| # Copyright 2014 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| from dbus.mainloop.glib import DBusGMainLoop |
| |
| from autotest_lib.client.bin import test |
| from autotest_lib.client.common_lib import error |
| from autotest_lib.client.cros import cryptohome, pkcs11 |
| |
| |
| class platform_CryptohomeMigrateChapsTokenClient(test.test): |
| """ This is a helper to platform_CryptohomeMigrateChapsToken |
| It logs a test user in and either generates a chaps signing |
| key or checks if a signing key was generated |
| """ |
| version = 1 |
| |
| |
| def initialize(self): |
| super(platform_CryptohomeMigrateChapsTokenClient, self).initialize() |
| bus_loop = DBusGMainLoop(set_as_default=True) |
| self._cryptohome_proxy = cryptohome.CryptohomeProxy( |
| bus_loop, self.autodir, self.job) |
| |
| def run_once(self, generate_key=False): |
| |
| user = "user@test.com" |
| password = "test_password" |
| if generate_key: |
| # Make sure that the tpm is owned. |
| status = cryptohome.get_tpm_status() |
| if not status['Owned']: |
| cryptohome.take_tpm_ownership() |
| |
| # We generate a chaps key tied to |user|. |
| self._cryptohome_proxy.ensure_clean_cryptohome_for(user, password) |
| result = pkcs11.generate_user_key() |
| if not result: |
| raise error.TestFail('Unable to generate key for ' + user) |
| else: |
| # Check if the chaps key previously generated is still present. |
| # If the key is present, migration was successful, and chaps keys |
| # weren't destroyed. |
| result = self._cryptohome_proxy.mount(user, password) |
| if not result: |
| raise error.TestFail('Unable to remount users cryptohome') |
| result = pkcs11.test_and_cleanup_key() |
| if not result: |
| raise error.TestFail('No Generated keys present for ' + user) |
| self._cryptohome_proxy.remove(user) |
| |