diff --git a/chrome/browser/enterprise/connectors/device_trust/device_trust_browsertest.cc b/chrome/browser/enterprise/connectors/device_trust/device_trust_browsertest.cc index f7b05eb80fdd3..ed0a517aa64c4 100644 --- a/chrome/browser/enterprise/connectors/device_trust/device_trust_browsertest.cc +++ b/chrome/browser/enterprise/connectors/device_trust/device_trust_browsertest.cc @@ -49,10 +49,6 @@ #include "testing/gtest/include/gtest/gtest.h" #include "third_party/abseil-cpp/absl/types/optional.h" -#if BUILDFLAG(IS_WIN) -#include "chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.h" -#endif // #if BUILDFLAG(IS_WIN) - #if BUILDFLAG(IS_CHROMEOS_ASH) #include "chrome/browser/ash/attestation/mock_tpm_challenge_key.h" #include "chrome/browser/ash/attestation/tpm_challenge_key.h" @@ -265,71 +261,6 @@ class DeviceTrustBrowserTestBase return active_browser->profile()->GetPrefs(); } - void VerifyAttestationFlowOutcome() { - if (!is_enabled()) { - // If the feature flag is disabled, the attestation flow should not have - // been triggered (and that is the end of the test); - EXPECT_FALSE(initial_attestation_request_); - EXPECT_FALSE(challenge_response_request_); - - histogram_tester_.ExpectTotalCount(kFunnelHistogramName, 0); - histogram_tester_.ExpectTotalCount(kResultHistogramName, 0); - histogram_tester_.ExpectTotalCount(kLatencySuccessHistogramName, 0); - histogram_tester_.ExpectTotalCount(kLatencyFailureHistogramName, 0); - return; - } - - // Attestation flow should be fully done. - EXPECT_TRUE(initial_attestation_request_); - - // Validate that the two requests contain expected information. URLs' paths - // have to be used for comparison due to how the HostResolver is replacing - // domains with '127.0.0.1' in tests. - EXPECT_EQ(initial_attestation_request_->GetURL().path(), - GetRedirectUrl().path()); - EXPECT_EQ( - initial_attestation_request_->headers.find(kDeviceTrustHeader)->second, - kDeviceTrustHeaderValue); - - // Response header should always be set, even in error cases (i.e. - // use_v2_header is false). - EXPECT_TRUE(challenge_response_request_.has_value()); - - ExpectFunnelStep(DTAttestationFunnelStep::kAttestationFlowStarted); - ExpectFunnelStep(DTAttestationFunnelStep::kChallengeReceived); - - EXPECT_EQ(challenge_response_request_->GetURL().path(), - GetRedirectLocationUrl().path()); - const std::string& challenge_response = - challenge_response_request_->headers - .find(kVerifiedAccessResponseHeader) - ->second; - - if (use_v2_header()) { - // TODO(crbug.com/1241857): Add challenge-response validation. - EXPECT_TRUE(!challenge_response.empty()); - - ExpectFunnelStep(DTAttestationFunnelStep::kSignalsCollected); - ExpectFunnelStep(DTAttestationFunnelStep::kChallengeResponseSent); - histogram_tester_.ExpectUniqueSample(kResultHistogramName, - DTAttestationResult::kSuccess, 1); - histogram_tester_.ExpectTotalCount(kLatencySuccessHistogramName, 1); - histogram_tester_.ExpectTotalCount(kLatencyFailureHistogramName, 0); - } else { - static constexpr char kFailedToParseChallengeJsonResponse[] = - "{\"error\":\"failed_to_parse_challenge\"}"; - EXPECT_EQ(challenge_response, kFailedToParseChallengeJsonResponse); - histogram_tester_.ExpectBucketCount( - kFunnelHistogramName, DTAttestationFunnelStep::kSignalsCollected, 0); - histogram_tester_.ExpectBucketCount( - kFunnelHistogramName, DTAttestationFunnelStep::kChallengeResponseSent, - 0); - histogram_tester_.ExpectTotalCount(kResultHistogramName, 0); - histogram_tester_.ExpectTotalCount(kLatencySuccessHistogramName, 0); - histogram_tester_.ExpectTotalCount(kLatencyFailureHistogramName, 1); - } - } - net::test_server::EmbeddedTestServerHandle test_server_handle_; base::test::ScopedFeatureList scoped_feature_list_; base::HistogramTester histogram_tester_; @@ -421,12 +352,8 @@ class DeviceTrustDesktopBrowserTest : public DeviceTrustBrowserTestBase { void SetUpOnMainThread() override { DeviceTrustBrowserTestBase::SetUpOnMainThread(); -#if BUILDFLAG(IS_WIN) - device_trust_test_environment_win_.emplace(); -#else // BUILDFLAG(IS_WIN) scoped_persistence_delegate_factory_.emplace(); scoped_rotation_command_factory_.emplace(); -#endif safe_browsing::SetProfileDMToken(browser()->profile(), "dm_token"); @@ -455,15 +382,10 @@ class DeviceTrustDesktopBrowserTest : public DeviceTrustBrowserTestBase { } #endif -#if BUILDFLAG(IS_WIN) - absl::optional - device_trust_test_environment_win_; -#else // BUILDFLAG(IS_WIN) absl::optional scoped_persistence_delegate_factory_; absl::optional scoped_rotation_command_factory_; -#endif }; using DeviceTrustBrowserTest = DeviceTrustDesktopBrowserTest; @@ -471,22 +393,77 @@ using DeviceTrustBrowserTest = DeviceTrustDesktopBrowserTest; // Tests that the whole attestation flow occurs when navigating to an // allowed domain. -IN_PROC_BROWSER_TEST_P(DeviceTrustBrowserTest, AttestationFullFlowKeyExists) { +IN_PROC_BROWSER_TEST_P(DeviceTrustBrowserTest, AttestationFullFlow) { GURL redirect_url = GetRedirectUrl(); TestNavigationManager first_navigation(web_contents(), redirect_url); -#if BUILDFLAG(IS_WIN) - // Windows DT test environment mocks the register and we need to manually - // create the DT key first - device_trust_test_environment_win_->SetUpExistingKey(); -#endif - // Add allowed domain to Prefs and trigger a navigation to it. SetPolicy(); NavigateToUrl(redirect_url); first_navigation.WaitForNavigationFinished(); - VerifyAttestationFlowOutcome(); + + if (!is_enabled()) { + // If the feature flag is disabled, the attestation flow should not have + // been triggered (and that is the end of the test); + EXPECT_FALSE(initial_attestation_request_); + EXPECT_FALSE(challenge_response_request_); + + histogram_tester_.ExpectTotalCount(kFunnelHistogramName, 0); + histogram_tester_.ExpectTotalCount(kResultHistogramName, 0); + histogram_tester_.ExpectTotalCount(kLatencySuccessHistogramName, 0); + histogram_tester_.ExpectTotalCount(kLatencyFailureHistogramName, 0); + return; + } + + // Attestation flow should be fully done. + EXPECT_TRUE(initial_attestation_request_); + + // Validate that the two requests contain expected information. URLs' paths + // have to be used for comparison due to how the HostResolver is replacing + // domains with '127.0.0.1' in tests. + EXPECT_EQ(initial_attestation_request_->GetURL().path(), + GetRedirectUrl().path()); + EXPECT_EQ( + initial_attestation_request_->headers.find(kDeviceTrustHeader)->second, + kDeviceTrustHeaderValue); + + // Response header should always be set, even in error cases (i.e. + // use_v2_header is false). + EXPECT_TRUE(challenge_response_request_.has_value()); + + ExpectFunnelStep(DTAttestationFunnelStep::kAttestationFlowStarted); + ExpectFunnelStep(DTAttestationFunnelStep::kChallengeReceived); + + EXPECT_EQ(challenge_response_request_->GetURL().path(), + GetRedirectLocationUrl().path()); + const std::string& challenge_response = + challenge_response_request_->headers.find(kVerifiedAccessResponseHeader) + ->second; + + if (use_v2_header()) { + // TODO(crbug.com/1241857): Add challenge-response validation. + EXPECT_TRUE(!challenge_response.empty()); + + ExpectFunnelStep(DTAttestationFunnelStep::kSignalsCollected); + ExpectFunnelStep(DTAttestationFunnelStep::kChallengeResponseSent); + histogram_tester_.ExpectUniqueSample(kResultHistogramName, + DTAttestationResult::kSuccess, 1); + histogram_tester_.ExpectTotalCount(kLatencySuccessHistogramName, 1); + histogram_tester_.ExpectTotalCount(kLatencyFailureHistogramName, 0); + } else { + static constexpr char kFailedToParseChallengeJsonResponse[] = + "{\"error\":\"failed_to_parse_challenge\"}"; + EXPECT_EQ(challenge_response, kFailedToParseChallengeJsonResponse); + histogram_tester_.ExpectBucketCount( + kFunnelHistogramName, DTAttestationFunnelStep::kSignalsCollected, 0); + histogram_tester_.ExpectBucketCount( + kFunnelHistogramName, DTAttestationFunnelStep::kChallengeResponseSent, + 0); + histogram_tester_.ExpectTotalCount(kResultHistogramName, 0); + histogram_tester_.ExpectTotalCount(kLatencySuccessHistogramName, 0); + histogram_tester_.ExpectTotalCount(kLatencyFailureHistogramName, 1); + } } // Tests that the attestation flow does not get triggered when navigating to a @@ -633,22 +610,6 @@ IN_PROC_BROWSER_TEST_P(DeviceTrustBrowserTest, SignalsContract) { } } -#if BUILDFLAG(IS_WIN) -// Windows DT test environment mocks the registry and DT key does not exist by -// default In this test case a key will be created by DeviceTrustKeyManager -IN_PROC_BROWSER_TEST_P(DeviceTrustBrowserTest, AttestationKeyCreation) { - GURL redirect_url = GetRedirectUrl(); - TestNavigationManager first_navigation(web_contents(), redirect_url); - - // Add allowed domain to Prefs and trigger a navigation to it. - SetPolicy(); - NavigateToUrl(redirect_url); - - first_navigation.WaitForNavigationFinished(); - VerifyAttestationFlowOutcome(); -} -#endif - INSTANTIATE_TEST_SUITE_P(All, DeviceTrustBrowserTest, testing::Combine(testing::Bool(), testing::Bool())); diff --git a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/BUILD.gn b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/BUILD.gn index 73493cfc5a635..65923cf4249fd 100644 --- a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/BUILD.gn +++ b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/BUILD.gn @@ -3,11 +3,7 @@ # found in the LICENSE file. source_set("commands") { - friend = [ - "//chrome/browser/enterprise/connectors/device_trust/test:test_support", - ":test_support", - ":unit_tests", - ] + friend = [ ":unit_tests" ] public = [ "key_rotation_command.h", @@ -100,7 +96,6 @@ source_set("unit_tests") { "//base", "//base/test:test_support", "//chrome/browser/enterprise/connectors/device_trust/common", - "//chrome/browser/enterprise/connectors/device_trust/test:test_support", "//testing/gtest", ] diff --git a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.cc b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.cc index 5ca328dfdb47a..b80a519669a7f 100644 --- a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.cc +++ b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.cc @@ -146,25 +146,11 @@ HRESULT RunGoogleUpdateElevatedCommand(const wchar_t* command, } // namespace -WinKeyRotationCommand::WinKeyRotationCommand() - : WinKeyRotationCommand( - base::BindRepeating(&RunGoogleUpdateElevatedCommand)) {} +WinKeyRotationCommand::WinKeyRotationCommand() = default; WinKeyRotationCommand::WinKeyRotationCommand( RunGoogleUpdateElevatedCommandFn run_elevated_command) - : WinKeyRotationCommand( - run_elevated_command, - base::ThreadPool::CreateCOMSTATaskRunner( - {base::TaskPriority::USER_BLOCKING, base::MayBlock()})) {} - -WinKeyRotationCommand::WinKeyRotationCommand( - RunGoogleUpdateElevatedCommandFn run_elevated_command, - scoped_refptr com_thread_runner) - : com_thread_runner_(com_thread_runner), - run_elevated_command_(run_elevated_command) { - DCHECK(run_elevated_command_); - DCHECK(com_thread_runner_); -} + : run_elevated_command_(run_elevated_command) {} WinKeyRotationCommand::~WinKeyRotationCommand() = default; @@ -172,6 +158,15 @@ void WinKeyRotationCommand::Trigger(const KeyRotationCommand::Params& params, Callback callback) { DCHECK(!callback.is_null()); + if (!com_thread_runner_) { + com_thread_runner_ = base::ThreadPool::CreateCOMSTATaskRunner( + {base::TaskPriority::USER_BLOCKING, base::MayBlock()}); + } + + RunGoogleUpdateElevatedCommandFn run_elevated_command = + run_elevated_command_ ? run_elevated_command_ + : &RunGoogleUpdateElevatedCommand; + com_thread_runner_->PostTaskAndReplyWithResult( FROM_HERE, base::BindOnce( @@ -190,7 +185,7 @@ void WinKeyRotationCommand::Trigger(const KeyRotationCommand::Params& params, // and sleep time are pretty arbitrary choices. HRESULT hr = S_OK; for (int i = 0; i < 10; ++i) { - hr = run_elevated_command.Run( + hr = run_elevated_command( installer::kCmdRotateDeviceTrustKey, {token_base64, params.dm_server_url, nonce_base64}, &return_code); @@ -218,7 +213,7 @@ void WinKeyRotationCommand::Trigger(const KeyRotationCommand::Params& params, } return status; }, - params, run_elevated_command_, waiting_enabled_), + params, run_elevated_command, waiting_enabled_), std::move(callback)); } diff --git a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.h b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.h index febd77d220aa9..3cf96875afdd6 100644 --- a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.h +++ b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.h @@ -23,18 +23,15 @@ class WinKeyRotationCommand : public KeyRotationCommand { static const HRESULT GOOPDATE_E_APP_USING_EXTERNAL_UPDATER = 0xA043081D; using RunGoogleUpdateElevatedCommandFn = - base::RepeatingCallback& args, - DWORD* return_code)>; + HRESULT (*)(const wchar_t* command, + const std::vector& args, + DWORD* return_code); // The second constructor is used in tests to override the behaviour of // Google Update. WinKeyRotationCommand(); explicit WinKeyRotationCommand( RunGoogleUpdateElevatedCommandFn run_elevated_command); - WinKeyRotationCommand( - RunGoogleUpdateElevatedCommandFn run_elevated_command, - scoped_refptr com_thread_runner); ~WinKeyRotationCommand() override; // KeyRotationCommand: @@ -46,7 +43,7 @@ class WinKeyRotationCommand : public KeyRotationCommand { private: scoped_refptr com_thread_runner_; bool waiting_enabled_ = true; - RunGoogleUpdateElevatedCommandFn run_elevated_command_; + RunGoogleUpdateElevatedCommandFn run_elevated_command_ = nullptr; }; } // namespace enterprise_connectors diff --git a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command_unittest.cc b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command_unittest.cc index 218ba59a31d1c..b809a928f20e4 100644 --- a/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command_unittest.cc +++ b/chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command_unittest.cc @@ -7,7 +7,6 @@ #include #include "base/base64.h" -#include "base/functional/bind.h" #include "base/test/bind.h" #include "base/test/task_environment.h" #include "chrome/installer/util/util_constants.h" @@ -52,13 +51,13 @@ TEST_F(WinKeyRotationCommandTest, RotateSuccess) { bool was_called = false; KeyRotationCommand::Status status = KeyRotationCommand::Status::TIMED_OUT; - WinKeyRotationCommand command(base::BindRepeating( - [](const wchar_t* command, const std::vector& args, - DWORD* return_code) { - CheckCommandArgs(args); - *return_code = installer::ROTATE_DTKEY_SUCCESS; - return S_OK; - })); + WinKeyRotationCommand command([](const wchar_t* command, + const std::vector& args, + DWORD* return_code) { + CheckCommandArgs(args); + *return_code = installer::ROTATE_DTKEY_SUCCESS; + return S_OK; + }); command.Trigger(params, base::BindLambdaForTesting( [&was_called, @@ -78,13 +77,13 @@ TEST_F(WinKeyRotationCommandTest, RotateFailure) { bool was_called = false; KeyRotationCommand::Status status = KeyRotationCommand::Status::TIMED_OUT; - WinKeyRotationCommand command(base::BindRepeating( - [](const wchar_t* command, const std::vector& args, - DWORD* return_code) { - CheckCommandArgs(args); - *return_code = installer::ROTATE_DTKEY_FAILED; - return S_OK; - })); + WinKeyRotationCommand command([](const wchar_t* command, + const std::vector& args, + DWORD* return_code) { + CheckCommandArgs(args); + *return_code = installer::ROTATE_DTKEY_FAILED; + return S_OK; + }); command.Trigger(params, base::BindLambdaForTesting( [&was_called, @@ -104,13 +103,13 @@ TEST_F(WinKeyRotationCommandTest, RotateTimeout) { bool was_called = false; KeyRotationCommand::Status status = KeyRotationCommand::Status::FAILED; - WinKeyRotationCommand command(base::BindRepeating( - [](const wchar_t* command, const std::vector& args, - DWORD* return_code) { - CheckCommandArgs(args); - // Not setting return_code. - return E_ABORT; - })); + WinKeyRotationCommand command([](const wchar_t* command, + const std::vector& args, + DWORD* return_code) { + CheckCommandArgs(args); + // Not setting return_code. + return E_ABORT; + }); command.Trigger(params, base::BindLambdaForTesting( [&was_called, @@ -130,13 +129,13 @@ TEST_F(WinKeyRotationCommandTest, GoogleUpdateIssue) { bool was_called = false; KeyRotationCommand::Status status = KeyRotationCommand::Status::SUCCEEDED; - WinKeyRotationCommand command(base::BindRepeating( - [](const wchar_t* command, const std::vector& args, - DWORD* return_code) { - CheckCommandArgs(args); - // Not setting return_code. - return WinKeyRotationCommand::GOOPDATE_E_APP_USING_EXTERNAL_UPDATER; - })); + WinKeyRotationCommand command([](const wchar_t* command, + const std::vector& args, + DWORD* return_code) { + CheckCommandArgs(args); + // Not setting return_code. + return WinKeyRotationCommand::GOOPDATE_E_APP_USING_EXTERNAL_UPDATER; + }); command.enable_waiting_for_testing(false); command.Trigger(params, base::BindLambdaForTesting( @@ -157,13 +156,13 @@ TEST_F(WinKeyRotationCommandTest, GeneralFailure) { bool was_called = false; KeyRotationCommand::Status status = KeyRotationCommand::Status::SUCCEEDED; - WinKeyRotationCommand command(base::BindRepeating( - [](const wchar_t* command, const std::vector& args, - DWORD* return_code) { - CheckCommandArgs(args); - // Not setting return_code. - return E_FAIL; - })); + WinKeyRotationCommand command([](const wchar_t* command, + const std::vector& args, + DWORD* return_code) { + CheckCommandArgs(args); + // Not setting return_code. + return E_FAIL; + }); command.enable_waiting_for_testing(false); command.Trigger(params, base::BindLambdaForTesting( diff --git a/chrome/browser/enterprise/connectors/device_trust/test/BUILD.gn b/chrome/browser/enterprise/connectors/device_trust/test/BUILD.gn deleted file mode 100644 index 61d64612d75ca..0000000000000 --- a/chrome/browser/enterprise/connectors/device_trust/test/BUILD.gn +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright 2022 The Chromium Authors -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -source_set("test_support") { - testonly = true - public = [ "device_trust_test_environment.h" ] - - sources = [] - - public_deps = [ - "//base", - "//chrome/browser/enterprise/connectors/device_trust/key_management/core/network:network", - ] - - deps = [] - - if (is_win) { - public += [ "device_trust_test_environment_win.h" ] - sources += [ "device_trust_test_environment_win.cc" ] - - public_deps += [ - "//base/test:test_support", - "//chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands:test_support", - "//chrome/browser/enterprise/connectors/device_trust/key_management/core/network:test_support", - "//crypto:test_support", - ] - - deps += [ - "//chrome/browser/enterprise/connectors/device_trust/key_management/core:constants", - "//chrome/browser/enterprise/connectors/device_trust/key_management/core/persistence:persistence", - "//chrome/browser/enterprise/connectors/device_trust/key_management/installer:elevated_rotation", - "//chrome/browser/enterprise/connectors/device_trust/key_management/installer/management_service:rotate_util", - "//chrome/install_static:install_static_util", - "//chrome/installer/util:constants", - "//components/policy/proto", - ] - } -} diff --git a/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment.h b/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment.h deleted file mode 100644 index 443855c9d2163..0000000000000 --- a/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment.h +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2022 The Chromium Authors -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_BROWSER_ENTERPRISE_CONNECTORS_DEVICE_TRUST_TEST_DEVICE_TRUST_TEST_ENVIRONMENT_H_ -#define CHROME_BROWSER_ENTERPRISE_CONNECTORS_DEVICE_TRUST_TEST_DEVICE_TRUST_TEST_ENVIRONMENT_H_ - -#include "base/strings/string_piece.h" -#include "base/threading/thread.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/core/network/key_network_delegate.h" - -namespace enterprise_connectors { - -class DeviceTrustTestEnvironment { - public: - using HttpResponseCode = KeyNetworkDelegate::HttpResponseCode; - - DeviceTrustTestEnvironment(base::StringPiece thread_name, - HttpResponseCode upload_response_code) - : worker_thread_(std::string(thread_name)), - upload_response_code_(upload_response_code) {} - virtual ~DeviceTrustTestEnvironment() = default; - - // Set the result of key upload to test different behaviours of - // KeyNetworkDelegate - virtual void SetUploadResult(HttpResponseCode upload_response_code) = 0; - - // Set up an existing device trust key on the device, to test the case where a - // key already exists on the device - virtual void SetUpExistingKey() = 0; - - protected: - // Use a non-ThreadPool worker thread as the code that will run in the - // background uses a RunLoop, and those are prohibited from running on the - // ThreadPool. - base::Thread worker_thread_; - - // Preset response code of key upload, used to test different behaviours of - // KeyNetworkDelegate - HttpResponseCode upload_response_code_; -}; - -} // namespace enterprise_connectors - -#endif // CHROME_BROWSER_ENTERPRISE_CONNECTORS_DEVICE_TRUST_TEST_DEVICE_TRUST_TEST_ENVIRONMENT_H_ diff --git a/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.cc b/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.cc deleted file mode 100644 index dc19a395c4dba..0000000000000 --- a/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.cc +++ /dev/null @@ -1,113 +0,0 @@ -// Copyright 2022 The Chromium Authors -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.h" - -#include - -#include -#include - -#include "base/check.h" -#include "base/command_line.h" -#include "base/notreached.h" -#include "base/task/thread_pool.h" -#include "base/win/registry.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/win_key_rotation_command.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/core/network/mock_key_network_delegate.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/core/persistence/key_persistence_delegate.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/core/persistence/key_persistence_delegate_factory.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/core/shared_command_constants.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/installer/key_rotation_manager.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/installer/management_service/rotate_util.h" -#include "chrome/install_static/install_util.h" -#include "chrome/installer/util/util_constants.h" -#include "components/policy/proto/device_management_backend.pb.h" -#include "components/prefs/pref_service.h" -#include "services/network/public/cpp/shared_url_loader_factory.h" -#include "testing/gmock/include/gmock/gmock.h" - -using testing::_; -using testing::Invoke; -using testing::StrictMock; - -using BPKUR = enterprise_management::BrowserPublicKeyUploadRequest; - -namespace enterprise_connectors { - -using test::MockKeyNetworkDelegate; -using HttpResponseCode = KeyNetworkDelegate::HttpResponseCode; - -constexpr HttpResponseCode kSuccessCode = 200; - -HRESULT MockRunGoogleUpdateElevatedCommandFn( - HttpResponseCode upload_response_code, - const wchar_t* command, - const std::vector& args, - DWORD* return_code) { - base::CommandLine cmd_line(base::CommandLine::NO_PROGRAM); - DCHECK(args.size() == 3); - cmd_line.AppendSwitchASCII(switches::kRotateDTKey, args[0]); - cmd_line.AppendSwitchASCII(switches::kDmServerUrl, args[1]); - cmd_line.AppendSwitchASCII(switches::kNonce, args[2]); - auto mock_network_delegate = - std::make_unique>(); - EXPECT_CALL(*mock_network_delegate, SendPublicKeyToDmServer(_, _, _, _)) - .WillOnce(Invoke( - [upload_response_code](const GURL& url, const std::string& dm_token, - const std::string& body, - base::OnceCallback callback) { - std::move(callback).Run(upload_response_code); - })); - *return_code = enterprise_connectors::RotateDeviceTrustKey( - enterprise_connectors::KeyRotationManager::Create( - std::move(mock_network_delegate)), - cmd_line, install_static::GetChromeChannel()) - ? installer::InstallStatus::ROTATE_DTKEY_SUCCESS - : installer::InstallStatus::ROTATE_DTKEY_FAILED; - return S_OK; -} - -DeviceTrustTestEnvironmentWin::DeviceTrustTestEnvironmentWin() - : DeviceTrustTestEnvironment("device_trust_test_environment_win", - kSuccessCode) { - registry_override_manager_.OverrideRegistry(HKEY_LOCAL_MACHINE); - KeyRotationCommandFactory::SetFactoryInstanceForTesting(this); -} - -DeviceTrustTestEnvironmentWin::~DeviceTrustTestEnvironmentWin() { - KeyRotationCommandFactory::ClearFactoryInstanceForTesting(); -} - -std::unique_ptr -DeviceTrustTestEnvironmentWin::CreateCommand( - scoped_refptr url_loader_factory, - PrefService* local_prefs) { - if (!worker_thread_.IsRunning()) { - // Make sure the worker thread is running. Its task runner can be reused for - // all created commands, and its destruction will be handled automatically. - DCHECK(worker_thread_.Start()); - } - return std::make_unique( - base::BindRepeating(&MockRunGoogleUpdateElevatedCommandFn, - upload_response_code_), - worker_thread_.task_runner()); -} - -void DeviceTrustTestEnvironmentWin::SetUploadResult( - HttpResponseCode upload_response_code) { - upload_response_code_ = upload_response_code; -} - -void DeviceTrustTestEnvironmentWin::SetUpExistingKey() { - auto* factory = KeyPersistenceDelegateFactory::GetInstance(); - auto trust_level = BPKUR::CHROME_BROWSER_HW_KEY; - std::unique_ptr win_key_persistence_delegate = - factory->CreateKeyPersistenceDelegate(); - auto key_pair = win_key_persistence_delegate->CreateKeyPair(); - EXPECT_TRUE(win_key_persistence_delegate->StoreKeyPair( - trust_level, key_pair->key()->GetWrappedKey())); -} - -} // namespace enterprise_connectors diff --git a/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.h b/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.h deleted file mode 100644 index 38b2d4c4a1175..0000000000000 --- a/chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment_win.h +++ /dev/null @@ -1,41 +0,0 @@ -// Copyright 2022 The Chromium Authors -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_BROWSER_ENTERPRISE_CONNECTORS_DEVICE_TRUST_TEST_DEVICE_TRUST_TEST_ENVIRONMENT_WIN_H_ -#define CHROME_BROWSER_ENTERPRISE_CONNECTORS_DEVICE_TRUST_TEST_DEVICE_TRUST_TEST_ENVIRONMENT_WIN_H_ - -#include "base/test/test_reg_util_win.h" -#include "base/threading/thread.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands/scoped_key_rotation_command_factory.h" -#include "chrome/browser/enterprise/connectors/device_trust/key_management/core/network/mock_key_network_delegate.h" -#include "chrome/browser/enterprise/connectors/device_trust/test/device_trust_test_environment.h" -#include "crypto/scoped_mock_unexportable_key_provider.h" - -namespace enterprise_connectors { - -class DeviceTrustTestEnvironmentWin : public DeviceTrustTestEnvironment, - public KeyRotationCommandFactory { - public: - DeviceTrustTestEnvironmentWin(); - ~DeviceTrustTestEnvironmentWin() override; - - // KeyRotationCommandFactory: - std::unique_ptr CreateCommand( - scoped_refptr url_loader_factory, - PrefService* local_prefs) override; - - // DeviceTrustTestEnvironment: - void SetUploadResult(HttpResponseCode upload_response_code) override; - - // DeviceTrustTestEnvironment: - void SetUpExistingKey() override; - - // RegistryOverrideManager for testing with registry - registry_util::RegistryOverrideManager registry_override_manager_; - crypto::ScopedMockUnexportableKeyProvider scoped_key_provider_; -}; - -} // namespace enterprise_connectors - -#endif // CHROME_BROWSER_ENTERPRISE_CONNECTORS_DEVICE_TRUST_TEST_DEVICE_TRUST_TEST_ENVIRONMENT_WIN_H_ diff --git a/chrome/test/BUILD.gn b/chrome/test/BUILD.gn index 344c2e25dc0ad..8c1f6fc218dd2 100644 --- a/chrome/test/BUILD.gn +++ b/chrome/test/BUILD.gn @@ -3201,7 +3201,6 @@ if (!is_android) { deps += [ "//chrome/browser/enterprise/connectors/device_trust/key_management/browser/commands:test_support", "//chrome/browser/enterprise/connectors/device_trust/key_management/core/persistence:test_support", - "//chrome/browser/enterprise/connectors/device_trust/test:test_support", "//chrome/browser/ui/webui/app_home:mojo_bindings", ] }