cryptohome/storage/encrypted_container/fscrypt_container_test.cc - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2020 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "cryptohome/storage/encrypted_container/fscrypt_container.h"

 #include <memory>

 #include <base/files/file_path.h>
 #include <brillo/secure_blob.h>
 #include <gmock/gmock.h>
 #include <gtest/gtest.h>

 #include "cryptohome/mock_platform.h"
 #include "cryptohome/storage/encrypted_container/filesystem_key.h"

 using ::testing::_;
 using ::testing::Return;

 namespace cryptohome {

 class FscryptContainerTest : public ::testing::Test {
  public:
   FscryptContainerTest()
       : backing_dir_(base::FilePath("/a/b/c")),
         key_reference_({.fek_sig = brillo::SecureBlob("random_keysig")}),
         key_({.fek = brillo::SecureBlob("random key")}),
         container_(
             EncryptedContainer::Generate(EncryptedContainerType::kFscrypt,
                                          backing_dir_,
                                          key_reference_,
                                          &platform_)) {}
   ~FscryptContainerTest() override = default;

  protected:
   base::FilePath backing_dir_;
   FileSystemKeyReference key_reference_;
   FileSystemKey key_;
   MockPlatform platform_;
   std::unique_ptr<EncryptedContainer> container_;
 };

 // Tests the create path for fscrypt containers.
 TEST_F(FscryptContainerTest, SetupCreateCheck) {
   EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _)).WillOnce(Return(true));

   EXPECT_CALL(platform_, SetDirCryptoKey(backing_dir_, _))
       .WillOnce(Return(true));

   EXPECT_TRUE(container_->Setup(key_, true));
   EXPECT_TRUE(platform_.DirectoryExists(backing_dir_));
 }

 // Tests the setup path for an existing fscrypt container.
 TEST_F(FscryptContainerTest, SetupNoCreateCheck) {
   EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _)).WillOnce(Return(true));

   EXPECT_CALL(platform_, SetDirCryptoKey(backing_dir_, _))
       .WillOnce(Return(true));

   EXPECT_TRUE(container_->Setup(key_, false));
 }

 // Tests failure path when adding the encryption key to the kernel/filesystem
 // keyring fails.
 TEST_F(FscryptContainerTest, SetupFailedEncryptionKeyAdd) {
   EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _))
       .WillOnce(Return(false));

   EXPECT_FALSE(container_->Setup(key_, false));
 }

 // Tests failure path when setting the encryption policy for the backing
 // directory fails.
 TEST_F(FscryptContainerTest, SetupFailedEncryptionKeySet) {
   EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _)).WillOnce(Return(true));

   EXPECT_CALL(platform_, SetDirCryptoKey(backing_dir_, _))
       .WillOnce(Return(false));

   EXPECT_FALSE(container_->Setup(key_, false));
 }

 // Tests failure path on failing to invalidate an added key from the
 // kernel/filesystem keyring.
 TEST_F(FscryptContainerTest, TeardownInvalidateKey) {
   EXPECT_CALL(platform_, InvalidateDirCryptoKey(_, _)).WillOnce(Return(false));

   EXPECT_FALSE(container_->Teardown());
 }

 }  // namespace cryptohome
	// Copyright 2020 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "cryptohome/storage/encrypted_container/fscrypt_container.h"

	#include <memory>

	#include <base/files/file_path.h>
	#include <brillo/secure_blob.h>
	#include <gmock/gmock.h>
	#include <gtest/gtest.h>

	#include "cryptohome/mock_platform.h"
	#include "cryptohome/storage/encrypted_container/filesystem_key.h"

	using ::testing::_;
	using ::testing::Return;

	namespace cryptohome {

	class FscryptContainerTest : public ::testing::Test {
	public:
	FscryptContainerTest()
	: backing_dir_(base::FilePath("/a/b/c")),
	key_reference_({.fek_sig = brillo::SecureBlob("random_keysig")}),
	key_({.fek = brillo::SecureBlob("random key")}),
	container_(
	EncryptedContainer::Generate(EncryptedContainerType::kFscrypt,
	backing_dir_,
	key_reference_,
	&platform_)) {}
	~FscryptContainerTest() override = default;

	protected:
	base::FilePath backing_dir_;
	FileSystemKeyReference key_reference_;
	FileSystemKey key_;
	MockPlatform platform_;
	std::unique_ptr<EncryptedContainer> container_;
	};

	// Tests the create path for fscrypt containers.
	TEST_F(FscryptContainerTest, SetupCreateCheck) {
	EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _)).WillOnce(Return(true));

	EXPECT_CALL(platform_, SetDirCryptoKey(backing_dir_, _))
	.WillOnce(Return(true));

	EXPECT_TRUE(container_->Setup(key_, true));
	EXPECT_TRUE(platform_.DirectoryExists(backing_dir_));
	}

	// Tests the setup path for an existing fscrypt container.
	TEST_F(FscryptContainerTest, SetupNoCreateCheck) {
	EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _)).WillOnce(Return(true));

	EXPECT_CALL(platform_, SetDirCryptoKey(backing_dir_, _))
	.WillOnce(Return(true));

	EXPECT_TRUE(container_->Setup(key_, false));
	}

	// Tests failure path when adding the encryption key to the kernel/filesystem
	// keyring fails.
	TEST_F(FscryptContainerTest, SetupFailedEncryptionKeyAdd) {
	EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _))
	.WillOnce(Return(false));

	EXPECT_FALSE(container_->Setup(key_, false));
	}

	// Tests failure path when setting the encryption policy for the backing
	// directory fails.
	TEST_F(FscryptContainerTest, SetupFailedEncryptionKeySet) {
	EXPECT_CALL(platform_, AddDirCryptoKeyToKeyring(_, _)).WillOnce(Return(true));

	EXPECT_CALL(platform_, SetDirCryptoKey(backing_dir_, _))
	.WillOnce(Return(false));

	EXPECT_FALSE(container_->Setup(key_, false));
	}

	// Tests failure path on failing to invalidate an added key from the
	// kernel/filesystem keyring.
	TEST_F(FscryptContainerTest, TeardownInvalidateKey) {
	EXPECT_CALL(platform_, InvalidateDirCryptoKey(_, _)).WillOnce(Return(false));

	EXPECT_FALSE(container_->Teardown());
	}

	} // namespace cryptohome