Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2026)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/signin/local_auth_unittest.cc

Issue 862103002: Only store leading 13 bits of password hash. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Make LocalAuth a class so methods can be private and exposed only to tests. Created 5 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/signin/local_auth.cc ('k') | chrome/browser/signin/signin_manager_factory.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/signin/local_auth_unittest.cc
diff --git a/chrome/browser/signin/local_auth_unittest.cc b/chrome/browser/signin/local_auth_unittest.cc
index 68ee397043ad9c9614b444ad6611043eda24453d..1a629e882023f7d032ed2421e462a148834c5cea 100644
--- a/chrome/browser/signin/local_auth_unittest.cc
+++ b/chrome/browser/signin/local_auth_unittest.cc
@@ -15,8 +15,6 @@
#include "testing/gtest/include/gtest/gtest.h"
-using namespace chrome;
-
TEST(LocalAuthTest, SetAndCheckCredentials) {
TestingProfileManager testing_profile_manager(
TestingBrowserProcess::GetGlobal());
@@ -32,9 +30,9 @@ TEST(LocalAuthTest, SetAndCheckCredentials) {
#endif
std::string password("Some Password");
- EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password));
+ EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
- SetLocalAuthCredentials(prof, password);
+ LocalAuth::SetLocalAuthCredentials(prof, password);
std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0);
// We perform basic validation on the written record to ensure bugs don't slip
@@ -42,7 +40,7 @@ TEST(LocalAuthTest, SetAndCheckCredentials) {
// - The encoding exists (we can guarantee future backward compatibility).
// - The plaintext version of the password is not mistakenly stored anywhere.
EXPECT_FALSE(passhash.empty());
- EXPECT_EQ('1', passhash[0]);
+ EXPECT_EQ('2', passhash[0]);
EXPECT_EQ(passhash.find(password), std::string::npos);
std::string decodedhash;
@@ -50,9 +48,64 @@ TEST(LocalAuthTest, SetAndCheckCredentials) {
EXPECT_FALSE(decodedhash.empty());
EXPECT_EQ(decodedhash.find(password), std::string::npos);
- EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password));
- EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password + "1"));
+ EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
+ EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password + "1"));
- SetLocalAuthCredentials(prof, password); // makes different salt
+ LocalAuth::SetLocalAuthCredentials(prof, password); // makes different salt
EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
}
+
+
+TEST(LocalAuthTest, SetUpgradeAndCheckCredentials) {
+ TestingProfileManager testing_profile_manager(
+ TestingBrowserProcess::GetGlobal());
+ ASSERT_TRUE(testing_profile_manager.SetUp());
+ Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
+ ProfileInfoCache& cache =
+ testing_profile_manager.profile_manager()->GetProfileInfoCache();
+
+ std::string password("Some Password");
+ size_t profile_index = cache.GetIndexOfProfileWithPath(prof->GetPath());
+ LocalAuth::SetLocalAuthCredentialsWithEncoding(profile_index, password, '1');
+
+ // Ensure we indeed persisted the correct encoding.
+ std::string oldpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex(
+ profile_index);
+ EXPECT_EQ('1', oldpasshash[0]);
+
+ // Validate, ensure we can validate against the old encoding.
+ EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
+
+ // Ensure we updated the encoding.
+ std::string newpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex(
+ profile_index);
+ EXPECT_EQ('2', newpasshash[0]);
+ // Encoding '2' writes fewer bytes than encoding '1'.
+ EXPECT_LE(newpasshash.length(), oldpasshash.length());
+
+ // Validate, ensure we validate against the new encoding.
+ EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
+}
+
+// Test truncation where each byte is left whole.
+TEST(LocalAuthTest, TruncateStringEvenly) {
+ std::string two_chars = "A6";
+ std::string three_chars = "A6C";
+ EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 16));
+ EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 16));
+
+ EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 14));
+ EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 14));
+}
+
+// Test truncation that affects the results within a byte.
+TEST(LocalAuthTest, TruncateStringUnevenly) {
+ std::string two_chars = "Az";
+ std::string three_chars = "AzC";
+ // 'z' = 0x7A, ':' = 0x3A.
+ std::string two_chars_truncated = "A:";
+ EXPECT_EQ(two_chars_truncated,
+ LocalAuth::TruncateStringByBits(two_chars, 14));
+ EXPECT_EQ(two_chars_truncated,
+ LocalAuth::TruncateStringByBits(three_chars, 14));
+}
« no previous file with comments | « chrome/browser/signin/local_auth.cc ('k') | chrome/browser/signin/signin_manager_factory.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698