| Index: src/platform/cryptohome/mount_unittest.cc
|
| diff --git a/src/platform/cryptohome/mount_unittest.cc b/src/platform/cryptohome/mount_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..a6943408fe5b07fd89fbe3006af2f6a8cb98883e
|
| --- /dev/null
|
| +++ b/src/platform/cryptohome/mount_unittest.cc
|
| @@ -0,0 +1,178 @@
|
| +// Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +// Unit tests for Mount.
|
| +
|
| +#include "cryptohome/mount.h"
|
| +
|
| +#include <openssl/sha.h>
|
| +#include <pwd.h>
|
| +#include <string.h> // For memset(), memcpy()
|
| +#include <stdlib.h>
|
| +#include <sys/types.h>
|
| +
|
| +#include "base/file_path.h"
|
| +#include "base/file_util.h"
|
| +#include "base/logging.h"
|
| +#include "chromeos/utility.h"
|
| +#include "cryptohome/username_passkey.h"
|
| +#include "gtest/gtest.h"
|
| +
|
| +namespace cryptohome {
|
| +using namespace chromeos;
|
| +using namespace file_util;
|
| +using std::string;
|
| +
|
| +const char kImageDir[] = "test_image_dir";
|
| +const char kSkelDir[] = "test_image_dir/skel";
|
| +const char kFakeUser[] = "testuser@invalid.domain";
|
| +const char kFakeUser2[] = "testuser2@invalid.domain";
|
| +const char kFakeUser3[] = "testuser3@invalid.domain";
|
| +
|
| +class MountTest : public ::testing::Test {
|
| + void SetUp() {
|
| + FilePath image_dir(kImageDir);
|
| + FilePath path = image_dir.Append("salt");
|
| + ASSERT_TRUE(PathExists(path)) << path.value() << " does not exist!";
|
| +
|
| + int64 file_size;
|
| + ASSERT_TRUE(GetFileSize(path, &file_size)) << "Could not get size of "
|
| + << path.value();
|
| +
|
| + char* buf = new char[file_size];
|
| + int data_read = ReadFile(path, buf, file_size);
|
| + system_salt_.assign(buf, buf + data_read);
|
| + delete buf;
|
| + }
|
| +
|
| + public:
|
| +
|
| + protected:
|
| + // Protected for trivial access
|
| + Blob system_salt_;
|
| +
|
| + private:
|
| +};
|
| +
|
| +TEST_F(MountTest, BadInitTest) {
|
| + // create a Mount instance that points to a bad shadow root
|
| + Mount mount(cryptohome::kDefaultSharedUser,
|
| + cryptohome::kDefaultEntropySource,
|
| + cryptohome::kDefaultHomeDir,
|
| + "/dev/null",
|
| + kSkelDir);
|
| + UsernamePasskey up = UsernamePasskey::FromUsernamePassword(kFakeUser,
|
| + "zero",
|
| + system_salt_);
|
| +
|
| + EXPECT_EQ(false, mount.Init());
|
| + EXPECT_EQ(false, mount.TestCredentials(up));
|
| +}
|
| +
|
| +TEST_F(MountTest, GoodDecryptTest0) {
|
| + // create a Mount instance that points to a good shadow root, test that it
|
| + // properly authenticates against the first key
|
| + Mount mount(cryptohome::kDefaultSharedUser,
|
| + cryptohome::kDefaultEntropySource,
|
| + cryptohome::kDefaultHomeDir,
|
| + kImageDir,
|
| + kSkelDir);
|
| + UsernamePasskey up = UsernamePasskey::FromUsernamePassword(kFakeUser,
|
| + "zero",
|
| + system_salt_);
|
| +
|
| + EXPECT_EQ(true, mount.Init());
|
| + EXPECT_EQ(true, mount.TestCredentials(up));
|
| +}
|
| +
|
| +TEST_F(MountTest, GoodDecryptTest1) {
|
| + // create a Mount instance that points to a good shadow root, test that it
|
| + // properly authenticates against the second key
|
| + Mount mount(cryptohome::kDefaultSharedUser,
|
| + cryptohome::kDefaultEntropySource,
|
| + cryptohome::kDefaultHomeDir,
|
| + kImageDir,
|
| + kSkelDir);
|
| + UsernamePasskey up = UsernamePasskey::FromUsernamePassword(kFakeUser,
|
| + "one",
|
| + system_salt_);
|
| +
|
| + EXPECT_EQ(true, mount.Init());
|
| + EXPECT_EQ(true, mount.TestCredentials(up));
|
| +}
|
| +
|
| +TEST_F(MountTest, GoodDecryptTest2) {
|
| + // create a Mount instance that points to a good shadow root, test that it
|
| + // properly authenticates against the third key
|
| + Mount mount(cryptohome::kDefaultSharedUser,
|
| + cryptohome::kDefaultEntropySource,
|
| + cryptohome::kDefaultHomeDir,
|
| + kImageDir,
|
| + kSkelDir);
|
| + UsernamePasskey up = UsernamePasskey::FromUsernamePassword(kFakeUser,
|
| + "two",
|
| + system_salt_);
|
| +
|
| + EXPECT_EQ(true, mount.Init());
|
| + EXPECT_EQ(true, mount.TestCredentials(up));
|
| +}
|
| +
|
| +TEST_F(MountTest, BadDecryptTest) {
|
| + // create a Mount instance that points to a good shadow root, test that it
|
| + // properly denies access with a bad passkey
|
| + Mount mount(cryptohome::kDefaultSharedUser,
|
| + cryptohome::kDefaultEntropySource,
|
| + cryptohome::kDefaultHomeDir,
|
| + kImageDir,
|
| + kSkelDir);
|
| + UsernamePasskey up = UsernamePasskey::FromUsernamePassword(kFakeUser,
|
| + "bogus",
|
| + system_salt_);
|
| +
|
| + EXPECT_EQ(true, mount.Init());
|
| + EXPECT_EQ(false, mount.TestCredentials(up));
|
| +}
|
| +
|
| +TEST_F(MountTest, CreateCryptohomeTest) {
|
| + // creates a cryptohome
|
| + Mount mount(cryptohome::kDefaultSharedUser,
|
| + cryptohome::kDefaultEntropySource,
|
| + cryptohome::kDefaultHomeDir,
|
| + kImageDir,
|
| + kSkelDir);
|
| + // Don't set the vault ownership--this will fail
|
| + mount.set_set_vault_ownership(false);
|
| + UsernamePasskey up = UsernamePasskey::FromUsernamePassword(kFakeUser2,
|
| + "one",
|
| + system_salt_);
|
| +
|
| + EXPECT_EQ(true, mount.Init());
|
| + EXPECT_EQ(true, mount.CreateCryptohome(up, 0));
|
| +
|
| + FilePath image_dir(kImageDir);
|
| + FilePath user_path = image_dir.Append(up.GetObfuscatedUsername(system_salt_));
|
| + FilePath key_path = user_path.Append("master.0");
|
| + FilePath vault_path = user_path.Append("vault");
|
| + FilePath skel_testfile_path = user_path.Append("sub_path/.testfile");
|
| +
|
| + EXPECT_EQ(true, file_util::PathExists(key_path));
|
| + EXPECT_EQ(true, file_util::PathExists(vault_path));
|
| +}
|
| +
|
| +TEST_F(MountTest, SystemSaltTest) {
|
| + // checks that cryptohome reads the system salt
|
| + Mount mount(cryptohome::kDefaultSharedUser,
|
| + cryptohome::kDefaultEntropySource,
|
| + cryptohome::kDefaultHomeDir,
|
| + kImageDir,
|
| + kSkelDir);
|
| +
|
| + EXPECT_EQ(true, mount.Init());
|
| + chromeos::Blob system_salt = mount.GetSystemSalt();
|
| + EXPECT_EQ(true, (system_salt.size() == system_salt_.size()));
|
| + EXPECT_EQ(0, memcmp(&system_salt[0], &system_salt_[0],
|
| + system_salt.size()));
|
| +}
|
| +
|
| +} // namespace cryptohome
|
|
|
Chromium Code Reviews
