[Sync] Add SyncEncryptionHandler

sync/engine/syncer_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Syncer unit tests. Unfortunately a lot of these tests
 // are outdated and need to be reworked and updated.
 
 #include <algorithm>
 #include <limits>
 #include <list>
@@ skipping 32 matching lines @@
 #include "sync/syncable/read_transaction.h"
 #include "sync/syncable/syncable_util.h"
 #include "sync/syncable/write_transaction.h"
 #include "sync/test/engine/fake_model_worker.h"
 #include "sync/test/engine/mock_connection_manager.h"
 #include "sync/test/engine/test_directory_setter_upper.h"
 #include "sync/test/engine/test_id_factory.h"
 #include "sync/test/engine/test_syncable_utils.h"
 #include "sync/test/fake_encryptor.h"
 #include "sync/test/fake_extensions_activity_monitor.h"
+#include "sync/test/fake_sync_encryption_handler.h"
 #include "sync/util/cryptographer.h"
 #include "sync/util/time.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using base::TimeDelta;
 
 using std::map;
 using std::multimap;
 using std::set;
 using std::string;
@@ skipping 185 matching lines @@
     syncable::ReadTransaction trans(FROM_HERE, directory());
     syncable::Directory::ChildHandles children;
     directory()->GetChildHandlesById(&trans, trans.root_id(), &children);
     ASSERT_EQ(0u, children.size());
     saw_syncer_event_ = false;
     root_id_ = TestIdFactory::root();
     parent_id_ = ids_.MakeServer("parent id");
     child_id_ = ids_.MakeServer("child id");
     directory()->set_store_birthday(mock_server_->store_birthday());
     mock_server_->SetKeystoreKey("encryption_key");
+    cryptographer(&trans)->SetNigoriHandler(&fake_encryption_handler_);

[tim (not reviewing), 2012/08/15 00:23:30]

This accessor should really be called GetCryptographer if it takes a param.

[Nicolas Zea, 2012/08/15 01:08:29]

Done.

   }
 
   virtual void TearDown() {
     mock_server_.reset();
     delete syncer_;
     syncer_ = NULL;
     dir_maker_.TearDown();
   }
   void WriteTestDataToEntry(WriteTransaction* trans, MutableEntry* entry) {
     EXPECT_FALSE(entry->Get(IS_DIR));
@@ skipping 291 matching lines @@
   scoped_ptr<SyncSessionContext> context_;
   bool saw_syncer_event_;
   base::TimeDelta last_short_poll_interval_received_;
   base::TimeDelta last_long_poll_interval_received_;
   base::TimeDelta last_sessions_commit_delay_seconds_;
   scoped_refptr<ModelSafeWorker> worker_;
 
   ModelTypeSet enabled_datatypes_;
   TrafficRecorder traffic_recorder_;
 
+  FakeSyncEncryptionHandler fake_encryption_handler_;
+
   DISALLOW_COPY_AND_ASSIGN(SyncerTest);
 };
 
 TEST_F(SyncerTest, TestCallGatherUnsyncedEntries) {
   {
     Syncer::UnsyncedMetaHandles handles;
     {
       syncable::ReadTransaction trans(FROM_HERE, directory());
       GetUnsyncedEntries(&trans, &handles);
     }
@@ skipping 137 matching lines @@
   mock_server_->AddUpdateDirectory(1, 0, "A", 20, 20);
   {
     // Mark bookmarks as encrypted and set the cryptographer to have pending
     // keys.
     WriteTransaction wtrans(FROM_HERE, UNITTEST, directory());
     Cryptographer other_cryptographer(&encryptor_);
     other_cryptographer.AddKey(other_params);
     sync_pb::EntitySpecifics specifics;
     sync_pb::NigoriSpecifics* nigori = specifics.mutable_nigori();
     other_cryptographer.GetKeys(nigori->mutable_encrypted());
-    nigori->set_encrypt_bookmarks(true);
+    fake_encryption_handler_.EnableEncryptEverything();
     // Set up with an old passphrase, but have pending keys
     cryptographer(&wtrans)->AddKey(key_params);
     cryptographer(&wtrans)->Encrypt(bookmark,
                                     encrypted_bookmark.mutable_encrypted());
-    cryptographer(&wtrans)->Update(*nigori);
+    cryptographer(&wtrans)->SetPendingKeys(nigori->encrypted());
 
     // In conflict but properly encrypted.
     MutableEntry A(&wtrans, GET_BY_ID, ids_.FromNumber(1));
     ASSERT_TRUE(A.good());
     A.Put(IS_UNSYNCED, true);
     A.Put(SPECIFICS, encrypted_bookmark);
     A.Put(NON_UNIQUE_NAME, kEncryptedString);
     // Not in conflict and properly encrypted.
     MutableEntry B(&wtrans, GET_BY_ID, ids_.FromNumber(2));
     ASSERT_TRUE(B.good());
@@ skipping 87 matching lines @@
   modified_pref.mutable_preference()->set_name("name2");
   other_cryptographer.Encrypt(modified_pref,
                               modified_pref.mutable_encrypted());
   {
     // Mark bookmarks and preferences as encrypted and set the cryptographer to
     // have pending keys.
     WriteTransaction wtrans(FROM_HERE, UNITTEST, directory());
     sync_pb::EntitySpecifics specifics;
     sync_pb::NigoriSpecifics* nigori = specifics.mutable_nigori();
     other_cryptographer.GetKeys(nigori->mutable_encrypted());
-    nigori->set_encrypt_bookmarks(true);
-    nigori->set_encrypt_preferences(true);
-    cryptographer(&wtrans)->Update(*nigori);
+    fake_encryption_handler_.EnableEncryptEverything();
+    cryptographer(&wtrans)->SetPendingKeys(nigori->encrypted());
     EXPECT_TRUE(cryptographer(&wtrans)->has_pending_keys());
   }
 
   mock_server_->AddUpdateSpecifics(1, 0, "A", 10, 10, true, 0, bookmark);
   mock_server_->AddUpdateSpecifics(2, 1, "B", 10, 10, false, 2, bookmark);
   mock_server_->AddUpdateSpecifics(3, 1, "C", 10, 10, false, 1, bookmark);
   mock_server_->AddUpdateSpecifics(4, 0, "D", 10, 10, false, 0, pref);
   SyncShareNudge();
   {
     // Initial state. Everything is normal.
@@ skipping 119 matching lines @@
   EXPECT_EQ(status().model_neutral_state().commit_result, SYNCER_OK);
   syncable::ReadTransaction rtrans(FROM_HERE, directory());
   VERIFY_ENTRY(1, false, false, false, 0, 41, 41, ids_, &rtrans);
   VERIFY_ENTRY(2, false, false, false, 1, 31, 31, ids_, &rtrans);
   VERIFY_ENTRY(3, false, false, false, 1, 30, 30, ids_, &rtrans);
   VERIFY_ENTRY(4, false, false, false, 0, 31, 31, ids_, &rtrans);
 }
 
 #undef VERIFY_ENTRY
 
-// Receive an old nigori with old encryption keys and encrypted types. We should
-// not revert our default key or encrypted types.
-TEST_F(SyncerTest, ReceiveOldNigori) {
-  KeyParams old_key = {"localhost", "dummy", "old"};
-  KeyParams current_key = {"localhost", "dummy", "cur"};
-
-  // Data for testing encryption/decryption.
-  Cryptographer other_cryptographer(&encryptor_);
-  other_cryptographer.AddKey(old_key);
-  sync_pb::EntitySpecifics other_encrypted_specifics;
-  other_encrypted_specifics.mutable_bookmark()->set_title("title");
-  other_cryptographer.Encrypt(
-      other_encrypted_specifics,
-      other_encrypted_specifics.mutable_encrypted());
-  sync_pb::EntitySpecifics our_encrypted_specifics;
-  our_encrypted_specifics.mutable_bookmark()->set_title("title2");
-  ModelTypeSet encrypted_types = ModelTypeSet::All();
-
-
-  // Receive the initial nigori node.
-  sync_pb::EntitySpecifics initial_nigori_specifics;
-  initial_nigori_specifics.mutable_nigori();
-  mock_server_->SetNigori(1, 10, 10, initial_nigori_specifics);
-  SyncShareNudge();
-
-  {
-    // Set up the current nigori node (containing both keys and encrypt
-    // everything).
-    WriteTransaction wtrans(FROM_HERE, UNITTEST, directory());
-    sync_pb::EntitySpecifics specifics;
-    sync_pb::NigoriSpecifics* nigori = specifics.mutable_nigori();
-    cryptographer(&wtrans)->AddKey(old_key);
-    cryptographer(&wtrans)->AddKey(current_key);
-    cryptographer(&wtrans)->Encrypt(
-        our_encrypted_specifics,
-        our_encrypted_specifics.mutable_encrypted());
-    cryptographer(&wtrans)->GetKeys(
-        nigori->mutable_encrypted());
-    cryptographer(&wtrans)->set_encrypt_everything();
-    cryptographer(&wtrans)->UpdateNigoriFromEncryptedTypes(nigori);
-    MutableEntry nigori_entry(&wtrans, GET_BY_SERVER_TAG,
-                              ModelTypeToRootTag(NIGORI));
-    ASSERT_TRUE(nigori_entry.good());
-    nigori_entry.Put(SPECIFICS, specifics);
-    nigori_entry.Put(IS_UNSYNCED, true);
-    EXPECT_FALSE(cryptographer(&wtrans)->has_pending_keys());
-    EXPECT_TRUE(encrypted_types.Equals(
-        cryptographer(&wtrans)->GetEncryptedTypes()));
-  }
-
-  SyncShareNudge();  // Commit it.
-
-  // Now set up the old nigori node and add it as a server update.
-  sync_pb::EntitySpecifics old_nigori_specifics;
-  sync_pb::NigoriSpecifics *old_nigori = old_nigori_specifics.mutable_nigori();
-  other_cryptographer.GetKeys(old_nigori->mutable_encrypted());
-  other_cryptographer.UpdateNigoriFromEncryptedTypes(old_nigori);
-  mock_server_->SetNigori(1, 30, 30, old_nigori_specifics);
-
-  SyncShareNudge();  // Download the old nigori and apply it.
-
-  {
-    // Ensure everything is committed and stable now. The cryptographer
-    // should be able to decrypt both sets of keys and still be encrypting with
-    // the newest, and the encrypted types should be the most recent
-    syncable::ReadTransaction trans(FROM_HERE, directory());
-    Entry nigori_entry(&trans, GET_BY_SERVER_TAG,
-                       ModelTypeToRootTag(NIGORI));
-    ASSERT_TRUE(nigori_entry.good());
-    EXPECT_FALSE(nigori_entry.Get(IS_UNAPPLIED_UPDATE));
-    EXPECT_FALSE(nigori_entry.Get(IS_UNSYNCED));
-    const sync_pb::NigoriSpecifics& nigori =
-        nigori_entry.Get(SPECIFICS).nigori();
-    EXPECT_TRUE(cryptographer(&trans)->CanDecryptUsingDefaultKey(
-        our_encrypted_specifics.encrypted()));
-    EXPECT_TRUE(cryptographer(&trans)->CanDecrypt(
-        other_encrypted_specifics.encrypted()));
-    EXPECT_TRUE(cryptographer(&trans)->CanDecrypt(
-        nigori.encrypted()));
-    EXPECT_TRUE(cryptographer(&trans)->encrypt_everything());
-  }
-}
-
 // Resolve a confict between two nigori's with different encrypted types,
 // and encryption keys (remote is explicit). Afterwards, the encrypted types
 // should be unioned and the cryptographer should have both keys and be
 // encrypting with the remote encryption key by default.
 TEST_F(SyncerTest, NigoriConflicts) {
   KeyParams local_key_params = {"localhost", "dummy", "blargle"};
   KeyParams other_key_params = {"localhost", "dummy", "foobar"};
   Cryptographer other_cryptographer(&encryptor_);
   other_cryptographer.AddKey(other_key_params);
   ModelTypeSet encrypted_types(PASSWORDS, NIGORI);
@@ skipping 17 matching lines @@
     // Local changes with different passphrase, different types.
     WriteTransaction wtrans(FROM_HERE, UNITTEST, directory());
     sync_pb::EntitySpecifics specifics;
     sync_pb::NigoriSpecifics* nigori = specifics.mutable_nigori();
     cryptographer(&wtrans)->AddKey(local_key_params);
     cryptographer(&wtrans)->Encrypt(
         our_encrypted_specifics,
         our_encrypted_specifics.mutable_encrypted());
     cryptographer(&wtrans)->GetKeys(
         nigori->mutable_encrypted());
-    cryptographer(&wtrans)->UpdateNigoriFromEncryptedTypes(nigori);
-    cryptographer(&wtrans)->set_encrypt_everything();
+    fake_encryption_handler_.EnableEncryptEverything();
+    cryptographer(&wtrans)->UpdateNigoriFromEncryptedTypes(
+        nigori,
+        &wtrans);
     MutableEntry nigori_entry(&wtrans, GET_BY_SERVER_TAG,
                               ModelTypeToRootTag(NIGORI));
     ASSERT_TRUE(nigori_entry.good());
     nigori_entry.Put(SPECIFICS, specifics);
     nigori_entry.Put(IS_UNSYNCED, true);
     EXPECT_FALSE(cryptographer(&wtrans)->has_pending_keys());
     EXPECT_TRUE(encrypted_types.Equals(
             cryptographer(&wtrans)->GetEncryptedTypes()));
+    fake_encryption_handler_.set_cryptographer(cryptographer(&wtrans));
   }
   {
     sync_pb::EntitySpecifics specifics;
     sync_pb::NigoriSpecifics* nigori = specifics.mutable_nigori();
     other_cryptographer.GetKeys(nigori->mutable_encrypted());
     nigori->set_encrypt_bookmarks(true);
     nigori->set_encrypt_preferences(true);
     nigori->set_encrypt_everything(false);
     nigori->set_using_explicit_passphrase(true);
     mock_server_->SetNigori(1, 20, 20, specifics);
   }
 
   // Will result in downloading the server nigori, which puts the local nigori
   // in a state of conflict. This is resolved by merging the local and server
   // data (with priority given to the server's encryption keys if they are
   // undecryptable), which we then commit. The cryptographer should have pending
   // keys and merge the set of encrypted types.
   SyncShareNudge();  // Resolve conflict in this cycle.
   SyncShareNudge();  // Commit local change in this cycle.
   {
     // Ensure the nigori data merged (encrypted types).
     WriteTransaction wtrans(FROM_HERE, UNITTEST, directory());
     MutableEntry nigori_entry(&wtrans, GET_BY_SERVER_TAG,
                               ModelTypeToRootTag(NIGORI));
     ASSERT_TRUE(nigori_entry.good());
     EXPECT_FALSE(nigori_entry.Get(IS_UNAPPLIED_UPDATE));
     EXPECT_FALSE(nigori_entry.Get(IS_UNSYNCED));
     sync_pb::EntitySpecifics specifics = nigori_entry.Get(SPECIFICS);
-    EXPECT_TRUE(cryptographer(&wtrans)->has_pending_keys());
+    ASSERT_TRUE(cryptographer(&wtrans)->has_pending_keys());
     EXPECT_TRUE(encrypted_types.Equals(
-            cryptographer(&wtrans)->GetEncryptedTypes()));
-    EXPECT_TRUE(cryptographer(&wtrans)->encrypt_everything());
+        cryptographer(&wtrans)->GetEncryptedTypes()));
+    EXPECT_TRUE(fake_encryption_handler_.EncryptEverythingEnabled());
     EXPECT_TRUE(specifics.nigori().using_explicit_passphrase());
     // Supply the pending keys. Afterwards, we should be able to decrypt both
     // our own encrypted data and data encrypted by the other cryptographer,
     // but the key provided by the other cryptographer should be the default.
     EXPECT_TRUE(cryptographer(&wtrans)->DecryptPendingKeys(other_key_params));
     EXPECT_FALSE(cryptographer(&wtrans)->has_pending_keys());
     sync_pb::NigoriSpecifics* nigori = specifics.mutable_nigori();
     cryptographer(&wtrans)->GetKeys(nigori->mutable_encrypted());
-    cryptographer(&wtrans)->UpdateNigoriFromEncryptedTypes(nigori);
+    cryptographer(&wtrans)->UpdateNigoriFromEncryptedTypes(nigori, &wtrans);
     // Normally this would be written as part of SetPassphrase, but we do it
     // manually for the test.
     nigori_entry.Put(SPECIFICS, specifics);
     nigori_entry.Put(IS_UNSYNCED, true);
   }
 
   SyncShareNudge();
   {
     // Ensure everything is committed and stable now. The cryptographer
     // should be able to decrypt both sets of keys, and the encrypted types
@@ skipping 3695 matching lines @@
 
 TEST_F(SyncerPositionTiebreakingTest, MidLowHigh) {
   Add(mid_id_);
   Add(low_id_);
   Add(high_id_);
   SyncShareNudge();
   ExpectLocalOrderIsByServerId();
 }
 
 }  // namespace syncer