Home | History | Annotate | Download | only in signin 
      1 // Copyright 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "chrome/browser/signin/local_auth.h"
      6 
      7 #include "base/base64.h"
      8 #include "base/prefs/pref_service.h"
      9 #include "chrome/browser/profiles/profile_manager.h"
     10 #include "chrome/common/pref_names.h"
     11 #include "chrome/test/base/testing_browser_process.h"
     12 #include "chrome/test/base/testing_pref_service_syncable.h"
     13 #include "chrome/test/base/testing_profile.h"
     14 #include "chrome/test/base/testing_profile_manager.h"
     15 #include "components/os_crypt/os_crypt.h"
     16 
     17 #include "testing/gtest/include/gtest/gtest.h"
     18 
     19 using namespace chrome;
     20 
     21 TEST(LocalAuthTest, SetAndCheckCredentials) {
     22   TestingProfileManager testing_profile_manager(
     23       TestingBrowserProcess::GetGlobal());
     24   ASSERT_TRUE(testing_profile_manager.SetUp());
     25   Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
     26   ProfileInfoCache& cache =
     27       testing_profile_manager.profile_manager()->GetProfileInfoCache();
     28   EXPECT_EQ(1U, cache.GetNumberOfProfiles());
     29   EXPECT_EQ("", cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
     30 
     31 #if defined(OS_MACOSX)
     32   OSCrypt::UseMockKeychain(true);
     33 #endif
     34 
     35   std::string password("Some Password");
     36   EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password));
     37 
     38   SetLocalAuthCredentials(prof, password);
     39   std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0);
     40 
     41   // We perform basic validation on the written record to ensure bugs don't slip
     42   // in that cannot be seen from the API:
     43   //  - The encoding exists (we can guarantee future backward compatibility).
     44   //  - The plaintext version of the password is not mistakenly stored anywhere.
     45   EXPECT_FALSE(passhash.empty());
     46   EXPECT_EQ('1', passhash[0]);
     47   EXPECT_EQ(passhash.find(password), std::string::npos);
     48 
     49   std::string decodedhash;
     50   base::Base64Decode(passhash.substr(1), &decodedhash);
     51   EXPECT_FALSE(decodedhash.empty());
     52   EXPECT_EQ(decodedhash.find(password), std::string::npos);
     53 
     54   EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password));
     55   EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password + "1"));
     56 
     57   SetLocalAuthCredentials(prof, password);  // makes different salt
     58   EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
     59 }
     60