diff options
author | Andres Morales <anmorales@google.com> | 2015-04-09 19:01:10 -0700 |
---|---|---|
committer | Andres Morales <anmorales@google.com> | 2015-04-11 08:51:14 -0700 |
commit | 6034309d9caa185c406def66bd4a7b71ea4b6409 (patch) | |
tree | eff7d485f1a4a2fec51db27ef503af7b8d1cf7bc /tests | |
parent | fa104e1a3bb5e8fed1235b16e64aa88049ecb18a (diff) | |
download | gatekeeper-6034309d9caa185c406def66bd4a7b71ea4b6409.tar.gz |
Add challenge to GateKeeper
needed for enrollment of auxiliary authenticators
Change-Id: Id2d567fc2736dc7c1960b337b4d4d0d93219ccfc
Diffstat (limited to 'tests')
-rw-r--r-- | tests/gatekeeper_device_test.cpp | 6 | ||||
-rw-r--r-- | tests/gatekeeper_messages_test.cpp | 3 | ||||
-rw-r--r-- | tests/gatekeeper_test.cpp | 13 |
3 files changed, 11 insertions, 11 deletions
diff --git a/tests/gatekeeper_device_test.cpp b/tests/gatekeeper_device_test.cpp index 1d7e74b..9f0d718 100644 --- a/tests/gatekeeper_device_test.cpp +++ b/tests/gatekeeper_device_test.cpp @@ -63,7 +63,7 @@ TEST_F(GateKeeperDeviceTest, EnrollAndVerify) { ASSERT_EQ(0, ret); - ret = device->verify(device, 0, password_handle, password_handle_length, + ret = device->verify(device, 0, 0, password_handle, password_handle_length, password_payload, password_len, &auth_token, &auth_token_len); ASSERT_EQ(0, ret); @@ -85,7 +85,7 @@ TEST_F(GateKeeperDeviceTest, EnrollAndVerifyBadPassword) { password_payload[0] = 4; - ret = device->verify(device, 0, password_handle, password_handle_length, + ret = device->verify(device, 0, 0, password_handle, password_handle_length, password_payload, password_len, &auth_token, &auth_token_len); ASSERT_NE(0, ret); @@ -139,5 +139,3 @@ TEST_F(GateKeeperDeviceTest, TrustedReEnroll) { ASSERT_EQ(sid, handle->user_id); } - - diff --git a/tests/gatekeeper_messages_test.cpp b/tests/gatekeeper_messages_test.cpp index 1a18e82..706bdb5 100644 --- a/tests/gatekeeper_messages_test.cpp +++ b/tests/gatekeeper_messages_test.cpp @@ -167,7 +167,7 @@ TEST(RoundTripTest, VerifyRequest) { *password_handle = make_buffer(password_size); const SizedBuffer *deserialized_password; // create request, serialize, deserialize, and validate - VerifyRequest msg(USER_ID, password_handle, provided_password); + VerifyRequest msg(USER_ID, 1, password_handle, provided_password); SizedBuffer serialized_msg(msg.GetSerializedSize()); msg.Serialize(serialized_msg.buffer.get(), serialized_msg.buffer.get() + serialized_msg.length); @@ -179,6 +179,7 @@ TEST(RoundTripTest, VerifyRequest) { deserialized_msg.error); ASSERT_EQ(USER_ID, deserialized_msg.user_id); + ASSERT_EQ((uint64_t) 1, deserialized_msg.challenge); deserialized_password = &deserialized_msg.password_handle; ASSERT_EQ((uint32_t) password_size, deserialized_password->length); ASSERT_EQ(0, memcmp(msg.provided_password.buffer.get(), deserialized_password->buffer.get(), diff --git a/tests/gatekeeper_test.cpp b/tests/gatekeeper_test.cpp index 66de7de..c5e7087 100644 --- a/tests/gatekeeper_test.cpp +++ b/tests/gatekeeper_test.cpp @@ -71,7 +71,7 @@ TEST(GateKeeperTest, VerifySuccess) { do_enroll(gatekeeper, &enroll_response); ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error); - VerifyRequest request(0, &enroll_response.enrolled_password_handle, + VerifyRequest request(0, 1, &enroll_response.enrolled_password_handle, &provided_password); VerifyResponse response; @@ -83,6 +83,7 @@ TEST(GateKeeperTest, VerifySuccess) { reinterpret_cast<hw_auth_token_t *>(response.auth_token.buffer.get()); ASSERT_EQ((uint32_t) HW_AUTH_PASSWORD, auth_token->authenticator_type); + ASSERT_EQ((uint64_t) 1, auth_token->challenge); ASSERT_NE(~((uint32_t) 0), auth_token->timestamp); ASSERT_NE((uint64_t) 0, auth_token->user_id); ASSERT_NE((uint64_t) 0, auth_token->authenticator_id); @@ -108,7 +109,7 @@ TEST(GateKeeperTest, TrustedReEnroll) { password_handle.length); // verify first password - VerifyRequest request(0, &enroll_response.enrolled_password_handle, + VerifyRequest request(0, 0, &enroll_response.enrolled_password_handle, &provided_password); VerifyResponse response; gatekeeper.Verify(request, &response); @@ -134,7 +135,7 @@ TEST(GateKeeperTest, TrustedReEnroll) { password.buffer.reset(new uint8_t[16]); memset(password.buffer.get(), 1, 16); password.length = 16; - VerifyRequest new_request(0, &enroll_response.enrolled_password_handle, + VerifyRequest new_request(0, 0, &enroll_response.enrolled_password_handle, &password); gatekeeper.Verify(new_request, &response); ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error); @@ -156,7 +157,7 @@ TEST(GateKeeperTest, UntrustedReEnroll) { ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error); // verify first password - VerifyRequest request(0, &enroll_response.enrolled_password_handle, + VerifyRequest request(0, 0, &enroll_response.enrolled_password_handle, &provided_password); VerifyResponse response; gatekeeper.Verify(request, &response); @@ -179,7 +180,7 @@ TEST(GateKeeperTest, UntrustedReEnroll) { password.buffer.reset(new uint8_t[16]); memset(password.buffer.get(), 1, 16); password.length = 16; - VerifyRequest new_request(0, &enroll_response.enrolled_password_handle, + VerifyRequest new_request(0, 0, &enroll_response.enrolled_password_handle, &password); gatekeeper.Verify(new_request, &response); ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error); @@ -194,7 +195,7 @@ TEST(GateKeeperTest, VerifyBogusData) { SizedBuffer password_handle; VerifyResponse response; - VerifyRequest request(0, &provided_password, &password_handle); + VerifyRequest request(0, 0, &provided_password, &password_handle); gatekeeper.Verify(request, &response); |