Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(22)

Unified Diff: owner_key_unittest.cc

Issue 6793055: [login_manager] Allow new owner keys to be pushed with StorePolicy (Closed) Base URL: http://git.chromium.org/git/login_manager.git@master
Patch Set: remove some debugging code Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « owner_key.cc ('k') | session_manager_service.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: owner_key_unittest.cc
diff --git a/owner_key_unittest.cc b/owner_key_unittest.cc
index 553584a4b421926c50125d4a05bb7ecd7fa63381..1135506b027265a2e19e788264e902aa9ef1e849 100644
--- a/owner_key_unittest.cc
+++ b/owner_key_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -38,6 +38,30 @@ class OwnerKeyTest : public ::testing::Test {
DISALLOW_COPY_AND_ASSIGN(OwnerKeyTest);
};
+TEST_F(OwnerKeyTest, Equals) {
+ // Set up an empty key
+ StartUnowned();
+ OwnerKey key(tmpfile_);
+ ASSERT_TRUE(key.PopulateFromDiskIfPossible());
+ ASSERT_TRUE(key.HaveCheckedDisk());
+ ASSERT_FALSE(key.IsPopulated());
+
+ // Trivial case.
+ EXPECT_TRUE(key.VEquals(std::vector<uint8>()));
+
+ // Ensure that 0-length keys don't cause us to return true for everything.
+ std::vector<uint8> fake(1, 1);
+ EXPECT_FALSE(key.VEquals(fake));
+
+ // Populate the key.
+ ASSERT_TRUE(key.PopulateFromBuffer(fake));
+ ASSERT_TRUE(key.HaveCheckedDisk());
+ ASSERT_TRUE(key.IsPopulated());
+
+ // Real comparison.
+ EXPECT_TRUE(key.VEquals(fake));
+}
+
TEST_F(OwnerKeyTest, LoadKey) {
OwnerKey key(tmpfile_);
ASSERT_FALSE(key.HaveCheckedDisk());
@@ -120,7 +144,7 @@ TEST_F(OwnerKeyTest, SignVerify) {
base::EnsureNSSInit();
base::OpenPersistentNSSDB();
scoped_ptr<base::RSAPrivateKey> pair(
- base::RSAPrivateKey::CreateSensitive(2048));
+ base::RSAPrivateKey::CreateSensitive(512));
ASSERT_NE(pair.get(), reinterpret_cast<base::RSAPrivateKey*>(NULL));
ASSERT_TRUE(key.PopulateFromDiskIfPossible());
@@ -134,11 +158,64 @@ TEST_F(OwnerKeyTest, SignVerify) {
ASSERT_TRUE(key.IsPopulated());
std::string data("whatever");
+ const uint8* data_p = reinterpret_cast<const uint8*>(data.c_str());
std::vector<uint8> signature;
- EXPECT_TRUE(key.Sign(data.c_str(), data.length(), &signature));
- EXPECT_TRUE(key.Verify(data.c_str(),
+ EXPECT_TRUE(key.Sign(data_p, data.length(), &signature));
+ EXPECT_TRUE(key.Verify(data_p,
data.length(),
- reinterpret_cast<const char*>(&signature[0]),
+ &signature[0],
signature.size()));
}
+
+TEST_F(OwnerKeyTest, RotateKey) {
+ StartUnowned();
+ OwnerKey key(tmpfile_);
+
+ base::EnsureNSSInit();
+ base::OpenPersistentNSSDB();
+ scoped_ptr<base::RSAPrivateKey> pair(
+ base::RSAPrivateKey::CreateSensitive(512));
+ ASSERT_NE(pair.get(), reinterpret_cast<base::RSAPrivateKey*>(NULL));
+
+ ASSERT_TRUE(key.PopulateFromDiskIfPossible());
+ ASSERT_TRUE(key.HaveCheckedDisk());
+ ASSERT_FALSE(key.IsPopulated());
+
+ std::vector<uint8> to_export;
+ ASSERT_TRUE(pair->ExportPublicKey(&to_export));
+ ASSERT_TRUE(key.PopulateFromBuffer(to_export));
+ ASSERT_TRUE(key.HaveCheckedDisk());
+ ASSERT_TRUE(key.IsPopulated());
+ ASSERT_TRUE(key.Persist());
+
+ OwnerKey key2(tmpfile_);
+ ASSERT_TRUE(key2.PopulateFromDiskIfPossible());
+ ASSERT_TRUE(key2.HaveCheckedDisk());
+ ASSERT_TRUE(key2.IsPopulated());
+
+ scoped_ptr<base::RSAPrivateKey> new_pair(
+ base::RSAPrivateKey::CreateSensitive(512));
+ ASSERT_NE(new_pair.get(), reinterpret_cast<base::RSAPrivateKey*>(NULL));
+ std::vector<uint8> new_export;
+ ASSERT_TRUE(new_pair->ExportPublicKey(&new_export));
+
+ std::vector<uint8> signature;
+ ASSERT_TRUE(key2.Sign(&new_export[0], new_export.size(), &signature));
+ ASSERT_TRUE(key2.Rotate(new_export, signature));
+ ASSERT_TRUE(key2.Persist());
+}
+
+TEST_F(OwnerKeyTest, ClobberKey) {
+ OwnerKey key(tmpfile_);
+
+ ASSERT_TRUE(key.PopulateFromDiskIfPossible());
+ ASSERT_TRUE(key.HaveCheckedDisk());
+ ASSERT_TRUE(key.IsPopulated());
+
+ std::vector<uint8> fake(1, 1);
+ key.ClobberCompromisedKey(fake);
+ ASSERT_TRUE(key.VEquals(fake));
+ ASSERT_TRUE(key.Persist());
+}
+
} // namespace login_manager
« no previous file with comments | « owner_key.cc ('k') | session_manager_service.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698