device_settings_service_unittest.cc revision cedac228d2dd51db4b79ea1e72c7f249408ee061
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/chromeos/settings/device_settings_service.h" 6 7#include "base/basictypes.h" 8#include "base/bind.h" 9#include "base/bind_helpers.h" 10#include "base/compiler_specific.h" 11#include "base/time/time.h" 12#include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" 13#include "chrome/browser/chromeos/settings/device_settings_test_helper.h" 14#include "components/policy/core/common/cloud/cloud_policy_constants.h" 15#include "policy/proto/device_management_backend.pb.h" 16#include "testing/gmock/include/gmock/gmock.h" 17#include "testing/gtest/include/gtest/gtest.h" 18 19namespace em = enterprise_management; 20 21using ::testing::Mock; 22 23namespace chromeos { 24 25namespace { 26 27class MockDeviceSettingsObserver : public DeviceSettingsService::Observer { 28 public: 29 virtual ~MockDeviceSettingsObserver() {} 30 31 MOCK_METHOD0(OwnershipStatusChanged, void()); 32 MOCK_METHOD0(DeviceSettingsUpdated, void()); 33}; 34 35} // namespace 36 37class DeviceSettingsServiceTest : public DeviceSettingsTestBase { 38 public: 39 void SetOperationCompleted() { 40 operation_completed_ = true; 41 } 42 43 void SetOwnershipStatus( 44 DeviceSettingsService::OwnershipStatus ownership_status) { 45 ownership_status_ = ownership_status; 46 } 47 48 void OnIsOwner(bool is_owner) { 49 is_owner_ = is_owner; 50 is_owner_set_ = true; 51 } 52 53 protected: 54 DeviceSettingsServiceTest() 55 : operation_completed_(false), 56 is_owner_(true), 57 is_owner_set_(false), 58 ownership_status_(DeviceSettingsService::OWNERSHIP_UNKNOWN) {} 59 60 virtual void SetUp() OVERRIDE { 61 device_policy_.payload().mutable_device_policy_refresh_rate()-> 62 set_device_policy_refresh_rate(120); 63 DeviceSettingsTestBase::SetUp(); 64 } 65 66 void CheckPolicy() { 67 ASSERT_TRUE(device_settings_service_.policy_data()); 68 EXPECT_EQ(device_policy_.policy_data().SerializeAsString(), 69 device_settings_service_.policy_data()->SerializeAsString()); 70 ASSERT_TRUE(device_settings_service_.device_settings()); 71 EXPECT_EQ(device_policy_.payload().SerializeAsString(), 72 device_settings_service_.device_settings()->SerializeAsString()); 73 } 74 75 bool operation_completed_; 76 bool is_owner_; 77 bool is_owner_set_; 78 DeviceSettingsService::OwnershipStatus ownership_status_; 79 80 private: 81 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsServiceTest); 82}; 83 84TEST_F(DeviceSettingsServiceTest, LoadNoKey) { 85 owner_key_util_->Clear(); 86 ReloadDeviceSettings(); 87 88 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE, 89 device_settings_service_.status()); 90 EXPECT_FALSE(device_settings_service_.policy_data()); 91 EXPECT_FALSE(device_settings_service_.device_settings()); 92} 93 94TEST_F(DeviceSettingsServiceTest, LoadNoPolicy) { 95 device_settings_test_helper_.set_policy_blob(std::string()); 96 ReloadDeviceSettings(); 97 98 EXPECT_EQ(DeviceSettingsService::STORE_NO_POLICY, 99 device_settings_service_.status()); 100 EXPECT_FALSE(device_settings_service_.policy_data()); 101 EXPECT_FALSE(device_settings_service_.device_settings()); 102} 103 104TEST_F(DeviceSettingsServiceTest, LoadValidationError) { 105 device_policy_.policy().set_policy_data_signature("bad"); 106 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 107 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 108 ReloadDeviceSettings(); 109 110 EXPECT_EQ(DeviceSettingsService::STORE_VALIDATION_ERROR, 111 device_settings_service_.status()); 112 EXPECT_FALSE(device_settings_service_.policy_data()); 113 EXPECT_FALSE(device_settings_service_.device_settings()); 114} 115 116TEST_F(DeviceSettingsServiceTest, LoadValidationErrorFutureTimestamp) { 117 base::Time timestamp(base::Time::NowFromSystemTime() + 118 base::TimeDelta::FromDays(5000)); 119 device_policy_.policy_data().set_timestamp( 120 (timestamp - base::Time::UnixEpoch()).InMilliseconds()); 121 device_policy_.Build(); 122 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 123 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 124 ReloadDeviceSettings(); 125 126 // Loading a cached device policy with a timestamp in the future should work, 127 // since this may be due to a broken clock on the client device. 128 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 129 device_settings_service_.status()); 130 CheckPolicy(); 131} 132 133TEST_F(DeviceSettingsServiceTest, LoadSuccess) { 134 ReloadDeviceSettings(); 135 136 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 137 device_settings_service_.status()); 138 CheckPolicy(); 139} 140 141TEST_F(DeviceSettingsServiceTest, SignAndStoreNoKey) { 142 ReloadDeviceSettings(); 143 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 144 device_settings_service_.status()); 145 146 scoped_ptr<em::ChromeDeviceSettingsProto> new_device_settings( 147 new em::ChromeDeviceSettingsProto(device_policy_.payload())); 148 new_device_settings->mutable_device_policy_refresh_rate()-> 149 set_device_policy_refresh_rate(300); 150 device_settings_service_.SignAndStore( 151 new_device_settings.Pass(), 152 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 153 base::Unretained(this))); 154 FlushDeviceSettings(); 155 EXPECT_TRUE(operation_completed_); 156 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE, 157 device_settings_service_.status()); 158 CheckPolicy(); 159} 160 161TEST_F(DeviceSettingsServiceTest, SignAndStoreFailure) { 162 ReloadDeviceSettings(); 163 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 164 device_settings_service_.status()); 165 166 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey()); 167 crypto::ScopedPK11Slot slot; 168 device_settings_service_.InitOwner(device_policy_.policy_data().username(), 169 slot.Pass()); 170 FlushDeviceSettings(); 171 172 scoped_ptr<em::ChromeDeviceSettingsProto> new_device_settings( 173 new em::ChromeDeviceSettingsProto(device_policy_.payload())); 174 new_device_settings->mutable_device_policy_refresh_rate()-> 175 set_device_policy_refresh_rate(300); 176 device_settings_test_helper_.set_store_result(false); 177 device_settings_service_.SignAndStore( 178 new_device_settings.Pass(), 179 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 180 base::Unretained(this))); 181 FlushDeviceSettings(); 182 EXPECT_TRUE(operation_completed_); 183 EXPECT_EQ(DeviceSettingsService::STORE_OPERATION_FAILED, 184 device_settings_service_.status()); 185 CheckPolicy(); 186} 187 188TEST_F(DeviceSettingsServiceTest, SignAndStoreSuccess) { 189 const base::Time before(base::Time::Now()); 190 ReloadDeviceSettings(); 191 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 192 device_settings_service_.status()); 193 194 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey()); 195 crypto::ScopedPK11Slot slot; 196 device_settings_service_.InitOwner(device_policy_.policy_data().username(), 197 slot.Pass()); 198 FlushDeviceSettings(); 199 200 device_policy_.payload().mutable_device_policy_refresh_rate()-> 201 set_device_policy_refresh_rate(300); 202 device_policy_.Build(); 203 device_settings_service_.SignAndStore( 204 scoped_ptr<em::ChromeDeviceSettingsProto>( 205 new em::ChromeDeviceSettingsProto(device_policy_.payload())), 206 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 207 base::Unretained(this))); 208 FlushDeviceSettings(); 209 const base::Time after(base::Time::Now()); 210 211 EXPECT_TRUE(operation_completed_); 212 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 213 device_settings_service_.status()); 214 ASSERT_TRUE(device_settings_service_.device_settings()); 215 EXPECT_EQ(device_policy_.payload().SerializeAsString(), 216 device_settings_service_.device_settings()->SerializeAsString()); 217 218 // Check that the loaded policy_data contains the expected values. 219 const em::PolicyData* policy_data = device_settings_service_.policy_data(); 220 EXPECT_EQ(policy::dm_protocol::kChromeDevicePolicyType, 221 policy_data->policy_type()); 222 EXPECT_LE((before - base::Time::UnixEpoch()).InMilliseconds(), 223 policy_data->timestamp()); 224 EXPECT_GE((after - base::Time::UnixEpoch()).InMilliseconds(), 225 policy_data->timestamp()); 226 EXPECT_EQ(device_settings_service_.GetUsername(), 227 policy_data->username()); 228} 229 230TEST_F(DeviceSettingsServiceTest, SetManagementSettingsModeTransition) { 231 ReloadDeviceSettings(); 232 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 233 device_settings_service_.status()); 234 235 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey()); 236 crypto::ScopedPK11Slot slot; 237 device_settings_service_.InitOwner(device_policy_.policy_data().username(), 238 slot.Pass()); 239 FlushDeviceSettings(); 240 241 // The initial management mode should be NOT_MANAGED. 242 EXPECT_EQ(em::PolicyData::NOT_MANAGED, 243 device_settings_service_.policy_data()->management_mode()); 244 245 // NOT_MANAGED -> CONSUMER_MANAGED: Okay. 246 device_settings_service_.SetManagementSettings( 247 em::PolicyData::CONSUMER_MANAGED, 248 "fake_request_token", 249 "fake_device_id", 250 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 251 base::Unretained(this))); 252 FlushDeviceSettings(); 253 254 EXPECT_TRUE(operation_completed_); 255 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 256 device_settings_service_.status()); 257 EXPECT_EQ(em::PolicyData::CONSUMER_MANAGED, 258 device_settings_service_.policy_data()->management_mode()); 259 260 // CONSUMER_MANAGED -> ENTERPRISE_MANAGED: Invalid. 261 device_settings_service_.SetManagementSettings( 262 em::PolicyData::ENTERPRISE_MANAGED, 263 "fake_request_token", 264 "fake_device_id", 265 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 266 base::Unretained(this))); 267 FlushDeviceSettings(); 268 269 EXPECT_TRUE(operation_completed_); 270 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR, 271 device_settings_service_.status()); 272 EXPECT_EQ(em::PolicyData::CONSUMER_MANAGED, 273 device_settings_service_.policy_data()->management_mode()); 274 275 // CONSUMER_MANAGED -> NOT_MANAGED: Okay. 276 device_settings_service_.SetManagementSettings( 277 em::PolicyData::NOT_MANAGED, 278 "fake_request_token", 279 "fake_device_id", 280 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 281 base::Unretained(this))); 282 FlushDeviceSettings(); 283 284 EXPECT_TRUE(operation_completed_); 285 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 286 device_settings_service_.status()); 287 EXPECT_EQ(em::PolicyData::NOT_MANAGED, 288 device_settings_service_.policy_data()->management_mode()); 289 290 // NOT_MANAGED -> ENTERPRISE_MANAGED: Invalid. 291 device_settings_service_.SetManagementSettings( 292 em::PolicyData::ENTERPRISE_MANAGED, 293 "fake_request_token", 294 "fake_device_id", 295 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 296 base::Unretained(this))); 297 FlushDeviceSettings(); 298 299 EXPECT_TRUE(operation_completed_); 300 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR, 301 device_settings_service_.status()); 302 EXPECT_EQ(em::PolicyData::NOT_MANAGED, 303 device_settings_service_.policy_data()->management_mode()); 304 305 // Inject a policy data with management mode set to ENTERPRISE_MANAGED. 306 device_policy_.policy_data().set_management_mode( 307 em::PolicyData::ENTERPRISE_MANAGED); 308 device_policy_.Build(); 309 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 310 ReloadDeviceSettings(); 311 EXPECT_EQ(em::PolicyData::ENTERPRISE_MANAGED, 312 device_settings_service_.policy_data()->management_mode()); 313 314 // ENTERPRISE_MANAGED -> NOT_MANAGED: Invalid. 315 device_settings_service_.SetManagementSettings( 316 em::PolicyData::NOT_MANAGED, 317 "fake_request_token", 318 "fake_device_id", 319 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 320 base::Unretained(this))); 321 FlushDeviceSettings(); 322 323 EXPECT_TRUE(operation_completed_); 324 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR, 325 device_settings_service_.status()); 326 EXPECT_EQ(em::PolicyData::ENTERPRISE_MANAGED, 327 device_settings_service_.policy_data()->management_mode()); 328 329 // ENTERPRISE_MANAGED -> CONSUMER_MANAGED: Invalid. 330 device_settings_service_.SetManagementSettings( 331 em::PolicyData::CONSUMER_MANAGED, 332 "fake_request_token", 333 "fake_device_id", 334 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 335 base::Unretained(this))); 336 FlushDeviceSettings(); 337 338 EXPECT_TRUE(operation_completed_); 339 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR, 340 device_settings_service_.status()); 341 EXPECT_EQ(em::PolicyData::ENTERPRISE_MANAGED, 342 device_settings_service_.policy_data()->management_mode()); 343 344} 345 346TEST_F(DeviceSettingsServiceTest, SetManagementSettingsSuccess) { 347 ReloadDeviceSettings(); 348 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 349 device_settings_service_.status()); 350 351 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey()); 352 crypto::ScopedPK11Slot slot; 353 device_settings_service_.InitOwner(device_policy_.policy_data().username(), 354 slot.Pass()); 355 FlushDeviceSettings(); 356 357 device_settings_service_.SetManagementSettings( 358 em::PolicyData::CONSUMER_MANAGED, 359 "fake_request_token", 360 "fake_device_id", 361 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 362 base::Unretained(this))); 363 FlushDeviceSettings(); 364 365 EXPECT_TRUE(operation_completed_); 366 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 367 device_settings_service_.status()); 368 ASSERT_TRUE(device_settings_service_.device_settings()); 369 370 // Check that the loaded policy_data contains the expected values. 371 const em::PolicyData* policy_data = device_settings_service_.policy_data(); 372 EXPECT_EQ(policy::dm_protocol::kChromeDevicePolicyType, 373 policy_data->policy_type()); 374 EXPECT_EQ(device_settings_service_.GetUsername(), 375 policy_data->username()); 376 EXPECT_EQ(em::PolicyData::CONSUMER_MANAGED, policy_data->management_mode()); 377 EXPECT_EQ("fake_request_token", policy_data->request_token()); 378 EXPECT_EQ("fake_device_id", policy_data->device_id()); 379} 380 381TEST_F(DeviceSettingsServiceTest, StoreFailure) { 382 owner_key_util_->Clear(); 383 device_settings_test_helper_.set_policy_blob(std::string()); 384 ReloadDeviceSettings(); 385 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE, 386 device_settings_service_.status()); 387 388 device_settings_test_helper_.set_store_result(false); 389 device_settings_service_.Store( 390 device_policy_.GetCopy(), 391 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 392 base::Unretained(this))); 393 FlushDeviceSettings(); 394 EXPECT_TRUE(operation_completed_); 395 EXPECT_EQ(DeviceSettingsService::STORE_OPERATION_FAILED, 396 device_settings_service_.status()); 397} 398 399TEST_F(DeviceSettingsServiceTest, StoreSuccess) { 400 owner_key_util_->Clear(); 401 device_settings_test_helper_.set_policy_blob(std::string()); 402 ReloadDeviceSettings(); 403 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE, 404 device_settings_service_.status()); 405 406 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 407 device_settings_service_.Store( 408 device_policy_.GetCopy(), 409 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted, 410 base::Unretained(this))); 411 FlushDeviceSettings(); 412 EXPECT_TRUE(operation_completed_); 413 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 414 device_settings_service_.status()); 415 CheckPolicy(); 416} 417 418TEST_F(DeviceSettingsServiceTest, StoreRotation) { 419 ReloadDeviceSettings(); 420 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 421 device_settings_service_.status()); 422 423 device_policy_.payload().mutable_device_policy_refresh_rate()-> 424 set_device_policy_refresh_rate(300); 425 device_policy_.SetDefaultNewSigningKey(); 426 device_policy_.Build(); 427 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure()); 428 FlushDeviceSettings(); 429 owner_key_util_->SetPublicKeyFromPrivateKey( 430 *device_policy_.GetNewSigningKey()); 431 device_settings_service_.OwnerKeySet(true); 432 FlushDeviceSettings(); 433 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS, 434 device_settings_service_.status()); 435 CheckPolicy(); 436 437 // Check the new key has been loaded. 438 std::vector<uint8> key; 439 ASSERT_TRUE(device_policy_.GetNewSigningKey()->ExportPublicKey(&key)); 440 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 441} 442 443TEST_F(DeviceSettingsServiceTest, OwnershipStatus) { 444 owner_key_util_->Clear(); 445 446 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 447 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get()); 448 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN, 449 device_settings_service_.GetOwnershipStatus()); 450 451 device_settings_service_.GetOwnershipStatusAsync( 452 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus, 453 base::Unretained(this))); 454 FlushDeviceSettings(); 455 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 456 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 457 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->public_key()); 458 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key()); 459 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE, 460 device_settings_service_.GetOwnershipStatus()); 461 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE, ownership_status_); 462 463 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 464 ReloadDeviceSettings(); 465 device_settings_service_.GetOwnershipStatusAsync( 466 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus, 467 base::Unretained(this))); 468 FlushDeviceSettings(); 469 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 470 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 471 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 472 std::vector<uint8> key; 473 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 474 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 475 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key()); 476 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 477 device_settings_service_.GetOwnershipStatus()); 478 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_); 479 480 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey()); 481 crypto::ScopedPK11Slot slot; 482 device_settings_service_.InitOwner(device_policy_.policy_data().username(), 483 slot.Pass()); 484 device_settings_service_.GetOwnershipStatusAsync( 485 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus, 486 base::Unretained(this))); 487 FlushDeviceSettings(); 488 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey()); 489 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 490 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 491 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 492 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 493 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key()); 494 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 495 device_settings_service_.GetOwnershipStatus()); 496 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_); 497} 498 499TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForNonOwner) { 500 owner_key_util_->Clear(); 501 502 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 503 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get()); 504 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN, 505 device_settings_service_.GetOwnershipStatus()); 506 507 device_settings_service_.IsCurrentUserOwnerAsync( 508 base::Bind(&DeviceSettingsServiceTest::OnIsOwner, 509 base::Unretained(this))); 510 511 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 512 ReloadDeviceSettings(); 513 514 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 515 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 516 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 517 std::vector<uint8> key; 518 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 519 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 520 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key()); 521 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 522 device_settings_service_.GetOwnershipStatus()); 523 EXPECT_FALSE(is_owner_set_); 524 525 device_settings_service_.OnTPMTokenReady(); 526 FlushDeviceSettings(); 527 528 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 529 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 530 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 531 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 532 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 533 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key()); 534 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 535 device_settings_service_.GetOwnershipStatus()); 536 EXPECT_TRUE(is_owner_set_); 537 EXPECT_FALSE(is_owner_); 538} 539 540TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForOwner) { 541 owner_key_util_->Clear(); 542 543 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 544 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get()); 545 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN, 546 device_settings_service_.GetOwnershipStatus()); 547 548 device_settings_service_.IsCurrentUserOwnerAsync( 549 base::Bind(&DeviceSettingsServiceTest::OnIsOwner, 550 base::Unretained(this))); 551 552 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 553 ReloadDeviceSettings(); 554 555 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 556 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 557 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 558 std::vector<uint8> key; 559 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 560 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 561 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key()); 562 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 563 device_settings_service_.GetOwnershipStatus()); 564 EXPECT_FALSE(is_owner_set_); 565 566 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey()); 567 crypto::ScopedPK11Slot slot; 568 device_settings_service_.InitOwner(device_policy_.policy_data().username(), 569 slot.Pass()); 570 device_settings_service_.OnTPMTokenReady(); 571 FlushDeviceSettings(); 572 573 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey()); 574 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 575 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 576 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 577 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 578 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key()); 579 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 580 device_settings_service_.GetOwnershipStatus()); 581 EXPECT_TRUE(is_owner_set_); 582 EXPECT_TRUE(is_owner_); 583} 584 585TEST_F(DeviceSettingsServiceTest, IsCurrentUserOwnerAsyncWithLoadedCerts) { 586 owner_key_util_->Clear(); 587 588 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey()); 589 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get()); 590 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN, 591 device_settings_service_.GetOwnershipStatus()); 592 593 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 594 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey()); 595 crypto::ScopedPK11Slot slot; 596 device_settings_service_.InitOwner(device_policy_.policy_data().username(), 597 slot.Pass()); 598 ReloadDeviceSettings(); 599 600 device_settings_service_.OnTPMTokenReady(); 601 FlushDeviceSettings(); 602 603 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey()); 604 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 605 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 606 std::vector<uint8> key; 607 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 608 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 609 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key()); 610 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 611 device_settings_service_.GetOwnershipStatus()); 612 EXPECT_FALSE(is_owner_set_); 613 614 device_settings_service_.IsCurrentUserOwnerAsync( 615 base::Bind(&DeviceSettingsServiceTest::OnIsOwner, 616 base::Unretained(this))); 617 // The callback should be called immediately. 618 base::MessageLoop::current()->RunUntilIdle(); 619 620 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey()); 621 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get()); 622 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key()); 623 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key)); 624 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key); 625 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key()); 626 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, 627 device_settings_service_.GetOwnershipStatus()); 628 EXPECT_TRUE(is_owner_set_); 629 EXPECT_TRUE(is_owner_); 630} 631 632TEST_F(DeviceSettingsServiceTest, Observer) { 633 owner_key_util_->Clear(); 634 MockDeviceSettingsObserver observer_; 635 device_settings_service_.AddObserver(&observer_); 636 637 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1); 638 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1); 639 ReloadDeviceSettings(); 640 Mock::VerifyAndClearExpectations(&observer_); 641 642 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1); 643 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1); 644 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey()); 645 ReloadDeviceSettings(); 646 Mock::VerifyAndClearExpectations(&observer_); 647 648 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0); 649 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1); 650 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure()); 651 FlushDeviceSettings(); 652 Mock::VerifyAndClearExpectations(&observer_); 653 654 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0); 655 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1); 656 device_settings_service_.PropertyChangeComplete(true); 657 FlushDeviceSettings(); 658 Mock::VerifyAndClearExpectations(&observer_); 659 660 device_settings_service_.RemoveObserver(&observer_); 661} 662 663} // namespace chromeos 664