| Mattias Nissler | d454150 | 2018-09-03 16:48:16 +0200 | [diff] [blame] | 1 | // Copyright 2018 The Chromium OS Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "cryptohome/lockbox-cache.h" |
| 6 | |
| 7 | #include <base/files/file_path.h> |
| 8 | #include <base/files/file_util.h> |
| 9 | #include <base/files/scoped_temp_dir.h> |
| 10 | |
| 11 | #include <gtest/gtest.h> |
| 12 | |
| 13 | namespace cryptohome { |
| 14 | namespace { |
| 15 | |
| Tom Hughes | 6711cdc | 2020-09-14 08:34:01 -0700 | [diff] [blame] | 16 | constexpr uint8_t kInvalid[] = {0xba, 0xad}; |
| Mattias Nissler | d454150 | 2018-09-03 16:48:16 +0200 | [diff] [blame] | 17 | constexpr uint8_t kNvram[] = { |
| 18 | 0x00, 0x00, 0x00, 0xe0, 0x00, 0xb8, 0x1a, 0xa2, 0xd7, 0xd1, 0xc1, 0xfc, |
| 19 | 0x92, 0x13, 0x05, 0xed, 0xa7, 0x90, 0x3a, 0x68, 0xfa, 0x9c, 0xe3, 0xa7, |
| 20 | 0x15, 0x52, 0xdf, 0xf3, 0x96, 0x59, 0x3c, 0xa5, 0x9e, 0xf2, 0x87, 0x8b, |
| 21 | 0xec, 0x4a, 0x43, 0xf6, 0x48, 0x3f, 0xcb, 0x92, 0xd4, 0x26, 0x99, 0xdd, |
| 22 | 0x34, 0x2a, 0xb5, 0x38, 0xf0, 0x8a, 0x8c, 0x45, 0x05, 0x65, 0xc6, 0x1d, |
| 23 | 0x1f, 0x11, 0x14, 0x04, 0x4d, 0x3c, 0x81, 0xf2, 0x89, |
| 24 | }; |
| 25 | constexpr uint8_t kLockbox[] = { |
| 26 | 0x08, 0x01, 0x12, 0x1f, 0x0a, 0x1a, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6d, |
| 27 | 0x65, 0x72, 0x2e, 0x61, 0x70, 0x70, 0x5f, 0x6b, 0x69, 0x6f, 0x73, 0x6b, |
| 28 | 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x01, 0x00, 0x12, |
| 29 | 0x19, 0x0a, 0x10, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x69, 0x73, |
| 30 | 0x65, 0x2e, 0x6f, 0x77, 0x6e, 0x65, 0x64, 0x12, 0x05, 0x74, 0x72, 0x75, |
| 31 | 0x65, 0x00, 0x12, 0x1e, 0x0a, 0x0f, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x70, |
| 32 | 0x72, 0x69, 0x73, 0x65, 0x2e, 0x6d, 0x6f, 0x64, 0x65, 0x12, 0x0b, 0x65, |
| 33 | 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x69, 0x73, 0x65, 0x00, 0x12, 0x2a, |
| 34 | 0x0a, 0x11, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x69, 0x73, 0x65, |
| 35 | 0x2e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x15, 0x63, 0x68, 0x72, |
| 36 | 0x6f, 0x6d, 0x65, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x74, 0x65, 0x73, |
| 37 | 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x00, 0x12, 0x15, 0x0a, 0x10, 0x65, 0x6e, |
| 38 | 0x74, 0x65, 0x72, 0x70, 0x72, 0x69, 0x73, 0x65, 0x2e, 0x72, 0x65, 0x61, |
| 39 | 0x6c, 0x6d, 0x12, 0x01, 0x00, 0x12, 0x3d, 0x0a, 0x14, 0x65, 0x6e, 0x74, |
| 40 | 0x65, 0x72, 0x70, 0x72, 0x69, 0x73, 0x65, 0x2e, 0x64, 0x65, 0x76, 0x69, |
| 41 | 0x63, 0x65, 0x5f, 0x69, 0x64, 0x12, 0x25, 0x32, 0x63, 0x34, 0x37, 0x37, |
| 42 | 0x36, 0x35, 0x33, 0x2d, 0x32, 0x61, 0x66, 0x66, 0x2d, 0x34, 0x64, 0x63, |
| 43 | 0x35, 0x2d, 0x62, 0x32, 0x34, 0x30, 0x2d, 0x62, 0x38, 0x31, 0x34, 0x35, |
| 44 | 0x66, 0x31, 0x36, 0x33, 0x66, 0x66, 0x62, 0x00, |
| 45 | }; |
| 46 | |
| 47 | class LockboxCacheTest : public testing::Test { |
| 48 | public: |
| 49 | void SetUp() override { |
| 50 | ASSERT_TRUE(tmpdir_.CreateUniqueTempDir()); |
| 51 | nvram_path_ = tmpdir_.GetPath().AppendASCII("nvram"); |
| 52 | lockbox_path_ = tmpdir_.GetPath().AppendASCII("lockbox"); |
| 53 | cache_path_ = tmpdir_.GetPath().AppendASCII("cache"); |
| 54 | } |
| 55 | |
| 56 | template <typename Array> |
| 57 | void WriteBlob(const base::FilePath& path, const Array& array) { |
| 58 | ASSERT_TRUE(platform_.WriteFile( |
| 59 | path, brillo::Blob(std::begin(array), std::end(array)))); |
| 60 | } |
| 61 | |
| 62 | void ExpectFailure() { |
| 63 | EXPECT_FALSE( |
| 64 | CacheLockbox(&platform_, nvram_path_, lockbox_path_, cache_path_)); |
| 65 | EXPECT_FALSE(base::PathExists(cache_path_)); |
| 66 | } |
| 67 | |
| 68 | cryptohome::Platform platform_; |
| 69 | base::ScopedTempDir tmpdir_; |
| 70 | base::FilePath nvram_path_; |
| 71 | base::FilePath lockbox_path_; |
| 72 | base::FilePath cache_path_; |
| 73 | }; |
| 74 | |
| 75 | TEST_F(LockboxCacheTest, NoNvram) { |
| 76 | ExpectFailure(); |
| 77 | } |
| 78 | |
| 79 | TEST_F(LockboxCacheTest, InvalidNvram) { |
| 80 | WriteBlob(nvram_path_, kInvalid); |
| 81 | ExpectFailure(); |
| 82 | } |
| 83 | |
| 84 | TEST_F(LockboxCacheTest, NoLockbox) { |
| 85 | WriteBlob(nvram_path_, kNvram); |
| 86 | ExpectFailure(); |
| 87 | } |
| 88 | |
| 89 | TEST_F(LockboxCacheTest, LockboxVerificationBadSize) { |
| 90 | WriteBlob(nvram_path_, kNvram); |
| 91 | WriteBlob(lockbox_path_, kInvalid); |
| 92 | ExpectFailure(); |
| 93 | } |
| 94 | |
| 95 | TEST_F(LockboxCacheTest, LockboxVerificationBadData) { |
| 96 | WriteBlob(nvram_path_, kNvram); |
| 97 | uint8_t invalid_lockbox[sizeof(kLockbox)]; |
| 98 | for (size_t i = 0; i < sizeof(invalid_lockbox); ++i) { |
| 99 | invalid_lockbox[i] ^= 0xff; |
| 100 | } |
| 101 | WriteBlob(lockbox_path_, invalid_lockbox); |
| 102 | ExpectFailure(); |
| 103 | } |
| 104 | |
| 105 | TEST_F(LockboxCacheTest, Success) { |
| 106 | WriteBlob(nvram_path_, kNvram); |
| 107 | WriteBlob(lockbox_path_, kLockbox); |
| 108 | |
| 109 | EXPECT_TRUE( |
| 110 | CacheLockbox(&platform_, nvram_path_, lockbox_path_, cache_path_)); |
| 111 | brillo::Blob cache; |
| 112 | ASSERT_TRUE(platform_.ReadFile(cache_path_, &cache)); |
| 113 | EXPECT_EQ(brillo::Blob(std::begin(kLockbox), std::end(kLockbox)), cache); |
| 114 | } |
| 115 | |
| 116 | } // namespace |
| 117 | } // namespace cryptohome |