OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <memory> | 5 #include <memory> |
6 #include <utility> | 6 #include <utility> |
7 | 7 |
8 #include "base/bind.h" | 8 #include "base/bind.h" |
9 #include "base/location.h" | 9 #include "base/location.h" |
| 10 #include "base/memory/ptr_util.h" |
10 #include "base/run_loop.h" | 11 #include "base/run_loop.h" |
11 #include "base/single_thread_task_runner.h" | 12 #include "base/single_thread_task_runner.h" |
12 #include "base/threading/thread_task_runner_handle.h" | 13 #include "base/threading/thread_task_runner_handle.h" |
| 14 #include "base/time/tick_clock.h" |
| 15 #include "base/timer/timer.h" |
13 #include "chromeos/attestation/mock_attestation_flow.h" | 16 #include "chromeos/attestation/mock_attestation_flow.h" |
14 #include "chromeos/cryptohome/cryptohome_parameters.h" | 17 #include "chromeos/cryptohome/cryptohome_parameters.h" |
15 #include "chromeos/cryptohome/mock_async_method_caller.h" | 18 #include "chromeos/cryptohome/mock_async_method_caller.h" |
16 #include "chromeos/dbus/mock_cryptohome_client.h" | 19 #include "chromeos/dbus/mock_cryptohome_client.h" |
17 #include "components/signin/core/account_id/account_id.h" | 20 #include "components/signin/core/account_id/account_id.h" |
18 #include "testing/gmock/include/gmock/gmock.h" | 21 #include "testing/gmock/include/gmock/gmock.h" |
19 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
20 | 23 |
21 using testing::_; | 24 using testing::_; |
22 using testing::AtLeast; | 25 using testing::AtLeast; |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
61 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true, data_)); | 64 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true, data_)); |
62 } | 65 } |
63 | 66 |
64 private: | 67 private: |
65 std::string data_; | 68 std::string data_; |
66 }; | 69 }; |
67 | 70 |
68 } // namespace | 71 } // namespace |
69 | 72 |
70 class AttestationFlowTest : public testing::Test { | 73 class AttestationFlowTest : public testing::Test { |
| 74 public: |
| 75 void QuitRunLoopCertificateCallback( |
| 76 const AttestationFlow::CertificateCallback& callback, |
| 77 bool success, |
| 78 const std::string& cert) { |
| 79 LOG(WARNING) << "Quitting run loop."; |
| 80 run_loop_->Quit(); |
| 81 if (!callback.is_null()) |
| 82 callback.Run(success, cert); |
| 83 } |
| 84 |
71 protected: | 85 protected: |
| 86 void RunUntilIdle() { |
| 87 base::RunLoop run_loop; |
| 88 run_loop_ = &run_loop; |
| 89 run_loop_->RunUntilIdle(); |
| 90 } |
| 91 |
72 void Run() { | 92 void Run() { |
73 base::RunLoop run_loop; | 93 base::RunLoop run_loop; |
74 run_loop.RunUntilIdle(); | 94 run_loop_ = &run_loop; |
| 95 run_loop_->Run(); |
75 } | 96 } |
| 97 |
76 base::MessageLoop message_loop_; | 98 base::MessageLoop message_loop_; |
| 99 base::RunLoop* run_loop_; |
77 }; | 100 }; |
78 | 101 |
79 TEST_F(AttestationFlowTest, GetCertificate) { | 102 TEST_F(AttestationFlowTest, GetCertificate) { |
80 // Verify the order of calls in a sequence. | 103 // Verify the order of calls in a sequence. |
81 Sequence flow_order; | 104 Sequence flow_order; |
82 | 105 |
83 // Use DBusCallbackFalse so the full enrollment flow is triggered. | 106 // Use DBusCallbackFalse so the full enrollment flow is triggered. |
84 chromeos::MockCryptohomeClient client; | 107 chromeos::MockCryptohomeClient client; |
85 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 108 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
86 .InSequence(flow_order) | 109 .InSequence(flow_order) |
87 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 110 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
88 | 111 |
| 112 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 113 .InSequence(flow_order) |
| 114 .WillOnce(Invoke(DBusCallbackTrue)); |
| 115 |
89 // Use StrictMock when we want to verify invocation frequency. | 116 // Use StrictMock when we want to verify invocation frequency. |
90 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 117 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
91 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 118 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 119 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
| 120 .Times(1) |
| 121 .InSequence(flow_order); |
| 122 |
| 123 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 124 proxy->DeferToFake(true); |
| 125 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
| 126 EXPECT_CALL( |
| 127 *proxy, |
| 128 SendEnrollRequest( |
| 129 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, _)) |
| 130 .Times(1) |
| 131 .InSequence(flow_order); |
| 132 |
| 133 std::string fake_enroll_response = |
| 134 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; |
| 135 fake_enroll_response += "_response"; |
| 136 EXPECT_CALL(async_caller, |
| 137 AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) |
| 138 .Times(1) |
| 139 .InSequence(flow_order); |
| 140 |
| 141 const AccountId account_id = AccountId::FromUserEmail("fake@test.com"); |
| 142 EXPECT_CALL(async_caller, |
| 143 AsyncTpmAttestationCreateCertRequest( |
| 144 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
| 145 cryptohome::Identification(account_id), "fake_origin", _)) |
| 146 .Times(1) |
| 147 .InSequence(flow_order); |
| 148 |
| 149 EXPECT_CALL( |
| 150 *proxy, |
| 151 SendCertificateRequest( |
| 152 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, _)) |
| 153 .Times(1) |
| 154 .InSequence(flow_order); |
| 155 |
| 156 std::string fake_cert_response = |
| 157 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; |
| 158 fake_cert_response += "_response"; |
| 159 EXPECT_CALL(async_caller, AsyncTpmAttestationFinishCertRequest( |
| 160 fake_cert_response, KEY_USER, |
| 161 cryptohome::Identification(account_id), |
| 162 kEnterpriseUserKey, _)) |
| 163 .Times(1) |
| 164 .InSequence(flow_order); |
| 165 |
| 166 StrictMock<MockObserver> observer; |
| 167 EXPECT_CALL( |
| 168 observer, |
| 169 MockCertificateCallback( |
| 170 true, cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) |
| 171 .Times(1) |
| 172 .InSequence(flow_order); |
| 173 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
| 174 &MockObserver::MockCertificateCallback, base::Unretained(&observer)); |
| 175 |
| 176 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 177 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
| 178 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, account_id, |
| 179 "fake_origin", true, mock_callback); |
| 180 RunUntilIdle(); |
| 181 } |
| 182 |
| 183 TEST_F(AttestationFlowTest, GetCertificate_Attestation_Not_Prepared) { |
| 184 // Verify the order of calls in a sequence. |
| 185 Sequence flow_order; |
| 186 |
| 187 // Use DBusCallbackFalse so the full enrollment flow is triggered. |
| 188 chromeos::MockCryptohomeClient client; |
| 189 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 190 .InSequence(flow_order) |
| 191 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 192 |
| 193 // It will take a bit for attestation to be prepared. |
| 194 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 195 .InSequence(flow_order) |
| 196 .WillOnce(Invoke(DBusCallbackFalse)) |
| 197 .WillOnce(Invoke(DBusCallbackTrue)); |
| 198 |
| 199 // Use StrictMock when we want to verify invocation frequency. |
| 200 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 201 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
92 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 202 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
93 .Times(1) | 203 .Times(1) |
94 .InSequence(flow_order); | 204 .InSequence(flow_order); |
95 | 205 |
96 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 206 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
97 proxy->DeferToFake(true); | 207 proxy->DeferToFake(true); |
98 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 208 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
99 EXPECT_CALL(*proxy, SendEnrollRequest( | 209 EXPECT_CALL(*proxy, SendEnrollRequest( |
100 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, | 210 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, |
101 _)).Times(1) | 211 _)).Times(1) |
(...skipping 19 matching lines...) Expand all Loading... |
121 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, | 231 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, |
122 _)).Times(1) | 232 _)).Times(1) |
123 .InSequence(flow_order); | 233 .InSequence(flow_order); |
124 | 234 |
125 std::string fake_cert_response = | 235 std::string fake_cert_response = |
126 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; | 236 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; |
127 fake_cert_response += "_response"; | 237 fake_cert_response += "_response"; |
128 EXPECT_CALL(async_caller, AsyncTpmAttestationFinishCertRequest( | 238 EXPECT_CALL(async_caller, AsyncTpmAttestationFinishCertRequest( |
129 fake_cert_response, KEY_USER, | 239 fake_cert_response, KEY_USER, |
130 cryptohome::Identification(account_id), | 240 cryptohome::Identification(account_id), |
131 kEnterpriseUserKey, _)) | 241 kEnterpriseUserKey, _)); |
132 .Times(1) | |
133 .InSequence(flow_order); | |
134 | 242 |
135 StrictMock<MockObserver> observer; | 243 StrictMock<MockObserver> observer; |
136 EXPECT_CALL(observer, MockCertificateCallback( | 244 EXPECT_CALL(observer, MockCertificateCallback( |
137 true, | 245 true, |
138 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) | 246 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) |
139 .Times(1) | 247 .Times(1) |
140 .InSequence(flow_order); | 248 .InSequence(flow_order); |
141 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 249 AttestationFlow::CertificateCallback callback = base::Bind( |
142 &MockObserver::MockCertificateCallback, | 250 &AttestationFlowTest::QuitRunLoopCertificateCallback, |
143 base::Unretained(&observer)); | 251 base::Unretained(this), base::Bind(&MockObserver::MockCertificateCallback, |
| 252 base::Unretained(&observer))); |
144 | 253 |
145 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 254 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
146 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 255 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
| 256 flow.set_retry_delay(base::TimeDelta::FromMilliseconds(30)); |
147 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, account_id, | 257 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, account_id, |
148 "fake_origin", true, mock_callback); | 258 "fake_origin", true, callback); |
| 259 |
149 Run(); | 260 Run(); |
150 } | 261 } |
151 | 262 |
| 263 TEST_F(AttestationFlowTest, GetCertificate_Attestation_Never_Prepared) { |
| 264 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
| 265 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
| 266 |
| 267 chromeos::MockCryptohomeClient client; |
| 268 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
| 269 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 270 |
| 271 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 272 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
| 273 |
| 274 // We're not expecting any server calls in this case; StrictMock will verify. |
| 275 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
| 276 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
| 277 |
| 278 StrictMock<MockObserver> observer; |
| 279 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
| 280 AttestationFlow::CertificateCallback callback = base::Bind( |
| 281 &AttestationFlowTest::QuitRunLoopCertificateCallback, |
| 282 base::Unretained(this), base::Bind(&MockObserver::MockCertificateCallback, |
| 283 base::Unretained(&observer))); |
| 284 |
| 285 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
| 286 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
| 287 flow.set_ready_timeout(base::TimeDelta::FromMilliseconds(20)); |
| 288 flow.set_retry_delay(base::TimeDelta::FromMilliseconds(6)); |
| 289 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), |
| 290 "fake_origin", true, callback); |
| 291 |
| 292 Run(); |
| 293 } |
| 294 |
152 TEST_F(AttestationFlowTest, GetCertificate_NoEK) { | 295 TEST_F(AttestationFlowTest, GetCertificate_NoEK) { |
153 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 296 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
154 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); | 297 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
155 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 298 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
156 .Times(1); | 299 .Times(1); |
157 | 300 |
158 chromeos::MockCryptohomeClient client; | 301 chromeos::MockCryptohomeClient client; |
159 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 302 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
160 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 303 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
161 | 304 |
| 305 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 306 .WillOnce(Invoke(DBusCallbackTrue)); |
| 307 |
162 // We're not expecting any server calls in this case; StrictMock will verify. | 308 // We're not expecting any server calls in this case; StrictMock will verify. |
163 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 309 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
164 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 310 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
165 | 311 |
166 StrictMock<MockObserver> observer; | 312 StrictMock<MockObserver> observer; |
167 EXPECT_CALL(observer, MockCertificateCallback(false, "")) | 313 EXPECT_CALL(observer, MockCertificateCallback(false, "")) |
168 .Times(1); | 314 .Times(1); |
169 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 315 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
170 &MockObserver::MockCertificateCallback, | 316 &MockObserver::MockCertificateCallback, |
171 base::Unretained(&observer)); | 317 base::Unretained(&observer)); |
172 | 318 |
173 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 319 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
174 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 320 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
175 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 321 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
176 true, mock_callback); | 322 true, mock_callback); |
177 Run(); | 323 RunUntilIdle(); |
178 } | 324 } |
179 | 325 |
180 TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { | 326 TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { |
181 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 327 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
182 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 328 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
183 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 329 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
184 .Times(1); | 330 .Times(1); |
185 | 331 |
186 chromeos::MockCryptohomeClient client; | 332 chromeos::MockCryptohomeClient client; |
187 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 333 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
188 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 334 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
189 | 335 |
| 336 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 337 .WillOnce(Invoke(DBusCallbackTrue)); |
| 338 |
190 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 339 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
191 proxy->DeferToFake(false); | 340 proxy->DeferToFake(false); |
192 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 341 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
193 EXPECT_CALL(*proxy, SendEnrollRequest( | 342 EXPECT_CALL(*proxy, SendEnrollRequest( |
194 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, | 343 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, |
195 _)).Times(1); | 344 _)).Times(1); |
196 | 345 |
197 StrictMock<MockObserver> observer; | 346 StrictMock<MockObserver> observer; |
198 EXPECT_CALL(observer, MockCertificateCallback(false, "")) | 347 EXPECT_CALL(observer, MockCertificateCallback(false, "")) |
199 .Times(1); | 348 .Times(1); |
200 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 349 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
201 &MockObserver::MockCertificateCallback, | 350 &MockObserver::MockCertificateCallback, |
202 base::Unretained(&observer)); | 351 base::Unretained(&observer)); |
203 | 352 |
204 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 353 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
205 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 354 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
206 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 355 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
207 true, mock_callback); | 356 true, mock_callback); |
208 Run(); | 357 RunUntilIdle(); |
209 } | 358 } |
210 | 359 |
211 TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { | 360 TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { |
212 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 361 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
213 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 362 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
214 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) | 363 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) |
215 .Times(1); | 364 .Times(1); |
216 std::string fake_enroll_response = | 365 std::string fake_enroll_response = |
217 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; | 366 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; |
218 fake_enroll_response += "_response"; | 367 fake_enroll_response += "_response"; |
219 EXPECT_CALL(async_caller, | 368 EXPECT_CALL(async_caller, |
220 AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) | 369 AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) |
221 .WillOnce(WithArgs<2>(Invoke(AsyncCallbackFalse))); | 370 .WillOnce(WithArgs<2>(Invoke(AsyncCallbackFalse))); |
222 | 371 |
223 chromeos::MockCryptohomeClient client; | 372 chromeos::MockCryptohomeClient client; |
224 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 373 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
225 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 374 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
226 | 375 |
| 376 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 377 .WillOnce(Invoke(DBusCallbackTrue)); |
| 378 |
227 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 379 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
228 proxy->DeferToFake(true); | 380 proxy->DeferToFake(true); |
229 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 381 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
230 EXPECT_CALL(*proxy, SendEnrollRequest( | 382 EXPECT_CALL(*proxy, SendEnrollRequest( |
231 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, | 383 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, |
232 _)).Times(1); | 384 _)).Times(1); |
233 | 385 |
234 StrictMock<MockObserver> observer; | 386 StrictMock<MockObserver> observer; |
235 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 387 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
236 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 388 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
237 &MockObserver::MockCertificateCallback, | 389 &MockObserver::MockCertificateCallback, |
238 base::Unretained(&observer)); | 390 base::Unretained(&observer)); |
239 | 391 |
240 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 392 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
241 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 393 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
242 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 394 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
243 true, mock_callback); | 395 true, mock_callback); |
244 Run(); | 396 RunUntilIdle(); |
245 } | 397 } |
246 | 398 |
247 TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { | 399 TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { |
248 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 400 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
249 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 401 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
250 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 402 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
251 _, PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, | 403 _, PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, |
252 cryptohome::Identification(), "", _)) | 404 cryptohome::Identification(), "", _)) |
253 .Times(1); | 405 .Times(1); |
254 std::string fake_cert_response = | 406 std::string fake_cert_response = |
(...skipping 21 matching lines...) Expand all Loading... |
276 true, | 428 true, |
277 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); | 429 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); |
278 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 430 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
279 &MockObserver::MockCertificateCallback, | 431 &MockObserver::MockCertificateCallback, |
280 base::Unretained(&observer)); | 432 base::Unretained(&observer)); |
281 | 433 |
282 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 434 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
283 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 435 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
284 flow.GetCertificate(PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, EmptyAccountId(), | 436 flow.GetCertificate(PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, EmptyAccountId(), |
285 "", true, mock_callback); | 437 "", true, mock_callback); |
286 Run(); | 438 RunUntilIdle(); |
287 } | 439 } |
288 | 440 |
289 TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { | 441 TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { |
290 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 442 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
291 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); | 443 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); |
292 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 444 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
293 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, | 445 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
294 cryptohome::Identification(), "", _)) | 446 cryptohome::Identification(), "", _)) |
295 .Times(1); | 447 .Times(1); |
296 | 448 |
297 chromeos::MockCryptohomeClient client; | 449 chromeos::MockCryptohomeClient client; |
298 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 450 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
299 .WillRepeatedly(Invoke(DBusCallbackTrue)); | 451 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
300 | 452 |
301 // We're not expecting any server calls in this case; StrictMock will verify. | 453 // We're not expecting any server calls in this case; StrictMock will verify. |
302 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 454 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
303 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 455 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
304 | 456 |
305 StrictMock<MockObserver> observer; | 457 StrictMock<MockObserver> observer; |
306 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 458 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
307 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 459 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
308 &MockObserver::MockCertificateCallback, | 460 &MockObserver::MockCertificateCallback, |
309 base::Unretained(&observer)); | 461 base::Unretained(&observer)); |
310 | 462 |
311 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 463 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
312 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 464 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
313 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 465 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
314 true, mock_callback); | 466 true, mock_callback); |
315 Run(); | 467 RunUntilIdle(); |
316 } | 468 } |
317 | 469 |
318 TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { | 470 TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { |
319 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 471 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
320 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 472 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
321 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 473 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
322 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, | 474 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
323 cryptohome::Identification(), "", _)) | 475 cryptohome::Identification(), "", _)) |
324 .Times(1); | 476 .Times(1); |
325 | 477 |
(...skipping 11 matching lines...) Expand all Loading... |
337 StrictMock<MockObserver> observer; | 489 StrictMock<MockObserver> observer; |
338 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 490 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
339 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 491 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
340 &MockObserver::MockCertificateCallback, | 492 &MockObserver::MockCertificateCallback, |
341 base::Unretained(&observer)); | 493 base::Unretained(&observer)); |
342 | 494 |
343 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 495 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
344 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 496 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
345 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 497 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
346 true, mock_callback); | 498 true, mock_callback); |
347 Run(); | 499 RunUntilIdle(); |
348 } | 500 } |
349 | 501 |
350 TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { | 502 TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { |
351 // We're not expecting any async calls in this case; StrictMock will verify. | 503 // We're not expecting any async calls in this case; StrictMock will verify. |
352 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 504 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
353 | 505 |
354 chromeos::MockCryptohomeClient client; | 506 chromeos::MockCryptohomeClient client; |
355 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 507 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
356 .WillRepeatedly(Invoke(DBusCallbackFail)); | 508 .WillRepeatedly(Invoke(DBusCallbackFail)); |
357 | 509 |
358 // We're not expecting any server calls in this case; StrictMock will verify. | 510 // We're not expecting any server calls in this case; StrictMock will verify. |
359 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); | 511 std::unique_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); |
360 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); | 512 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); |
361 | 513 |
362 StrictMock<MockObserver> observer; | 514 StrictMock<MockObserver> observer; |
363 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); | 515 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); |
364 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 516 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
365 &MockObserver::MockCertificateCallback, | 517 &MockObserver::MockCertificateCallback, |
366 base::Unretained(&observer)); | 518 base::Unretained(&observer)); |
367 | 519 |
368 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 520 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
369 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 521 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
370 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 522 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
371 true, mock_callback); | 523 true, mock_callback); |
372 Run(); | 524 RunUntilIdle(); |
373 } | 525 } |
374 | 526 |
375 TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { | 527 TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { |
376 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 528 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
377 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 529 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
378 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( | 530 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( |
379 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, | 531 _, PROFILE_ENTERPRISE_USER_CERTIFICATE, |
380 cryptohome::Identification(), "", _)) | 532 cryptohome::Identification(), "", _)) |
381 .Times(1); | 533 .Times(1); |
382 std::string fake_cert_response = | 534 std::string fake_cert_response = |
(...skipping 25 matching lines...) Expand all Loading... |
408 true, | 560 true, |
409 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); | 561 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); |
410 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 562 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
411 &MockObserver::MockCertificateCallback, | 563 &MockObserver::MockCertificateCallback, |
412 base::Unretained(&observer)); | 564 base::Unretained(&observer)); |
413 | 565 |
414 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 566 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
415 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 567 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
416 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 568 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
417 false, mock_callback); | 569 false, mock_callback); |
418 Run(); | 570 RunUntilIdle(); |
419 } | 571 } |
420 | 572 |
421 TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { | 573 TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { |
422 // We're not expecting any async calls in this case; StrictMock will verify. | 574 // We're not expecting any async calls in this case; StrictMock will verify. |
423 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; | 575 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; |
424 | 576 |
425 chromeos::MockCryptohomeClient client; | 577 chromeos::MockCryptohomeClient client; |
426 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 578 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
427 .WillRepeatedly(Invoke(DBusCallbackTrue)); | 579 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
428 EXPECT_CALL(client, | 580 EXPECT_CALL(client, |
(...skipping 12 matching lines...) Expand all Loading... |
441 StrictMock<MockObserver> observer; | 593 StrictMock<MockObserver> observer; |
442 EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1); | 594 EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1); |
443 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 595 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
444 &MockObserver::MockCertificateCallback, | 596 &MockObserver::MockCertificateCallback, |
445 base::Unretained(&observer)); | 597 base::Unretained(&observer)); |
446 | 598 |
447 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 599 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
448 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 600 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
449 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 601 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
450 false, mock_callback); | 602 false, mock_callback); |
451 Run(); | 603 RunUntilIdle(); |
452 } | 604 } |
453 | 605 |
454 TEST_F(AttestationFlowTest, AlternatePCA) { | 606 TEST_F(AttestationFlowTest, AlternatePCA) { |
455 // Strategy: Create a ServerProxy mock which reports ALTERNATE_PCA and check | 607 // Strategy: Create a ServerProxy mock which reports ALTERNATE_PCA and check |
456 // that all calls to the AsyncMethodCaller reflect this PCA type. | 608 // that all calls to the AsyncMethodCaller reflect this PCA type. |
457 std::unique_ptr<MockServerProxy> proxy(new NiceMock<MockServerProxy>()); | 609 std::unique_ptr<MockServerProxy> proxy(new NiceMock<MockServerProxy>()); |
458 proxy->DeferToFake(true); | 610 proxy->DeferToFake(true); |
459 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(Return(ALTERNATE_PCA)); | 611 EXPECT_CALL(*proxy, GetType()).WillRepeatedly(Return(ALTERNATE_PCA)); |
460 | 612 |
461 chromeos::MockCryptohomeClient client; | 613 chromeos::MockCryptohomeClient client; |
462 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) | 614 EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) |
463 .WillRepeatedly(Invoke(DBusCallbackFalse)); | 615 .WillRepeatedly(Invoke(DBusCallbackFalse)); |
464 | 616 |
| 617 EXPECT_CALL(client, TpmAttestationIsPrepared(_)) |
| 618 .WillRepeatedly(Invoke(DBusCallbackTrue)); |
| 619 |
465 NiceMock<cryptohome::MockAsyncMethodCaller> async_caller; | 620 NiceMock<cryptohome::MockAsyncMethodCaller> async_caller; |
466 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 621 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
467 EXPECT_CALL(async_caller, | 622 EXPECT_CALL(async_caller, |
468 AsyncTpmAttestationCreateEnrollRequest(ALTERNATE_PCA, _)) | 623 AsyncTpmAttestationCreateEnrollRequest(ALTERNATE_PCA, _)) |
469 .Times(AtLeast(1)); | 624 .Times(AtLeast(1)); |
470 EXPECT_CALL(async_caller, | 625 EXPECT_CALL(async_caller, |
471 AsyncTpmAttestationEnroll(ALTERNATE_PCA, _, _)) | 626 AsyncTpmAttestationEnroll(ALTERNATE_PCA, _, _)) |
472 .Times(AtLeast(1)); | 627 .Times(AtLeast(1)); |
473 EXPECT_CALL(async_caller, | 628 EXPECT_CALL(async_caller, |
474 AsyncTpmAttestationCreateCertRequest(ALTERNATE_PCA, _, _, _, _)) | 629 AsyncTpmAttestationCreateCertRequest(ALTERNATE_PCA, _, _, _, _)) |
475 .Times(AtLeast(1)); | 630 .Times(AtLeast(1)); |
476 | 631 |
477 NiceMock<MockObserver> observer; | 632 NiceMock<MockObserver> observer; |
478 AttestationFlow::CertificateCallback mock_callback = base::Bind( | 633 AttestationFlow::CertificateCallback mock_callback = base::Bind( |
479 &MockObserver::MockCertificateCallback, | 634 &MockObserver::MockCertificateCallback, |
480 base::Unretained(&observer)); | 635 base::Unretained(&observer)); |
481 | 636 |
482 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); | 637 std::unique_ptr<ServerProxy> proxy_interface(proxy.release()); |
483 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); | 638 AttestationFlow flow(&async_caller, &client, std::move(proxy_interface)); |
484 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", | 639 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, EmptyAccountId(), "", |
485 true, mock_callback); | 640 true, mock_callback); |
486 Run(); | 641 RunUntilIdle(); |
487 } | 642 } |
488 | 643 |
489 } // namespace attestation | 644 } // namespace attestation |
490 } // namespace chromeos | 645 } // namespace chromeos |
OLD | NEW |