Add unit tests for easyUnlockPrivate API - crypto methods

chromeos/dbus/fake_easy_unlock_client.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
+#include "base/json/json_string_value_serializer.h"
+#include "base/strings/stringprintf.h"
 #include "chromeos/dbus/fake_easy_unlock_client.h"
 
+namespace {
+
+// Keys generated using |GenerateEcP256KeyPair| are in the following format:
+// "{<key_type>: <key_pair_index>}".
+// <key_pair_index> is an integer identifying
+// the key pair.
+// <key_type> specifies whether the key is public or private. It can have one
+// of the following valies:
+const char kEc256PrivateKeyKey[] = "ec_p256_private_key";
+const char kEc256PublicKeyKey[] = "ec_p256_public_key";
+
+// Format used to create secure message.
+const char kSecureMessageFormat[] =
+    "{\"securemessage\": {"
+        "\"payload\": \"%s\","
+        "\"key\": \"%s\","
+        "\"associated_data\": \"%s\","
+        "\"public_metadata\": \"%s\","
+        "\"verification_key_id\": \"%s\","
+        "\"encryption_type\": \"%s\","
+        "\"signature_type\": \"%s\""
+    "}}";
+
+// Format used to create unwrapped secure message.
+const char kUnwrappedSecureMessageFormat[] =
+    "{\"unwrapped_securemessage\": {"
+        "\"message\": \"%s\","
+        "\"key\": \"%s\","
+        "\"associated_data\": \"%s\","
+        "\"encryption_type\": \"%s\","
+        "\"signature_type\": \"%s\""
+    "}}";
+
+// Extracts key pair index from a key in format "<key_type>: <key_pair_index>}".
+int ExtractKeyPairIndexFromKey(const std::string& key,
+                               const std::string& key_type) {
+  JSONStringValueSerializer serializer(key);
+  scoped_ptr<base::Value> json_value(serializer.Deserialize(NULL, NULL));
+  if (!json_value)
+    return -1;
+
+  base::DictionaryValue* json_dictionary = NULL;
+  if (!json_value->GetAsDictionary(&json_dictionary))
+    return -1;
+
+  int key_pair_index = -1;
+  if (!json_dictionary->GetInteger(key_type, &key_pair_index))
+    return -1;
+  return key_pair_index;
+}
+
+}  // namespace
+
 namespace chromeos {
 
-FakeEasyUnlockClient::FakeEasyUnlockClient() {}
+// static
+bool FakeEasyUnlockClient::IsEcP256KeyPair(const std::string& private_key,
+                                           const std::string& public_key) {
+  int private_key_index =
+      ExtractKeyPairIndexFromKey(private_key, kEc256PrivateKeyKey);
+  int public_key_index =
+      ExtractKeyPairIndexFromKey(public_key, kEc256PublicKeyKey);
+
+  return private_key_index > 0  && public_key_index == private_key_index;
+}
+
+FakeEasyUnlockClient::FakeEasyUnlockClient() : generated_keys_count_(0) {}
 
 FakeEasyUnlockClient::~FakeEasyUnlockClient() {}
 
 void FakeEasyUnlockClient::Init(dbus::Bus* bus) {}
 
 void FakeEasyUnlockClient::GenerateEcP256KeyPair(
     const KeyPairCallback& callback) {
+  ++generated_keys_count_;
+
+  callback.Run(
+      base::StringPrintf("{\"%s\": %d}",
+                         kEc256PrivateKeyKey,
+                         generated_keys_count_),
+      base::StringPrintf("{\"%s\": %d}",
+                         kEc256PublicKeyKey,
+                         generated_keys_count_));
 }
 
 void FakeEasyUnlockClient::PerformECDHKeyAgreement(
     const std::string& private_key,
     const std::string& public_key,
     const DataCallback& callback) {
+  int private_key_index =
+      ExtractKeyPairIndexFromKey(private_key, kEc256PrivateKeyKey);
+  int public_key_index =
+      ExtractKeyPairIndexFromKey(public_key, kEc256PublicKeyKey);
+  if (private_key_index < 0 || public_key_index < 0) {
+    callback.Run("");
+    return;
+  }
+
+  // The secret key should stay the same if key pairs to which private and
+  // public key belong to are changed. To achieve this, identify the key by
+  // sum and product of key pairs.
+  callback.Run(base::StringPrintf(
+      "{\"secret_key\": [%d, %d]}",
+      private_key_index + public_key_index,
+      private_key_index * public_key_index));
 }
 
 void FakeEasyUnlockClient::CreateSecureMessage(
     const std::string& payload,
-    const std::string& secret_key,
+    const std::string& key,
     const std::string& associated_data,
     const std::string& public_metadata,
     const std::string& verification_key_id,
     const std::string& encryption_type,
     const std::string& signature_type,
     const DataCallback& callback) {
+  callback.Run(base::StringPrintf(kSecureMessageFormat,

[satorux1, 2014/08/29 01:10:50]

I'd suggest inlining the format string here because otherwise it's hard to check
if the %s specifiers and parameters match correctly.

[tbarzic, 2014/08/29 02:47:05]

Done.

+                                  payload.c_str(),
+                                  key.c_str(),
+                                  associated_data.c_str(),
+                                  public_metadata.c_str(),
+                                  verification_key_id.c_str(),
+                                  encryption_type.c_str(),
+                                  signature_type.c_str()));
 }
 
 void FakeEasyUnlockClient::UnwrapSecureMessage(
     const std::string& message,
-    const std::string& secret_key,
+    const std::string& key,
     const std::string& associated_data,
     const std::string& encryption_type,
     const std::string& signature_type,
     const DataCallback& callback) {
+  // TODO(tbarzic): Verify that |message| is in the format returned by
+  // |CreateSecureMessage| and extract payload, metadata and
+  // verification_key_id from there.
+  callback.Run(base::StringPrintf(kUnwrappedSecureMessageFormat,

[satorux1, 2014/08/29 01:10:50]

ditto.

[tbarzic, 2014/08/29 02:47:05]

Done.

+                                  message.c_str(),
+                                  key.c_str(),
+                                  associated_data.c_str(),
+                                  encryption_type.c_str(),
+                                  signature_type.c_str()));
 }
 
 }  // namespace chromeos