1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/signin/local_auth.h"
7 #include "base/base64.h"
8 #include "base/prefs/pref_service.h"
9 #include "chrome/browser/profiles/profile_manager.h"
10 #include "chrome/test/base/testing_browser_process.h"
11 #include "chrome/test/base/testing_profile.h"
12 #include "chrome/test/base/testing_profile_manager.h"
13 #include "components/os_crypt/os_crypt.h"
14 #include "components/syncable_prefs/testing_pref_service_syncable.h"
15 #include "content/public/test/test_browser_thread_bundle.h"
17 #include "testing/gtest/include/gtest/gtest.h"
19 class LocalAuthTest
: public testing::Test
{
20 content::TestBrowserThreadBundle thread_bundle_
;
23 TEST_F(LocalAuthTest
, SetAndCheckCredentials
) {
24 TestingProfileManager
testing_profile_manager(
25 TestingBrowserProcess::GetGlobal());
26 ASSERT_TRUE(testing_profile_manager
.SetUp());
27 Profile
* prof
= testing_profile_manager
.CreateTestingProfile("p1");
28 ProfileInfoCache
& cache
=
29 testing_profile_manager
.profile_manager()->GetProfileInfoCache();
30 EXPECT_EQ(1U, cache
.GetNumberOfProfiles());
31 EXPECT_EQ("", cache
.GetLocalAuthCredentialsOfProfileAtIndex(0));
33 #if defined(OS_MACOSX)
34 OSCrypt::UseMockKeychain(true);
37 std::string
password("Some Password");
38 EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof
, password
));
40 LocalAuth::SetLocalAuthCredentials(prof
, password
);
41 std::string passhash
= cache
.GetLocalAuthCredentialsOfProfileAtIndex(0);
43 // We perform basic validation on the written record to ensure bugs don't slip
44 // in that cannot be seen from the API:
45 // - The encoding exists (we can guarantee future backward compatibility).
46 // - The plaintext version of the password is not mistakenly stored anywhere.
47 EXPECT_FALSE(passhash
.empty());
48 EXPECT_EQ('2', passhash
[0]);
49 EXPECT_EQ(passhash
.find(password
), std::string::npos
);
51 std::string decodedhash
;
52 base::Base64Decode(passhash
.substr(1), &decodedhash
);
53 EXPECT_FALSE(decodedhash
.empty());
54 EXPECT_EQ(decodedhash
.find(password
), std::string::npos
);
56 EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof
, password
));
57 EXPECT_FALSE(LocalAuth::ValidateLocalAuthCredentials(prof
, password
+ "1"));
59 LocalAuth::SetLocalAuthCredentials(prof
, password
); // makes different salt
60 EXPECT_NE(passhash
, cache
.GetLocalAuthCredentialsOfProfileAtIndex(0));
63 TEST_F(LocalAuthTest
, SetUpgradeAndCheckCredentials
) {
64 TestingProfileManager
testing_profile_manager(
65 TestingBrowserProcess::GetGlobal());
66 ASSERT_TRUE(testing_profile_manager
.SetUp());
67 Profile
* prof
= testing_profile_manager
.CreateTestingProfile("p1");
68 ProfileInfoCache
& cache
=
69 testing_profile_manager
.profile_manager()->GetProfileInfoCache();
71 #if defined(OS_MACOSX)
72 OSCrypt::UseMockKeychain(true);
75 std::string
password("Some Password");
76 size_t profile_index
= cache
.GetIndexOfProfileWithPath(prof
->GetPath());
77 LocalAuth::SetLocalAuthCredentialsWithEncoding(profile_index
, password
, '1');
79 // Ensure we indeed persisted the correct encoding.
80 std::string oldpasshash
= cache
.GetLocalAuthCredentialsOfProfileAtIndex(
82 EXPECT_EQ('1', oldpasshash
[0]);
84 // Validate, ensure we can validate against the old encoding.
85 EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof
, password
));
87 // Ensure we updated the encoding.
88 std::string newpasshash
= cache
.GetLocalAuthCredentialsOfProfileAtIndex(
90 EXPECT_EQ('2', newpasshash
[0]);
91 // Encoding '2' writes fewer bytes than encoding '1'.
92 EXPECT_LE(newpasshash
.length(), oldpasshash
.length());
94 // Validate, ensure we validate against the new encoding.
95 EXPECT_TRUE(LocalAuth::ValidateLocalAuthCredentials(prof
, password
));
98 // Test truncation where each byte is left whole.
99 TEST_F(LocalAuthTest
, TruncateStringEvenly
) {
100 std::string two_chars
= "A6";
101 std::string three_chars
= "A6C";
102 EXPECT_EQ(two_chars
, LocalAuth::TruncateStringByBits(two_chars
, 16));
103 EXPECT_EQ(two_chars
, LocalAuth::TruncateStringByBits(three_chars
, 16));
105 EXPECT_EQ(two_chars
, LocalAuth::TruncateStringByBits(two_chars
, 14));
106 EXPECT_EQ(two_chars
, LocalAuth::TruncateStringByBits(three_chars
, 14));
109 // Test truncation that affects the results within a byte.
110 TEST_F(LocalAuthTest
, TruncateStringUnevenly
) {
111 std::string two_chars
= "Az";
112 std::string three_chars
= "AzC";
113 // 'z' = 0x7A, ':' = 0x3A.
114 std::string two_chars_truncated
= "A:";
115 EXPECT_EQ(two_chars_truncated
,
116 LocalAuth::TruncateStringByBits(two_chars
, 14));
117 EXPECT_EQ(two_chars_truncated
,
118 LocalAuth::TruncateStringByBits(three_chars
, 14));