1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chromeos/login/auth/key.h"
6
7 #include "testing/gtest/include/gtest/gtest.h"
8
9 namespace chromeos {
10
11 namespace {
12
13 const char kPassword[] = "password";
14 const char kLabel[] = "label";
15 const char kSalt[] =
16 "deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef";
17
18 } // namespace
19
TEST(KeyTest,ClearSecret)20 TEST(KeyTest, ClearSecret) {
21 Key key(kPassword);
22 key.SetLabel(kLabel);
23 EXPECT_EQ(Key::KEY_TYPE_PASSWORD_PLAIN, key.GetKeyType());
24 EXPECT_EQ(kPassword, key.GetSecret());
25 EXPECT_EQ(kLabel, key.GetLabel());
26
27 key.ClearSecret();
28 EXPECT_EQ(Key::KEY_TYPE_PASSWORD_PLAIN, key.GetKeyType());
29 EXPECT_TRUE(key.GetSecret().empty());
30 EXPECT_EQ(kLabel, key.GetLabel());
31 }
32
TEST(KeyTest,TransformToSaltedSHA256TopHalf)33 TEST(KeyTest, TransformToSaltedSHA256TopHalf) {
34 Key key(kPassword);
35 key.Transform(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, kSalt);
36 EXPECT_EQ(Key::KEY_TYPE_SALTED_SHA256_TOP_HALF, key.GetKeyType());
37 EXPECT_EQ("5b01941771e47fa408380aa675703f4f", key.GetSecret());
38 }
39
TEST(KeyTest,TransformToSaltedAES2561234)40 TEST(KeyTest, TransformToSaltedAES2561234) {
41 Key key(kPassword);
42 key.Transform(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, kSalt);
43 EXPECT_EQ(Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234, key.GetKeyType());
44 EXPECT_EQ("GUkNnvqoULf/cXbZscVUnANmLBB0ovjGZsj1sKzP5BE=", key.GetSecret());
45 }
46
TEST(KeyTest,TransformToSaltedSHA256)47 TEST(KeyTest, TransformToSaltedSHA256) {
48 Key key(kPassword);
49 key.Transform(Key::KEY_TYPE_SALTED_SHA256, kSalt);
50 EXPECT_EQ(Key::KEY_TYPE_SALTED_SHA256, key.GetKeyType());
51 EXPECT_EQ("WwGUF3Hkf6QIOAqmdXA/TyScTFDo4d+ow5xfof0zGdo=", key.GetSecret());
52 }
53
54 // The values in the KeyType enum must never change because they are stored as
55 // ints in the user's cryptohome key metadata.
TEST(KeyTest,KeyTypeStable)56 TEST(KeyTest, KeyTypeStable) {
57 EXPECT_EQ(0, Key::KEY_TYPE_PASSWORD_PLAIN);
58 EXPECT_EQ(1, Key::KEY_TYPE_SALTED_SHA256_TOP_HALF);
59 EXPECT_EQ(2, Key::KEY_TYPE_SALTED_PBKDF2_AES256_1234);
60 EXPECT_EQ(3, Key::KEY_TYPE_SALTED_SHA256);
61 // The sentinel does not have to remain stable. It should be adjusted whenever
62 // a new key type is added.
63 EXPECT_EQ(4, Key::KEY_TYPE_COUNT);
64 }
65
66 } // namespace chromeos
67