12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/bind.h" 6c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/run_loop.h" 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chromeos/attestation/mock_attestation_flow.h" 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chromeos/cryptohome/mock_async_method_caller.h" 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chromeos/dbus/mock_cryptohome_client.h" 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "testing/gmock/include/gmock/gmock.h" 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::_; 15a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)using testing::AtLeast; 16a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)using testing::DoDefault; 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::Invoke; 18a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)using testing::NiceMock; 19a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)using testing::Return; 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::Sequence; 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::StrictMock; 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)using testing::WithArgs; 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace chromeos { 252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace attestation { 262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace { 282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void DBusCallbackFalse(const BoolDBusMethodCallback& callback) { 30868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) base::MessageLoop::current()->PostTask( 312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, false)); 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void DBusCallbackTrue(const BoolDBusMethodCallback& callback) { 35868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) base::MessageLoop::current()->PostTask( 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true)); 372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void DBusCallbackFail(const BoolDBusMethodCallback& callback) { 40868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) base::MessageLoop::current()->PostTask( 412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_FAILURE, false)); 422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void AsyncCallbackFalse(cryptohome::AsyncMethodCaller::Callback callback) { 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) callback.Run(false, cryptohome::MOUNT_ERROR_NONE); 462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 48c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)class FakeDBusData { 49c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) public: 50c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) explicit FakeDBusData(const std::string& data) : data_(data) {} 51c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 52c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void operator() (const CryptohomeClient::DataMethodCallback& callback) { 53868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) base::MessageLoop::current()->PostTask( 54c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) FROM_HERE, 55c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true, data_)); 56c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 57c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 58c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) private: 59c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::string data_; 60c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)}; 61c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class AttestationFlowTest : public testing::Test { 652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) protected: 662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void Run() { 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::RunLoop run_loop; 682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) run_loop.RunUntilIdle(); 692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 70868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) base::MessageLoop message_loop_; 712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)}; 722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate) { 742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Verify the order of calls in a sequence. 752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Sequence flow_order; 762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Use DBusCallbackFalse so the full enrollment flow is triggered. 782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .InSequence(flow_order) 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackFalse)); 822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Use StrictMock when we want to verify invocation frequency. 842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); 86a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) 872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1) 882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .InSequence(flow_order); 892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 90c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 91c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) proxy->DeferToFake(true); 92a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 93c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(*proxy, SendEnrollRequest( 942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, 952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) _)).Times(1) 962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .InSequence(flow_order); 972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string fake_enroll_response = 992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; 1002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) fake_enroll_response += "_response"; 101a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, 102a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) 1032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1) 1042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .InSequence(flow_order); 1052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 106c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL( 107c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) async_caller, 108a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AsyncTpmAttestationCreateCertRequest(_, 109a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) PROFILE_ENTERPRISE_USER_CERTIFICATE, 1108bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) "fake@test.com", "fake_origin", _)) 111c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) .Times(1) 112c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) .InSequence(flow_order); 1132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 114c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(*proxy, SendCertificateRequest( 1152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, 1162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) _)).Times(1) 1172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .InSequence(flow_order); 1182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string fake_cert_response = 1202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; 1212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) fake_cert_response += "_response"; 1222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(async_caller, 123c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AsyncTpmAttestationFinishCertRequest(fake_cert_response, 124c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) KEY_USER, 1258bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) "fake@test.com", 126c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) kEnterpriseUserKey, 127c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) _)) 1282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1) 1292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .InSequence(flow_order); 1302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 1322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback( 1332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) true, 1342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)) 1352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1) 1362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .InSequence(flow_order); 1372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 1382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 1392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 1402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 141c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 142c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 1438bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "fake@test.com", 1443551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) "fake_origin", true, mock_callback); 1452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 1462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 1472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_NoEK) { 1492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 1502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); 151a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) 1522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 1532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 1552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 1562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackFalse)); 1572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // We're not expecting any server calls in this case; StrictMock will verify. 159c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 160a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 1612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 1632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback(false, "")) 1642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 1652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 1662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 1672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 1682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 169c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 170c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 1713551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, 1723551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 1732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 1742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 1752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { 1772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 1782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); 179a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) 1802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 1812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 1832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 1842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackFalse)); 1852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 186c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 187c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) proxy->DeferToFake(false); 188a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 189c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(*proxy, SendEnrollRequest( 1902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, 1912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) _)).Times(1); 1922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 1942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback(false, "")) 1952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 1962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 1972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 1982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 1992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 200c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 201c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 2023551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, 2033551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 2042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 2052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 2062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { 2082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 2092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); 210a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) 2112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 2122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string fake_enroll_response = 2132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; 2142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) fake_enroll_response += "_response"; 215a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, 216a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) 217a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) .WillOnce(WithArgs<2>(Invoke(AsyncCallbackFalse))); 2182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 2202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 2212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackFalse)); 2222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 223c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 224c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) proxy->DeferToFake(true); 225a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 226c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(*proxy, SendEnrollRequest( 2272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, 2282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) _)).Times(1); 2292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 2312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); 2322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 2332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 2342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 2352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 236c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 237c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 2383551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, 2393551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 2402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 2412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 2422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 243c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { 2442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 2452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); 2463551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) EXPECT_CALL(async_caller, 2473551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) AsyncTpmAttestationCreateCertRequest( 248a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) _, PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, "", "", _)) 2492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 2502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string fake_cert_response = 2512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; 2522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) fake_cert_response += "_response"; 2532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(async_caller, 254c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AsyncTpmAttestationFinishCertRequest(fake_cert_response, 255c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) KEY_DEVICE, 2568bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) "", 257c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) kEnterpriseMachineKey, 258c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) _)) 2592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 2602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 2622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 2632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackTrue)); 2642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 265c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 266c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) proxy->DeferToFake(true); 267a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 268c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(*proxy, SendCertificateRequest( 2692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, 2702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) _)).Times(1); 2712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 2732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback( 2742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) true, 2752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); 2762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 2772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 2782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 2792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 280c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 281c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 2823551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, "", "", true, 2833551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 2842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 2852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 2862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { 2882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 2892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); 290c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(async_caller, 2913551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) AsyncTpmAttestationCreateCertRequest( 292a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) _, PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) 2932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 2942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 2962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 2972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackTrue)); 2982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // We're not expecting any server calls in this case; StrictMock will verify. 300c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 301a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 3022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 3042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); 3052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 3062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 3072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 3082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 309c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 310c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 3113551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, 3123551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 3132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 3142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 3152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { 3172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 3182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); 319c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(async_caller, 3203551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) AsyncTpmAttestationCreateCertRequest( 321a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) _, PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) 3222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .Times(1); 3232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 3252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 3262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackTrue)); 3272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 328c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 329c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) proxy->DeferToFake(false); 330a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 331c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(*proxy, SendCertificateRequest( 3322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, 3332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) _)).Times(1); 3342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 3362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); 3372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 3382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 3392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 3402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 341c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 342c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 3433551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, 3443551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 3452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 3462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 3472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { 349c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // We're not expecting any async calls in this case; StrictMock will verify. 3502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 3512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chromeos::MockCryptohomeClient client; 3532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 3542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackFail)); 3552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // We're not expecting any server calls in this case; StrictMock will verify. 357c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 358a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 3592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) StrictMock<MockObserver> observer; 3612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); 3622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 3632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &MockObserver::MockCertificateCallback, 3642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::Unretained(&observer)); 3652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 366c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 367c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 3683551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, 3693551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 370c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Run(); 371c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 372c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 373c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { 374c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 375c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); 3763551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) EXPECT_CALL(async_caller, 3773551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) AsyncTpmAttestationCreateCertRequest( 378a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) _, PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) 379c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) .Times(1); 380c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::string fake_cert_response = 381c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; 382c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) fake_cert_response += "_response"; 383c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(async_caller, 384c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AsyncTpmAttestationFinishCertRequest(fake_cert_response, 385c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) KEY_USER, 3868bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) "", 387c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) kEnterpriseUserKey, 388c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) _)) 389c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) .Times(1); 390c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 391c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) chromeos::MockCryptohomeClient client; 392c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 393c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackTrue)); 394c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(client, 3958bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) TpmAttestationDoesKeyExist(KEY_USER, "", kEnterpriseUserKey, _)) 3968bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) .WillRepeatedly(WithArgs<3>(Invoke(DBusCallbackFalse))); 397c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 398c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 399c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) proxy->DeferToFake(true); 400a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 401c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(*proxy, SendCertificateRequest( 402c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, 403c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) _)).Times(1); 404c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 405c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) StrictMock<MockObserver> observer; 406c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback( 407c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) true, 408c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) cryptohome::MockAsyncMethodCaller::kFakeAttestationCert)).Times(1); 409c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 410c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) &MockObserver::MockCertificateCallback, 411c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) base::Unretained(&observer)); 412c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 413c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 414c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 4153551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", false, 4163551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 417c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Run(); 418c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 419c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 420c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { 421c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // We're not expecting any async calls in this case; StrictMock will verify. 422c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; 423c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 424c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) chromeos::MockCryptohomeClient client; 425c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 426c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackTrue)); 427c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(client, 4288bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) TpmAttestationDoesKeyExist(KEY_USER, "", kEnterpriseUserKey, _)) 4298bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) .WillRepeatedly(WithArgs<3>(Invoke(DBusCallbackTrue))); 430c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(client, 4318bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) TpmAttestationGetCertificate(KEY_USER, "", kEnterpriseUserKey, _)) 4328bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) .WillRepeatedly(WithArgs<3>(Invoke(FakeDBusData("fake_cert")))); 433c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 434c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // We're not expecting any server calls in this case; StrictMock will verify. 435c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); 436a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); 437c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 438c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) StrictMock<MockObserver> observer; 439c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1); 440c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 441c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) &MockObserver::MockCertificateCallback, 442c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) base::Unretained(&observer)); 443c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 444c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 445c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 4463551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", false, 4473551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) mock_callback); 4482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Run(); 4492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 4502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 451a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)TEST_F(AttestationFlowTest, AlternatePCA) { 452a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // Strategy: Create a ServerProxy mock which reports ALTERNATE_PCA and check 453a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // that all calls to the AsyncMethodCaller reflect this PCA type. 454a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) scoped_ptr<MockServerProxy> proxy(new NiceMock<MockServerProxy>()); 455a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) proxy->DeferToFake(true); 456a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(*proxy, GetType()).WillRepeatedly(Return(ALTERNATE_PCA)); 457a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) 458a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) chromeos::MockCryptohomeClient client; 459a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) 460a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) .WillRepeatedly(Invoke(DBusCallbackFalse)); 461a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) 462a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) NiceMock<cryptohome::MockAsyncMethodCaller> async_caller; 463a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); 464a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, 465a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AsyncTpmAttestationCreateEnrollRequest(ALTERNATE_PCA, _)) 466a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) .Times(AtLeast(1)); 467a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, 468a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AsyncTpmAttestationEnroll(ALTERNATE_PCA, _, _)) 469a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) .Times(AtLeast(1)); 470a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) EXPECT_CALL(async_caller, 471a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AsyncTpmAttestationCreateCertRequest(ALTERNATE_PCA, _, _, _, _)) 472a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) .Times(AtLeast(1)); 473a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) 474a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) NiceMock<MockObserver> observer; 475a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AttestationFlow::CertificateCallback mock_callback = base::Bind( 476a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) &MockObserver::MockCertificateCallback, 477a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) base::Unretained(&observer)); 478a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) 479a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) scoped_ptr<ServerProxy> proxy_interface(proxy.release()); 480a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); 481a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, 482a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) mock_callback); 483a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) Run(); 484a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)} 485a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) 4862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace attestation 4872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace chromeos 488