components/os_crypt/keychain_password_mac_unittest.mm

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "components/os_crypt/keychain_password_mac.h"
   6
   7 #include "crypto/mock_apple_keychain.h"
   8 #include "testing/gtest/include/gtest/gtest.h"
   9
  10 namespace {
  11
  12 using crypto::MockAppleKeychain;
  13
  14 // Test that if we have an existing password in the Keychain and we are
  15 // authorized by the user to read it then we get it back correctly.
  16 TEST(KeychainPasswordTest, FindPasswordSuccess) {
  17   MockAppleKeychain keychain;
  18   keychain.set_find_generic_result(noErr);
  19   KeychainPassword password(keychain);
  20   EXPECT_FALSE(password.GetPassword().empty());
  21   EXPECT_FALSE(keychain.called_add_generic());
  22   EXPECT_EQ(0, keychain.password_data_count());
  23 }
  24
  25 // Test that if we do not have an existing password in the Keychain then it
  26 // gets added successfully and returned.
  27 TEST(KeychainPasswordTest, FindPasswordNotFound) {
  28   MockAppleKeychain keychain;
  29   keychain.set_find_generic_result(errSecItemNotFound);
  30   KeychainPassword password(keychain);
  31   EXPECT_EQ(24U, password.GetPassword().length());
  32   EXPECT_TRUE(keychain.called_add_generic());
  33   EXPECT_EQ(0, keychain.password_data_count());
  34 }
  35
  36 // Test that if get denied access by the user then we return an empty password.
  37 // And we should not try to add one.
  38 TEST(KeychainPasswordTest, FindPasswordNotAuthorized) {
  39   MockAppleKeychain keychain;
  40   keychain.set_find_generic_result(errSecAuthFailed);
  41   KeychainPassword password(keychain);
  42   EXPECT_TRUE(password.GetPassword().empty());
  43   EXPECT_FALSE(keychain.called_add_generic());
  44   EXPECT_EQ(0, keychain.password_data_count());
  45 }
  46
  47 // Test that if some random other error happens then we return an empty
  48 // password, and we should not try to add one.
  49 TEST(KeychainPasswordTest, FindPasswordOtherError) {
  50   MockAppleKeychain keychain;
  51   keychain.set_find_generic_result(errSecNotAvailable);
  52   KeychainPassword password(keychain);
  53   EXPECT_TRUE(password.GetPassword().empty());
  54   EXPECT_FALSE(keychain.called_add_generic());
  55   EXPECT_EQ(0, keychain.password_data_count());
  56 }
  57
  58 // Test that subsequent additions to the keychain give different passwords.
  59 TEST(KeychainPasswordTest, PasswordsDiffer) {
  60   MockAppleKeychain keychain1;
  61   keychain1.set_find_generic_result(errSecItemNotFound);
  62   KeychainPassword encryptor_password1(keychain1);
  63   std::string password1 = encryptor_password1.GetPassword();
  64   EXPECT_FALSE(password1.empty());
  65   EXPECT_TRUE(keychain1.called_add_generic());
  66   EXPECT_EQ(0, keychain1.password_data_count());
  67
  68   MockAppleKeychain keychain2;
  69   keychain2.set_find_generic_result(errSecItemNotFound);
  70   KeychainPassword encryptor_password2(keychain2);
  71   std::string password2 = encryptor_password2.GetPassword();
  72   EXPECT_FALSE(password2.empty());
  73   EXPECT_TRUE(keychain2.called_add_generic());
  74   EXPECT_EQ(0, keychain2.password_data_count());
  75
  76   // And finally check that the passwords are different.
  77   EXPECT_NE(password1, password2);
  78 }
  79
  80 }  // namespace