| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 // Unit tests for Crypto. |
| 6 |
| 7 #include "crypto.h" |
| 8 |
| 9 #include <openssl/err.h> |
| 10 #include <openssl/evp.h> |
| 11 #include <openssl/rand.h> |
| 12 #include <openssl/sha.h> |
| 13 |
| 14 #include <base/file_util.h> |
| 15 #include <base/logging.h> |
| 16 #include <chromeos/utility.h> |
| 17 #include <gtest/gtest.h> |
| 18 |
| 19 namespace cryptohome { |
| 20 using std::string; |
| 21 |
| 22 const char kImageDir[] = "test_image_dir"; |
| 23 |
| 24 class CryptoTest : public ::testing::Test { |
| 25 public: |
| 26 CryptoTest() { } |
| 27 virtual ~CryptoTest() { } |
| 28 |
| 29 static bool FindBlobInBlob(const SecureBlob& haystack, |
| 30 const SecureBlob& needle) { |
| 31 if (needle.size() > haystack.size()) { |
| 32 return false; |
| 33 } |
| 34 for (unsigned int start = 0; start <= (haystack.size() - needle.size()); |
| 35 start++) { |
| 36 if (memcmp(&haystack[start], &needle[0], needle.size()) == 0) { |
| 37 return true; |
| 38 } |
| 39 } |
| 40 return false; |
| 41 } |
| 42 |
| 43 private: |
| 44 DISALLOW_COPY_AND_ASSIGN(CryptoTest); |
| 45 }; |
| 46 |
| 47 TEST_F(CryptoTest, RandomTest) { |
| 48 // Check that GetSecureRandom() returns different bytes than are passed in or |
| 49 // that come from the entropy source |
| 50 Crypto crypto; |
| 51 crypto.set_entropy_source("/dev/zero"); |
| 52 |
| 53 unsigned char data[32]; |
| 54 memset(data, 1, sizeof(data)); |
| 55 |
| 56 crypto.GetSecureRandom(data, sizeof(data)); |
| 57 |
| 58 unsigned char comparison[32]; |
| 59 memset(comparison, 0, sizeof(comparison)); |
| 60 EXPECT_NE(0, memcmp(data, comparison, sizeof(data))); |
| 61 |
| 62 memset(comparison, 1, sizeof(comparison)); |
| 63 EXPECT_NE(0, memcmp(data, comparison, sizeof(data))); |
| 64 } |
| 65 |
| 66 TEST_F(CryptoTest, EncryptionTest) { |
| 67 // Check that WrapVaultKeyset returns something other than the bytes passed |
| 68 Crypto crypto; |
| 69 |
| 70 VaultKeyset vault_keyset; |
| 71 vault_keyset.CreateRandom(crypto); |
| 72 |
| 73 SecureBlob wrapper(20); |
| 74 crypto.GetSecureRandom(static_cast<unsigned char*>(wrapper.data()), |
| 75 wrapper.size()); |
| 76 SecureBlob salt(PKCS5_SALT_LEN); |
| 77 crypto.GetSecureRandom(static_cast<unsigned char*>(salt.data()), |
| 78 salt.size()); |
| 79 |
| 80 SecureBlob wrapped; |
| 81 EXPECT_EQ(true, crypto.WrapVaultKeyset(vault_keyset, wrapper, salt, |
| 82 &wrapped)); |
| 83 |
| 84 SecureBlob original; |
| 85 EXPECT_EQ(true, vault_keyset.ToBuffer(&original)); |
| 86 |
| 87 EXPECT_EQ(false, CryptoTest::FindBlobInBlob(wrapped, original)); |
| 88 } |
| 89 |
| 90 TEST_F(CryptoTest, DecryptionTest) { |
| 91 // Check that UnwrapVaultKeyset returns the original keyset |
| 92 Crypto crypto; |
| 93 |
| 94 VaultKeyset vault_keyset; |
| 95 vault_keyset.CreateRandom(crypto); |
| 96 |
| 97 SecureBlob wrapper(20); |
| 98 crypto.GetSecureRandom(static_cast<unsigned char*>(wrapper.data()), |
| 99 wrapper.size()); |
| 100 SecureBlob salt(PKCS5_SALT_LEN); |
| 101 crypto.GetSecureRandom(static_cast<unsigned char*>(salt.data()), |
| 102 salt.size()); |
| 103 |
| 104 SecureBlob wrapped; |
| 105 EXPECT_EQ(true, crypto.WrapVaultKeyset(vault_keyset, wrapper, salt, |
| 106 &wrapped)); |
| 107 |
| 108 VaultKeyset new_keyset; |
| 109 EXPECT_EQ(true, crypto.UnwrapVaultKeyset(wrapped, wrapper, &new_keyset)); |
| 110 |
| 111 SecureBlob original_data; |
| 112 EXPECT_EQ(true, vault_keyset.ToBuffer(&original_data)); |
| 113 SecureBlob new_data; |
| 114 EXPECT_EQ(true, new_keyset.ToBuffer(&new_data)); |
| 115 |
| 116 EXPECT_EQ(new_data.size(), original_data.size()); |
| 117 EXPECT_EQ(true, CryptoTest::FindBlobInBlob(new_data, original_data)); |
| 118 } |
| 119 |
| 120 TEST_F(CryptoTest, SaltCreateTest) { |
| 121 // Check that GetOrCreateSalt works |
| 122 Crypto crypto; |
| 123 |
| 124 FilePath salt_path(FilePath(kImageDir).Append("crypto_test_salt")); |
| 125 |
| 126 file_util::Delete(salt_path, false); |
| 127 |
| 128 EXPECT_EQ(false, file_util::PathExists(salt_path)); |
| 129 |
| 130 SecureBlob salt; |
| 131 crypto.GetOrCreateSalt(salt_path, 32, false, &salt); |
| 132 |
| 133 EXPECT_EQ(32, salt.size()); |
| 134 EXPECT_EQ(true, file_util::PathExists(salt_path)); |
| 135 |
| 136 SecureBlob new_salt; |
| 137 crypto.GetOrCreateSalt(salt_path, 32, true, &new_salt); |
| 138 |
| 139 EXPECT_EQ(32, new_salt.size()); |
| 140 EXPECT_EQ(true, file_util::PathExists(salt_path)); |
| 141 |
| 142 EXPECT_EQ(salt.size(), new_salt.size()); |
| 143 EXPECT_EQ(false, CryptoTest::FindBlobInBlob(salt, new_salt)); |
| 144 |
| 145 file_util::Delete(salt_path, false); |
| 146 } |
| 147 |
| 148 TEST_F(CryptoTest, AsciiEncodeTest) { |
| 149 // Check that AsciiEncodeToBuffer works |
| 150 Crypto crypto; |
| 151 |
| 152 SecureBlob blob_in(256); |
| 153 SecureBlob blob_out(512); |
| 154 |
| 155 for (int i = 0; i < 256; i++) { |
| 156 blob_in[i] = i; |
| 157 blob_out[i * 2] = 0; |
| 158 blob_out[i * 2 + 1] = 0; |
| 159 } |
| 160 |
| 161 crypto.AsciiEncodeToBuffer(blob_in, static_cast<char*>(blob_out.data()), |
| 162 blob_out.size()); |
| 163 |
| 164 std::string known_good = chromeos::AsciiEncode(blob_in); |
| 165 std::string test_good(static_cast<char*>(blob_out.data()), blob_out.size()); |
| 166 |
| 167 EXPECT_EQ(0, known_good.compare(test_good)); |
| 168 } |
| 169 |
| 170 } // namespace cryptohome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2645008:
Update on feedback, update dbus API, add unit tests. TEST=manual,unit,BVT BUG=3628 323 (Closed)
Base URL: ssh://git@chromiumos-git/cryptohome.git