// Copyright 2022 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/40285824): Remove this and convert code to safer constructs. #pragma allow_unsafe_buffers #endif #include "chrome/browser/enterprise/connectors/device_trust/key_management/core/persistence/linux_key_persistence_delegate.h" #include <string> #include <string_view> #include "base/base64.h" #include "base/files/file_path.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" #include "base/strings/stringprintf.h" #include "base/test/metrics/histogram_tester.h" #include "chrome/browser/enterprise/connectors/device_trust/key_management/core/ec_signing_key.h" #include "chrome/browser/enterprise/connectors/device_trust/key_management/core/persistence/metrics_utils.h" #include "chrome/browser/enterprise/connectors/device_trust/key_management/core/signing_key_pair.h" #include "components/policy/proto/device_management_backend.pb.h" #include "testing/gtest/include/gtest/gtest.h" BPKUR; namespace { base::FilePath::CharType kFileName[] = …); constexpr char kErrorHistogramFormat[] = …; // Represents gibberish that gets appended to the file. constexpr char kGibberish[] = …; // Represents an OS key. constexpr char kValidKeyWrappedBase64[] = …; // String containing invalid base64 characters, like % and the whitespace. constexpr char kInvalidBase64String[] = …; constexpr char kValidHWKeyFileContent[] = …; constexpr char kValidOSKeyFileContent[] = …; constexpr char kInvalidTrustLevelKeyFileContent[] = …; std::vector<uint8_t> ParseKeyWrapped(std::string_view encoded_wrapped) { … } void ValidateSigningKey(enterprise_connectors::SigningKeyPair* key_pair, BPKUR::KeyTrustLevel trust_level) { … } } // namespace namespace enterprise_connectors { class LinuxKeyPersistenceDelegateTest : public testing::Test { … }; // Tests when the file does not exist and a write operation is attempted. TEST_F(LinuxKeyPersistenceDelegateTest, StoreKeyPair_FileDoesNotExist) { … } // Tests storing a key with an unspecified trust level. TEST_F(LinuxKeyPersistenceDelegateTest, StoreKeyPair_UnspecifiedKey) { … } // Tests when a OS key is stored and file contents are modified before storing // a new OS key pair. TEST_F(LinuxKeyPersistenceDelegateTest, StoreKeyPair_ValidOSKeyPair) { … } // Tests when a hardware key is stored and file contents are modified before // storing a new hardware key pair. TEST_F(LinuxKeyPersistenceDelegateTest, StoreKeyPair_ValidHWKeyPair) { … } // Tests trying to load a signing key pair when there is no file. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_NoKeyFile) { … } // Tests loading a valid OS signing key pair from a file. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_ValidOSKeyFile) { … } // Tests that loading a Hardware key pair fails since hardware keys // are not supported on linux. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_ValidHWKeyFile) { … } // Tests loading a key pair from a key file with an invalid trust level. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_InvalidTrustLevel) { … } // Tests loading a key pair from a key file when the signing key property is // missing. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_MissingSigningKey) { … } // Tests loading a key pair from a key file when the trust level property is // missing. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_MissingTrustLevel) { … } // Tests loading a key pair from a key file when the file content is invalid // (not a JSON dictionary). TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_InvalidContent) { … } // Tests loading a key pair from a key file when there is a valid key, but the // key file contains random trailing values. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_TrailingGibberish) { … } // Tests loading a key pair from a key file when the key value is not a valid // base64 encoded string. TEST_F(LinuxKeyPersistenceDelegateTest, LoadKeyPair_KeyNotBase64) { … } // Tests the flow of both storing and loading a key. TEST_F(LinuxKeyPersistenceDelegateTest, StoreAndLoadKeyPair) { … } // Test creating a key pair returns the correct trust level and a signing key. TEST_F(LinuxKeyPersistenceDelegateTest, CreateKeyPair) { … } // TODO(b/290068350): Add test coverage for this method. TEST_F(LinuxKeyPersistenceDelegateTest, PromoteTemporaryKeyPair) { … } // TODO(b/290068350): Add test coverage for this method. TEST_F(LinuxKeyPersistenceDelegateTest, DeleteKeyPair) { … } } // namespace enterprise_connectors
Codebase Browser
chromium