• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import logging
6import os
7import re
8import shutil
9
10from autotest_lib.client.bin import test
11from autotest_lib.client.common_lib import error, utils
12from autotest_lib.client.cros import constants, cryptohome
13
14class platform_CryptohomeTestAuth(test.test):
15    version = 1
16
17
18    def run_once(self):
19        test_user = 'this_is_a_local_test_account@chromium.org'
20        test_password = 'this_is_a_test_password'
21
22        user_hash = cryptohome.get_user_hash(test_user)
23
24
25        # Ensure that the user directory is unmounted and does not exist.
26        cryptohome.unmount_vault(test_user)
27        cryptohome.remove_vault(test_user)
28        if os.path.exists(os.path.join(constants.SHADOW_ROOT, user_hash)):
29            raise error.TestFail('Could not remove the test user.')
30
31        # Mount the test user account, which ensures that the vault is
32        # created, and that the mount succeeds.
33        cryptohome.mount_vault(test_user, test_password, create=True)
34
35        # Test credentials when the user's directory is mounted
36        if not cryptohome.test_auth(test_user, test_password):
37            raise error.TestFail('Valid credentials should authenticate '
38                                 'while mounted.')
39
40        # Make sure that an incorrect password fails
41        if cryptohome.test_auth(test_user, 'badpass'):
42            raise error.TestFail('Invalid credentials should not authenticate '
43                                 'while mounted.')
44
45        # Unmount the directory
46        cryptohome.unmount_vault(test_user)
47        # Ensure that the user directory is not mounted
48        if cryptohome.is_vault_mounted(user=test_user, allow_fail=True):
49            raise error.TestFail('Cryptohome did not unmount the user.')
50
51        # Test valid credentials when the user's directory is not mounted
52        if not cryptohome.test_auth(test_user, test_password):
53            raise error.TestFail('Valid credentials should authenticate '
54                                 ' while mounted.')
55
56        # Test invalid credentials fails while not mounted.
57        if cryptohome.test_auth(test_user, 'badpass'):
58            raise error.TestFail('Invalid credentials should not authenticate '
59                                 'when unmounted.')
60
61
62        # Re-mount existing test user vault, verifying that the mount succeeds.
63        cryptohome.mount_vault(test_user, test_password)
64
65        # Finally, unmount and destroy the vault again.
66        cryptohome.unmount_vault(test_user)
67        cryptohome.remove_vault(test_user)
68        if os.path.exists(os.path.join(constants.SHADOW_ROOT, user_hash)):
69            raise error.TestFail('Could not destroy the vault.')
70