chromeos/cryptohome/cryptohome_util_unittest.cc - chromium/src.git - Git at Google

 // Copyright 2018 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "chromeos/cryptohome/cryptohome_util.h"

 #include <string>

 #include "base/optional.h"
 #include "chromeos/cryptohome/cryptohome_parameters.h"
 #include "chromeos/dbus/cryptohome/key.pb.h"
 #include "chromeos/dbus/cryptohome/rpc.pb.h"
 #include "testing/gtest/include/gtest/gtest.h"

 namespace cryptohome {

 TEST(CryptohomeUtilTest, CreateAuthorizationRequestEmptyLabel) {
   const std::string kExpectedSecret = "secret";

   const AuthorizationRequest auth_request =
       CreateAuthorizationRequest(std::string(), kExpectedSecret);

   EXPECT_FALSE(auth_request.key().data().has_label());
   EXPECT_EQ(auth_request.key().secret(), kExpectedSecret);
 }

 TEST(CryptohomeUtilTest, CreateAuthorizationRequestWithLabel) {
   const std::string kExpectedLabel = "some_label";
   const std::string kExpectedSecret = "some_secret";

   const AuthorizationRequest auth_request =
       CreateAuthorizationRequest(kExpectedLabel, kExpectedSecret);

   EXPECT_EQ(auth_request.key().data().label(), kExpectedLabel);
   EXPECT_EQ(auth_request.key().secret(), kExpectedSecret);
 }

 TEST(CryptohomeUtilTest, BaseReplyToMountErrorNullOptional) {
   const base::Optional<BaseReply> reply = base::nullopt;

   MountError actual_error = BaseReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
 }

 TEST(CryptohomeUtilTest, BaseReplyToMountErrorEmptyReply) {
   const base::Optional<BaseReply> reply(base::in_place);

   MountError actual_error = BaseReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_NONE);
 }

 TEST(CryptohomeUtilTest, BaseReplyToMountErrorNoError) {
   BaseReply result;
   result.set_error(CRYPTOHOME_ERROR_NOT_SET);
   const base::Optional<BaseReply> reply = std::move(result);

   MountError actual_error = BaseReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_NONE);
 }

 TEST(CryptohomeUtilTest, BaseReplyToMountErrorAuthFailure) {
   BaseReply result;
   result.set_error(CRYPTOHOME_ERROR_AUTHORIZATION_KEY_NOT_FOUND);
   const base::Optional<BaseReply> reply = std::move(result);

   MountError actual_error = BaseReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_KEY_FAILURE);
 }

 TEST(CryptohomeUtilTest, MountExReplyToMountErrorNullOptional) {
   const base::Optional<BaseReply> reply = base::nullopt;

   MountError actual_error = MountExReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
 }

 TEST(CryptohomeUtilTest, MountExReplyToMountErrorEmptyReply) {
   BaseReply result;
   const base::Optional<BaseReply> reply = std::move(result);

   MountError actual_error = MountExReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
 }

 TEST(CryptohomeUtilTest, MountExReplyToMountErrorNoExtension) {
   BaseReply result;
   result.set_error(CRYPTOHOME_ERROR_NOT_SET);
   const base::Optional<BaseReply> reply = std::move(result);

   MountError actual_error = MountExReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
 }

 TEST(CryptohomeUtilTest, MountExReplyToMountErrorNoError) {
   BaseReply result;
   result.set_error(CRYPTOHOME_ERROR_NOT_SET);
   result.MutableExtension(MountReply::reply);
   const base::Optional<BaseReply> reply = std::move(result);

   MountError actual_error = MountExReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_NONE);
 }

 TEST(CryptohomeUtilTest, MountExReplyToMountErrorAuthFailure) {
   BaseReply result;
   result.set_error(CRYPTOHOME_ERROR_AUTHORIZATION_KEY_NOT_FOUND);
   result.MutableExtension(MountReply::reply);
   const base::Optional<BaseReply> reply = std::move(result);

   MountError actual_error = MountExReplyToMountError(reply);

   EXPECT_EQ(actual_error, MOUNT_ERROR_KEY_FAILURE);
 }

 TEST(CryptohomeUtilTest, MountExReplyToMountHash) {
   const std::string expected_hash = "username";
   BaseReply result;
   result.set_error(CRYPTOHOME_ERROR_NOT_SET);
   MountReply* mount = result.MutableExtension(MountReply::reply);
   mount->set_sanitized_username(expected_hash);

   const std::string actual_hash = MountExReplyToMountHash(result);

   EXPECT_EQ(actual_hash, expected_hash);
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyType) {
   Key key;

   KeyDefinitionToKey(KeyDefinition(), &key);

   EXPECT_EQ(key.data().type(), KeyData::KEY_TYPE_PASSWORD);
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeySecret) {
   const std::string kExpectedSecret = "my_dog_ate_my_homework";
   KeyDefinition key_def;
   key_def.secret = kExpectedSecret;
   Key key;

   KeyDefinitionToKey(key_def, &key);

   EXPECT_EQ(key.secret(), kExpectedSecret);
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyLabel) {
   const std::string kExpectedLabel = "millenials hate labels";
   KeyDefinition key_def;
   key_def.label = kExpectedLabel;
   Key key;

   KeyDefinitionToKey(key_def, &key);

   EXPECT_EQ(key.data().label(), kExpectedLabel);
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyNonpositiveRevision) {
   KeyDefinition key_def;
   key_def.revision = -1;
   Key key;

   KeyDefinitionToKey(key_def, &key);

   EXPECT_EQ(key.data().revision(), 0);
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyPositiveRevision) {
   constexpr int kExpectedRevision = 10;
   KeyDefinition key_def;
   key_def.revision = kExpectedRevision;
   Key key;

   KeyDefinitionToKey(key_def, &key);

   EXPECT_EQ(key.data().revision(), kExpectedRevision);
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyDefaultPrivileges) {
   KeyDefinition key_def;
   Key key;

   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();

   EXPECT_TRUE(privileges.mount());
   EXPECT_TRUE(privileges.add());
   EXPECT_TRUE(privileges.remove());
   EXPECT_TRUE(privileges.update());
   EXPECT_FALSE(privileges.authorized_update());
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyMountPrivileges) {
   KeyDefinition key_def;
   key_def.privileges = PRIV_MOUNT;
   Key key;

   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();

   EXPECT_TRUE(privileges.mount());
   EXPECT_FALSE(privileges.add());
   EXPECT_FALSE(privileges.remove());
   EXPECT_FALSE(privileges.update());
   EXPECT_FALSE(privileges.authorized_update());
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyAddPrivileges) {
   KeyDefinition key_def;
   key_def.privileges = PRIV_ADD;
   Key key;

   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();

   EXPECT_FALSE(privileges.mount());
   EXPECT_TRUE(privileges.add());
   EXPECT_FALSE(privileges.remove());
   EXPECT_FALSE(privileges.update());
   EXPECT_FALSE(privileges.authorized_update());
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyRemovePrivileges) {
   KeyDefinition key_def;
   key_def.privileges = PRIV_REMOVE;
   Key key;

   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();

   EXPECT_FALSE(privileges.mount());
   EXPECT_FALSE(privileges.add());
   EXPECT_TRUE(privileges.remove());
   EXPECT_FALSE(privileges.update());
   EXPECT_FALSE(privileges.authorized_update());
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyUpdatePrivileges) {
   KeyDefinition key_def;
   key_def.privileges = PRIV_MIGRATE;
   Key key;

   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();

   EXPECT_FALSE(privileges.mount());
   EXPECT_FALSE(privileges.add());
   EXPECT_FALSE(privileges.remove());
   EXPECT_TRUE(privileges.update());
   EXPECT_FALSE(privileges.authorized_update());
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyAuthorizedUpdatePrivileges) {
   KeyDefinition key_def;
   key_def.privileges = PRIV_AUTHORIZED_UPDATE;
   Key key;

   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();

   EXPECT_FALSE(privileges.mount());
   EXPECT_FALSE(privileges.add());
   EXPECT_FALSE(privileges.remove());
   EXPECT_FALSE(privileges.update());
   EXPECT_TRUE(privileges.authorized_update());
 }

 TEST(CryptohomeUtilTest, KeyDefinitionToKeyAllPrivileges) {
   KeyDefinition key_def;
   key_def.privileges = PRIV_DEFAULT | PRIV_AUTHORIZED_UPDATE;
   Key key;

   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();

   EXPECT_TRUE(privileges.mount());
   EXPECT_TRUE(privileges.add());
   EXPECT_TRUE(privileges.remove());
   EXPECT_TRUE(privileges.update());
   EXPECT_TRUE(privileges.authorized_update());
 }

 TEST(CryptohomeUtilTest, KeyAuthorizationDataToAuthorizationDataHmacSha256) {
   KeyAuthorizationData auth_data_proto;
   auth_data_proto.set_type(
       KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256);
   KeyDefinition::AuthorizationData auth_data;

   KeyAuthorizationDataToAuthorizationData(auth_data_proto, &auth_data);

   EXPECT_EQ(auth_data.type, KeyDefinition::AuthorizationData::TYPE_HMACSHA256);
 }

 TEST(CryptohomeUtilTest, KeyAuthorizationDataToAuthorizationDataAes256Cbc) {
   KeyAuthorizationData auth_data_proto;
   auth_data_proto.set_type(
       KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256);
   KeyDefinition::AuthorizationData auth_data;

   KeyAuthorizationDataToAuthorizationData(auth_data_proto, &auth_data);

   EXPECT_EQ(auth_data.type,
             KeyDefinition::AuthorizationData::TYPE_AES256CBC_HMACSHA256);
 }

 TEST(CryptohomeUtilTest, KeyAuthorizationDataToAuthorizationDataSecret) {
   constexpr bool kEncrypt = true;
   constexpr bool kSign = false;
   constexpr bool kWrapped = true;
   const std::string kSymmetricKey = "symmetric_key";
   const std::string kPublicKey = "public_key";
   KeyAuthorizationData auth_data_proto;
   KeyAuthorizationSecret* secret = auth_data_proto.add_secrets();
   KeyAuthorizationSecretUsage* usage = secret->mutable_usage();
   usage->set_encrypt(kEncrypt);
   usage->set_sign(kSign);
   secret->set_wrapped(kWrapped);
   secret->set_symmetric_key(kSymmetricKey);
   secret->set_public_key(kPublicKey);
   KeyDefinition::AuthorizationData::Secret expected_secret(
       kEncrypt, kSign, kSymmetricKey, kPublicKey, kWrapped);
   KeyDefinition::AuthorizationData auth_data;

   KeyAuthorizationDataToAuthorizationData(auth_data_proto, &auth_data);

   EXPECT_EQ(auth_data.secrets.back(), expected_secret);
 }

 }  // namespace cryptohome
	// Copyright 2018 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "chromeos/cryptohome/cryptohome_util.h"

	#include <string>

	#include "base/optional.h"
	#include "chromeos/cryptohome/cryptohome_parameters.h"
	#include "chromeos/dbus/cryptohome/key.pb.h"
	#include "chromeos/dbus/cryptohome/rpc.pb.h"
	#include "testing/gtest/include/gtest/gtest.h"

	namespace cryptohome {

	TEST(CryptohomeUtilTest, CreateAuthorizationRequestEmptyLabel) {
	const std::string kExpectedSecret = "secret";

	const AuthorizationRequest auth_request =
	CreateAuthorizationRequest(std::string(), kExpectedSecret);

	EXPECT_FALSE(auth_request.key().data().has_label());
	EXPECT_EQ(auth_request.key().secret(), kExpectedSecret);
	}

	TEST(CryptohomeUtilTest, CreateAuthorizationRequestWithLabel) {
	const std::string kExpectedLabel = "some_label";
	const std::string kExpectedSecret = "some_secret";

	const AuthorizationRequest auth_request =
	CreateAuthorizationRequest(kExpectedLabel, kExpectedSecret);

	EXPECT_EQ(auth_request.key().data().label(), kExpectedLabel);
	EXPECT_EQ(auth_request.key().secret(), kExpectedSecret);
	}

	TEST(CryptohomeUtilTest, BaseReplyToMountErrorNullOptional) {
	const base::Optional<BaseReply> reply = base::nullopt;

	MountError actual_error = BaseReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
	}

	TEST(CryptohomeUtilTest, BaseReplyToMountErrorEmptyReply) {
	const base::Optional<BaseReply> reply(base::in_place);

	MountError actual_error = BaseReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_NONE);
	}

	TEST(CryptohomeUtilTest, BaseReplyToMountErrorNoError) {
	BaseReply result;
	result.set_error(CRYPTOHOME_ERROR_NOT_SET);
	const base::Optional<BaseReply> reply = std::move(result);

	MountError actual_error = BaseReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_NONE);
	}

	TEST(CryptohomeUtilTest, BaseReplyToMountErrorAuthFailure) {
	BaseReply result;
	result.set_error(CRYPTOHOME_ERROR_AUTHORIZATION_KEY_NOT_FOUND);
	const base::Optional<BaseReply> reply = std::move(result);

	MountError actual_error = BaseReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_KEY_FAILURE);
	}

	TEST(CryptohomeUtilTest, MountExReplyToMountErrorNullOptional) {
	const base::Optional<BaseReply> reply = base::nullopt;

	MountError actual_error = MountExReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
	}

	TEST(CryptohomeUtilTest, MountExReplyToMountErrorEmptyReply) {
	BaseReply result;
	const base::Optional<BaseReply> reply = std::move(result);

	MountError actual_error = MountExReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
	}

	TEST(CryptohomeUtilTest, MountExReplyToMountErrorNoExtension) {
	BaseReply result;
	result.set_error(CRYPTOHOME_ERROR_NOT_SET);
	const base::Optional<BaseReply> reply = std::move(result);

	MountError actual_error = MountExReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_FATAL);
	}

	TEST(CryptohomeUtilTest, MountExReplyToMountErrorNoError) {
	BaseReply result;
	result.set_error(CRYPTOHOME_ERROR_NOT_SET);
	result.MutableExtension(MountReply::reply);
	const base::Optional<BaseReply> reply = std::move(result);

	MountError actual_error = MountExReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_NONE);
	}

	TEST(CryptohomeUtilTest, MountExReplyToMountErrorAuthFailure) {
	BaseReply result;
	result.set_error(CRYPTOHOME_ERROR_AUTHORIZATION_KEY_NOT_FOUND);
	result.MutableExtension(MountReply::reply);
	const base::Optional<BaseReply> reply = std::move(result);

	MountError actual_error = MountExReplyToMountError(reply);

	EXPECT_EQ(actual_error, MOUNT_ERROR_KEY_FAILURE);
	}

	TEST(CryptohomeUtilTest, MountExReplyToMountHash) {
	const std::string expected_hash = "username";
	BaseReply result;
	result.set_error(CRYPTOHOME_ERROR_NOT_SET);
	MountReply* mount = result.MutableExtension(MountReply::reply);
	mount->set_sanitized_username(expected_hash);

	const std::string actual_hash = MountExReplyToMountHash(result);

	EXPECT_EQ(actual_hash, expected_hash);
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyType) {
	Key key;

	KeyDefinitionToKey(KeyDefinition(), &key);

	EXPECT_EQ(key.data().type(), KeyData::KEY_TYPE_PASSWORD);
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeySecret) {
	const std::string kExpectedSecret = "my_dog_ate_my_homework";
	KeyDefinition key_def;
	key_def.secret = kExpectedSecret;
	Key key;

	KeyDefinitionToKey(key_def, &key);

	EXPECT_EQ(key.secret(), kExpectedSecret);
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyLabel) {
	const std::string kExpectedLabel = "millenials hate labels";
	KeyDefinition key_def;
	key_def.label = kExpectedLabel;
	Key key;

	KeyDefinitionToKey(key_def, &key);

	EXPECT_EQ(key.data().label(), kExpectedLabel);
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyNonpositiveRevision) {
	KeyDefinition key_def;
	key_def.revision = -1;
	Key key;

	KeyDefinitionToKey(key_def, &key);

	EXPECT_EQ(key.data().revision(), 0);
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyPositiveRevision) {
	constexpr int kExpectedRevision = 10;
	KeyDefinition key_def;
	key_def.revision = kExpectedRevision;
	Key key;

	KeyDefinitionToKey(key_def, &key);

	EXPECT_EQ(key.data().revision(), kExpectedRevision);
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyDefaultPrivileges) {
	KeyDefinition key_def;
	Key key;

	KeyDefinitionToKey(key_def, &key);
	KeyPrivileges privileges = key.data().privileges();

	EXPECT_TRUE(privileges.mount());
	EXPECT_TRUE(privileges.add());
	EXPECT_TRUE(privileges.remove());
	EXPECT_TRUE(privileges.update());
	EXPECT_FALSE(privileges.authorized_update());
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyMountPrivileges) {
	KeyDefinition key_def;
	key_def.privileges = PRIV_MOUNT;
	Key key;

	KeyDefinitionToKey(key_def, &key);
	KeyPrivileges privileges = key.data().privileges();

	EXPECT_TRUE(privileges.mount());
	EXPECT_FALSE(privileges.add());
	EXPECT_FALSE(privileges.remove());
	EXPECT_FALSE(privileges.update());
	EXPECT_FALSE(privileges.authorized_update());
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyAddPrivileges) {
	KeyDefinition key_def;
	key_def.privileges = PRIV_ADD;
	Key key;

	KeyDefinitionToKey(key_def, &key);
	KeyPrivileges privileges = key.data().privileges();

	EXPECT_FALSE(privileges.mount());
	EXPECT_TRUE(privileges.add());
	EXPECT_FALSE(privileges.remove());
	EXPECT_FALSE(privileges.update());
	EXPECT_FALSE(privileges.authorized_update());
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyRemovePrivileges) {
	KeyDefinition key_def;
	key_def.privileges = PRIV_REMOVE;
	Key key;

	KeyDefinitionToKey(key_def, &key);
	KeyPrivileges privileges = key.data().privileges();

	EXPECT_FALSE(privileges.mount());
	EXPECT_FALSE(privileges.add());
	EXPECT_TRUE(privileges.remove());
	EXPECT_FALSE(privileges.update());
	EXPECT_FALSE(privileges.authorized_update());
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyUpdatePrivileges) {
	KeyDefinition key_def;
	key_def.privileges = PRIV_MIGRATE;
	Key key;

	KeyDefinitionToKey(key_def, &key);
	KeyPrivileges privileges = key.data().privileges();

	EXPECT_FALSE(privileges.mount());
	EXPECT_FALSE(privileges.add());
	EXPECT_FALSE(privileges.remove());
	EXPECT_TRUE(privileges.update());
	EXPECT_FALSE(privileges.authorized_update());
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyAuthorizedUpdatePrivileges) {
	KeyDefinition key_def;
	key_def.privileges = PRIV_AUTHORIZED_UPDATE;
	Key key;

	KeyDefinitionToKey(key_def, &key);
	KeyPrivileges privileges = key.data().privileges();

	EXPECT_FALSE(privileges.mount());
	EXPECT_FALSE(privileges.add());
	EXPECT_FALSE(privileges.remove());
	EXPECT_FALSE(privileges.update());
	EXPECT_TRUE(privileges.authorized_update());
	}

	TEST(CryptohomeUtilTest, KeyDefinitionToKeyAllPrivileges) {
	KeyDefinition key_def;
	key_def.privileges = PRIV_DEFAULT \| PRIV_AUTHORIZED_UPDATE;
	Key key;

	KeyDefinitionToKey(key_def, &key);
	KeyPrivileges privileges = key.data().privileges();

	EXPECT_TRUE(privileges.mount());
	EXPECT_TRUE(privileges.add());
	EXPECT_TRUE(privileges.remove());
	EXPECT_TRUE(privileges.update());
	EXPECT_TRUE(privileges.authorized_update());
	}

	TEST(CryptohomeUtilTest, KeyAuthorizationDataToAuthorizationDataHmacSha256) {
	KeyAuthorizationData auth_data_proto;
	auth_data_proto.set_type(
	KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_HMACSHA256);
	KeyDefinition::AuthorizationData auth_data;

	KeyAuthorizationDataToAuthorizationData(auth_data_proto, &auth_data);

	EXPECT_EQ(auth_data.type, KeyDefinition::AuthorizationData::TYPE_HMACSHA256);
	}

	TEST(CryptohomeUtilTest, KeyAuthorizationDataToAuthorizationDataAes256Cbc) {
	KeyAuthorizationData auth_data_proto;
	auth_data_proto.set_type(
	KeyAuthorizationData::KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256);
	KeyDefinition::AuthorizationData auth_data;

	KeyAuthorizationDataToAuthorizationData(auth_data_proto, &auth_data);

	EXPECT_EQ(auth_data.type,
	KeyDefinition::AuthorizationData::TYPE_AES256CBC_HMACSHA256);
	}

	TEST(CryptohomeUtilTest, KeyAuthorizationDataToAuthorizationDataSecret) {
	constexpr bool kEncrypt = true;
	constexpr bool kSign = false;
	constexpr bool kWrapped = true;
	const std::string kSymmetricKey = "symmetric_key";
	const std::string kPublicKey = "public_key";
	KeyAuthorizationData auth_data_proto;
	KeyAuthorizationSecret* secret = auth_data_proto.add_secrets();
	KeyAuthorizationSecretUsage* usage = secret->mutable_usage();
	usage->set_encrypt(kEncrypt);
	usage->set_sign(kSign);
	secret->set_wrapped(kWrapped);
	secret->set_symmetric_key(kSymmetricKey);
	secret->set_public_key(kPublicKey);
	KeyDefinition::AuthorizationData::Secret expected_secret(
	kEncrypt, kSign, kSymmetricKey, kPublicKey, kWrapped);
	KeyDefinition::AuthorizationData auth_data;

	KeyAuthorizationDataToAuthorizationData(auth_data_proto, &auth_data);

	EXPECT_EQ(auth_data.secrets.back(), expected_secret);
	}

	} // namespace cryptohome