search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "Only store leading 13 bits of password hash."
[chromium-blink-merge.git] / chrome / browser / signin / local_auth_unittest.cc
blob68ee397043ad9c9614b444ad6611043eda24453d
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/signin/local_auth.h"
6
7 #include "base/base64.h"
8 #include "base/prefs/pref_service.h"
9 #include "chrome/browser/profiles/profile_manager.h"
10 #include "chrome/test/base/testing_browser_process.h"
11 #include "chrome/test/base/testing_pref_service_syncable.h"
12 #include "chrome/test/base/testing_profile.h"
13 #include "chrome/test/base/testing_profile_manager.h"
14 #include "components/os_crypt/os_crypt.h"
15
16 #include "testing/gtest/include/gtest/gtest.h"
17
18 using namespace chrome;
19
20 TEST(LocalAuthTest, SetAndCheckCredentials) {
21 TestingProfileManager testing_profile_manager(
22 TestingBrowserProcess::GetGlobal());
23 ASSERT_TRUE(testing_profile_manager.SetUp());
24 Profile* prof = testing_profile_manager.CreateTestingProfile("p1");
25 ProfileInfoCache& cache =
26 testing_profile_manager.profile_manager()->GetProfileInfoCache();
27 EXPECT_EQ(1U, cache.GetNumberOfProfiles());
28 EXPECT_EQ("", cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
29
30 #if defined(OS_MACOSX)
31 OSCrypt::UseMockKeychain(true);
32 #endif
33
34 std::string password("Some Password");
35 EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password));
36
37 SetLocalAuthCredentials(prof, password);
38 std::string passhash = cache.GetLocalAuthCredentialsOfProfileAtIndex(0);
39
40 // We perform basic validation on the written record to ensure bugs don't slip
41 // in that cannot be seen from the API:
42 // - The encoding exists (we can guarantee future backward compatibility).
43 // - The plaintext version of the password is not mistakenly stored anywhere.
44 EXPECT_FALSE(passhash.empty());
45 EXPECT_EQ('1', passhash[0]);
46 EXPECT_EQ(passhash.find(password), std::string::npos);
47
48 std::string decodedhash;
49 base::Base64Decode(passhash.substr(1), &decodedhash);
50 EXPECT_FALSE(decodedhash.empty());
51 EXPECT_EQ(decodedhash.find(password), std::string::npos);
52
53 EXPECT_TRUE(ValidateLocalAuthCredentials(prof, password));
54 EXPECT_FALSE(ValidateLocalAuthCredentials(prof, password + "1"));
55
56 SetLocalAuthCredentials(prof, password); // makes different salt
57 EXPECT_NE(passhash, cache.GetLocalAuthCredentialsOfProfileAtIndex(0));
58 }