PageRenderTime 101ms CodeModel.GetById 35ms RepoModel.GetById 0ms app.codeStats 0ms

/ash/services/device_sync/cryptauth_key_registry_impl_unittest.cc

https://github.com/chromium/chromium
C++ | 276 lines | 218 code | 52 blank | 6 comment | 0 complexity | 64a46cf22f89c7e94426ec4459c7490a MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, Apache-2.0, BSD-3-Clause
  1. // Copyright 2019 The Chromium Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style license that can be
  3. // found in the LICENSE file.
  4. #include "ash/services/device_sync/cryptauth_key_registry_impl.h"
  5. #include "ash/services/device_sync/cryptauth_enrollment_constants.h"
  6. #include "ash/services/device_sync/pref_names.h"
  7. #include "base/containers/contains.h"
  8. #include "components/prefs/testing_pref_service.h"
  9. #include "testing/gtest/include/gtest/gtest.h"
  10. namespace ash {
  11. namespace device_sync {
  12. class DeviceSyncCryptAuthKeyRegistryImplTest : public testing::Test {
  13. public:
  14. DeviceSyncCryptAuthKeyRegistryImplTest(
  15. const DeviceSyncCryptAuthKeyRegistryImplTest&) = delete;
  16. DeviceSyncCryptAuthKeyRegistryImplTest& operator=(
  17. const DeviceSyncCryptAuthKeyRegistryImplTest&) = delete;
  18. protected:
  19. DeviceSyncCryptAuthKeyRegistryImplTest() = default;
  20. ~DeviceSyncCryptAuthKeyRegistryImplTest() override = default;
  21. void SetUp() override {
  22. CryptAuthKeyRegistryImpl::RegisterPrefs(pref_service_.registry());
  23. key_registry_ = CryptAuthKeyRegistryImpl::Factory::Create(&pref_service_);
  24. }
  25. // Verify that changing the in-memory key bundle map updates the pref.
  26. void VerifyPrefValue(const base::Value& expected_dict) {
  27. const base::Value* dict =
  28. pref_service_.GetDictionary(prefs::kCryptAuthKeyRegistry);
  29. ASSERT_TRUE(dict);
  30. EXPECT_EQ(expected_dict, *dict);
  31. }
  32. PrefService* pref_service() { return &pref_service_; }
  33. CryptAuthKeyRegistry* key_registry() { return key_registry_.get(); }
  34. private:
  35. TestingPrefServiceSimple pref_service_;
  36. std::unique_ptr<CryptAuthKeyRegistry> key_registry_;
  37. };
  38. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest, GetActiveKey_NoActiveKey) {
  39. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kInactive,
  40. cryptauthv2::KeyType::RAW256, "sym-handle");
  41. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  42. EXPECT_FALSE(key_registry()->GetActiveKey(
  43. CryptAuthKeyBundle::Name::kLegacyAuthzenKey));
  44. }
  45. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest, GetActiveKey) {
  46. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kInactive,
  47. cryptauthv2::KeyType::RAW256, "sym-handle");
  48. CryptAuthKey asym_key("public-key", "private-key",
  49. CryptAuthKey::Status::kActive,
  50. cryptauthv2::KeyType::P256, "asym-handle");
  51. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  52. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, asym_key);
  53. const CryptAuthKey* key =
  54. key_registry()->GetActiveKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  55. ASSERT_TRUE(key);
  56. EXPECT_EQ(asym_key, *key);
  57. }
  58. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest, AddKey) {
  59. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kActive,
  60. cryptauthv2::KeyType::RAW256, "sym-handle");
  61. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  62. const CryptAuthKeyBundle* key_bundle =
  63. key_registry()->GetKeyBundle(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  64. ASSERT_TRUE(key_bundle);
  65. const CryptAuthKey* active_key =
  66. key_registry()->GetActiveKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  67. ASSERT_TRUE(active_key);
  68. EXPECT_EQ(sym_key, *active_key);
  69. CryptAuthKeyBundle expected_bundle(
  70. CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  71. expected_bundle.AddKey(sym_key);
  72. EXPECT_EQ(expected_bundle, *key_bundle);
  73. base::Value expected_dict(base::Value::Type::DICTIONARY);
  74. expected_dict.SetKey(
  75. CryptAuthKeyBundle::KeyBundleNameEnumToString(expected_bundle.name()),
  76. expected_bundle.AsDictionary());
  77. VerifyPrefValue(expected_dict);
  78. // Add another key to same bundle
  79. CryptAuthKey asym_key("public-key", "private-key",
  80. CryptAuthKey::Status::kActive,
  81. cryptauthv2::KeyType::P256, "asym-handle");
  82. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, asym_key);
  83. expected_bundle.AddKey(asym_key);
  84. EXPECT_EQ(expected_bundle, *key_bundle);
  85. active_key =
  86. key_registry()->GetActiveKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  87. ASSERT_TRUE(active_key);
  88. EXPECT_EQ(asym_key, *active_key);
  89. expected_dict.SetKey(
  90. CryptAuthKeyBundle::KeyBundleNameEnumToString(expected_bundle.name()),
  91. expected_bundle.AsDictionary());
  92. VerifyPrefValue(expected_dict);
  93. }
  94. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest, SetActiveKey) {
  95. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kInactive,
  96. cryptauthv2::KeyType::RAW256, "sym-handle");
  97. CryptAuthKey asym_key("public-key", "private-key",
  98. CryptAuthKey::Status::kActive,
  99. cryptauthv2::KeyType::P256, "asym-handle");
  100. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  101. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, asym_key);
  102. key_registry()->SetActiveKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey,
  103. "sym-handle");
  104. const CryptAuthKey* key =
  105. key_registry()->GetActiveKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  106. EXPECT_TRUE(key);
  107. sym_key.set_status(CryptAuthKey::Status::kActive);
  108. EXPECT_EQ(sym_key, *key);
  109. CryptAuthKeyBundle expected_bundle(
  110. CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  111. expected_bundle.AddKey(sym_key);
  112. asym_key.set_status(CryptAuthKey::Status::kInactive);
  113. expected_bundle.AddKey(asym_key);
  114. base::Value expected_dict(base::Value::Type::DICTIONARY);
  115. expected_dict.SetKey(
  116. CryptAuthKeyBundle::KeyBundleNameEnumToString(expected_bundle.name()),
  117. expected_bundle.AsDictionary());
  118. VerifyPrefValue(expected_dict);
  119. }
  120. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest, DeactivateKeys) {
  121. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kInactive,
  122. cryptauthv2::KeyType::RAW256, "sym-handle");
  123. CryptAuthKey asym_key("public-key", "private-key",
  124. CryptAuthKey::Status::kActive,
  125. cryptauthv2::KeyType::P256, "asym-handle");
  126. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  127. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, asym_key);
  128. key_registry()->DeactivateKeys(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  129. EXPECT_FALSE(key_registry()->GetActiveKey(
  130. CryptAuthKeyBundle::Name::kLegacyAuthzenKey));
  131. CryptAuthKeyBundle expected_bundle(
  132. CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  133. expected_bundle.AddKey(sym_key);
  134. asym_key.set_status(CryptAuthKey::Status::kInactive);
  135. expected_bundle.AddKey(asym_key);
  136. base::Value expected_dict(base::Value::Type::DICTIONARY);
  137. expected_dict.SetKey(
  138. CryptAuthKeyBundle::KeyBundleNameEnumToString(expected_bundle.name()),
  139. expected_bundle.AsDictionary());
  140. VerifyPrefValue(expected_dict);
  141. }
  142. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest, DeleteKey) {
  143. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kInactive,
  144. cryptauthv2::KeyType::RAW256, "sym-handle");
  145. CryptAuthKey asym_key("public-key", "private-key",
  146. CryptAuthKey::Status::kActive,
  147. cryptauthv2::KeyType::P256, "asym-handle");
  148. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  149. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, asym_key);
  150. key_registry()->DeleteKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey,
  151. "sym-handle");
  152. const CryptAuthKeyBundle* key_bundle =
  153. key_registry()->GetKeyBundle(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  154. ASSERT_TRUE(key_bundle);
  155. EXPECT_FALSE(base::Contains(key_bundle->handle_to_key_map(), "sym-handle"));
  156. EXPECT_TRUE(base::Contains(key_bundle->handle_to_key_map(), "asym-handle"));
  157. CryptAuthKeyBundle expected_bundle(
  158. CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  159. expected_bundle.AddKey(asym_key);
  160. base::Value expected_dict(base::Value::Type::DICTIONARY);
  161. expected_dict.SetKey(
  162. CryptAuthKeyBundle::KeyBundleNameEnumToString(expected_bundle.name()),
  163. expected_bundle.AsDictionary());
  164. VerifyPrefValue(expected_dict);
  165. }
  166. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest, SetKeyDirective) {
  167. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kInactive,
  168. cryptauthv2::KeyType::RAW256, "sym-handle");
  169. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  170. cryptauthv2::KeyDirective key_directive;
  171. key_directive.set_enroll_time_millis(1000);
  172. key_registry()->SetKeyDirective(CryptAuthKeyBundle::Name::kLegacyAuthzenKey,
  173. key_directive);
  174. const CryptAuthKeyBundle* key_bundle =
  175. key_registry()->GetKeyBundle(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  176. ASSERT_TRUE(key_bundle);
  177. EXPECT_TRUE(key_bundle->key_directive());
  178. EXPECT_EQ(key_directive.SerializeAsString(),
  179. key_bundle->key_directive()->SerializeAsString());
  180. CryptAuthKeyBundle expected_bundle(
  181. CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  182. expected_bundle.AddKey(sym_key);
  183. expected_bundle.set_key_directive(key_directive);
  184. base::Value expected_dict(base::Value::Type::DICTIONARY);
  185. expected_dict.SetKey(
  186. CryptAuthKeyBundle::KeyBundleNameEnumToString(expected_bundle.name()),
  187. expected_bundle.AsDictionary());
  188. VerifyPrefValue(expected_dict);
  189. }
  190. TEST_F(DeviceSyncCryptAuthKeyRegistryImplTest,
  191. ConstructorPopulatesBundlesUsingPref) {
  192. CryptAuthKey asym_key(
  193. "public-key", "private-key", CryptAuthKey::Status::kActive,
  194. cryptauthv2::KeyType::P256, kCryptAuthFixedUserKeyPairHandle);
  195. key_registry()->AddKey(CryptAuthKeyBundle::Name::kUserKeyPair, asym_key);
  196. CryptAuthKey sym_key("symmetric-key", CryptAuthKey::Status::kActive,
  197. cryptauthv2::KeyType::RAW256, "sym-handle");
  198. cryptauthv2::KeyDirective key_directive;
  199. key_directive.set_enroll_time_millis(1000);
  200. key_registry()->AddKey(CryptAuthKeyBundle::Name::kLegacyAuthzenKey, sym_key);
  201. key_registry()->SetKeyDirective(CryptAuthKeyBundle::Name::kLegacyAuthzenKey,
  202. key_directive);
  203. // A new registry using the same pref service that was just written.
  204. std::unique_ptr<CryptAuthKeyRegistry> new_registry =
  205. CryptAuthKeyRegistryImpl::Factory::Create(pref_service());
  206. EXPECT_EQ(2u, new_registry->key_bundles().size());
  207. const CryptAuthKeyBundle* key_bundle_user_key_pair =
  208. key_registry()->GetKeyBundle(CryptAuthKeyBundle::Name::kUserKeyPair);
  209. ASSERT_TRUE(key_bundle_user_key_pair);
  210. CryptAuthKeyBundle expected_bundle_user_key_pair(
  211. CryptAuthKeyBundle::Name::kUserKeyPair);
  212. expected_bundle_user_key_pair.AddKey(asym_key);
  213. EXPECT_EQ(expected_bundle_user_key_pair, *key_bundle_user_key_pair);
  214. const CryptAuthKeyBundle* key_bundle_legacy_authzen_key =
  215. key_registry()->GetKeyBundle(CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  216. ASSERT_TRUE(key_bundle_legacy_authzen_key);
  217. CryptAuthKeyBundle expected_bundle_legacy_authzen_key(
  218. CryptAuthKeyBundle::Name::kLegacyAuthzenKey);
  219. expected_bundle_legacy_authzen_key.AddKey(sym_key);
  220. expected_bundle_legacy_authzen_key.set_key_directive(key_directive);
  221. EXPECT_EQ(expected_bundle_legacy_authzen_key, *key_bundle_legacy_authzen_key);
  222. }
  223. } // namespace device_sync
  224. } // namespace ash