// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "components/trusted_vault/standalone_trusted_vault_backend.h" #include <cstdint> #include <memory> #include <optional> #include <string> #include <utility> #include <vector> #include "base/files/file_path.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" #include "base/functional/callback_helpers.h" #include "base/hash/md5.h" #include "base/memory/raw_ptr.h" #include "base/run_loop.h" #include "base/test/bind.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/mock_callback.h" #include "base/test/scoped_feature_list.h" #include "base/test/simple_test_clock.h" #include "base/test/task_environment.h" #include "base/time/time.h" #include "components/os_crypt/sync/os_crypt.h" #include "components/os_crypt/sync/os_crypt_mocker.h" #include "components/signin/public/identity_manager/account_info.h" #include "components/signin/public/identity_manager/accounts_in_cookie_jar_info.h" #include "components/trusted_vault/features.h" #include "components/trusted_vault/proto/local_trusted_vault.pb.h" #include "components/trusted_vault/proto_string_bytes_conversion.h" #include "components/trusted_vault/recovery_key_store_connection.h" #include "components/trusted_vault/recovery_key_store_controller.h" #include "components/trusted_vault/securebox.h" #include "components/trusted_vault/test/mock_recovery_key_store_connection.h" #include "components/trusted_vault/test/mock_trusted_vault_connection.h" #include "components/trusted_vault/trusted_vault_connection.h" #include "components/trusted_vault/trusted_vault_histograms.h" #include "components/trusted_vault/trusted_vault_server_constants.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" namespace trusted_vault { namespace { _; ByMove; ElementsAre; Eq; IsEmpty; IsNull; Mock; Ne; NotNull; Return; SaveArg; MATCHER_P(MatchTrustedVaultKeyAndVersions, expected, "") { … } MATCHER_P(DegradedRecoverabilityStateEq, expected_state, "") { … } MATCHER_P(KeyMaterialEq, expected, "") { … } MATCHER_P2(TrustedVaultKeyAndVersionEq, expected_key, expected_version, "") { … } MATCHER_P(PublicKeyWhenExportedEq, expected, "") { … } base::FilePath CreateUniqueTempDir(base::ScopedTempDir* temp_dir) { … } CoreAccountInfo MakeAccountInfoWithGaiaId(const std::string& gaia_id) { … } bool WriteLocalTrustedVaultFile( const trusted_vault_pb::LocalTrustedVault& proto, const base::FilePath& path) { … } trusted_vault_pb::LocalTrustedVault ReadLocalTrustedVaultFile( const base::FilePath& path) { … } class MockDelegate : public StandaloneTrustedVaultBackend::Delegate { … }; class FakeRecoveryKeyProvider : public RecoveryKeyStoreController::RecoveryKeyProvider { … }; class StandaloneTrustedVaultBackendTest : public testing::Test { … }; TEST_F(StandaloneTrustedVaultBackendTest, ShouldWriteDegradedRecoverabilityState) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldInvokeGetIsRecoverabilityDegradedCallbackImmediately) { … } TEST_F( StandaloneTrustedVaultBackendTest, ShouldDeferGetIsRecoverabilityDegradedCallbackUntilSetPrimaryAccountIsInvoked) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldNotInvokeGetIsRecoverabilityDegradedCallback) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldFetchEmptyKeys) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRecordNotFoundWhenReadingFile) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRecordMD5DigestMismatchWhenReadingFile) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRecordFileProtoDeserializationFailedWhenReadingFile) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRecordDataProtoDeserializationFailedWhenReadingFile) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldReadAndFetchNonEmptyKeys) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldFilterOutConstantKey) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldStoreKeys) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldUpgradeToVersion1AndFixMissingConstantKey) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldUpgradeAllUsersDataToVersion2AndResetKeysAreStale) { … } // This test ensures that migration logic in ReadDataFromDisk() doesn't create // new file if there wasn't any. TEST_F(StandaloneTrustedVaultBackendTest, ShouldNotWriteEmptyData) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldFetchPreviouslyStoredKeys) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldDeleteNonPrimaryAccountKeys) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldDeferPrimaryAccountKeysDeletion) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldCompletePrimaryAccountKeysDeletionAfterRestart) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRegisterDevice) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldHandleLocalDataObsoleteAndPersistState) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldClearDataAndAttemptDeviceRegistration) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRetryDeviceRegistrationWhenAuthErrorResolved) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldTryToRegisterDeviceEvenIfLocalKeysAreStale) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldNotTryToRegisterDeviceIfPreviousAttemptFailed) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRegisterDeviceAlthoughPreviousAttemptFailedUponNewStoredKeys) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldThrottleAndUnthrottleDeviceRegistration) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldNotThrottleUponAccessTokenFetchingFailure) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldNotThrottleUponNetworkError) { … } // System time can be changed to the past and if this situation not handled, // requests could be throttled for unreasonable amount of time. TEST_F(StandaloneTrustedVaultBackendTest, ShouldUnthrottleDeviceRegistrationWhenTimeSetToPast) { … } // Unless keys marked as stale, FetchKeys() should be completed immediately, // without keys download attempt. TEST_F(StandaloneTrustedVaultBackendTest, ShouldFetchKeysImmediately) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldDownloadKeysWithV1Registration) { … } // The server may clean up some stale keys eventually, client should clean them // up as well to ensure that the state doesn't diverge. In particular, this may // cause problems with registering authentication factors, since the server will // reject request with stale keys. TEST_F(StandaloneTrustedVaultBackendTest, ShouldCleanUpOldKeysWhenDownloadingNew) { … } // Regression test for crbug.com/1500258: second FetchKeys() is triggered, while // first is still ongoing (e.g. keys are being downloaded). TEST_F(StandaloneTrustedVaultBackendTest, ShouldDownloadKeysAndCompleteConcurrentFetches) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldThrottleAndUntrottleKeysDownloading) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldThrottleIfDownloadingReturnedNoNewKeys) { … } // Tests silent device registration (when no vault keys available yet). After // successful registration, the client should be able to download keys. TEST_F(StandaloneTrustedVaultBackendTest, ShouldSilentlyRegisterDeviceAndDownloadNewKeys) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRedoDeviceRegistration) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRedoDeviceRegistrationWithConstantKey) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRegisterWithRecentVersionAndNotRedoRegistration) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldAddTrustedRecoveryMethod) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldIgnoreTrustedRecoveryMethodWithInvalidPublicKey) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldDeferTrustedRecoveryMethodUntilPrimaryAccount) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldDeferTrustedRecoveryMethodUntilPersistentAuthErrorFixed) { … } // Verifies that Backend can process device registration and keys downloading // concurrently, when device registration is going to succeed and triggered // first (to ensure that keys downloading doesn't cancel device registration). // This is not a likely scenario (keys downloading attempt is an indicator that // device registration will fail), but Backend shouldn't work under this // assumption as already reflected on the data level: // |keys_marked_as_stale_by_consumer| doesn't imply // |last_registration_returned_local_data_obsolete|. TEST_F(StandaloneTrustedVaultBackendTest, ShouldRegisterDeviceWhileConcurrentlyDownloadingKeys) { … } // Verifies that Backend can process device registration and keys downloading // concurrently, when keys downloading is going to succeed and triggered first // (to ensure that device registration doesn't cancel keys downloading). TEST_F(StandaloneTrustedVaultBackendTest, ShouldDownloadKeysWhileConcurrentlyRegisteringDevice) { … } TEST_F(StandaloneTrustedVaultBackendTest, ShouldRegisterRecoveryKeyAndUploadToKeyStore) { … } } // namespace } // namespace trusted_vault
Codebase Browser
chromium