Add a Key class

chrome/browser/chromeos/login/auth/parallel_authenticator_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h"
 
 #include <string>
 
 #include "base/command_line.h"
 #include "base/file_util.h"
 #include "base/files/file_path.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop/message_loop.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
+#include "chrome/browser/chromeos/login/auth/key.h"
 #include "chrome/browser/chromeos/login/auth/mock_login_status_consumer.h"
 #include "chrome/browser/chromeos/login/auth/mock_url_fetchers.h"
 #include "chrome/browser/chromeos/login/auth/test_attempt_state.h"
 #include "chrome/browser/chromeos/login/auth/user_context.h"
 #include "chrome/browser/chromeos/login/users/mock_user_manager.h"
 #include "chrome/browser/chromeos/login/users/user_manager.h"
 #include "chrome/browser/chromeos/settings/cros_settings.h"
 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h"
 #include "chrome/test/base/testing_profile.h"
@@ skipping 13 matching lines @@
 
 using ::testing::Invoke;
 using ::testing::Return;
 using ::testing::_;
 
 namespace chromeos {
 
 class ParallelAuthenticatorTest : public testing::Test {
  public:
   ParallelAuthenticatorTest()
-      : username_("me@nowhere.org"),
-        password_("fakepass"),
-        hash_ascii_(ParallelAuthenticator::HashPassword(
-            password_,
-            SystemSaltGetter::ConvertRawSaltToHexString(
-                FakeCryptohomeClient::GetStubSystemSalt()))),
+      : user_context_("me@nowhere.org"),
         user_manager_enabler_(new MockUserManager),
         mock_caller_(NULL) {
+    user_context_.SetKey(Key("fakepass"));
+    transformed_key_ = *user_context_.GetKey();
+    transformed_key_.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF,
+                               SystemSaltGetter::ConvertRawSaltToHexString(
+                                   FakeCryptohomeClient::GetStubSystemSalt()));
   }
 
   virtual ~ParallelAuthenticatorTest() {
     DCHECK(!mock_caller_);
   }
 
   virtual void SetUp() {
     CommandLine::ForCurrentProcess()->AppendSwitch(switches::kLoginManager);
 
     mock_caller_ = new cryptohome::MockAsyncMethodCaller;
     cryptohome::AsyncMethodCaller::InitializeForTesting(mock_caller_);
 
     FakeDBusThreadManager* fake_dbus_thread_manager = new FakeDBusThreadManager;
     fake_cryptohome_client_ = new FakeCryptohomeClient;
     fake_dbus_thread_manager->SetCryptohomeClient(
         scoped_ptr<CryptohomeClient>(fake_cryptohome_client_));
     DBusThreadManager::InitializeForTesting(fake_dbus_thread_manager);
 
     SystemSaltGetter::Initialize();
 
     auth_ = new ParallelAuthenticator(&consumer_);
-    UserContext user_context(username_);
-    user_context.SetPassword(password_);
-    state_.reset(new TestAttemptState(user_context, false));
+    state_.reset(new TestAttemptState(user_context_, false));
   }
 
   // Tears down the test fixture.
   virtual void TearDown() {
     SystemSaltGetter::Shutdown();
     DBusThreadManager::Shutdown();
 
     cryptohome::AsyncMethodCaller::Shutdown();
     mock_caller_ = NULL;
   }
@@ skipping 40 matching lines @@
         .WillOnce(Invoke(MockConsumer::OnFailQuit))
         .RetiresOnSaturation();
   }
 
   void ExpectRetailModeLoginSuccess() {
     EXPECT_CALL(consumer_, OnRetailModeLoginSuccess(_))
         .WillOnce(Invoke(MockConsumer::OnRetailModeSuccessQuit))
         .RetiresOnSaturation();
   }
 
-  void ExpectLoginSuccess(const std::string& username,
-                          const std::string& password,
-                          const std::string& username_hash,
-                          bool pending) {
-    UserContext user_context(username);
-    user_context.SetPassword(password);
-    user_context.SetUserIDHash(username_hash);
+  void ExpectLoginSuccess(const UserContext& user_context) {
     EXPECT_CALL(consumer_, OnLoginSuccess(user_context))
         .WillOnce(Invoke(MockConsumer::OnSuccessQuit))
         .RetiresOnSaturation();
   }
 
   void ExpectGuestLoginSuccess() {
     EXPECT_CALL(consumer_, OnOffTheRecordLoginSuccess())
         .WillOnce(Invoke(MockConsumer::OnGuestSuccessQuit))
         .RetiresOnSaturation();
   }
@@ skipping 18 matching lines @@
     auth->set_attempt_state(state);
     return auth->ResolveState();
   }
 
   void SetOwnerState(bool owner_check_finished, bool check_result) {
     auth_->SetOwnerState(owner_check_finished, check_result);
   }
 
   content::TestBrowserThreadBundle thread_bundle_;
 
-  std::string username_;
-  std::string password_;
-  std::string username_hash_;
-  std::string hash_ascii_;
+  UserContext user_context_;
+  Key transformed_key_;
 
   ScopedDeviceSettingsTestHelper device_settings_test_helper_;
   ScopedTestCrosSettings test_cros_settings_;
 
   ScopedUserManagerEnabler user_manager_enabler_;
 
   cryptohome::MockAsyncMethodCaller* mock_caller_;
 
   MockConsumer consumer_;
   scoped_refptr<ParallelAuthenticator> auth_;
   scoped_ptr<TestAttemptState> state_;
   FakeCryptohomeClient* fake_cryptohome_client_;
 };
 
 TEST_F(ParallelAuthenticatorTest, OnLoginSuccess) {
-  UserContext user_context(username_);
-  user_context.SetPassword(password_);
-  user_context.SetUserIDHash(username_hash_);
-  EXPECT_CALL(consumer_, OnLoginSuccess(user_context))
+  EXPECT_CALL(consumer_, OnLoginSuccess(user_context_))
       .Times(1)
       .RetiresOnSaturation();
 
   SetAttemptState(auth_.get(), state_.release());
   auth_->OnLoginSuccess();
 }
 
 TEST_F(ParallelAuthenticatorTest, OnPasswordChangeDetected) {
   EXPECT_CALL(consumer_, OnPasswordChangeDetected())
       .Times(1)
@@ skipping 42 matching lines @@
             SetAndResolveState(auth_.get(), state_.release()));
 }
 
 TEST_F(ParallelAuthenticatorTest, ResolveOwnerNeededMount) {
   // Set up state as though a cryptohome mount attempt has occurred
   // and succeeded but we are in safe mode and the current user is not owner.
   // This test will check that the "safe-mode" policy is not set and will let
   // the mount finish successfully.
   state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE);
   SetOwnerState(false, false);
-  // and test that the mount has succeeded.
-  UserContext user_context(username_);
-  user_context.SetPassword(password_);
-  state_.reset(new TestAttemptState(user_context, false));
+  // Test that the mount has succeeded.
+  state_.reset(new TestAttemptState(user_context_, false));
   state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE);
   EXPECT_EQ(ParallelAuthenticator::OFFLINE_LOGIN,
             SetAndResolveState(auth_.get(), state_.release()));
 }
 
 TEST_F(ParallelAuthenticatorTest, ResolveOwnerNeededFailedMount) {
   FailOnLoginSuccess();  // Set failing on success as the default...
   LoginFailure failure = LoginFailure(LoginFailure::OWNER_REQUIRED);
   ExpectLoginFailure(failure);
 
@@ skipping 21 matching lines @@
   EXPECT_EQ(ParallelAuthenticator::CONTINUE,
             SetAndResolveState(auth_.get(), state_.release()));
   EXPECT_TRUE(LoginState::Get()->IsInSafeMode());
 
   // Simulate TPM token ready event.
   DeviceSettingsService::Get()->OnTPMTokenReady();
 
   // Flush all the pending operations. The operations should induce an owner
   // verification.
   device_settings_test_helper_.Flush();
-  // and test that the mount has succeeded.
-  UserContext user_context(username_);
-  user_context.SetPassword(password_);
-  state_.reset(new TestAttemptState(user_context, false));
+  // Test that the mount has succeeded.
+  state_.reset(new TestAttemptState(user_context_, false));
   state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE);
   EXPECT_EQ(ParallelAuthenticator::OWNER_REQUIRED,
             SetAndResolveState(auth_.get(), state_.release()));
 
   // Unset global objects used by this test.
   LoginState::Shutdown();
   EXPECT_TRUE(
       CrosSettings::Get()->RemoveSettingsProvider(&stub_settings_provider));
   CrosSettings::Get()->AddSettingsProvider(device_settings_provider);
 }
@@ skipping 64 matching lines @@
   mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_NONE);
   EXPECT_CALL(*mock_caller_, AsyncMountGuest(_))
       .Times(1)
       .RetiresOnSaturation();
 
   auth_->LoginRetailMode();
   base::MessageLoop::current()->Run();
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveDataResync) {
-  ExpectLoginSuccess(username_,
-                     password_,
-                     cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername,
-                     false);
+  UserContext expected_user_context(user_context_);
+  expected_user_context.SetUserIDHash(
+      cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername);
+  ExpectLoginSuccess(expected_user_context);
   FailOnLoginFailure();
 
   // Set up mock async method caller to respond successfully to a cryptohome
   // remove attempt and a cryptohome create attempt (indicated by the
   // |CREATE_IF_MISSING| flag to AsyncMount).
   mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE);
-  EXPECT_CALL(*mock_caller_, AsyncRemove(username_, _))
+  EXPECT_CALL(*mock_caller_, AsyncRemove(user_context_.GetUserID(), _))
       .Times(1)
       .RetiresOnSaturation();
-  EXPECT_CALL(*mock_caller_, AsyncMount(username_, hash_ascii_,
-                                        cryptohome::CREATE_IF_MISSING, _))
+  EXPECT_CALL(*mock_caller_, AsyncMount(user_context_.GetUserID(),
+                                        transformed_key_.GetSecret(),
+                                        cryptohome::CREATE_IF_MISSING,
+                                        _))
       .Times(1)
       .RetiresOnSaturation();
-  EXPECT_CALL(*mock_caller_, AsyncGetSanitizedUsername(username_, _))
+  EXPECT_CALL(*mock_caller_,
+              AsyncGetSanitizedUsername(user_context_.GetUserID(), _))
       .Times(1)
       .RetiresOnSaturation();
 
   state_->PresetOnlineLoginStatus(LoginFailure::LoginFailureNone());
   SetAttemptState(auth_.get(), state_.release());
 
   auth_->ResyncEncryptedData();
   base::MessageLoop::current()->Run();
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveResyncFail) {
   FailOnLoginSuccess();
   ExpectLoginFailure(LoginFailure(LoginFailure::DATA_REMOVAL_FAILED));
 
   // Set up mock async method caller to fail a cryptohome remove attempt.
   mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_NONE);
-  EXPECT_CALL(*mock_caller_, AsyncRemove(username_, _))
+  EXPECT_CALL(*mock_caller_, AsyncRemove(user_context_.GetUserID(), _))
       .Times(1)
       .RetiresOnSaturation();
 
   SetAttemptState(auth_.get(), state_.release());
 
   auth_->ResyncEncryptedData();
   base::MessageLoop::current()->Run();
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveRequestOldPassword) {
   FailOnLoginSuccess();
   ExpectPasswordChange();
 
   state_->PresetCryptohomeStatus(false, cryptohome::MOUNT_ERROR_KEY_FAILURE);
   state_->PresetOnlineLoginStatus(LoginFailure::LoginFailureNone());
   SetAttemptState(auth_.get(), state_.release());
 
   RunResolve(auth_.get());
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveDataRecover) {
-  ExpectLoginSuccess(username_,
-                     password_,
-                     cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername,
-                     false);
+  UserContext expected_user_context(user_context_);
+  expected_user_context.SetUserIDHash(
+      cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername);
+  ExpectLoginSuccess(expected_user_context);
   FailOnLoginFailure();
 
   // Set up mock async method caller to respond successfully to a key migration.
   mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE);
-  EXPECT_CALL(*mock_caller_, AsyncMigrateKey(username_, _, hash_ascii_, _))
+  EXPECT_CALL(*mock_caller_, AsyncMigrateKey(user_context_.GetUserID(),
+                                             _,
+                                             transformed_key_.GetSecret(),
+                                             _))
       .Times(1)
       .RetiresOnSaturation();
-  EXPECT_CALL(*mock_caller_, AsyncMount(username_, hash_ascii_,
-                                        cryptohome::MOUNT_FLAGS_NONE, _))
+  EXPECT_CALL(*mock_caller_, AsyncMount(user_context_.GetUserID(),
+                                        transformed_key_.GetSecret(),
+                                        cryptohome::MOUNT_FLAGS_NONE,
+                                        _))
       .Times(1)
       .RetiresOnSaturation();
-  EXPECT_CALL(*mock_caller_, AsyncGetSanitizedUsername(username_, _))
+  EXPECT_CALL(*mock_caller_,
+              AsyncGetSanitizedUsername(user_context_.GetUserID(), _))
         .Times(1)
         .RetiresOnSaturation();
 
   state_->PresetOnlineLoginStatus(LoginFailure::LoginFailureNone());
   SetAttemptState(auth_.get(), state_.release());
 
   auth_->RecoverEncryptedData(std::string());
   base::MessageLoop::current()->Run();
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveDataRecoverButFail) {
   FailOnLoginSuccess();
   ExpectPasswordChange();
 
   // Set up mock async method caller to fail a key migration attempt,
   // asserting that the wrong password was used.
   mock_caller_->SetUp(false, cryptohome::MOUNT_ERROR_KEY_FAILURE);
-  EXPECT_CALL(*mock_caller_, AsyncMigrateKey(username_, _, hash_ascii_, _))
+  EXPECT_CALL(*mock_caller_, AsyncMigrateKey(user_context_.GetUserID(),
+                                             _,
+                                             transformed_key_.GetSecret(),
+                                             _))
       .Times(1)
       .RetiresOnSaturation();
 
   SetAttemptState(auth_.get(), state_.release());
 
   auth_->RecoverEncryptedData(std::string());
   base::MessageLoop::current()->Run();
 }
 
 TEST_F(ParallelAuthenticatorTest, ResolveNoMountToFailedMount) {
@@ skipping 14 matching lines @@
   // an online auth attempt has completed successfully.
   state_->PresetCryptohomeStatus(false,
                                  cryptohome::MOUNT_ERROR_USER_DOES_NOT_EXIST);
   state_->PresetOnlineLoginStatus(LoginFailure::LoginFailureNone());
 
   EXPECT_EQ(ParallelAuthenticator::CREATE_NEW,
             SetAndResolveState(auth_.get(), state_.release()));
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveCreateForNewUser) {
-  ExpectLoginSuccess(username_,
-                     password_,
-                     cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername,
-                     false);
+  UserContext expected_user_context(user_context_);
+  expected_user_context.SetUserIDHash(
+      cryptohome::MockAsyncMethodCaller::kFakeSanitizedUsername);
+  ExpectLoginSuccess(expected_user_context);
   FailOnLoginFailure();
 
   // Set up mock async method caller to respond successfully to a cryptohome
   // create attempt (indicated by the |CREATE_IF_MISSING| flag to AsyncMount).
   mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE);
-  EXPECT_CALL(*mock_caller_, AsyncMount(username_, hash_ascii_,
-                                        cryptohome::CREATE_IF_MISSING, _))
+  EXPECT_CALL(*mock_caller_, AsyncMount(user_context_.GetUserID(),
+                                        transformed_key_.GetSecret(),
+                                        cryptohome::CREATE_IF_MISSING,
+                                        _))
       .Times(1)
       .RetiresOnSaturation();
-  EXPECT_CALL(*mock_caller_, AsyncGetSanitizedUsername(username_, _))
+  EXPECT_CALL(*mock_caller_,
+              AsyncGetSanitizedUsername(user_context_.GetUserID(), _))
       .Times(1)
       .RetiresOnSaturation();
 
   // Set up state as though a cryptohome mount attempt has occurred
   // and been rejected because the user doesn't exist; additionally,
   // an online auth attempt has completed successfully.
   state_->PresetCryptohomeStatus(false,
                                  cryptohome::MOUNT_ERROR_USER_DOES_NOT_EXIST);
   state_->PresetOnlineLoginStatus(LoginFailure::LoginFailureNone());
   SetAttemptState(auth_.get(), state_.release());
 
   RunResolve(auth_.get());
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveOfflineLogin) {
-  ExpectLoginSuccess(username_, password_, username_hash_, false);
+  ExpectLoginSuccess(user_context_);
   FailOnLoginFailure();
 
   // Set up state as though a cryptohome mount attempt has occurred and
   // succeeded.
   state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE);
   SetAttemptState(auth_.get(), state_.release());
 
   RunResolve(auth_.get());
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveOnlineLogin) {
-  ExpectLoginSuccess(username_, password_, username_hash_, false);
+  ExpectLoginSuccess(user_context_);
   FailOnLoginFailure();
 
   // Set up state as though a cryptohome mount attempt has occurred and
   // succeeded.
   state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE);
   state_->PresetOnlineLoginStatus(LoginFailure::LoginFailureNone());
   SetAttemptState(auth_.get(), state_.release());
 
   RunResolve(auth_.get());
 }
 
 TEST_F(ParallelAuthenticatorTest, DriveUnlock) {
-  ExpectLoginSuccess(username_, std::string(), std::string(), false);
+  ExpectLoginSuccess(user_context_);
   FailOnLoginFailure();
 
   // Set up mock async method caller to respond successfully to a cryptohome
   // key-check attempt.
   mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE);
-  EXPECT_CALL(*mock_caller_, AsyncCheckKey(username_, _, _))
+  EXPECT_CALL(*mock_caller_, AsyncCheckKey(user_context_.GetUserID(), _, _))
       .Times(1)
       .RetiresOnSaturation();
 
-  auth_->AuthenticateToUnlock(UserContext(username_));
+  auth_->AuthenticateToUnlock(user_context_);
   base::MessageLoop::current()->Run();
 }
 
 }  // namespace chromeos