Test Ash smart card login signature failure

Provide test coverage for the scenario when the signature operation, triggered during the challenge-response login (a.k.a. smart card based login), fails. This corresponds to the real-world case when a smart card user tries to log into the system but the smart card is broken or is ejected during the login. Bug: 1090941 Change-Id: Ida39fa52385905643bbeb3728dbbc2f49c527195 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315676 Commit-Queue: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Fabian Sommer <fabiansommer@chromium.org> Cr-Commit-Position: refs/heads/master@{#791276}

Test Ash smart card login signature failure
Provide test coverage for the scenario when the signature operation, triggered during the challenge-response login (a.k.a. smart card based login), fails. This corresponds to the real-world case when a smart card user tries to log into the system but the smart card is broken or is ejected during the login. Bug: 1090941 Change-Id: Ida39fa52385905643bbeb3728dbbc2f49c527195 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315676 Commit-Queue: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Fabian Sommer <fabiansommer@chromium.org> Cr-Commit-Position: refs/heads/master@{#791276}
8ebd7836 · Maksim Ivanov · Commit Bot · cb86ee41 · 8ebd7836
Commit 8ebd7836 authored Jul 23, 2020 by Maksim Ivanov Committed by Commit Bot Jul 23, 2020
Show whitespace changes
Inline Side-by-side

Showing with 27 additions and 2 deletions

chrome/browser/chromeos/login/security_token_login_browsertest.cc ...rowser/chromeos/login/security_token_login_browsertest.cc +27 -2

No files found.
--- a/chrome/browser/chromeos/login/security_token_login_browsertest.cc
+++ b/chrome/browser/chromeos/login/security_token_login_browsertest.cc
@@ -58,6 +58,8 @@ constexpr char kCorrectPin[] = "17093";

 // UI golden strings in the en-US locale:
 constexpr char kChallengeResponseLoginLabel[] = "Sign in with smart card";
+constexpr char kChallengeResponseErrorLabel[] =
+    "Couldn’t recognize your smart card. Try again.";

 constexpr char kChallengeData[] = "challenge";

@@ -187,8 +189,7 @@ class SecurityTokenLoginTest : public MixinBasedInProcessBrowserTest,

  void SetUpOnMainThread() override {
    MixinBasedInProcessBrowserTest::SetUpOnMainThread();
-    cert_provider_extension_mixin_.test_certificate_provider_extension()
-        ->set_require_pin(kCorrectPin);
+    test_certificate_provider_extension()->set_require_pin(kCorrectPin);
    WaitForLoginScreenWidgetShown();
  }

@@ -200,6 +201,10 @@ class SecurityTokenLoginTest : public MixinBasedInProcessBrowserTest,
    return login_manager_mixin_.users()[0].account_id;
  }

+  TestCertificateProviderExtension* test_certificate_provider_extension() {
+    return cert_provider_extension_mixin_.test_certificate_provider_extension();
+  }
+
  void StartLoginAndWaitForPinDialog() {
    base::RunLoop pin_dialog_waiting_run_loop;
    LoginScreenTestApi::SetPinRequestWidgetShownCallback(
@@ -295,4 +300,24 @@ IN_PROC_BROWSER_TEST_F(SecurityTokenLoginTest, PinCancel) {
            base::UTF8ToUTF16(kChallengeResponseLoginLabel));
 }

+// Test the login failure scenario when the extension fails to sign the
+// challenge.
+IN_PROC_BROWSER_TEST_F(SecurityTokenLoginTest, SigningFailure) {
+  test_certificate_provider_extension()->set_should_fail_sign_digest_requests(
+      true);
+
+  AuthFailureWaiter auth_failure_waiter;
+  LoginScreenTestApi::ClickChallengeResponseButton(
+      GetChallengeResponseAccountId());
+  EXPECT_EQ(auth_failure_waiter.Wait(),
+            AuthFailure::COULD_NOT_MOUNT_CRYPTOHOME);
+
+  // An error is shown.
+  EXPECT_TRUE(LoginScreenTestApi::IsChallengeResponseButtonClickable(
+      GetChallengeResponseAccountId()));
+  EXPECT_EQ(LoginScreenTestApi::GetChallengeResponseLabel(
+                GetChallengeResponseAccountId()),
+            base::UTF8ToUTF16(kChallengeResponseErrorLabel));
+}
+
 }  // namespace chromeos