File: local_auth_unittest.cc

package info (click to toggle)
chromium-browser 41.0.2272.118-1
  • links: PTS, VCS
  • area: main
  • in suites: jessie-kfreebsd
  • size: 2,189,132 kB
  • sloc: cpp: 9,691,462; ansic: 3,341,451; python: 712,689; asm: 518,779; xml: 208,926; java: 169,820; sh: 119,353; perl: 68,907; makefile: 28,311; yacc: 13,305; objc: 11,385; tcl: 3,186; cs: 2,225; sql: 2,217; lex: 2,215; lisp: 1,349; pascal: 1,256; awk: 407; ruby: 155; sed: 53; php: 14; exp: 11
file content (115 lines) | stat: -rw-r--r-- 4,553 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
 
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "chrome/browser/signin/local_auth.h"

#include "base/base64.h"
#include "base/prefs/pref_service.h"
#include "chrome/browser/profiles/profile_manager.h"
#include "chrome/test/base/testing_browser_process.h"
#include "chrome/test/base/testing_pref_service_syncable.h"
#include "chrome/test/base/testing_profile.h"
#include "chrome/test/base/testing_profile_manager.h"
#include "components/os_crypt/os_crypt.h"

#include "testing/gtest/include/gtest/gtest.h"

TEST(LocalAuthTest, SetAndCheckCredentials) {
  TestingProfileManager testing_profile_manager(
      TestingBrowserProcess::GetGlobal());
  ASSERT_TRUE(testing_profile_manager.SetUp());
  Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
  ProfileInfoCache& cache =
      testing_profile_manager.profile_manager()->GetProfileInfoCache();
  EXPECT_EQ(1U, cache.GetNumberOfProfiles());
  EXPECT_EQ("", cache.GetLocalAuthCredentialsOfProfileAtIndex(0));

#if defined(OS_MACOSX)
  OSCrypt::UseMockKeychain(true);
#endif

  std::string password("Some Password");
  EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password));

  LocalAuth::SetLocalAuthCredentials(prof, password);
  std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0);

  // We perform basic validation on the written record to ensure bugs don't slip
  // in that cannot be seen from the API:
  //  - The encoding exists (we can guarantee future backward compatibility).
  //  - The plaintext version of the password is not mistakenly stored anywhere.
  EXPECT_FALSE(passhash.empty());
  EXPECT_EQ('2', passhash[0]);
  EXPECT_EQ(passhash.find(password), std::string::npos);

  std::string decodedhash;
  base::Base64Decode(passhash.substr(1), &decodedhash);
  EXPECT_FALSE(decodedhash.empty());
  EXPECT_EQ(decodedhash.find(password), std::string::npos);

  EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
  EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password + "1"));

  LocalAuth::SetLocalAuthCredentials(prof, password);  // makes different salt
  EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
}


TEST(LocalAuthTest, SetUpgradeAndCheckCredentials) {
  TestingProfileManager testing_profile_manager(
      TestingBrowserProcess::GetGlobal());
  ASSERT_TRUE(testing_profile_manager.SetUp());
  Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
  ProfileInfoCache& cache =
      testing_profile_manager.profile_manager()->GetProfileInfoCache();

#if defined(OS_MACOSX)
  OSCrypt::UseMockKeychain(true);
#endif

  std::string password("Some Password");
  size_t profile_index = cache.GetIndexOfProfileWithPath(prof->GetPath());
  LocalAuth::SetLocalAuthCredentialsWithEncoding(profile_index, password, '1');

  // Ensure we indeed persisted the correct encoding.
  std::string oldpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex(
      profile_index);
  EXPECT_EQ('1', oldpasshash[0]);

  // Validate, ensure we can validate against the old encoding.
  EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));

  // Ensure we updated the encoding.
  std::string newpasshash = cache.GetLocalAuthCredentialsOfProfileAtIndex(
      profile_index);
  EXPECT_EQ('2', newpasshash[0]);
  // Encoding '2' writes fewer bytes than encoding '1'.
  EXPECT_LE(newpasshash.length(), oldpasshash.length());

  // Validate, ensure we validate against the new encoding.
  EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
}

// Test truncation where each byte is left whole.
TEST(LocalAuthTest, TruncateStringEvenly) {
  std::string two_chars = "A6";
  std::string three_chars = "A6C";
  EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 16));
  EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 16));

  EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 14));
  EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 14));
}

// Test truncation that affects the results within a byte.
TEST(LocalAuthTest, TruncateStringUnevenly) {
  std::string two_chars = "Az";
  std::string three_chars = "AzC";
  // 'z' = 0x7A, ':' = 0x3A.
  std::string two_chars_truncated = "A:";
  EXPECT_EQ(two_chars_truncated,
      LocalAuth::TruncateStringByBits(two_chars, 14));
  EXPECT_EQ(two_chars_truncated,
      LocalAuth::TruncateStringByBits(three_chars, 14));
}