| 142 // GetKey should also succeed if fallback_to_empty_authorized_entity is true |
| 143 // (fallback should not occur, since an exact match is found). |
| 144 gcm_key_store()->GetKeys( |
| 145 kFakeAppId, kFakeAuthorizedEntity, |
| 146 true /* fallback_to_empty_authorized_entity */, |
| 147 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 148 &read_auth_secret)); |
| 149 |
| 150 base::RunLoop().RunUntilIdle(); |
| 151 |
| 152 ASSERT_TRUE(read_pair.IsInitialized()); |
| 153 |
| 154 EXPECT_EQ(pair.type(), read_pair.type()); |
| 155 EXPECT_EQ(pair.private_key(), read_pair.private_key()); |
| 156 EXPECT_EQ(pair.public_key(), read_pair.public_key()); |
| 157 |
| 158 EXPECT_EQ(auth_secret, read_auth_secret); |
| 159 |
| 160 histogram_tester()->ExpectBucketCount("GCM.Crypto.GetKeySuccessRate", 1, |
| 161 2); // another success |
| 162 } |
| 163 |
| 164 TEST_F(GCMKeyStoreTest, GetKeysFallback) { |
| 165 KeyPair pair; |
| 166 std::string auth_secret; |
| 167 gcm_key_store()->CreateKeys( |
| 168 kFakeAppId, "" /* empty authorized entity for non-InstanceID */, |
| 169 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 170 &auth_secret)); |
| 171 |
| 172 base::RunLoop().RunUntilIdle(); |
| 173 |
| 174 ASSERT_TRUE(pair.IsInitialized()); |
| 175 ASSERT_TRUE(pair.has_private_key()); |
| 176 ASSERT_TRUE(pair.has_public_key()); |
| 177 |
| 178 EXPECT_GT(pair.public_key().size(), 0u); |
| 179 EXPECT_GT(pair.private_key().size(), 0u); |
| 180 |
| 181 ASSERT_GT(auth_secret.size(), 0u); |
| 182 |
| 183 histogram_tester()->ExpectBucketCount("GCM.Crypto.CreateKeySuccessRate", 1, |
| 184 1); // success |
| 185 |
| 186 // GetKeys should fail when fallback_to_empty_authorized_entity is false, as |
| 187 // there is not an exact match for kFakeAuthorizedEntity. |
| 188 KeyPair read_pair; |
| 189 std::string read_auth_secret; |
| 190 gcm_key_store()->GetKeys( |
| 191 kFakeAppId, kFakeAuthorizedEntity, |
| 192 false /* fallback_to_empty_authorized_entity */, |
| 193 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 194 &read_auth_secret)); |
| 195 |
| 196 base::RunLoop().RunUntilIdle(); |
| 197 |
| 198 ASSERT_FALSE(read_pair.IsInitialized()); |
| 199 EXPECT_FALSE(read_pair.has_type()); |
| 200 EXPECT_EQ(0u, read_auth_secret.size()); |
| 201 |
| 202 histogram_tester()->ExpectBucketCount("GCM.Crypto.GetKeySuccessRate", 0, |
| 203 1); // failure |
| 204 |
| 205 // GetKey should succeed when fallback_to_empty_authorized_entity is true, as |
| 206 // falling back to empty authorized entity will match the created key. |
| 207 gcm_key_store()->GetKeys( |
| 208 kFakeAppId, kFakeAuthorizedEntity, |
| 209 true /* fallback_to_empty_authorized_entity */, |
| 210 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 211 &read_auth_secret)); |
| 212 |
| 213 base::RunLoop().RunUntilIdle(); |
| 214 |
| 215 ASSERT_TRUE(read_pair.IsInitialized()); |
| 216 |
| 217 EXPECT_EQ(pair.type(), read_pair.type()); |
| 218 EXPECT_EQ(pair.private_key(), read_pair.private_key()); |
| 219 EXPECT_EQ(pair.public_key(), read_pair.public_key()); |
| 220 |
| 221 EXPECT_EQ(auth_secret, read_auth_secret); |
| 222 |
| 223 histogram_tester()->ExpectBucketCount("GCM.Crypto.GetKeySuccessRate", 1, |
| 224 1); // success |
| 132 } | 225 } |
| 133 | 226 |
| 134 TEST_F(GCMKeyStoreTest, KeysPersistenceBetweenInstances) { | 227 TEST_F(GCMKeyStoreTest, KeysPersistenceBetweenInstances) { |
| 135 KeyPair pair; | 228 KeyPair pair; |
| 136 std::string auth_secret; | 229 std::string auth_secret; |
| 137 gcm_key_store()->CreateKeys(kFakeAppId, | 230 gcm_key_store()->CreateKeys( |
| 138 base::Bind(&GCMKeyStoreTest::GotKeys, | 231 kFakeAppId, kFakeAuthorizedEntity, |
| 139 base::Unretained(this), &pair, | 232 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 140 &auth_secret)); | 233 &auth_secret)); |
| 141 | 234 |
| 142 base::RunLoop().RunUntilIdle(); | 235 base::RunLoop().RunUntilIdle(); |
| 143 | 236 |
| 144 ASSERT_TRUE(pair.IsInitialized()); | 237 ASSERT_TRUE(pair.IsInitialized()); |
| 145 | 238 |
| 146 histogram_tester()->ExpectBucketCount( | 239 histogram_tester()->ExpectBucketCount( |
| 147 "GCM.Crypto.InitKeyStoreSuccessRate", 1, 1); // success | 240 "GCM.Crypto.InitKeyStoreSuccessRate", 1, 1); // success |
| 148 histogram_tester()->ExpectBucketCount( | 241 histogram_tester()->ExpectBucketCount( |
| 149 "GCM.Crypto.LoadKeyStoreSuccessRate", 1, 1); // success | 242 "GCM.Crypto.LoadKeyStoreSuccessRate", 1, 1); // success |
| 150 | 243 |
| 151 // Create a new GCM Key Store instance. | 244 // Create a new GCM Key Store instance. |
| 152 CreateKeyStore(); | 245 CreateKeyStore(); |
| 153 | 246 |
| 154 KeyPair read_pair; | 247 KeyPair read_pair; |
| 155 std::string read_auth_secret; | 248 std::string read_auth_secret; |
| 156 gcm_key_store()->GetKeys(kFakeAppId, | 249 gcm_key_store()->GetKeys( |
| 157 base::Bind(&GCMKeyStoreTest::GotKeys, | 250 kFakeAppId, kFakeAuthorizedEntity, |
| 158 base::Unretained(this), &read_pair, | 251 false /* fallback_to_empty_authorized_entity */, |
| 159 &read_auth_secret)); | 252 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 253 &read_auth_secret)); |
| 160 | 254 |
| 161 base::RunLoop().RunUntilIdle(); | 255 base::RunLoop().RunUntilIdle(); |
| 162 | 256 |
| 163 ASSERT_TRUE(read_pair.IsInitialized()); | 257 ASSERT_TRUE(read_pair.IsInitialized()); |
| 164 EXPECT_TRUE(read_pair.has_type()); | 258 EXPECT_TRUE(read_pair.has_type()); |
| 165 EXPECT_GT(read_auth_secret.size(), 0u); | 259 EXPECT_GT(read_auth_secret.size(), 0u); |
| 166 | 260 |
| 167 histogram_tester()->ExpectBucketCount( | 261 histogram_tester()->ExpectBucketCount( |
| 168 "GCM.Crypto.InitKeyStoreSuccessRate", 1, 2); // success | 262 "GCM.Crypto.InitKeyStoreSuccessRate", 1, 2); // success |
| 169 histogram_tester()->ExpectBucketCount( | 263 histogram_tester()->ExpectBucketCount( |
| 170 "GCM.Crypto.LoadKeyStoreSuccessRate", 1, 2); // success | 264 "GCM.Crypto.LoadKeyStoreSuccessRate", 1, 2); // success |
| 171 } | 265 } |
| 172 | 266 |
| 173 TEST_F(GCMKeyStoreTest, CreateAndRemoveKeys) { | 267 TEST_F(GCMKeyStoreTest, CreateAndRemoveKeys) { |
| 174 KeyPair pair; | 268 KeyPair pair; |
| 175 std::string auth_secret; | 269 std::string auth_secret; |
| 176 gcm_key_store()->CreateKeys(kFakeAppId, | 270 gcm_key_store()->CreateKeys( |
| 177 base::Bind(&GCMKeyStoreTest::GotKeys, | 271 kFakeAppId, kFakeAuthorizedEntity, |
| 178 base::Unretained(this), &pair, | 272 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 179 &auth_secret)); | 273 &auth_secret)); |
| 180 | 274 |
| 181 base::RunLoop().RunUntilIdle(); | 275 base::RunLoop().RunUntilIdle(); |
| 182 | 276 |
| 183 ASSERT_TRUE(pair.IsInitialized()); | 277 ASSERT_TRUE(pair.IsInitialized()); |
| 184 | 278 |
| 185 KeyPair read_pair; | 279 KeyPair read_pair; |
| 186 std::string read_auth_secret; | 280 std::string read_auth_secret; |
| 187 gcm_key_store()->GetKeys(kFakeAppId, | 281 gcm_key_store()->GetKeys( |
| 188 base::Bind(&GCMKeyStoreTest::GotKeys, | 282 kFakeAppId, kFakeAuthorizedEntity, |
| 189 base::Unretained(this), &read_pair, | 283 false /* fallback_to_empty_authorized_entity */, |
| 190 &read_auth_secret)); | 284 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 285 &read_auth_secret)); |
| 191 | 286 |
| 192 base::RunLoop().RunUntilIdle(); | 287 base::RunLoop().RunUntilIdle(); |
| 193 | 288 |
| 194 ASSERT_TRUE(read_pair.IsInitialized()); | 289 ASSERT_TRUE(read_pair.IsInitialized()); |
| 195 EXPECT_TRUE(read_pair.has_type()); | 290 EXPECT_TRUE(read_pair.has_type()); |
| 196 | 291 |
| 197 gcm_key_store()->RemoveKeys(kFakeAppId, base::Bind(&base::DoNothing)); | 292 gcm_key_store()->RemoveKeys(kFakeAppId, kFakeAuthorizedEntity, |
| 293 base::Bind(&base::DoNothing)); |
| 198 | 294 |
| 199 base::RunLoop().RunUntilIdle(); | 295 base::RunLoop().RunUntilIdle(); |
| 200 | 296 |
| 201 histogram_tester()->ExpectBucketCount( | 297 histogram_tester()->ExpectBucketCount( |
| 202 "GCM.Crypto.RemoveKeySuccessRate", 1, 1); // success | 298 "GCM.Crypto.RemoveKeySuccessRate", 1, 1); // success |
| 203 | 299 |
| 204 gcm_key_store()->GetKeys(kFakeAppId, | 300 gcm_key_store()->GetKeys( |
| 205 base::Bind(&GCMKeyStoreTest::GotKeys, | 301 kFakeAppId, kFakeAuthorizedEntity, |
| 206 base::Unretained(this), &read_pair, | 302 false /* fallback_to_empty_authorized_entity */, |
| 207 &read_auth_secret)); | 303 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 304 &read_auth_secret)); |
| 208 | 305 |
| 209 base::RunLoop().RunUntilIdle(); | 306 base::RunLoop().RunUntilIdle(); |
| 210 | 307 |
| 211 ASSERT_FALSE(read_pair.IsInitialized()); | 308 ASSERT_FALSE(read_pair.IsInitialized()); |
| 212 } | 309 } |
| 213 | 310 |
| 214 TEST_F(GCMKeyStoreTest, CreateAndRemoveKeysSynchronously) { | 311 TEST_F(GCMKeyStoreTest, CreateGetAndRemoveKeysSynchronously) { |
| 215 KeyPair pair; | 312 KeyPair pair; |
| 216 std::string auth_secret; | 313 std::string auth_secret; |
| 217 gcm_key_store()->CreateKeys(kFakeAppId, | 314 gcm_key_store()->CreateKeys( |
| 218 base::Bind(&GCMKeyStoreTest::GotKeys, | 315 kFakeAppId, kFakeAuthorizedEntity, |
| 219 base::Unretained(this), &pair, | 316 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 220 &auth_secret)); | 317 &auth_secret)); |
| 221 | 318 |
| 222 // Continue synchronously, without running RunUntilIdle first. | 319 // Continue synchronously, without running RunUntilIdle first. |
| 223 gcm_key_store()->RemoveKeys(kFakeAppId, base::Bind(&base::DoNothing)); | 320 KeyPair pair_after_create; |
| 321 std::string auth_secret_after_create; |
| 322 gcm_key_store()->GetKeys( |
| 323 kFakeAppId, kFakeAuthorizedEntity, |
| 324 false /* fallback_to_empty_authorized_entity */, |
| 325 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), |
| 326 &pair_after_create, &auth_secret_after_create)); |
| 327 |
| 328 // Continue synchronously, without running RunUntilIdle first. |
| 329 gcm_key_store()->RemoveKeys(kFakeAppId, kFakeAuthorizedEntity, |
| 330 base::Bind(&base::DoNothing)); |
| 331 |
| 332 // Continue synchronously, without running RunUntilIdle first. |
| 333 KeyPair pair_after_remove; |
| 334 std::string auth_secret_after_remove; |
| 335 gcm_key_store()->GetKeys( |
| 336 kFakeAppId, kFakeAuthorizedEntity, |
| 337 false /* fallback_to_empty_authorized_entity */, |
| 338 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), |
| 339 &pair_after_remove, &auth_secret_after_remove)); |
| 340 |
| 341 base::RunLoop().RunUntilIdle(); |
| 342 |
| 343 histogram_tester()->ExpectBucketCount("GCM.Crypto.RemoveKeySuccessRate", 1, |
| 344 1); // success |
| 345 |
| 346 KeyPair pair_after_idle; |
| 347 std::string auth_secret_after_idle; |
| 348 gcm_key_store()->GetKeys( |
| 349 kFakeAppId, kFakeAuthorizedEntity, |
| 350 false /* fallback_to_empty_authorized_entity */, |
| 351 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), |
| 352 &pair_after_idle, &auth_secret_after_idle)); |
| 224 | 353 |
| 225 base::RunLoop().RunUntilIdle(); | 354 base::RunLoop().RunUntilIdle(); |
| 226 | 355 |
| 227 ASSERT_TRUE(pair.IsInitialized()); | 356 ASSERT_TRUE(pair.IsInitialized()); |
| 357 ASSERT_TRUE(pair_after_create.IsInitialized()); |
| 358 EXPECT_FALSE(pair_after_remove.IsInitialized()); |
| 359 EXPECT_FALSE(pair_after_idle.IsInitialized()); |
| 360 |
| 228 EXPECT_TRUE(pair.has_type()); | 361 EXPECT_TRUE(pair.has_type()); |
| 362 EXPECT_EQ(pair.type(), pair_after_create.type()); |
| 363 EXPECT_EQ(pair.private_key(), pair_after_create.private_key()); |
| 364 EXPECT_EQ(pair.public_key(), pair_after_create.public_key()); |
| 229 | 365 |
| 230 histogram_tester()->ExpectBucketCount( | 366 EXPECT_GT(auth_secret.size(), 0u); |
| 231 "GCM.Crypto.RemoveKeySuccessRate", 1, 1); // success | 367 EXPECT_EQ(auth_secret, auth_secret_after_create); |
| 368 EXPECT_EQ("", auth_secret_after_remove); |
| 369 EXPECT_EQ("", auth_secret_after_idle); |
| 370 } |
| 232 | 371 |
| 233 KeyPair read_pair; | 372 TEST_F(GCMKeyStoreTest, RemoveKeysWildcardAuthorizedEntity) { |
| 234 std::string read_auth_secret; | 373 KeyPair pair1, pair2, pair3; |
| 235 gcm_key_store()->GetKeys(kFakeAppId, | 374 std::string auth_secret1, auth_secret2, auth_secret3; |
| 236 base::Bind(&GCMKeyStoreTest::GotKeys, | 375 gcm_key_store()->CreateKeys( |
| 237 base::Unretained(this), &read_pair, | 376 kFakeAppId, kFakeAuthorizedEntity, |
| 238 &read_auth_secret)); | 377 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair1, |
| 378 &auth_secret1)); |
| 379 gcm_key_store()->CreateKeys( |
| 380 kFakeAppId, kSecondFakeAuthorizedEntity, |
| 381 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair2, |
| 382 &auth_secret2)); |
| 383 gcm_key_store()->CreateKeys( |
| 384 kSecondFakeAppId, kFakeAuthorizedEntity, |
| 385 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair3, |
| 386 &auth_secret3)); |
| 239 | 387 |
| 240 base::RunLoop().RunUntilIdle(); | 388 base::RunLoop().RunUntilIdle(); |
| 241 | 389 |
| 242 ASSERT_FALSE(read_pair.IsInitialized()); | 390 ASSERT_TRUE(pair1.IsInitialized()); |
| 391 ASSERT_TRUE(pair2.IsInitialized()); |
| 392 ASSERT_TRUE(pair3.IsInitialized()); |
| 393 |
| 394 KeyPair read_pair1, read_pair2, read_pair3; |
| 395 std::string read_auth_secret1, read_auth_secret2, read_auth_secret3; |
| 396 gcm_key_store()->GetKeys( |
| 397 kFakeAppId, kFakeAuthorizedEntity, |
| 398 false /* fallback_to_empty_authorized_entity */, |
| 399 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair1, |
| 400 &read_auth_secret1)); |
| 401 gcm_key_store()->GetKeys( |
| 402 kFakeAppId, kSecondFakeAuthorizedEntity, |
| 403 false /* fallback_to_empty_authorized_entity */, |
| 404 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair2, |
| 405 &read_auth_secret2)); |
| 406 gcm_key_store()->GetKeys( |
| 407 kSecondFakeAppId, kFakeAuthorizedEntity, |
| 408 false /* fallback_to_empty_authorized_entity */, |
| 409 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair3, |
| 410 &read_auth_secret3)); |
| 411 |
| 412 base::RunLoop().RunUntilIdle(); |
| 413 |
| 414 ASSERT_TRUE(read_pair1.IsInitialized()); |
| 415 EXPECT_TRUE(read_pair1.has_type()); |
| 416 ASSERT_TRUE(read_pair2.IsInitialized()); |
| 417 EXPECT_TRUE(read_pair2.has_type()); |
| 418 ASSERT_TRUE(read_pair3.IsInitialized()); |
| 419 EXPECT_TRUE(read_pair3.has_type()); |
| 420 |
| 421 gcm_key_store()->RemoveKeys(kFakeAppId, "*" /* authorized_entity */, |
| 422 base::Bind(&base::DoNothing)); |
| 423 |
| 424 base::RunLoop().RunUntilIdle(); |
| 425 |
| 426 histogram_tester()->ExpectBucketCount("GCM.Crypto.RemoveKeySuccessRate", 1, |
| 427 1); // success |
| 428 |
| 429 gcm_key_store()->GetKeys( |
| 430 kFakeAppId, kFakeAuthorizedEntity, |
| 431 false /* fallback_to_empty_authorized_entity */, |
| 432 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair1, |
| 433 &read_auth_secret1)); |
| 434 gcm_key_store()->GetKeys( |
| 435 kFakeAppId, kSecondFakeAuthorizedEntity, |
| 436 false /* fallback_to_empty_authorized_entity */, |
| 437 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair2, |
| 438 &read_auth_secret2)); |
| 439 gcm_key_store()->GetKeys( |
| 440 kSecondFakeAppId, kFakeAuthorizedEntity, |
| 441 false /* fallback_to_empty_authorized_entity */, |
| 442 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair3, |
| 443 &read_auth_secret3)); |
| 444 |
| 445 base::RunLoop().RunUntilIdle(); |
| 446 |
| 447 EXPECT_FALSE(read_pair1.IsInitialized()); |
| 448 EXPECT_FALSE(read_pair2.IsInitialized()); |
| 449 ASSERT_TRUE(read_pair3.IsInitialized()); |
| 450 EXPECT_TRUE(read_pair3.has_type()); |
| 243 } | 451 } |
| 244 | 452 |
| 245 TEST_F(GCMKeyStoreTest, GetKeysMultipleAppIds) { | 453 TEST_F(GCMKeyStoreTest, GetKeysMultipleAppIds) { |
| 246 KeyPair pair; | 454 KeyPair pair; |
| 247 std::string auth_secret; | 455 std::string auth_secret; |
| 248 gcm_key_store()->CreateKeys(kFakeAppId, | 456 gcm_key_store()->CreateKeys( |
| 249 base::Bind(&GCMKeyStoreTest::GotKeys, | 457 kFakeAppId, kFakeAuthorizedEntity, |
| 250 base::Unretained(this), &pair, | 458 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 251 &auth_secret)); | 459 &auth_secret)); |
| 252 | 460 |
| 253 base::RunLoop().RunUntilIdle(); | 461 base::RunLoop().RunUntilIdle(); |
| 254 | 462 |
| 255 ASSERT_TRUE(pair.IsInitialized()); | 463 ASSERT_TRUE(pair.IsInitialized()); |
| 256 | 464 |
| 257 gcm_key_store()->CreateKeys(kSecondFakeAppId, | 465 gcm_key_store()->CreateKeys( |
| 258 base::Bind(&GCMKeyStoreTest::GotKeys, | 466 kSecondFakeAppId, kSecondFakeAuthorizedEntity, |
| 259 base::Unretained(this), &pair, | 467 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 260 &auth_secret)); | 468 &auth_secret)); |
| 261 | 469 |
| 262 base::RunLoop().RunUntilIdle(); | 470 base::RunLoop().RunUntilIdle(); |
| 263 | 471 |
| 264 ASSERT_TRUE(pair.IsInitialized()); | 472 ASSERT_TRUE(pair.IsInitialized()); |
| 265 | 473 |
| 266 KeyPair read_pair; | 474 KeyPair read_pair; |
| 267 std::string read_auth_secret; | 475 std::string read_auth_secret; |
| 268 gcm_key_store()->GetKeys(kFakeAppId, | 476 gcm_key_store()->GetKeys( |
| 269 base::Bind(&GCMKeyStoreTest::GotKeys, | 477 kFakeAppId, kFakeAuthorizedEntity, |
| 270 base::Unretained(this), &read_pair, | 478 false /* fallback_to_empty_authorized_entity */, |
| 271 &read_auth_secret)); | 479 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 480 &read_auth_secret)); |
| 272 | 481 |
| 273 base::RunLoop().RunUntilIdle(); | 482 base::RunLoop().RunUntilIdle(); |
| 274 | 483 |
| 275 ASSERT_TRUE(read_pair.IsInitialized()); | 484 ASSERT_TRUE(read_pair.IsInitialized()); |
| 276 EXPECT_TRUE(read_pair.has_type()); | 485 EXPECT_TRUE(read_pair.has_type()); |
| 277 } | 486 } |
| 278 | 487 |
| 279 TEST_F(GCMKeyStoreTest, SuccessiveCallsBeforeInitialization) { | 488 TEST_F(GCMKeyStoreTest, SuccessiveCallsBeforeInitialization) { |
| 280 KeyPair pair; | 489 KeyPair pair; |
| 281 std::string auth_secret; | 490 std::string auth_secret; |
| 282 gcm_key_store()->CreateKeys(kFakeAppId, | 491 gcm_key_store()->CreateKeys( |
| 283 base::Bind(&GCMKeyStoreTest::GotKeys, | 492 kFakeAppId, kFakeAuthorizedEntity, |
| 284 base::Unretained(this), &pair, | 493 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &pair, |
| 285 &auth_secret)); | 494 &auth_secret)); |
| 286 | 495 |
| 287 // Deliberately do not run the message loop, so that the callback has not | 496 // Deliberately do not run the message loop, so that the callback has not |
| 288 // been resolved yet. The following EXPECT() ensures this. | 497 // been resolved yet. The following EXPECT() ensures this. |
| 289 EXPECT_FALSE(pair.IsInitialized()); | 498 EXPECT_FALSE(pair.IsInitialized()); |
| 290 | 499 |
| 291 KeyPair read_pair; | 500 KeyPair read_pair; |
| 292 std::string read_auth_secret; | 501 std::string read_auth_secret; |
| 293 gcm_key_store()->GetKeys(kFakeAppId, | 502 gcm_key_store()->GetKeys( |
| 294 base::Bind(&GCMKeyStoreTest::GotKeys, | 503 kFakeAppId, kFakeAuthorizedEntity, |
| 295 base::Unretained(this), &read_pair, | 504 false /* fallback_to_empty_authorized_entity */, |
| 296 &read_auth_secret)); | 505 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), &read_pair, |
| 506 &read_auth_secret)); |
| 297 | 507 |
| 298 EXPECT_FALSE(read_pair.IsInitialized()); | 508 EXPECT_FALSE(read_pair.IsInitialized()); |
| 299 | 509 |
| 300 // Now run the message loop. Both tasks should have finished executing. Due | 510 // Now run the message loop. Both tasks should have finished executing. Due |
| 301 // to the asynchronous nature of operations, however, we can't rely on the | 511 // to the asynchronous nature of operations, however, we can't rely on the |
| 302 // write to have finished before the read begins. | 512 // write to have finished before the read begins. |
| 303 base::RunLoop().RunUntilIdle(); | 513 base::RunLoop().RunUntilIdle(); |
| 304 | 514 |
| 305 EXPECT_TRUE(pair.IsInitialized()); | 515 EXPECT_TRUE(pair.IsInitialized()); |
| 306 } | 516 } |
| 307 | 517 |
| 518 TEST_F(GCMKeyStoreTest, CannotShareAppIdFromGCMToInstanceID) { |
| 519 gcm_key_store()->CreateKeys( |
| 520 kFakeAppId, "" /* empty authorized entity for non-InstanceID */, |
| 521 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), nullptr, |
| 522 nullptr)); |
| 523 |
| 524 base::RunLoop().RunUntilIdle(); |
| 525 |
| 526 EXPECT_DEBUG_DFATAL( |
| 527 { |
| 528 gcm_key_store()->CreateKeys( |
| 529 kFakeAppId, kFakeAuthorizedEntity, |
| 530 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), |
| 531 nullptr, nullptr)); |
| 532 |
| 533 base::RunLoop().RunUntilIdle(); |
| 534 }, |
| 535 "Instance ID tokens cannot share an app_id with a non-InstanceID GCM " |
| 536 "registration"); |
| 537 } |
| 538 |
| 539 TEST_F(GCMKeyStoreTest, CannotShareAppIdFromInstanceIDToGCM) { |
| 540 KeyPair pair_unused; |
| 541 std::string auth_secret_unused; |
| 542 gcm_key_store()->CreateKeys( |
| 543 kFakeAppId, kFakeAuthorizedEntity, |
| 544 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), |
| 545 &pair_unused, &auth_secret_unused)); |
| 546 |
| 547 base::RunLoop().RunUntilIdle(); |
| 548 |
| 549 gcm_key_store()->CreateKeys( |
| 550 kFakeAppId, kSecondFakeAuthorizedEntity, |
| 551 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), |
| 552 &pair_unused, &auth_secret_unused)); |
| 553 |
| 554 base::RunLoop().RunUntilIdle(); |
| 555 |
| 556 EXPECT_DEBUG_DFATAL( |
| 557 { |
| 558 gcm_key_store()->CreateKeys( |
| 559 kFakeAppId, "" /* empty authorized entity for non-InstanceID */, |
| 560 base::Bind(&GCMKeyStoreTest::GotKeys, base::Unretained(this), |
| 561 &pair_unused, &auth_secret_unused)); |
| 562 |
| 563 base::RunLoop().RunUntilIdle(); |
| 564 }, |
| 565 "Instance ID tokens cannot share an app_id with a non-InstanceID GCM " |
| 566 "registration"); |
| 567 } |
| 568 |
| 308 } // namespace | 569 } // namespace |
| 309 | 570 |
| 310 } // namespace gcm | 571 } // namespace gcm |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1953273002:
Add support to GCMKeyStore for multiple keys per app_id (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@iid6fixstore