OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <memory> | 5 #include <memory> |
6 #include <utility> | 6 #include <utility> |
7 | 7 |
8 #include "base/bind.h" | 8 #include "base/bind.h" |
9 #include "base/location.h" | 9 #include "base/location.h" |
| 10 #include "base/memory/ptr_util.h" |
10 #include "base/run_loop.h" | 11 #include "base/run_loop.h" |
11 #include "base/single_thread_task_runner.h" | 12 #include "base/single_thread_task_runner.h" |
| 13 #include "base/test/test_mock_time_task_runner.h" |
12 #include "base/threading/thread_task_runner_handle.h" | 14 #include "base/threading/thread_task_runner_handle.h" |
| 15 #include "base/time/tick_clock.h" |
| 16 #include "base/timer/timer.h" |
13 #include "chromeos/attestation/mock_attestation_flow.h" | 17 #include "chromeos/attestation/mock_attestation_flow.h" |
14 #include "chromeos/cryptohome/cryptohome_parameters.h" | 18 #include "chromeos/cryptohome/cryptohome_parameters.h" |
15 #include "chromeos/cryptohome/mock_async_method_caller.h" | 19 #include "chromeos/cryptohome/mock_async_method_caller.h" |
16 #include "chromeos/dbus/mock_cryptohome_client.h" | 20 #include "chromeos/dbus/mock_cryptohome_client.h" |
17 #include "components/signin/core/account_id/account_id.h" | 21 #include "components/signin/core/account_id/account_id.h" |
18 #include "testing/gmock/include/gmock/gmock.h" | 22 #include "testing/gmock/include/gmock/gmock.h" |
19 #include "testing/gtest/include/gtest/gtest.h" | 23 #include "testing/gtest/include/gtest/gtest.h" |
20 | 24 |
21 using testing::_; | 25 using testing::_; |
22 using testing::AtLeast; | 26 using testing::AtLeast; |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
79 TEST_F(AttestationFlowTest, GetCertificate) { | 83 TEST_F(AttestationFlowTest, GetCertificate) { |
80 // Verify the order of calls in a sequence. | 84 // Verify the order of calls in a sequence. |
81 Sequence flow_order; | 85 Sequence flow_order; |
82 | 86 |
83 // Use DBusCallbackFalse so the full enrollment flow is triggered. | 87 // Use DBusCallbackFalse so the full enrollment flow is triggered. |
84 chromeos::MockCryptohomeClient client; | 88 chromeos::MockCryptohomeClient client; |
85 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 89 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
86 .InSequence(flow_order) | 90 .InSequence(flow_order) |
87 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 91 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
88 | 92 |
| 93 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 94 .InSequence(flow_order) |
| 95 .WillOnce(Invoke(DBusCallbackTrue)); |
| 96 |
89 // Use StrictMock when we want to verify invocation frequency. | 97 // Use StrictMock when we want to verify invocation frequency. |
90 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 98 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
91 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 99 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 100 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
| 101 .Times(1) |
| 102 .InSequence(flow_order); |
| 103 |
| 104 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 105 proxy->DeferToFake(true); |
| 106 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
| 107 EXPECT_CALL( |
| 108 *proxy, |
| 109 SendEnrollRequest( |
| 110 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, _)) |
| 111 .Times(1) |
| 112 .InSequence(flow_order); |
| 113 |
| 114 std::string fake_enroll_response = |
| 115 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; |
| 116 fake_enroll_response += "_response"; |
| 117 EXPECT_CALL(async_caller, |
| 118 AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) |
| 119 .Times(1) |
| 120 .InSequence(flow_order); |
| 121 |
| 122 const AccountId account_id = AccountId::FromUserEmail("fake@test.com"); |
| 123 EXPECT_CALL(async_caller, |
| 124 AsyncTpmAttestationCreateCertRequest( |
| 125 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
| 126 cryptohome::Identification(account_id), "fake_origin", _)) |
| 127 .Times(1) |
| 128 .InSequence(flow_order); |
| 129 |
| 130 EXPECT_CALL( |
| 131 *proxy, |
| 132 SendCertificateRequest( |
| 133 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, _)) |
| 134 .Times(1) |
| 135 .InSequence(flow_order); |
| 136 |
| 137 std::string fake_cert_response = |
| 138 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; |
| 139 fake_cert_response += "_response"; |
| 140 EXPECT_CALL(async_caller, AsyncTpmAttestationFinishCertRequest( |
| 141 fake_cert_response, KEY_USER, |
| 142 cryptohome::Identification(account_id), |
| 143 kEnterpriseUserKey, _)) |
| 144 .Times(1) |
| 145 .InSequence(flow_order); |
| 146 |
| 147 StrictMock<MockObserver> observer; |
| 148 EXPECT_CALL( |
| 149 observer, |
| 150 MockCertificateCallback( |
| 151 true, cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) |
| 152 .Times(1) |
| 153 .InSequence(flow_order); |
| 154 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 155 &MockObserver::MockCertificateCallback, base::Unretained(&observer)); |
| 156 |
| 157 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 158 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 159 base::TimeDelta::Max()); |
| 160 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, account_id, |
| 161 "fake_origin", true, mock_callback); |
| 162 Run(); |
| 163 } |
| 164 |
| 165 TEST_F(AttestationFlowTest, GetCertificate_Attestation_Not_Prepared) { |
| 166 // Verify the order of calls in a sequence. |
| 167 Sequence flow_order; |
| 168 |
| 169 // Use DBusCallbackFalse so the full enrollment flow is triggered. |
| 170 chromeos::MockCryptohomeClient client; |
| 171 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 172 .InSequence(flow_order) |
| 173 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 174 |
| 175 // It will take a bit for attestation to be prepared. |
| 176 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 177 .InSequence(flow_order) |
| 178 .WillOnce(Invoke(DBusCallbackFalse)) |
| 179 .WillOnce(Invoke(DBusCallbackTrue)); |
| 180 |
| 181 // Use StrictMock when we want to verify invocation frequency. |
| 182 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 183 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
92 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 184 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
93 .Times(1) | 185 .Times(1) |
94 .InSequence(flow_order); | 186 .InSequence(flow_order); |
95 | 187 |
96 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 188 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
97 proxy->DeferToFake(true); | 189 proxy->DeferToFake(true); |
98 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 190 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
99 EXPECT_CALL(*proxy, SendEnrollRequest( | 191 EXPECT_CALL(*proxy, SendEnrollRequest( |
100 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, | 192 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, |
101 _)).Times(1) | 193 _)).Times(1) |
(...skipping 19 matching lines...) Expand all Loading... |
121 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, | 213 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, |
122 _)).Times(1) | 214 _)).Times(1) |
123 .InSequence(flow_order); | 215 .InSequence(flow_order); |
124 | 216 |
125 std::string fake_cert_response = | 217 std::string fake_cert_response = |
126 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; | 218 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; |
127 fake_cert_response += "_response"; | 219 fake_cert_response += "_response"; |
128 EXPECT_CALL(async_caller, AsyncTpmAttestationFinishCertRequest( | 220 EXPECT_CALL(async_caller, AsyncTpmAttestationFinishCertRequest( |
129 fake_cert_response, KEY_USER, | 221 fake_cert_response, KEY_USER, |
130 cryptohome::Identification(account_id), | 222 cryptohome::Identification(account_id), |
131 kEnterpriseUserKey, _)) | 223 kEnterpriseUserKey, _)); |
132 .Times(1) | |
133 .InSequence(flow_order); | |
134 | 224 |
135 StrictMock<MockObserver> observer; | 225 StrictMock<MockObserver> observer; |
136 EXPECT_CALL(observer, MockCertificateCallback( | 226 EXPECT_CALL(observer, MockCertificateCallback( |
137 true, | 227 true, |
138 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) | 228 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) |
139 .Times(1) | 229 .Times(1) |
140 .InSequence(flow_order); | 230 .InSequence(flow_order); |
141 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 231 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
142 &MockObserver::MockCertificateCallback, | 232 &MockObserver::MockCertificateCallback, |
143 base::Unretained(&observer)); | 233 base::Unretained(&observer)); |
144 | 234 |
| 235 scoped_refptr<base::TestMockTimeTaskRunner> task_runner( |
| 236 new base::TestMockTimeTaskRunner(base::Time::Now(), |
| 237 base::TimeTicks::Now())); |
| 238 std::unique_ptr<base::TickClock> tick_clock(task_runner->GetMockTickClock()); |
| 239 message_loop_.SetTaskRunner(task_runner); |
| 240 |
145 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 241 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
146 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 242 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 243 base::TimeDelta::FromSeconds(15)); |
| 244 flow.SetTickClockForTest(tick_clock.get()); |
147 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, account_id, | 245 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, account_id, |
148 "fake_origin", true, mock_callback); | 246 "fake_origin", true, mock_callback); |
| 247 |
| 248 task_runner->FastForwardBy(base::TimeDelta::FromSeconds(18)); |
149 Run(); | 249 Run(); |
150 } | 250 } |
151 | 251 |
| 252 TEST_F(AttestationFlowTest, GetCertificate_Attestation_Never_Prepared) { |
| 253 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 254 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
| 255 |
| 256 chromeos::MockCryptohomeClient client; |
| 257 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 258 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 259 |
| 260 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 261 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 262 |
| 263 // We're not expecting any server calls in this case; StrictMock will verify. |
| 264 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 265 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
| 266 |
| 267 StrictMock<MockObserver> observer; |
| 268 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
| 269 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 270 &MockObserver::MockCertificateCallback, base::Unretained(&observer)); |
| 271 |
| 272 scoped_refptr<base::TestMockTimeTaskRunner> task_runner( |
| 273 new base::TestMockTimeTaskRunner(base::Time::Now(), |
| 274 base::TimeTicks::Now())); |
| 275 std::unique_ptr<base::TickClock> tick_clock(task_runner->GetMockTickClock()); |
| 276 message_loop_.SetTaskRunner(task_runner); |
| 277 |
| 278 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 279 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 280 base::TimeDelta::FromSeconds(37)); |
| 281 flow.SetTickClockForTest(tick_clock.get()); |
| 282 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), |
| 283 "fake_origin", true, mock_callback); |
| 284 |
| 285 task_runner->FastForwardBy(base::TimeDelta::FromSeconds(42)); |
| 286 Run(); |
| 287 } |
| 288 |
152 TEST_F(AttestationFlowTest, GetCertificate_NoEK) { | 289 TEST_F(AttestationFlowTest, GetCertificate_NoEK) { |
153 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 290 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
154 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); | 291 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
155 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 292 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
156 .Times(1); | 293 .Times(1); |
157 | 294 |
158 chromeos::MockCryptohomeClient client; | 295 chromeos::MockCryptohomeClient client; |
159 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 296 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
160 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 297 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
161 | 298 |
| 299 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 300 .WillOnce(Invoke(DBusCallbackTrue)); |
| 301 |
162 // We're not expecting any server calls in this case; StrictMock will verify. | 302 // We're not expecting any server calls in this case; StrictMock will verify. |
163 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 303 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
164 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 304 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
165 | 305 |
166 StrictMock<MockObserver> observer; | 306 StrictMock<MockObserver> observer; |
167 EXPECT_CALL(observer, MockCertificateCallback(false, "")) | 307 EXPECT_CALL(observer, MockCertificateCallback(false, "")) |
168 .Times(1); | 308 .Times(1); |
169 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 309 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
170 &MockObserver::MockCertificateCallback, | 310 &MockObserver::MockCertificateCallback, |
171 base::Unretained(&observer)); | 311 base::Unretained(&observer)); |
172 | 312 |
173 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 313 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
174 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 314 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 315 base::TimeDelta::Max()); |
175 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 316 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
176 true, mock_callback); | 317 true, mock_callback); |
177 Run(); | 318 Run(); |
178 } | 319 } |
179 | 320 |
180 TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { | 321 TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { |
181 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 322 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
182 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 323 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
183 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 324 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
184 .Times(1); | 325 .Times(1); |
185 | 326 |
186 chromeos::MockCryptohomeClient client; | 327 chromeos::MockCryptohomeClient client; |
187 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 328 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
188 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 329 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
189 | 330 |
| 331 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 332 .WillOnce(Invoke(DBusCallbackTrue)); |
| 333 |
190 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 334 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
191 proxy->DeferToFake(false); | 335 proxy->DeferToFake(false); |
192 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 336 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
193 EXPECT_CALL(*proxy, SendEnrollRequest( | 337 EXPECT_CALL(*proxy, SendEnrollRequest( |
194 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, | 338 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, |
195 _)).Times(1); | 339 _)).Times(1); |
196 | 340 |
197 StrictMock<MockObserver> observer; | 341 StrictMock<MockObserver> observer; |
198 EXPECT_CALL(observer, MockCertificateCallback(false, "")) | 342 EXPECT_CALL(observer, MockCertificateCallback(false, "")) |
199 .Times(1); | 343 .Times(1); |
200 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 344 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
201 &MockObserver::MockCertificateCallback, | 345 &MockObserver::MockCertificateCallback, |
202 base::Unretained(&observer)); | 346 base::Unretained(&observer)); |
203 | 347 |
204 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 348 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
205 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 349 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 350 base::TimeDelta::Max()); |
206 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 351 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
207 true, mock_callback); | 352 true, mock_callback); |
208 Run(); | 353 Run(); |
209 } | 354 } |
210 | 355 |
211 TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { | 356 TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { |
212 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 357 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
213 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 358 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
214 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 359 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
215 .Times(1); | 360 .Times(1); |
216 std::string fake_enroll_response = | 361 std::string fake_enroll_response = |
217 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; | 362 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; |
218 fake_enroll_response += "_response"; | 363 fake_enroll_response += "_response"; |
219 EXPECT_CALL(async_caller, | 364 EXPECT_CALL(async_caller, |
220 AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) | 365 AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) |
221 .WillOnce(WithArgs<2>(Invoke(AsyncCallbackFalse))); | 366 .WillOnce(WithArgs<2>(Invoke(AsyncCallbackFalse))); |
222 | 367 |
223 chromeos::MockCryptohomeClient client; | 368 chromeos::MockCryptohomeClient client; |
224 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 369 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
225 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 370 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
226 | 371 |
| 372 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 373 .WillOnce(Invoke(DBusCallbackTrue)); |
| 374 |
227 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 375 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
228 proxy->DeferToFake(true); | 376 proxy->DeferToFake(true); |
229 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 377 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
230 EXPECT_CALL(*proxy, SendEnrollRequest( | 378 EXPECT_CALL(*proxy, SendEnrollRequest( |
231 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, | 379 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, |
232 _)).Times(1); | 380 _)).Times(1); |
233 | 381 |
234 StrictMock<MockObserver> observer; | 382 StrictMock<MockObserver> observer; |
235 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 383 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
236 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 384 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
237 &MockObserver::MockCertificateCallback, | 385 &MockObserver::MockCertificateCallback, |
238 base::Unretained(&observer)); | 386 base::Unretained(&observer)); |
239 | 387 |
240 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 388 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
241 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 389 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 390 base::TimeDelta::Max()); |
242 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 391 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
243 true, mock_callback); | 392 true, mock_callback); |
244 Run(); | 393 Run(); |
245 } | 394 } |
246 | 395 |
247 TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { | 396 TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { |
248 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 397 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
249 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 398 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
250 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 399 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
251 _, PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, | 400 _, PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, |
(...skipping 21 matching lines...) Expand all Loading... |
273 | 422 |
274 StrictMock<MockObserver> observer; | 423 StrictMock<MockObserver> observer; |
275 EXPECT_CALL(observer, MockCertificateCallback( | 424 EXPECT_CALL(observer, MockCertificateCallback( |
276 true, | 425 true, |
277 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); | 426 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); |
278 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 427 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
279 &MockObserver::MockCertificateCallback, | 428 &MockObserver::MockCertificateCallback, |
280 base::Unretained(&observer)); | 429 base::Unretained(&observer)); |
281 | 430 |
282 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 431 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
283 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 432 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 433 base::TimeDelta::Max()); |
284 flow.GetCertificate(PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, EmptyAccountId(), | 434 flow.GetCertificate(PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, EmptyAccountId(), |
285 "", true, mock_callback); | 435 "", true, mock_callback); |
286 Run(); | 436 Run(); |
287 } | 437 } |
288 | 438 |
289 TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { | 439 TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { |
290 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 440 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
291 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); | 441 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
292 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 442 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
293 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, | 443 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
294 cryptohome::Identification(), "", _)) | 444 cryptohome::Identification(), "", _)) |
295 .Times(1); | 445 .Times(1); |
296 | 446 |
297 chromeos::MockCryptohomeClient client; | 447 chromeos::MockCryptohomeClient client; |
298 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 448 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
299 .WillRepeatedly(Invoke(DBusCallbackTrue)); | 449 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
300 | 450 |
301 // We're not expecting any server calls in this case; StrictMock will verify. | 451 // We're not expecting any server calls in this case; StrictMock will verify. |
302 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 452 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
303 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 453 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
304 | 454 |
305 StrictMock<MockObserver> observer; | 455 StrictMock<MockObserver> observer; |
306 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 456 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
307 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 457 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
308 &MockObserver::MockCertificateCallback, | 458 &MockObserver::MockCertificateCallback, |
309 base::Unretained(&observer)); | 459 base::Unretained(&observer)); |
310 | 460 |
311 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 461 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
312 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 462 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 463 base::TimeDelta::Max()); |
313 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 464 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
314 true, mock_callback); | 465 true, mock_callback); |
315 Run(); | 466 Run(); |
316 } | 467 } |
317 | 468 |
318 TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { | 469 TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { |
319 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 470 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
320 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 471 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
321 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 472 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
322 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, | 473 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
(...skipping 11 matching lines...) Expand all Loading... |
334 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, | 485 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, |
335 _)).Times(1); | 486 _)).Times(1); |
336 | 487 |
337 StrictMock<MockObserver> observer; | 488 StrictMock<MockObserver> observer; |
338 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 489 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
339 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 490 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
340 &MockObserver::MockCertificateCallback, | 491 &MockObserver::MockCertificateCallback, |
341 base::Unretained(&observer)); | 492 base::Unretained(&observer)); |
342 | 493 |
343 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 494 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
344 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 495 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 496 base::TimeDelta::Max()); |
345 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 497 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
346 true, mock_callback); | 498 true, mock_callback); |
347 Run(); | 499 Run(); |
348 } | 500 } |
349 | 501 |
350 TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { | 502 TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { |
351 // We're not expecting any async calls in this case; StrictMock will verify. | 503 // We're not expecting any async calls in this case; StrictMock will verify. |
352 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 504 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
353 | 505 |
354 chromeos::MockCryptohomeClient client; | 506 chromeos::MockCryptohomeClient client; |
355 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 507 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
356 .WillRepeatedly(Invoke(DBusCallbackFail)); | 508 .WillRepeatedly(Invoke(DBusCallbackFail)); |
357 | 509 |
358 // We're not expecting any server calls in this case; StrictMock will verify. | 510 // We're not expecting any server calls in this case; StrictMock will verify. |
359 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 511 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
360 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 512 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
361 | 513 |
362 StrictMock<MockObserver> observer; | 514 StrictMock<MockObserver> observer; |
363 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 515 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
364 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 516 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
365 &MockObserver::MockCertificateCallback, | 517 &MockObserver::MockCertificateCallback, |
366 base::Unretained(&observer)); | 518 base::Unretained(&observer)); |
367 | 519 |
368 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 520 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
369 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 521 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 522 base::TimeDelta::Max()); |
370 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 523 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
371 true, mock_callback); | 524 true, mock_callback); |
372 Run(); | 525 Run(); |
373 } | 526 } |
374 | 527 |
375 TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { | 528 TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { |
376 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 529 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
377 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 530 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
378 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 531 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
379 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, | 532 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
(...skipping 25 matching lines...) Expand all Loading... |
405 | 558 |
406 StrictMock<MockObserver> observer; | 559 StrictMock<MockObserver> observer; |
407 EXPECT_CALL(observer, MockCertificateCallback( | 560 EXPECT_CALL(observer, MockCertificateCallback( |
408 true, | 561 true, |
409 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); | 562 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); |
410 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 563 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
411 &MockObserver::MockCertificateCallback, | 564 &MockObserver::MockCertificateCallback, |
412 base::Unretained(&observer)); | 565 base::Unretained(&observer)); |
413 | 566 |
414 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 567 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
415 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 568 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 569 base::TimeDelta::Max()); |
416 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 570 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
417 false, mock_callback); | 571 false, mock_callback); |
418 Run(); | 572 Run(); |
419 } | 573 } |
420 | 574 |
421 TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { | 575 TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { |
422 // We're not expecting any async calls in this case; StrictMock will verify. | 576 // We're not expecting any async calls in this case; StrictMock will verify. |
423 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 577 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
424 | 578 |
425 chromeos::MockCryptohomeClient client; | 579 chromeos::MockCryptohomeClient client; |
(...skipping 12 matching lines...) Expand all Loading... |
438 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 592 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
439 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 593 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
440 | 594 |
441 StrictMock<MockObserver> observer; | 595 StrictMock<MockObserver> observer; |
442 EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1); | 596 EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1); |
443 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 597 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
444 &MockObserver::MockCertificateCallback, | 598 &MockObserver::MockCertificateCallback, |
445 base::Unretained(&observer)); | 599 base::Unretained(&observer)); |
446 | 600 |
447 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 601 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
448 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 602 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 603 base::TimeDelta::Max()); |
449 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 604 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
450 false, mock_callback); | 605 false, mock_callback); |
451 Run(); | 606 Run(); |
452 } | 607 } |
453 | 608 |
454 TEST_F(AttestationFlowTest, AlternatePCA) { | 609 TEST_F(AttestationFlowTest, AlternatePCA) { |
455 // Strategy: Create a ServerProxy mock which reports ALTERNATE_PCA and check | 610 // Strategy: Create a ServerProxy mock which reports ALTERNATE_PCA and check |
456 // that all calls to the AsyncMethodCaller reflect this PCA type. | 611 // that all calls to the AsyncMethodCaller reflect this PCA type. |
457 std::unique_ptr<MockServerProxy> proxy(new NiceMock<MockServerProxy>()); | 612 std::unique_ptr<MockServerProxy> proxy(new NiceMock<MockServerProxy>()); |
458 proxy->DeferToFake(true); | 613 proxy->DeferToFake(true); |
459 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(Return(ALTERNATE_PCA)); | 614 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(Return(ALTERNATE_PCA)); |
460 | 615 |
461 chromeos::MockCryptohomeClient client; | 616 chromeos::MockCryptohomeClient client; |
462 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 617 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
463 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 618 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
464 | 619 |
| 620 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 621 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
| 622 |
465 NiceMock<cryptohome::MockAsyncMethodCaller> async_caller; | 623 NiceMock<cryptohome::MockAsyncMethodCaller> async_caller; |
466 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 624 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
467 EXPECT_CALL(async_caller, | 625 EXPECT_CALL(async_caller, |
468 AsyncTpmAttestationCreateEnrollRequest(ALTERNATE_PCA, _)) | 626 AsyncTpmAttestationCreateEnrollRequest(ALTERNATE_PCA, _)) |
469 .Times(AtLeast(1)); | 627 .Times(AtLeast(1)); |
470 EXPECT_CALL(async_caller, | 628 EXPECT_CALL(async_caller, |
471 AsyncTpmAttestationEnroll(ALTERNATE_PCA, _, _)) | 629 AsyncTpmAttestationEnroll(ALTERNATE_PCA, _, _)) |
472 .Times(AtLeast(1)); | 630 .Times(AtLeast(1)); |
473 EXPECT_CALL(async_caller, | 631 EXPECT_CALL(async_caller, |
474 AsyncTpmAttestationCreateCertRequest(ALTERNATE_PCA, _, _, _, _)) | 632 AsyncTpmAttestationCreateCertRequest(ALTERNATE_PCA, _, _, _, _)) |
475 .Times(AtLeast(1)); | 633 .Times(AtLeast(1)); |
476 | 634 |
477 NiceMock<MockObserver> observer; | 635 NiceMock<MockObserver> observer; |
478 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 636 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
479 &MockObserver::MockCertificateCallback, | 637 &MockObserver::MockCertificateCallback, |
480 base::Unretained(&observer)); | 638 base::Unretained(&observer)); |
481 | 639 |
482 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 640 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
483 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 641 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface), |
| 642 base::TimeDelta::Max()); |
484 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 643 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
485 true, mock_callback); | 644 true, mock_callback); |
486 Run(); | 645 Run(); |
487 } | 646 } |
488 | 647 |
489 } // namespace attestation | 648 } // namespace attestation |
490 } // namespace chromeos | 649 } // namespace chromeos |
OLD | NEW |