1# Copyright 2014 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5from autotest_lib.client.bin import test
6from autotest_lib.client.common_lib import error
7from autotest_lib.client.cros import cryptohome, pkcs11
8
9
10class platform_CryptohomeMigrateChapsTokenClient(test.test):
11    """ This is a helper to platform_CryptohomeMigrateChapsToken
12        It logs a test user in and either generates a chaps signing
13        key or checks if a signing key was generated
14    """
15    version = 1
16
17
18    def initialize(self):
19        super(platform_CryptohomeMigrateChapsTokenClient, self).initialize()
20        self._cryptohome_proxy = cryptohome.CryptohomeProxy()
21
22    def run_once(self, generate_key=False):
23
24        user = "user@test.com"
25        password = "test_password"
26        if generate_key:
27            # Make sure that the tpm is owned.
28            status = cryptohome.get_tpm_status()
29            if not status['Owned']:
30                cryptohome.take_tpm_ownership()
31
32            # We generate a chaps key tied to |user|.
33            self._cryptohome_proxy.ensure_clean_cryptohome_for(user, password)
34            result = pkcs11.generate_user_key()
35            if not result:
36                raise error.TestFail('Unable to generate key for ' + user)
37        else:
38            # Check if the chaps key previously generated is still present.
39            # If the key is present, migration was successful, and chaps keys
40            # weren't destroyed.
41            result = self._cryptohome_proxy.mount(user, password)
42            if not result:
43                raise error.TestFail('Unable to remount users cryptohome')
44            result = pkcs11.test_and_cleanup_key()
45            if not result:
46                raise error.TestFail('No Generated keys present for ' + user)
47            self._cryptohome_proxy.remove(user)
48
49