1cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 2cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)// found in the LICENSE file. 4cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 5116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chromeos/login/auth/key.h" 6cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 7cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 8cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 9cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)namespace chromeos { 10cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 11cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)namespace { 12cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 13cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)const char kPassword[] = "password"; 14cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)const char kLabel[] = "label"; 15cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)const char kSalt[] = 16cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) "deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef"; 17cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 18cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)} // namespace 19cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 20cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)TEST(KeyTest, ClearSecret) { 21cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) Key key(kPassword); 22cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) key.SetLabel(kLabel); 23cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ(Key::KEY_TYPE_PASSWORD_PLAIN, key.GetKeyType()); 24cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ(kPassword, key.GetSecret()); 25cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ(kLabel, key.GetLabel()); 26cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 27cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) key.ClearSecret(); 28cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ(Key::KEY_TYPE_PASSWORD_PLAIN, key.GetKeyType()); 29cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_TRUE(key.GetSecret().empty()); 30cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ(kLabel, key.GetLabel()); 31cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)} 32cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 33cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)TEST(KeyTest, TransformToSaltedSHA256TopHalf) { 34cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) Key key(kPassword); 35cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, kSalt); 36cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, key.GetKeyType()); 37cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("5b01941771e47fa408380aa675703f4f", key.GetSecret()); 38cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)} 39cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 40cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)TEST(KeyTest, TransformToSaltedAES2561234) { 41cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) Key key(kPassword); 42cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) key.Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, kSalt); 43cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, key.GetKeyType()); 44cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("GUkNnvqoULf/cXbZscVUnANmLBB0ovjGZsj1sKzP5BE=", key.GetSecret()); 45cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)} 46cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 471320f92c476a1ad9d19dba2a48c72b75566198e9Primiano TucciTEST(KeyTest, TransformToSaltedSHA256) { 481320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci Key key(kPassword); 491320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci key.Transform(Key::KEY_TYPE_SALTED_SHA256, kSalt); 501320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ(Key::KEY_TYPE_SALTED_SHA256, key.GetKeyType()); 511320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ("WwGUF3Hkf6QIOAqmdXA/TyScTFDo4d+ow5xfof0zGdo=", key.GetSecret()); 521320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci} 531320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci 541320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci// The values in the KeyType enum must never change because they are stored as 551320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci// ints in the user's cryptohome key metadata. 561320f92c476a1ad9d19dba2a48c72b75566198e9Primiano TucciTEST(KeyTest, KeyTypeStable) { 571320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ(0, Key::KEY_TYPE_PASSWORD_PLAIN); 581320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ(1, Key::KEY_TYPE_SALTED_SHA256_TOP_HALF); 591320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ(2, Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234); 601320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ(3, Key::KEY_TYPE_SALTED_SHA256); 611320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci // The sentinel does not have to remain stable. It should be adjusted whenever 621320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci // a new key type is added. 631320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ(4, Key::KEY_TYPE_COUNT); 641320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci} 651320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci 66cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)} // namespace chromeos 67