chrome/browser/signin/local_auth_unittest.cc - chromium/src - Git at Google

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "chrome/browser/signin/local_auth.h"

 #include <stddef.h>

 #include "base/base64.h"
 #include "build/build_config.h"
 #include "chrome/browser/profiles/profile_attributes_entry.h"
 #include "chrome/browser/profiles/profile_attributes_storage.h"
 #include "chrome/test/base/testing_browser_process.h"
 #include "chrome/test/base/testing_profile.h"
 #include "chrome/test/base/testing_profile_manager.h"
 #include "components/os_crypt/os_crypt_mocker.h"
 #include "components/prefs/pref_service.h"
 #include "components/sync_preferences/testing_pref_service_syncable.h"
 #include "content/public/test/test_browser_thread_bundle.h"

 #include "testing/gtest/include/gtest/gtest.h"

 class LocalAuthTest : public testing::Test {
  public:
   LocalAuthTest() { OSCryptMocker::SetUp(); }

   ~LocalAuthTest() override { OSCryptMocker::TearDown(); }

  private:
   content::TestBrowserThreadBundle thread_bundle_;
 };

 TEST_F(LocalAuthTest, SetAndCheckCredentials) {
   TestingProfileManager testing_profile_manager(
       TestingBrowserProcess::GetGlobal());
   ASSERT_TRUE(testing_profile_manager.SetUp());
   Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
   ProfileAttributesEntry* entry;
   ASSERT_TRUE(testing_profile_manager.profile_attributes_storage()->
       GetProfileAttributesWithPath(prof->GetPath(), &entry));
   EXPECT_EQ("", entry->GetLocalAuthCredentials());

   std::string password("Some Password");
   EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password));

   LocalAuth::SetLocalAuthCredentials(prof, password);
   std::string passhash = entry->GetLocalAuthCredentials();

   // We perform basic validation on the written record to ensure bugs don't slip
   // in that cannot be seen from the API:
   //  - The encoding exists (we can guarantee future backward compatibility).
   //  - The plaintext version of the password is not mistakenly stored anywhere.
   EXPECT_FALSE(passhash.empty());
   EXPECT_EQ('2', passhash[0]);
   EXPECT_EQ(passhash.find(password), std::string::npos);

   std::string decodedhash;
   base::Base64Decode(passhash.substr(1), &decodedhash);
   EXPECT_FALSE(decodedhash.empty());
   EXPECT_EQ(decodedhash.find(password), std::string::npos);

   EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
   EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password + "1"));

   LocalAuth::SetLocalAuthCredentials(prof, password);  // makes different salt
   EXPECT_NE(passhash, entry->GetLocalAuthCredentials());
 }

 TEST_F(LocalAuthTest, SetUpgradeAndCheckCredentials) {
   TestingProfileManager testing_profile_manager(
       TestingBrowserProcess::GetGlobal());
   ASSERT_TRUE(testing_profile_manager.SetUp());
   Profile* prof = testing_profile_manager.CreateTestingProfile("p1");

   std::string password("Some Password");
   ProfileAttributesEntry* entry;
   ASSERT_TRUE(testing_profile_manager.profile_attributes_storage()->
       GetProfileAttributesWithPath(prof->GetPath(), &entry));
   LocalAuth::SetLocalAuthCredentialsWithEncoding(entry, password, '1');

   // Ensure we indeed persisted the correct encoding.
   std::string oldpasshash = entry->GetLocalAuthCredentials();
   EXPECT_EQ('1', oldpasshash[0]);

   // Validate, ensure we can validate against the old encoding.
   EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));

   // Ensure we updated the encoding.
   std::string newpasshash = entry->GetLocalAuthCredentials();
   EXPECT_EQ('2', newpasshash[0]);
   // Encoding '2' writes fewer bytes than encoding '1'.
   EXPECT_LE(newpasshash.length(), oldpasshash.length());

   // Validate, ensure we validate against the new encoding.
   EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
 }

 // Test truncation where each byte is left whole.
 TEST_F(LocalAuthTest, TruncateStringEvenly) {
   std::string two_chars = "A6";
   std::string three_chars = "A6C";
   EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 16));
   EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 16));

   EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 14));
   EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 14));
 }

 // Test truncation that affects the results within a byte.
 TEST_F(LocalAuthTest, TruncateStringUnevenly) {
   std::string two_chars = "Az";
   std::string three_chars = "AzC";
   // 'z' = 0x7A, ':' = 0x3A.
   std::string two_chars_truncated = "A:";
   EXPECT_EQ(two_chars_truncated,
       LocalAuth::TruncateStringByBits(two_chars, 14));
   EXPECT_EQ(two_chars_truncated,
       LocalAuth::TruncateStringByBits(three_chars, 14));
 }
	// Copyright 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "chrome/browser/signin/local_auth.h"

	#include <stddef.h>

	#include "base/base64.h"
	#include "build/build_config.h"
	#include "chrome/browser/profiles/profile_attributes_entry.h"
	#include "chrome/browser/profiles/profile_attributes_storage.h"
	#include "chrome/test/base/testing_browser_process.h"
	#include "chrome/test/base/testing_profile.h"
	#include "chrome/test/base/testing_profile_manager.h"
	#include "components/os_crypt/os_crypt_mocker.h"
	#include "components/prefs/pref_service.h"
	#include "components/sync_preferences/testing_pref_service_syncable.h"
	#include "content/public/test/test_browser_thread_bundle.h"

	#include "testing/gtest/include/gtest/gtest.h"

	class LocalAuthTest : public testing::Test {
	public:
	LocalAuthTest() { OSCryptMocker::SetUp(); }

	~LocalAuthTest() override { OSCryptMocker::TearDown(); }

	private:
	content::TestBrowserThreadBundle thread_bundle_;
	};

	TEST_F(LocalAuthTest, SetAndCheckCredentials) {
	TestingProfileManager testing_profile_manager(
	TestingBrowserProcess::GetGlobal());
	ASSERT_TRUE(testing_profile_manager.SetUp());
	Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
	ProfileAttributesEntry* entry;
	ASSERT_TRUE(testing_profile_manager.profile_attributes_storage()->
	GetProfileAttributesWithPath(prof->GetPath(), &entry));
	EXPECT_EQ("", entry->GetLocalAuthCredentials());

	std::string password("Some Password");
	EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password));

	LocalAuth::SetLocalAuthCredentials(prof, password);
	std::string passhash = entry->GetLocalAuthCredentials();

	// We perform basic validation on the written record to ensure bugs don't slip
	// in that cannot be seen from the API:
	// - The encoding exists (we can guarantee future backward compatibility).
	// - The plaintext version of the password is not mistakenly stored anywhere.
	EXPECT_FALSE(passhash.empty());
	EXPECT_EQ('2', passhash[0]);
	EXPECT_EQ(passhash.find(password), std::string::npos);

	std::string decodedhash;
	base::Base64Decode(passhash.substr(1), &decodedhash);
	EXPECT_FALSE(decodedhash.empty());
	EXPECT_EQ(decodedhash.find(password), std::string::npos);

	EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
	EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof, password + "1"));

	LocalAuth::SetLocalAuthCredentials(prof, password); // makes different salt
	EXPECT_NE(passhash, entry->GetLocalAuthCredentials());
	}

	TEST_F(LocalAuthTest, SetUpgradeAndCheckCredentials) {
	TestingProfileManager testing_profile_manager(
	TestingBrowserProcess::GetGlobal());
	ASSERT_TRUE(testing_profile_manager.SetUp());
	Profile* prof = testing_profile_manager.CreateTestingProfile("p1");

	std::string password("Some Password");
	ProfileAttributesEntry* entry;
	ASSERT_TRUE(testing_profile_manager.profile_attributes_storage()->
	GetProfileAttributesWithPath(prof->GetPath(), &entry));
	LocalAuth::SetLocalAuthCredentialsWithEncoding(entry, password, '1');

	// Ensure we indeed persisted the correct encoding.
	std::string oldpasshash = entry->GetLocalAuthCredentials();
	EXPECT_EQ('1', oldpasshash[0]);

	// Validate, ensure we can validate against the old encoding.
	EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));

	// Ensure we updated the encoding.
	std::string newpasshash = entry->GetLocalAuthCredentials();
	EXPECT_EQ('2', newpasshash[0]);
	// Encoding '2' writes fewer bytes than encoding '1'.
	EXPECT_LE(newpasshash.length(), oldpasshash.length());

	// Validate, ensure we validate against the new encoding.
	EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof, password));
	}

	// Test truncation where each byte is left whole.
	TEST_F(LocalAuthTest, TruncateStringEvenly) {
	std::string two_chars = "A6";
	std::string three_chars = "A6C";
	EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 16));
	EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 16));

	EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(two_chars, 14));
	EXPECT_EQ(two_chars, LocalAuth::TruncateStringByBits(three_chars, 14));
	}

	// Test truncation that affects the results within a byte.
	TEST_F(LocalAuthTest, TruncateStringUnevenly) {
	std::string two_chars = "Az";
	std::string three_chars = "AzC";
	// 'z' = 0x7A, ':' = 0x3A.
	std::string two_chars_truncated = "A:";
	EXPECT_EQ(two_chars_truncated,
	LocalAuth::TruncateStringByBits(two_chars, 14));
	EXPECT_EQ(two_chars_truncated,
	LocalAuth::TruncateStringByBits(three_chars, 14));
	}