// Copyright 2018 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

// Functional tests for LECredentialManager + SignInHashTree.
#include <iterator>  // For std::begin()/std::end().
#include <utility>

#include <base/files/scoped_temp_dir.h>
#include <base/files/file_util.h>
#include <brillo/secure_blob.h>
#include <gmock/gmock.h>
#include <gtest/gtest_prod.h>

#include "cryptohome/cryptolib.h"
#include "cryptohome/fake_le_credential_backend.h"
#include "cryptohome/le_credential_manager_impl.h"
#include "cryptohome/tpm.h"

namespace {

// All the keys are 32 bytes long.
constexpr uint8_t kLeSecret1Array[] = {
    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00,
    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01,
    0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x02};

constexpr uint8_t kLeSecret2Array[] = {
    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x10,
    0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x10, 0x11,
    0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x10, 0x12};

constexpr uint8_t kHeSecret1Array[] = {
    0x00, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x00,
    0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x00, 0x06,
    0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10};

constexpr uint8_t kResetSecret1Array[] = {
    0x00, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x00,
    0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x00, 0x0B,
    0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15};

constexpr char kCredDirName[] = "low_entropy_creds";

}  // namespace

namespace cryptohome {

class LECredentialManagerImplUnitTest : public testing::Test {
 public:
  LECredentialManagerImplUnitTest() {
    CHECK(temp_dir_.CreateUniqueTempDir());
    InitLEManager();
  }

  // Returns location of on-disk hash tree directory.
  base::FilePath CredDirPath() {
    return temp_dir_.GetPath().Append(kCredDirName);
  }

  void InitLEManager() {
    le_mgr_ = std::make_unique<LECredentialManagerImpl>(&fake_backend_,
                                                        CredDirPath());
  }

  // Helper function to create a credential & then lock it out.
  // NOTE: Parameterize the secrets once you have more than 1
  // of them.
  uint64_t CreateLockedOutCredential() {
    // TODO(pmalani): fill delay schedule with 0 delays for first 4 attempts and
    // hard limit at 5.
    std::map<uint32_t, uint32_t> stub_delay_sched;
    ValidPcrCriteria stub_pcr_criteria;
    uint64_t label;
    brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                  std::end(kLeSecret1Array));
    brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                  std::end(kHeSecret1Array));
    brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                     std::end(kResetSecret1Array));

    EXPECT_EQ(LE_CRED_SUCCESS,
              le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                        stub_delay_sched, stub_pcr_criteria,
                                        &label));
    brillo::SecureBlob he_secret;
    brillo::SecureBlob reset_secret;
    for (int i = 0; i < LE_MAX_INCORRECT_ATTEMPTS; i++) {
      EXPECT_EQ(LE_CRED_ERROR_INVALID_LE_SECRET,
                le_mgr_->CheckCredential(label, kHeSecret1, &he_secret,
                                         &reset_secret));
    }
    return label;
  }

  // Corrupts |path| by replacing file contents with random data.
  void CorruptFile(base::FilePath path) {
    int64_t file_size;
    ASSERT_TRUE(base::GetFileSize(path, &file_size));
    std::vector<uint8_t> random_data(file_size);
    CryptoLib::GetSecureRandom(random_data.data(), file_size);
    ASSERT_EQ(
        file_size,
        base::WriteFile(path, reinterpret_cast<char*>(random_data.data()),
                        file_size));
  }

  void CorruptLeafCache() {
    // Fill the leafcache file with random data.
    base::FilePath leaf_cache = CredDirPath().Append(kLeafCacheFileName);
    CorruptFile(leaf_cache);
  }

  // Corrupts all versions of the |label| leaf. We corrupt all the versions,
  // since it is tedious to find which is the most recent one.
  void CorruptHashTreeWithLabel(uint64_t label) {
    base::FilePath leaf_dir = CredDirPath().Append(std::to_string(label));
    ASSERT_TRUE(base::PathExists(leaf_dir));
    ASSERT_FALSE(leaf_dir.empty());

    base::FileEnumerator files(leaf_dir, false, base::FileEnumerator::FILES);
    for (base::FilePath cur_file = files.Next(); !cur_file.empty();
        cur_file = files.Next()) {
      CorruptFile(cur_file);
    }
  }

  // Takes a snapshot of the on-disk hash three, and returns the directory
  // where the snapshot is stored.
  std::unique_ptr<base::ScopedTempDir> CaptureSnapshot() {
    auto snapshot = std::make_unique<base::ScopedTempDir>();
    CHECK(snapshot->CreateUniqueTempDir());
    base::CopyDirectory(CredDirPath(), snapshot->GetPath(), true);

    return snapshot;
  }

  // Fills the on-disk hash tree with the contents of |snapshot_path|.
  void RestoreSnapshot(base::FilePath snapshot_path) {
    ASSERT_TRUE(base::DeleteFile(CredDirPath(), true));
    ASSERT_TRUE(base::CopyDirectory(snapshot_path.Append(kCredDirName),
                                    temp_dir_.GetPath(), true));
  }

  base::ScopedTempDir temp_dir_;
  FakeLECredentialBackend fake_backend_;
  std::unique_ptr<LECredentialManager> le_mgr_;
};

// Basic check: Insert 2 labels, then verify we can retrieve them correctly.
// Here, we don't bother with specifying a delay schedule, we just want
// to check whether a simple Insert and Check works.
TEST_F(LECredentialManagerImplUnitTest, BasicInsertAndCheck) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  uint64_t label1;
  uint64_t label2;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kLeSecret2(std::begin(kLeSecret2Array),
                                std::end(kLeSecret2Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(he_secret, kHeSecret1);
  EXPECT_EQ(LE_CRED_ERROR_INVALID_LE_SECRET,
            le_mgr_->CheckCredential(label2, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label2, kLeSecret2, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(he_secret, kHeSecret1);
}

// Insert a label and verify that authentication works. Simulate the PCR
// change with the right value and check that authentication still works.
// Change PCR with wrong value and check that authentication fails.
TEST_F(LECredentialManagerImplUnitTest, CheckPcrAuth) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria valid_pcr_criteria;
  ValidPcrValue value;
  value.bitmask[0] = 1 << cryptohome::kTpmSingleUserPCR;
  value.bitmask[1] = 0;
  value.digest = "digest";
  valid_pcr_criteria.push_back(value);
  uint64_t label1;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, valid_pcr_criteria,
                                      &label1));
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));

  EXPECT_EQ(he_secret, kHeSecret1);
  EXPECT_EQ(reset_secret, kResetSecret1);

  fake_backend_.ExtendArcPCR("digest");
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(he_secret, kHeSecret1);
  EXPECT_EQ(reset_secret, kResetSecret1);

  fake_backend_.ExtendArcPCR("obfuscated_username");
  EXPECT_EQ(LE_CRED_ERROR_PCR_NOT_MATCH,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  fake_backend_.ResetArcPCR();
}

// Verify invalid secrets and getting locked out due to too many attempts.
// TODO(pmalani): Update this once we have started modelling the delay schedule
// correctly.
TEST_F(LECredentialManagerImplUnitTest, LockedOutSecret) {
  uint64_t label1 = CreateLockedOutCredential();
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));

  // NOTE: The current fake backend hard codes the number of attempts at 5, so
  // all subsequent checks will return false.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_ERROR_TOO_MANY_ATTEMPTS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));

  // Check once more to ensure that even after an ERROR_TOO_MANY_ATTEMPTS, the
  // right metadata is stored.
  EXPECT_EQ(LE_CRED_ERROR_TOO_MANY_ATTEMPTS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
}

// Insert a label. Then ensure that a CheckCredential on another non-existent
// label fails.
TEST_F(LECredentialManagerImplUnitTest, InvalidLabelCheck) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  uint64_t label1;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  // First try a badly encoded label.
  uint64_t invalid_label = ~label1;
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_ERROR_INVALID_LABEL,
            le_mgr_->CheckCredential(invalid_label, kLeSecret1, &he_secret,
                                     &reset_secret));
  // Next check a valid, but absent label.
  invalid_label = label1 ^ 0x1;
  EXPECT_EQ(LE_CRED_ERROR_INVALID_LABEL,
            le_mgr_->CheckCredential(invalid_label, kLeSecret1, &he_secret,
                                     &reset_secret));
}

// Insert a credential and then remove it.
// Check that a subsequent CheckCredential on that label fails.
TEST_F(LECredentialManagerImplUnitTest, BasicInsertRemove) {
  uint64_t label1;
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;

  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  ASSERT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(label1));
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_ERROR_INVALID_LABEL,
            le_mgr_->CheckCredential(label1, kHeSecret1, &he_secret,
                                     &reset_secret));
}

// Check that a reset unlocks a locked out credential.
TEST_F(LECredentialManagerImplUnitTest, ResetSecret) {
  uint64_t label1 = CreateLockedOutCredential();
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  // Ensure that even after an ERROR_TOO_MANY_ATTEMPTS, the right metadata
  // is stored.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  ASSERT_EQ(LE_CRED_ERROR_TOO_MANY_ATTEMPTS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));

  EXPECT_EQ(LE_CRED_SUCCESS, le_mgr_->ResetCredential(label1, kResetSecret1));

  he_secret.clear();
  // Make sure we can Check successfully, post reset.
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(he_secret, kHeSecret1);
}

// Check that an invalid reset doesn't unlock a locked credential.
TEST_F(LECredentialManagerImplUnitTest, ResetSecretNegative) {
  uint64_t label1 = CreateLockedOutCredential();
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));

  // Ensure that even after an ERROR_TOO_MANY_ATTEMPTS, the right metadata
  // is stored.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  ASSERT_EQ(LE_CRED_ERROR_TOO_MANY_ATTEMPTS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));

  EXPECT_EQ(LE_CRED_ERROR_INVALID_RESET_SECRET,
            le_mgr_->ResetCredential(label1, kLeSecret1));

  // Make sure that Check still fails.
  EXPECT_EQ(LE_CRED_ERROR_TOO_MANY_ATTEMPTS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
}

// Corrupt the hash cache, and see if subsequent LE operations succeed.
// The two cases being tested are removal after corruption, and insertion
// after corruption.
TEST_F(LECredentialManagerImplUnitTest, InsertRemoveCorruptHashCache) {
  uint64_t label1;
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));

  le_mgr_.reset();
  CorruptLeafCache();
  // Now re-initialize the LE Manager.
  InitLEManager();

  // We should be able to regenerate the HashCache.
  EXPECT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(label1));

  // Now let's reinsert the same credential.
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));

  le_mgr_.reset();
  CorruptLeafCache();
  // Now re-initialize the LE Manager.
  InitLEManager();

  // Let's make sure future operations work.
  uint64_t label2;
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(label1));
  EXPECT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(label2));
}

// Initialize the LECredManager and take a snapshot after 1 operation,
// then perform an insert. Then, restore the snapshot (in effect "losing" the
// last operation). The log functionality should restore the "lost" state.
TEST_F(LECredentialManagerImplUnitTest, LogReplayLostInsert) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  // Perform insert.
  uint64_t label1;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));

  base::ScopedTempDir snapshot;
  ASSERT_TRUE(snapshot.CreateUniqueTempDir());
  ASSERT_TRUE(base::CopyDirectory(CredDirPath(), snapshot.GetPath(), true));

  // Another Insert & Remove after taking the snapshot.
  uint64_t label2;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));

  le_mgr_.reset();
  RestoreSnapshot(snapshot.GetPath());
  InitLEManager();

  // Subsequent operation should work.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
}

// Initialize the LECredManager and take a snapshot after an operation,
// then perform an insert and remove. Then, restore the snapshot
// (in effect "losing" the last 2 operations). The log functionality
// should restore the "lost" state.
TEST_F(LECredentialManagerImplUnitTest, LogReplayLostInsertRemove) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  // Perform insert.
  uint64_t label1;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));

  std::unique_ptr<base::ScopedTempDir> snapshot = CaptureSnapshot();

  // Another Insert & Remove after taking the snapshot.
  uint64_t label2;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));
  ASSERT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(label1));

  le_mgr_.reset();
  RestoreSnapshot(snapshot->GetPath());
  InitLEManager();

  // Subsequent operation should work.
  uint64_t label3;
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label3));
}

// Initialize the LECredManager and take a snapshot after 2 operations,
// then perform |kLogSize| checks. Then, restore the snapshot (in effect
// "losing" the last |kLogSize| operations). The log functionality should
// restore the "lost" state.
TEST_F(LECredentialManagerImplUnitTest, LogReplayLostChecks) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kLeSecret2(std::begin(kLeSecret2Array),
                                std::end(kLeSecret2Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  // Perform insert.
  uint64_t label1;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  uint64_t label2;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));

  std::unique_ptr<base::ScopedTempDir> snapshot = CaptureSnapshot();

  // Perform incorrect checks to fill up the replay log.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  for (int i = 0; i < kFakeLogSize; i++) {
    ASSERT_EQ(LE_CRED_ERROR_INVALID_LE_SECRET,
        le_mgr_->CheckCredential(label1, kLeSecret2, &he_secret,
                                 &reset_secret));
  }

  le_mgr_.reset();
  RestoreSnapshot(snapshot->GetPath());
  InitLEManager();

  // Subsequent operations should work.
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label2, kLeSecret2, &he_secret,
                                     &reset_secret));
}

// Initialize the LECredManager and take a snapshot after 2 operations,
// then perform |kLogSize| inserts. Then, restore the snapshot (in effect
// "losing" the last |kLogSize| operations). The log functionality should
// restore the "lost" state.
TEST_F(LECredentialManagerImplUnitTest, LogReplayLostInserts) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kLeSecret2(std::begin(kLeSecret2Array),
                                std::end(kLeSecret2Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  // Perform insert.
  uint64_t label1;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  uint64_t label2;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));

  std::unique_ptr<base::ScopedTempDir> snapshot = CaptureSnapshot();

  // Perform inserts to fill up the replay log.
  uint64_t temp_label;
  for (int i = 0; i < kFakeLogSize; i++) {
    ASSERT_EQ(LE_CRED_SUCCESS,
              le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                        stub_delay_sched, stub_pcr_criteria,
                                        &temp_label));
  }

  le_mgr_.reset();
  RestoreSnapshot(snapshot->GetPath());
  InitLEManager();

  // Subsequent operations should work.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label2, kLeSecret2, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &temp_label));
  EXPECT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(label1));
}

// Initialize the LECredManager, insert 2 base credentials. Then, insert
// |kLogSize| credentials. Then, take a snapshot, and then remove the
// |kLogSize| credentials. Then, restore the snapshot (in effect "losing" the
// last |kLogSize| operations). The log functionality should restore the "lost"
// state.
TEST_F(LECredentialManagerImplUnitTest, LogReplayLostRemoves) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kLeSecret2(std::begin(kLeSecret2Array),
                                std::end(kLeSecret2Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  // Perform insert.
  uint64_t label1;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  uint64_t label2;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));

  // Perform |kLogSize| credential inserts.
  std::vector<uint64_t> labels_to_remove;
  uint64_t temp_label;
  for (int i = 0; i < kFakeLogSize; i++) {
    ASSERT_EQ(LE_CRED_SUCCESS,
              le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                        stub_delay_sched, stub_pcr_criteria,
                                        &temp_label));
    labels_to_remove.push_back(temp_label);
  }

  std::unique_ptr<base::ScopedTempDir> snapshot = CaptureSnapshot();

  // Fill the replay log with |kLogSize| RemoveCredential operations.
  for (int i = 0; i < kFakeLogSize; i++) {
    ASSERT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(labels_to_remove[i]));
  }

  le_mgr_.reset();
  RestoreSnapshot(snapshot->GetPath());
  InitLEManager();

  // Verify that the removed credentials are actually gone.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  for (int i = 0; i < kFakeLogSize; i++) {
    EXPECT_EQ(
        LE_CRED_ERROR_INVALID_LABEL,
        le_mgr_->CheckCredential(labels_to_remove[i], kLeSecret1, &he_secret,
                                 &reset_secret));
  }

  // Subsequent operations should work.
  he_secret.clear();
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label2, kLeSecret2, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &temp_label));
  EXPECT_EQ(LE_CRED_SUCCESS, le_mgr_->RemoveCredential(label1));
}

// Verify behaviour when more operations are lost than the log can save.
// NOTE: The number of lost operations should always be greater than
// the log size of FakeLECredentialBackend.
TEST_F(LECredentialManagerImplUnitTest, FailedLogReplayTooManyOps) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kLeSecret2(std::begin(kLeSecret2Array),
                                std::end(kLeSecret2Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  // Perform insert.
  uint64_t label1;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  uint64_t label2;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));

  std::unique_ptr<base::ScopedTempDir> snapshot = CaptureSnapshot();

  // Perform |kFakeLogSize| + 1 incorrect checks and an insert.
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  for (int i = 0; i < kFakeLogSize + 1; i++) {
    ASSERT_EQ(LE_CRED_ERROR_INVALID_LE_SECRET,
        le_mgr_->CheckCredential(label1, kLeSecret2, &he_secret,
                                 &reset_secret));
  }
  uint64_t label3;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label3));

  le_mgr_.reset();
  RestoreSnapshot(snapshot->GetPath());
  InitLEManager();

  // Subsequent operations should fail.
  // TODO(crbug.com/809710): Should we reset the tree in this case?
  EXPECT_EQ(LE_CRED_ERROR_HASH_TREE,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(LE_CRED_ERROR_HASH_TREE,
            le_mgr_->CheckCredential(label2, kLeSecret2, &he_secret,
                                     &reset_secret));
}

// Verify behaviour when there is an unsalvageable disk corruption.
TEST_F(LECredentialManagerImplUnitTest, FailedSyncDiskCorrupted) {
  std::map<uint32_t, uint32_t> stub_delay_sched;
  ValidPcrCriteria stub_pcr_criteria;
  brillo::SecureBlob kLeSecret1(std::begin(kLeSecret1Array),
                                std::end(kLeSecret1Array));
  brillo::SecureBlob kLeSecret2(std::begin(kLeSecret2Array),
                                std::end(kLeSecret2Array));
  brillo::SecureBlob kHeSecret1(std::begin(kHeSecret1Array),
                                std::end(kHeSecret1Array));
  brillo::SecureBlob kResetSecret1(std::begin(kResetSecret1Array),
                                   std::end(kResetSecret1Array));

  uint64_t label1;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label1));
  uint64_t label2;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->InsertCredential(kLeSecret1, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));
  brillo::SecureBlob he_secret;
  brillo::SecureBlob reset_secret;
  ASSERT_EQ(LE_CRED_SUCCESS,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));

  // Corrupt the content of two label folders and the cache file.
  le_mgr_.reset();
  CorruptHashTreeWithLabel(label1);
  CorruptHashTreeWithLabel(label2);
  CorruptLeafCache();

  // Now re-initialize the LE Manager.
  InitLEManager();

  // Any operation should now fail.
  // TODO(crbug.com/809710): Should we reset the tree in this case?
  he_secret.clear();
  EXPECT_EQ(LE_CRED_ERROR_HASH_TREE,
            le_mgr_->CheckCredential(label1, kLeSecret1, &he_secret,
                                     &reset_secret));
  EXPECT_EQ(
      LE_CRED_ERROR_HASH_TREE,
      le_mgr_->CheckCredential(label2, kLeSecret1, &he_secret, &reset_secret));
  EXPECT_EQ(LE_CRED_ERROR_HASH_TREE,
            le_mgr_->InsertCredential(kLeSecret2, kHeSecret1, kResetSecret1,
                                      stub_delay_sched, stub_pcr_criteria,
                                      &label2));
}

}  // namespace cryptohome