| # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import logging |
| import os |
| import re |
| import shutil |
| |
| from autotest_lib.client.bin import test |
| from autotest_lib.client.common_lib import error, utils |
| from autotest_lib.client.cros import constants, cryptohome |
| |
| class platform_CryptohomeTestAuth(test.test): |
| version = 1 |
| |
| |
| def run_once(self): |
| test_user = 'this_is_a_local_test_account@chromium.org' |
| test_password = 'this_is_a_test_password' |
| |
| user_hash = cryptohome.get_user_hash(test_user) |
| |
| |
| # Ensure that the user directory is unmounted and does not exist. |
| cryptohome.unmount_vault(test_user) |
| cryptohome.remove_vault(test_user) |
| if os.path.exists(os.path.join(constants.SHADOW_ROOT, user_hash)): |
| raise error.TestFail('Could not remove the test user.') |
| |
| # Mount the test user account, which ensures that the vault is |
| # created, and that the mount succeeds. |
| cryptohome.mount_vault(test_user, test_password, create=True) |
| |
| # Test credentials when the user's directory is mounted |
| if not cryptohome.test_auth(test_user, test_password): |
| raise error.TestFail('Valid credentials should authenticate ' |
| 'while mounted.') |
| |
| # Make sure that an incorrect password fails |
| if cryptohome.test_auth(test_user, 'badpass'): |
| raise error.TestFail('Invalid credentials should not authenticate ' |
| 'while mounted.') |
| |
| # Unmount the directory |
| cryptohome.unmount_vault(test_user) |
| # Ensure that the user directory is not mounted |
| if cryptohome.is_vault_mounted(user=test_user, allow_fail=True): |
| raise error.TestFail('Cryptohome did not unmount the user.') |
| |
| # Test valid credentials when the user's directory is not mounted |
| if not cryptohome.test_auth(test_user, test_password): |
| raise error.TestFail('Valid credentials should authenticate ' |
| ' while mounted.') |
| |
| # Test invalid credentials fails while not mounted. |
| if cryptohome.test_auth(test_user, 'badpass'): |
| raise error.TestFail('Invalid credentials should not authenticate ' |
| 'when unmounted.') |
| |
| |
| # Re-mount existing test user vault, verifying that the mount succeeds. |
| cryptohome.mount_vault(test_user, test_password) |
| |
| # Finally, unmount and destroy the vault again. |
| cryptohome.unmount_vault(test_user) |
| cryptohome.remove_vault(test_user) |
| if os.path.exists(os.path.join(constants.SHADOW_ROOT, user_hash)): |
| raise error.TestFail('Could not destroy the vault.') |