| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/signin/local_auth.h" | 5 #include "chrome/browser/signin/local_auth.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
| 9 #include "chrome/browser/profiles/profile_manager.h" | 9 #include "chrome/browser/profiles/profile_manager.h" |
| 10 #include "chrome/test/base/testing_browser_process.h" | 10 #include "chrome/test/base/testing_browser_process.h" |
| (...skipping 24 matching lines...) Expand all Loading... |
| 35 EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password)); | 35 EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password)); |
| 36 | 36 |
| 37 SetLocalAuthCredentials(prof, password); | 37 SetLocalAuthCredentials(prof, password); |
| 38 std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0); | 38 std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0); |
| 39 | 39 |
| 40 // We perform basic validation on the written record to ensure bugs don't slip | 40 // We perform basic validation on the written record to ensure bugs don't slip |
| 41 // in that cannot be seen from the API: | 41 // in that cannot be seen from the API: |
| 42 // - The encoding exists (we can guarantee future backward compatibility). | 42 // - The encoding exists (we can guarantee future backward compatibility). |
| 43 // - The plaintext version of the password is not mistakenly stored anywhere. | 43 // - The plaintext version of the password is not mistakenly stored anywhere. |
| 44 EXPECT_FALSE(passhash.empty()); | 44 EXPECT_FALSE(passhash.empty()); |
| 45 EXPECT_EQ('1', passhash[0]); | 45 EXPECT_EQ('2', passhash[0]); |
| 46 EXPECT_EQ(passhash.find(password), std::string::npos); | 46 EXPECT_EQ(passhash.find(password), std::string::npos); |
| 47 | 47 |
| 48 std::string decodedhash; | 48 std::string decodedhash; |
| 49 base::Base64Decode(passhash.substr(1), &decodedhash); | 49 base::Base64Decode(passhash.substr(1), &decodedhash); |
| 50 EXPECT_FALSE(decodedhash.empty()); | 50 EXPECT_FALSE(decodedhash.empty()); |
| 51 EXPECT_EQ(decodedhash.find(password), std::string::npos); | 51 EXPECT_EQ(decodedhash.find(password), std::string::npos); |
| 52 | 52 |
| 53 EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password)); | 53 EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password)); |
| 54 EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password + "1")); | 54 EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password + "1")); |
| 55 | 55 |
| 56 SetLocalAuthCredentials(prof, password); // makes different salt | 56 SetLocalAuthCredentials(prof, password); // makes different salt |
| 57 EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0)); | 57 EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0)); |
| 58 } | 58 } |
| 59 |
| 60 |
| 61 TEST(LocalAuthTest, SetUpgradeAndCheckCredentials) { |
| 62 TestingProfileManager testing_profile_manager( |
| 63 TestingBrowserProcess::GetGlobal()); |
| 64 ASSERT_TRUE(testing_profile_manager.SetUp()); |
| 65 Profile* prof = testing_profile_manager.CreateTestingProfile("p1"); |
| 66 ProfileInfoCache& cache = |
| 67 testing_profile_manager.profile_manager()->GetProfileInfoCache(); |
| 68 |
| 69 std::string password("Some Password"); |
| 70 size_t profile_index = cache.GetIndexOfProfileWithPath(prof->GetPath()); |
| 71 SetLocalAuthCredentialsWithEncoding(profile_index, password, '1'); |
| 72 |
| 73 // Ensure we indeed persisted the correct encoding. |
| 74 std::string oldpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex( |
| 75 profile_index); |
| 76 EXPECT_EQ('1', oldpasshash[0]); |
| 77 |
| 78 // Validate, ensure we can validate against the old encoding. |
| 79 EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password)); |
| 80 |
| 81 // Ensure we updated the encoding. |
| 82 std::string newpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex( |
| 83 profile_index); |
| 84 EXPECT_EQ('2', newpasshash[0]); |
| 85 // Encoding '2' writes fewer bytes than encoding '1'. |
| 86 EXPECT_LE(newpasshash.length(), oldpasshash.length()); |
| 87 |
| 88 // Validate, ensure we validate against the new encoding. |
| 89 EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password)); |
| 90 } |
| 91 |
| 92 TEST(LocalAuthTest, TruncateStringTo16Bits) { |
| 93 std::string two_chars = "AB"; |
| 94 std::string three_chars = "ABC"; |
| 95 EXPECT_EQ(two_chars, TruncateStringByBits(two_chars, 16)); |
| 96 EXPECT_EQ(two_chars, TruncateStringByBits(three_chars, 16)); |
| 97 } |
| 98 |
| 99 TEST(LocalAuthTest, TruncateStringTo14BitsLowBitsOnly) { |
| 100 std::string two_chars = "A6"; |
| 101 std::string three_chars = "A6C"; |
| 102 EXPECT_EQ(two_chars, TruncateStringByBits(two_chars, 14)); |
| 103 EXPECT_EQ(two_chars, TruncateStringByBits(three_chars, 14)); |
| 104 } |
| 105 |
| 106 TEST(LocalAuthTest, TruncateStringTo14BitsLowAndHighBits) { |
| 107 std::string two_chars = "Az"; |
| 108 std::string three_chars = "AzC"; |
| 109 // 'z' = 0x7A, ':' = 0x3A. |
| 110 std::string two_chars_truncated = "A:"; |
| 111 EXPECT_EQ(two_chars_truncated, TruncateStringByBits(two_chars, 14)); |
| 112 EXPECT_EQ(two_chars_truncated, TruncateStringByBits(three_chars, 14)); |
| 113 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 862103002:
Only store leading 13 bits of password hash. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master