| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" | 5 #include "chrome/browser/chromeos/login/auth/parallel_authenticator.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| 11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "base/message_loop/message_loop.h" | 13 #include "base/message_loop/message_loop.h" |
| 14 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
| 15 #include "base/strings/stringprintf.h" | 15 #include "base/strings/stringprintf.h" |
| 16 #include "chrome/browser/chromeos/login/auth/mock_login_status_consumer.h" | 16 #include "chrome/browser/chromeos/login/auth/mock_login_status_consumer.h" |
| 17 #include "chrome/browser/chromeos/login/auth/mock_url_fetchers.h" | 17 #include "chrome/browser/chromeos/login/auth/mock_url_fetchers.h" |
| 18 #include "chrome/browser/chromeos/login/auth/test_attempt_state.h" | 18 #include "chrome/browser/chromeos/login/auth/test_attempt_state.h" |
| 19 #include "chrome/browser/chromeos/login/users/fake_user_manager.h" | 19 #include "chrome/browser/chromeos/login/users/fake_user_manager.h" |
| 20 #include "chrome/browser/chromeos/login/users/user.h" | 20 #include "chrome/browser/chromeos/login/users/user.h" |
| 21 #include "chrome/browser/chromeos/login/users/user_manager.h" | 21 #include "chrome/browser/chromeos/login/users/user_manager.h" |
| 22 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" | 22 #include "chrome/browser/chromeos/ownership/owner_settings_service.h" |
| 23 #include "chrome/browser/chromeos/ownership/owner_settings_service_factory.h" | 23 #include "chrome/browser/chromeos/ownership/owner_settings_service_factory.h" |
| 24 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 24 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 25 #include "chrome/browser/chromeos/settings/cros_settings.h" | 25 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 26 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | 26 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" |
| 27 #include "chrome/browser/chromeos/settings/mock_owner_key_util.h" |
| 27 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" | 28 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" |
| 29 #include "chrome/test/base/testing_browser_process.h" |
| 28 #include "chrome/test/base/testing_profile.h" | 30 #include "chrome/test/base/testing_profile.h" |
| 31 #include "chrome/test/base/testing_profile_manager.h" |
| 29 #include "chromeos/chromeos_switches.h" | 32 #include "chromeos/chromeos_switches.h" |
| 30 #include "chromeos/cryptohome/mock_async_method_caller.h" | 33 #include "chromeos/cryptohome/mock_async_method_caller.h" |
| 31 #include "chromeos/cryptohome/system_salt_getter.h" | 34 #include "chromeos/cryptohome/system_salt_getter.h" |
| 32 #include "chromeos/dbus/fake_cryptohome_client.h" | 35 #include "chromeos/dbus/fake_cryptohome_client.h" |
| 33 #include "chromeos/dbus/fake_dbus_thread_manager.h" | 36 #include "chromeos/dbus/fake_dbus_thread_manager.h" |
| 34 #include "chromeos/login/auth/key.h" | 37 #include "chromeos/login/auth/key.h" |
| 35 #include "chromeos/login/auth/user_context.h" | 38 #include "chromeos/login/auth/user_context.h" |
| 36 #include "content/public/test/test_browser_thread_bundle.h" | 39 #include "content/public/test/test_browser_thread_bundle.h" |
| 40 #include "crypto/nss_util.h" |
| 37 #include "google_apis/gaia/mock_url_fetcher_factory.h" | 41 #include "google_apis/gaia/mock_url_fetcher_factory.h" |
| 38 #include "net/base/net_errors.h" | 42 #include "net/base/net_errors.h" |
| 39 #include "net/url_request/url_request_status.h" | 43 #include "net/url_request/url_request_status.h" |
| 40 #include "testing/gmock/include/gmock/gmock.h" | 44 #include "testing/gmock/include/gmock/gmock.h" |
| 41 #include "testing/gtest/include/gtest/gtest.h" | 45 #include "testing/gtest/include/gtest/gtest.h" |
| 42 #include "third_party/cros_system_api/dbus/service_constants.h" | 46 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 43 #include "url/gurl.h" | 47 #include "url/gurl.h" |
| 44 | 48 |
| 45 using ::testing::Invoke; | 49 using ::testing::Invoke; |
| 46 using ::testing::Return; | 50 using ::testing::Return; |
| 47 using ::testing::_; | 51 using ::testing::_; |
| 48 | 52 |
| 49 namespace chromeos { | 53 namespace chromeos { |
| 50 | 54 |
| 51 class ParallelAuthenticatorTest : public testing::Test { | 55 class ParallelAuthenticatorTest : public testing::Test { |
| 52 public: | 56 public: |
| 53 ParallelAuthenticatorTest() | 57 ParallelAuthenticatorTest() |
| 54 : user_context_("me@nowhere.org"), | 58 : user_context_("me@nowhere.org"), |
| 55 user_manager_(new FakeUserManager()), | 59 user_manager_(new FakeUserManager()), |
| 56 user_manager_enabler_(user_manager_), | 60 user_manager_enabler_(user_manager_), |
| 57 mock_caller_(NULL) { | 61 mock_caller_(NULL), |
| 62 owner_key_util_(new MockOwnerKeyUtil) { |
| 58 user_context_.SetKey(Key("fakepass")); | 63 user_context_.SetKey(Key("fakepass")); |
| 64 user_context_.SetUserIDHash("me_nowhere_com_hash"); |
| 59 const User* user = user_manager_->AddUser(user_context_.GetUserID()); | 65 const User* user = user_manager_->AddUser(user_context_.GetUserID()); |
| 60 profile_.set_profile_name(user_context_.GetUserID()); | 66 profile_.set_profile_name(user_context_.GetUserID()); |
| 61 | 67 |
| 62 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, &profile_); | 68 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, &profile_); |
| 63 | 69 |
| 64 transformed_key_ = *user_context_.GetKey(); | 70 transformed_key_ = *user_context_.GetKey(); |
| 65 transformed_key_.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, | 71 transformed_key_.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, |
| 66 SystemSaltGetter::ConvertRawSaltToHexString( | 72 SystemSaltGetter::ConvertRawSaltToHexString( |
| 67 FakeCryptohomeClient::GetStubSystemSalt())); | 73 FakeCryptohomeClient::GetStubSystemSalt())); |
| 68 } | 74 } |
| 69 | 75 |
| 70 virtual ~ParallelAuthenticatorTest() { | 76 virtual ~ParallelAuthenticatorTest() {} |
| 71 DCHECK(!mock_caller_); | |
| 72 } | |
| 73 | 77 |
| 74 virtual void SetUp() { | 78 virtual void SetUp() { |
| 75 CommandLine::ForCurrentProcess()->AppendSwitch(switches::kLoginManager); | 79 CommandLine::ForCurrentProcess()->AppendSwitch(switches::kLoginManager); |
| 76 | 80 |
| 77 mock_caller_ = new cryptohome::MockAsyncMethodCaller; | 81 mock_caller_ = new cryptohome::MockAsyncMethodCaller; |
| 78 cryptohome::AsyncMethodCaller::InitializeForTesting(mock_caller_); | 82 cryptohome::AsyncMethodCaller::InitializeForTesting(mock_caller_); |
| 79 | 83 |
| 80 FakeDBusThreadManager* fake_dbus_thread_manager = new FakeDBusThreadManager; | 84 FakeDBusThreadManager* fake_dbus_thread_manager = new FakeDBusThreadManager; |
| 81 fake_cryptohome_client_ = new FakeCryptohomeClient; | 85 fake_cryptohome_client_ = new FakeCryptohomeClient; |
| 82 fake_dbus_thread_manager->SetCryptohomeClient( | 86 fake_dbus_thread_manager->SetCryptohomeClient( |
| 83 scoped_ptr<CryptohomeClient>(fake_cryptohome_client_)); | 87 scoped_ptr<CryptohomeClient>(fake_cryptohome_client_)); |
| 84 DBusThreadManager::InitializeForTesting(fake_dbus_thread_manager); | 88 DBusThreadManager::InitializeForTesting(fake_dbus_thread_manager); |
| 85 | 89 |
| 86 SystemSaltGetter::Initialize(); | 90 SystemSaltGetter::Initialize(); |
| 87 | 91 |
| 92 OwnerSettingsService::SetOwnerKeyUtilForTesting(owner_key_util_); |
| 93 |
| 88 auth_ = new ParallelAuthenticator(&consumer_); | 94 auth_ = new ParallelAuthenticator(&consumer_); |
| 89 state_.reset(new TestAttemptState(user_context_, false)); | 95 state_.reset(new TestAttemptState(user_context_, false)); |
| 90 } | 96 } |
| 91 | 97 |
| 92 // Tears down the test fixture. | 98 // Tears down the test fixture. |
| 93 virtual void TearDown() { | 99 virtual void TearDown() { |
| 100 OwnerSettingsService::SetOwnerKeyUtilForTesting(NULL); |
| 94 SystemSaltGetter::Shutdown(); | 101 SystemSaltGetter::Shutdown(); |
| 95 DBusThreadManager::Shutdown(); | 102 DBusThreadManager::Shutdown(); |
| 96 | 103 |
| 97 cryptohome::AsyncMethodCaller::Shutdown(); | 104 cryptohome::AsyncMethodCaller::Shutdown(); |
| 98 mock_caller_ = NULL; | 105 mock_caller_ = NULL; |
| 99 } | 106 } |
| 100 | 107 |
| 101 base::FilePath PopulateTempFile(const char* data, int data_len) { | 108 base::FilePath PopulateTempFile(const char* data, int data_len) { |
| 102 base::FilePath out; | 109 base::FilePath out; |
| 103 FILE* tmp_file = base::CreateAndOpenTemporaryFile(&out); | 110 FILE* tmp_file = base::CreateAndOpenTemporaryFile(&out); |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 186 | 193 |
| 187 content::TestBrowserThreadBundle thread_bundle_; | 194 content::TestBrowserThreadBundle thread_bundle_; |
| 188 | 195 |
| 189 UserContext user_context_; | 196 UserContext user_context_; |
| 190 Key transformed_key_; | 197 Key transformed_key_; |
| 191 | 198 |
| 192 ScopedDeviceSettingsTestHelper device_settings_test_helper_; | 199 ScopedDeviceSettingsTestHelper device_settings_test_helper_; |
| 193 ScopedTestCrosSettings test_cros_settings_; | 200 ScopedTestCrosSettings test_cros_settings_; |
| 194 | 201 |
| 195 TestingProfile profile_; | 202 TestingProfile profile_; |
| 203 scoped_ptr<TestingProfileManager> profile_manager_; |
| 196 FakeUserManager* user_manager_; | 204 FakeUserManager* user_manager_; |
| 197 ScopedUserManagerEnabler user_manager_enabler_; | 205 ScopedUserManagerEnabler user_manager_enabler_; |
| 198 | 206 |
| 199 cryptohome::MockAsyncMethodCaller* mock_caller_; | 207 cryptohome::MockAsyncMethodCaller* mock_caller_; |
| 200 | 208 |
| 209 crypto::ScopedTestNSSDB test_nssdb_; |
| 210 |
| 201 MockConsumer consumer_; | 211 MockConsumer consumer_; |
| 202 scoped_refptr<ParallelAuthenticator> auth_; | 212 scoped_refptr<ParallelAuthenticator> auth_; |
| 203 scoped_ptr<TestAttemptState> state_; | 213 scoped_ptr<TestAttemptState> state_; |
| 204 FakeCryptohomeClient* fake_cryptohome_client_; | 214 FakeCryptohomeClient* fake_cryptohome_client_; |
| 215 |
| 216 scoped_refptr<MockOwnerKeyUtil> owner_key_util_; |
| 205 }; | 217 }; |
| 206 | 218 |
| 207 TEST_F(ParallelAuthenticatorTest, OnLoginSuccess) { | 219 TEST_F(ParallelAuthenticatorTest, OnLoginSuccess) { |
| 208 EXPECT_CALL(consumer_, OnLoginSuccess(user_context_)) | 220 EXPECT_CALL(consumer_, OnLoginSuccess(user_context_)) |
| 209 .Times(1) | 221 .Times(1) |
| 210 .RetiresOnSaturation(); | 222 .RetiresOnSaturation(); |
| 211 | 223 |
| 212 SetAttemptState(auth_.get(), state_.release()); | 224 SetAttemptState(auth_.get(), state_.release()); |
| 213 auth_->OnLoginSuccess(); | 225 auth_->OnLoginSuccess(); |
| 214 } | 226 } |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 269 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 281 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
| 270 SetOwnerState(false, false); | 282 SetOwnerState(false, false); |
| 271 // Test that the mount has succeeded. | 283 // Test that the mount has succeeded. |
| 272 state_.reset(new TestAttemptState(user_context_, false)); | 284 state_.reset(new TestAttemptState(user_context_, false)); |
| 273 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 285 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
| 274 EXPECT_EQ(ParallelAuthenticator::OFFLINE_LOGIN, | 286 EXPECT_EQ(ParallelAuthenticator::OFFLINE_LOGIN, |
| 275 SetAndResolveState(auth_.get(), state_.release())); | 287 SetAndResolveState(auth_.get(), state_.release())); |
| 276 } | 288 } |
| 277 | 289 |
| 278 TEST_F(ParallelAuthenticatorTest, ResolveOwnerNeededFailedMount) { | 290 TEST_F(ParallelAuthenticatorTest, ResolveOwnerNeededFailedMount) { |
| 291 profile_manager_.reset( |
| 292 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); |
| 293 ASSERT_TRUE(profile_manager_->SetUp()); |
| 294 |
| 279 FailOnLoginSuccess(); // Set failing on success as the default... | 295 FailOnLoginSuccess(); // Set failing on success as the default... |
| 280 LoginFailure failure = LoginFailure(LoginFailure::OWNER_REQUIRED); | 296 LoginFailure failure = LoginFailure(LoginFailure::OWNER_REQUIRED); |
| 281 ExpectLoginFailure(failure); | 297 ExpectLoginFailure(failure); |
| 282 | 298 |
| 283 fake_cryptohome_client_->set_unmount_result(true); | 299 fake_cryptohome_client_->set_unmount_result(true); |
| 284 | 300 |
| 285 CrosSettingsProvider* device_settings_provider; | 301 CrosSettingsProvider* device_settings_provider; |
| 286 StubCrosSettingsProvider stub_settings_provider; | 302 StubCrosSettingsProvider stub_settings_provider; |
| 287 // Set up state as though a cryptohome mount attempt has occurred | 303 // Set up state as though a cryptohome mount attempt has occurred |
| 288 // and succeeded but we are in safe mode and the current user is not owner. | 304 // and succeeded but we are in safe mode and the current user is not owner. |
| 289 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 305 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
| 290 SetOwnerState(false, false); | 306 SetOwnerState(false, false); |
| 291 // Remove the real DeviceSettingsProvider and replace it with a stub. | 307 // Remove the real DeviceSettingsProvider and replace it with a stub. |
| 292 device_settings_provider = | 308 device_settings_provider = |
| 293 CrosSettings::Get()->GetProvider(chromeos::kReportDeviceVersionInfo); | 309 CrosSettings::Get()->GetProvider(chromeos::kReportDeviceVersionInfo); |
| 294 EXPECT_TRUE(device_settings_provider != NULL); | 310 EXPECT_TRUE(device_settings_provider != NULL); |
| 295 EXPECT_TRUE( | 311 EXPECT_TRUE( |
| 296 CrosSettings::Get()->RemoveSettingsProvider(device_settings_provider)); | 312 CrosSettings::Get()->RemoveSettingsProvider(device_settings_provider)); |
| 297 CrosSettings::Get()->AddSettingsProvider(&stub_settings_provider); | 313 CrosSettings::Get()->AddSettingsProvider(&stub_settings_provider); |
| 298 CrosSettings::Get()->SetBoolean(kPolicyMissingMitigationMode, true); | 314 CrosSettings::Get()->SetBoolean(kPolicyMissingMitigationMode, true); |
| 299 | 315 |
| 300 // Initialize login state for this test to verify the login state is changed | 316 // Initialize login state for this test to verify the login state is changed |
| 301 // to SAFE_MODE. | 317 // to SAFE_MODE. |
| 302 LoginState::Initialize(); | 318 LoginState::Initialize(); |
| 303 | 319 |
| 304 EXPECT_EQ(ParallelAuthenticator::CONTINUE, | 320 EXPECT_EQ(ParallelAuthenticator::CONTINUE, |
| 305 SetAndResolveState(auth_.get(), state_.release())); | 321 SetAndResolveState(auth_.get(), state_.release())); |
| 306 EXPECT_TRUE(LoginState::Get()->IsInSafeMode()); | 322 EXPECT_TRUE(LoginState::Get()->IsInSafeMode()); |
| 307 | 323 |
| 308 // Simulate TPM token ready event. | |
| 309 OwnerSettingsService* service = | |
| 310 OwnerSettingsServiceFactory::GetForProfile(&profile_); | |
| 311 ASSERT_TRUE(service); | |
| 312 service->OnTPMTokenReady(); | |
| 313 | |
| 314 // Flush all the pending operations. The operations should induce an owner | 324 // Flush all the pending operations. The operations should induce an owner |
| 315 // verification. | 325 // verification. |
| 316 device_settings_test_helper_.Flush(); | 326 device_settings_test_helper_.Flush(); |
| 317 // Test that the mount has succeeded. | 327 |
| 318 state_.reset(new TestAttemptState(user_context_, false)); | 328 state_.reset(new TestAttemptState(user_context_, false)); |
| 319 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); | 329 state_->PresetCryptohomeStatus(true, cryptohome::MOUNT_ERROR_NONE); |
| 330 |
| 331 // The owner key util should not have found the owner key, so login should |
| 332 // not be allowed. |
| 320 EXPECT_EQ(ParallelAuthenticator::OWNER_REQUIRED, | 333 EXPECT_EQ(ParallelAuthenticator::OWNER_REQUIRED, |
| 321 SetAndResolveState(auth_.get(), state_.release())); | 334 SetAndResolveState(auth_.get(), state_.release())); |
| 335 EXPECT_TRUE(LoginState::Get()->IsInSafeMode()); |
| 322 | 336 |
| 323 // Unset global objects used by this test. | 337 // Unset global objects used by this test. |
| 324 LoginState::Shutdown(); | 338 LoginState::Shutdown(); |
| 325 EXPECT_TRUE( | 339 EXPECT_TRUE( |
| 326 CrosSettings::Get()->RemoveSettingsProvider(&stub_settings_provider)); | 340 CrosSettings::Get()->RemoveSettingsProvider(&stub_settings_provider)); |
| 327 CrosSettings::Get()->AddSettingsProvider(device_settings_provider); | 341 CrosSettings::Get()->AddSettingsProvider(device_settings_provider); |
| 328 } | 342 } |
| 329 | 343 |
| 330 TEST_F(ParallelAuthenticatorTest, DriveFailedMount) { | 344 TEST_F(ParallelAuthenticatorTest, DriveFailedMount) { |
| 331 FailOnLoginSuccess(); | 345 FailOnLoginSuccess(); |
| (...skipping 269 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 601 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); | 615 mock_caller_->SetUp(true, cryptohome::MOUNT_ERROR_NONE); |
| 602 EXPECT_CALL(*mock_caller_, AsyncCheckKey(user_context_.GetUserID(), _, _)) | 616 EXPECT_CALL(*mock_caller_, AsyncCheckKey(user_context_.GetUserID(), _, _)) |
| 603 .Times(1) | 617 .Times(1) |
| 604 .RetiresOnSaturation(); | 618 .RetiresOnSaturation(); |
| 605 | 619 |
| 606 auth_->AuthenticateToUnlock(user_context_); | 620 auth_->AuthenticateToUnlock(user_context_); |
| 607 base::MessageLoop::current()->Run(); | 621 base::MessageLoop::current()->Run(); |
| 608 } | 622 } |
| 609 | 623 |
| 610 } // namespace chromeos | 624 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 317613004:
Remove usage of singleton software_slot_ in nss on ChromeOS (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src