Home | History | Annotate | Download | only in login_OwnershipNotRetaken 
      1 # Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
      2 # Use of this source code is governed by a BSD-style license that can be
      3 # found in the LICENSE file.
      4 
      5 import gobject, hashlib, os
      6 from dbus.mainloop.glib import DBusGMainLoop
      7 
      8 from autotest_lib.client.bin import test
      9 from autotest_lib.client.common_lib import error
     10 from autotest_lib.client.common_lib.cros import chrome, session_manager
     11 from autotest_lib.client.cros import constants, cryptohome, ownership
     12 
     13 
     14 class login_OwnershipNotRetaken(test.test):
     15     """Subsequent logins after the owner must not clobber the owner's key."""
     16     version = 2
     17 
     18     _TEST_USER = 'example (at] chromium.org'
     19     _TEST_PASS = 'testme'
     20     _TEST_GAIAID = '7583'
     21 
     22 
     23     def initialize(self):
     24         super(login_OwnershipNotRetaken, self).initialize()
     25         # Start clean, wrt ownership and the desired user.
     26         ownership.restart_ui_to_clear_ownership_files()
     27 
     28         bus_loop = DBusGMainLoop(set_as_default=True)
     29         self._cryptohome_proxy = cryptohome.CryptohomeProxy(bus_loop)
     30 
     31 
     32     def run_once(self):
     33         listener = session_manager.OwnershipSignalListener(gobject.MainLoop())
     34         listener.listen_for_new_key_and_policy()
     35         # Sign in. Sign out happens automatically when cr goes out of scope.
     36         with chrome.Chrome(clear_enterprise_policy=False) as cr:
     37             listener.wait_for_signals(desc='Owner settings written to disk.')
     38 
     39         key = open(constants.OWNER_KEY_FILE, 'rb')
     40         hash = hashlib.md5(key.read())
     41         key.close()
     42         mtime = os.stat(constants.OWNER_KEY_FILE).st_mtime
     43 
     44         # Sign in/sign out as a second user.
     45         with chrome.Chrome(clear_enterprise_policy=False,
     46                            username=self._TEST_USER,
     47                            password=self._TEST_PASS,
     48                            gaia_id=self._TEST_GAIAID) as cr:
     49             pass
     50 
     51         # Checking mtime to see if key file was touched during second sign in.
     52         if os.stat(constants.OWNER_KEY_FILE).st_mtime > mtime:
     53             raise error.TestFail("Owner key was touched on second login!")
     54 
     55         # Sanity check.
     56         key2 = open(constants.OWNER_KEY_FILE, 'rb')
     57         hash2 = hashlib.md5(key2.read())
     58         key2.close()
     59         if hash.hexdigest() != hash2.hexdigest():
     60             raise error.TestFail("Owner key was touched on second login!")
     61 
     62 
     63     def cleanup(self):
     64         self._cryptohome_proxy.remove(self._TEST_USER)
     65         super(login_OwnershipNotRetaken, self).cleanup()
     66