search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cc: Added inline to Tile::IsReadyToDraw
[chromium-blink-merge.git] / chromeos / attestation / attestation_flow_unittest.cc
blob9622230ac7049248dc1ef03aee0239cce1375cbc
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/bind.h"
6 #include "base/memory/scoped_ptr.h"
7 #include "base/run_loop.h"
8 #include "chromeos/attestation/mock_attestation_flow.h"
9 #include "chromeos/cryptohome/mock_async_method_caller.h"
10 #include "chromeos/dbus/mock_cryptohome_client.h"
11 #include "testing/gmock/include/gmock/gmock.h"
12 #include "testing/gtest/include/gtest/gtest.h"
13
14 using testing::_;
15 using testing::Invoke;
16 using testing::Sequence;
17 using testing::StrictMock;
18 using testing::WithArgs;
19
20 namespace chromeos {
21 namespace attestation {
22
23 namespace {
24
25 void DBusCallbackFalse(const BoolDBusMethodCallback& callback) {
26 base::MessageLoop::current()->PostTask(
27 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, false));
28 }
29
30 void DBusCallbackTrue(const BoolDBusMethodCallback& callback) {
31 base::MessageLoop::current()->PostTask(
32 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true));
33 }
34
35 void DBusCallbackFail(const BoolDBusMethodCallback& callback) {
36 base::MessageLoop::current()->PostTask(
37 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_FAILURE, false));
38 }
39
40 void AsyncCallbackFalse(cryptohome::AsyncMethodCaller::Callback callback) {
41 callback.Run(false, cryptohome::MOUNT_ERROR_NONE);
42 }
43
44 class FakeDBusData {
45 public:
46 explicit FakeDBusData(const std::string& data) : data_(data) {}
47
48 void operator() (const CryptohomeClient::DataMethodCallback& callback) {
49 base::MessageLoop::current()->PostTask(
50 FROM_HERE,
51 base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true, data_));
52 }
53
54 private:
55 std::string data_;
56 };
57
58 } // namespace
59
60 class AttestationFlowTest : public testing::Test {
61 protected:
62 void Run() {
63 base::RunLoop run_loop;
64 run_loop.RunUntilIdle();
65 }
66 base::MessageLoop message_loop_;
67 };
68
69 TEST_F(AttestationFlowTest, GetCertificate) {
70 // Verify the order of calls in a sequence.
71 Sequence flow_order;
72
73 // Use DBusCallbackFalse so the full enrollment flow is triggered.
74 chromeos::MockCryptohomeClient client;
75 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
76 .InSequence(flow_order)
77 .WillRepeatedly(Invoke(DBusCallbackFalse));
78
79 // Use StrictMock when we want to verify invocation frequency.
80 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
81 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE);
82 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_))
83 .Times(1)
84 .InSequence(flow_order);
85
86 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
87 proxy->DeferToFake(true);
88 EXPECT_CALL(*proxy, SendEnrollRequest(
89 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest,
90 _)).Times(1)
91 .InSequence(flow_order);
92
93 std::string fake_enroll_response =
94 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest;
95 fake_enroll_response += "_response";
96 EXPECT_CALL(async_caller, AsyncTpmAttestationEnroll(fake_enroll_response, _))
97 .Times(1)
98 .InSequence(flow_order);
99
100 EXPECT_CALL(
101 async_caller,
102 AsyncTpmAttestationCreateCertRequest(PROFILE_ENTERPRISE_USER_CERTIFICATE,
103 "fake_email", "fake_origin", _))
104 .Times(1)
105 .InSequence(flow_order);
106
107 EXPECT_CALL(*proxy, SendCertificateRequest(
108 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest,
109 _)).Times(1)
110 .InSequence(flow_order);
111
112 std::string fake_cert_response =
113 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest;
114 fake_cert_response += "_response";
115 EXPECT_CALL(async_caller,
116 AsyncTpmAttestationFinishCertRequest(fake_cert_response,
117 KEY_USER,
118 kEnterpriseUserKey,
119 _))
120 .Times(1)
121 .InSequence(flow_order);
122
123 StrictMock<MockObserver> observer;
124 EXPECT_CALL(observer, MockCertificateCallback(
125 true,
126 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert))
127 .Times(1)
128 .InSequence(flow_order);
129 AttestationFlow::CertificateCallback mock_callback = base::Bind(
130 &MockObserver::MockCertificateCallback,
131 base::Unretained(&observer));
132
133 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
134 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
135 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "fake_email",
136 "fake_origin", true, mock_callback);
137 Run();
138 }
139
140 TEST_F(AttestationFlowTest, GetCertificate_NoEK) {
141 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
142 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE);
143 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_))
144 .Times(1);
145
146 chromeos::MockCryptohomeClient client;
147 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
148 .WillRepeatedly(Invoke(DBusCallbackFalse));
149
150 // We're not expecting any server calls in this case; StrictMock will verify.
151 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
152
153 StrictMock<MockObserver> observer;
154 EXPECT_CALL(observer, MockCertificateCallback(false, ""))
155 .Times(1);
156 AttestationFlow::CertificateCallback mock_callback = base::Bind(
157 &MockObserver::MockCertificateCallback,
158 base::Unretained(&observer));
159
160 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
161 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
162 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true,
163 mock_callback);
164 Run();
165 }
166
167 TEST_F(AttestationFlowTest, GetCertificate_EKRejected) {
168 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
169 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE);
170 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_))
171 .Times(1);
172
173 chromeos::MockCryptohomeClient client;
174 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
175 .WillRepeatedly(Invoke(DBusCallbackFalse));
176
177 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
178 proxy->DeferToFake(false);
179 EXPECT_CALL(*proxy, SendEnrollRequest(
180 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest,
181 _)).Times(1);
182
183 StrictMock<MockObserver> observer;
184 EXPECT_CALL(observer, MockCertificateCallback(false, ""))
185 .Times(1);
186 AttestationFlow::CertificateCallback mock_callback = base::Bind(
187 &MockObserver::MockCertificateCallback,
188 base::Unretained(&observer));
189
190 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
191 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
192 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true,
193 mock_callback);
194 Run();
195 }
196
197 TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) {
198 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
199 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE);
200 EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_))
201 .Times(1);
202 std::string fake_enroll_response =
203 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest;
204 fake_enroll_response += "_response";
205 EXPECT_CALL(async_caller, AsyncTpmAttestationEnroll(fake_enroll_response, _))
206 .WillOnce(WithArgs<1>(Invoke(AsyncCallbackFalse)));
207
208 chromeos::MockCryptohomeClient client;
209 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
210 .WillRepeatedly(Invoke(DBusCallbackFalse));
211
212 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
213 proxy->DeferToFake(true);
214 EXPECT_CALL(*proxy, SendEnrollRequest(
215 cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest,
216 _)).Times(1);
217
218 StrictMock<MockObserver> observer;
219 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1);
220 AttestationFlow::CertificateCallback mock_callback = base::Bind(
221 &MockObserver::MockCertificateCallback,
222 base::Unretained(&observer));
223
224 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
225 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
226 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true,
227 mock_callback);
228 Run();
229 }
230
231 TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) {
232 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
233 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE);
234 EXPECT_CALL(async_caller,
235 AsyncTpmAttestationCreateCertRequest(
236 PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, "", "", _))
237 .Times(1);
238 std::string fake_cert_response =
239 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest;
240 fake_cert_response += "_response";
241 EXPECT_CALL(async_caller,
242 AsyncTpmAttestationFinishCertRequest(fake_cert_response,
243 KEY_DEVICE,
244 kEnterpriseMachineKey,
245 _))
246 .Times(1);
247
248 chromeos::MockCryptohomeClient client;
249 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
250 .WillRepeatedly(Invoke(DBusCallbackTrue));
251
252 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
253 proxy->DeferToFake(true);
254 EXPECT_CALL(*proxy, SendCertificateRequest(
255 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest,
256 _)).Times(1);
257
258 StrictMock<MockObserver> observer;
259 EXPECT_CALL(observer, MockCertificateCallback(
260 true,
261 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1);
262 AttestationFlow::CertificateCallback mock_callback = base::Bind(
263 &MockObserver::MockCertificateCallback,
264 base::Unretained(&observer));
265
266 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
267 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
268 flow.GetCertificate(PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, "", "", true,
269 mock_callback);
270 Run();
271 }
272
273 TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) {
274 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
275 async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE);
276 EXPECT_CALL(async_caller,
277 AsyncTpmAttestationCreateCertRequest(
278 PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _))
279 .Times(1);
280
281 chromeos::MockCryptohomeClient client;
282 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
283 .WillRepeatedly(Invoke(DBusCallbackTrue));
284
285 // We're not expecting any server calls in this case; StrictMock will verify.
286 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
287
288 StrictMock<MockObserver> observer;
289 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1);
290 AttestationFlow::CertificateCallback mock_callback = base::Bind(
291 &MockObserver::MockCertificateCallback,
292 base::Unretained(&observer));
293
294 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
295 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
296 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true,
297 mock_callback);
298 Run();
299 }
300
301 TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) {
302 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
303 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE);
304 EXPECT_CALL(async_caller,
305 AsyncTpmAttestationCreateCertRequest(
306 PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _))
307 .Times(1);
308
309 chromeos::MockCryptohomeClient client;
310 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
311 .WillRepeatedly(Invoke(DBusCallbackTrue));
312
313 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
314 proxy->DeferToFake(false);
315 EXPECT_CALL(*proxy, SendCertificateRequest(
316 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest,
317 _)).Times(1);
318
319 StrictMock<MockObserver> observer;
320 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1);
321 AttestationFlow::CertificateCallback mock_callback = base::Bind(
322 &MockObserver::MockCertificateCallback,
323 base::Unretained(&observer));
324
325 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
326 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
327 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true,
328 mock_callback);
329 Run();
330 }
331
332 TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) {
333 // We're not expecting any async calls in this case; StrictMock will verify.
334 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
335
336 chromeos::MockCryptohomeClient client;
337 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
338 .WillRepeatedly(Invoke(DBusCallbackFail));
339
340 // We're not expecting any server calls in this case; StrictMock will verify.
341 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
342
343 StrictMock<MockObserver> observer;
344 EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1);
345 AttestationFlow::CertificateCallback mock_callback = base::Bind(
346 &MockObserver::MockCertificateCallback,
347 base::Unretained(&observer));
348
349 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
350 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
351 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true,
352 mock_callback);
353 Run();
354 }
355
356 TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) {
357 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
358 async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE);
359 EXPECT_CALL(async_caller,
360 AsyncTpmAttestationCreateCertRequest(
361 PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _))
362 .Times(1);
363 std::string fake_cert_response =
364 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest;
365 fake_cert_response += "_response";
366 EXPECT_CALL(async_caller,
367 AsyncTpmAttestationFinishCertRequest(fake_cert_response,
368 KEY_USER,
369 kEnterpriseUserKey,
370 _))
371 .Times(1);
372
373 chromeos::MockCryptohomeClient client;
374 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
375 .WillRepeatedly(Invoke(DBusCallbackTrue));
376 EXPECT_CALL(client,
377 TpmAttestationDoesKeyExist(KEY_USER, kEnterpriseUserKey, _))
378 .WillRepeatedly(WithArgs<2>(Invoke(DBusCallbackFalse)));
379
380 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
381 proxy->DeferToFake(true);
382 EXPECT_CALL(*proxy, SendCertificateRequest(
383 cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest,
384 _)).Times(1);
385
386 StrictMock<MockObserver> observer;
387 EXPECT_CALL(observer, MockCertificateCallback(
388 true,
389 cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1);
390 AttestationFlow::CertificateCallback mock_callback = base::Bind(
391 &MockObserver::MockCertificateCallback,
392 base::Unretained(&observer));
393
394 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
395 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
396 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", false,
397 mock_callback);
398 Run();
399 }
400
401 TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) {
402 // We're not expecting any async calls in this case; StrictMock will verify.
403 StrictMock<cryptohome::MockAsyncMethodCaller> async_caller;
404
405 chromeos::MockCryptohomeClient client;
406 EXPECT_CALL(client, TpmAttestationIsEnrolled(_))
407 .WillRepeatedly(Invoke(DBusCallbackTrue));
408 EXPECT_CALL(client,
409 TpmAttestationDoesKeyExist(KEY_USER, kEnterpriseUserKey, _))
410 .WillRepeatedly(WithArgs<2>(Invoke(DBusCallbackTrue)));
411 EXPECT_CALL(client,
412 TpmAttestationGetCertificate(KEY_USER, kEnterpriseUserKey, _))
413 .WillRepeatedly(WithArgs<2>(Invoke(FakeDBusData("fake_cert"))));
414
415 // We're not expecting any server calls in this case; StrictMock will verify.
416 scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>());
417
418 StrictMock<MockObserver> observer;
419 EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1);
420 AttestationFlow::CertificateCallback mock_callback = base::Bind(
421 &MockObserver::MockCertificateCallback,
422 base::Unretained(&observer));
423
424 scoped_ptr<ServerProxy> proxy_interface(proxy.release());
425 AttestationFlow flow(&async_caller, &client, proxy_interface.Pass());
426 flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", false,
427 mock_callback);
428 Run();
429 }
430
431 } // namespace attestation
432 } // namespace chromeos