| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/sync/util/cryptographer.h" | |
| 6 | |
| 7 #include <string> | |
| 8 | |
| 9 #include "base/memory/scoped_ptr.h" | |
| 10 #include "base/string_util.h" | |
| 11 #include "chrome/browser/password_manager/encryptor.h" | |
| 12 #include "chrome/browser/sync/protocol/nigori_specifics.pb.h" | |
| 13 #include "chrome/browser/sync/protocol/password_specifics.pb.h" | |
| 14 #include "testing/gmock/include/gmock/gmock.h" | |
| 15 #include "testing/gtest/include/gtest/gtest.h" | |
| 16 | |
| 17 namespace browser_sync { | |
| 18 | |
| 19 using ::testing::Mock; | |
| 20 using ::testing::StrictMock; | |
| 21 using syncable::ModelTypeSet; | |
| 22 | |
| 23 namespace { | |
| 24 | |
| 25 class MockObserver : public Cryptographer::Observer { | |
| 26 public: | |
| 27 MOCK_METHOD2(OnEncryptedTypesChanged, | |
| 28 void(const syncable::ModelTypeSet&, bool)); | |
| 29 }; | |
| 30 | |
| 31 } // namespace | |
| 32 | |
| 33 TEST(CryptographerTest, EmptyCantDecrypt) { | |
| 34 Cryptographer cryptographer; | |
| 35 EXPECT_FALSE(cryptographer.is_ready()); | |
| 36 | |
| 37 sync_pb::EncryptedData encrypted; | |
| 38 encrypted.set_key_name("foo"); | |
| 39 encrypted.set_blob("bar"); | |
| 40 | |
| 41 EXPECT_FALSE(cryptographer.CanDecrypt(encrypted)); | |
| 42 } | |
| 43 | |
| 44 TEST(CryptographerTest, EmptyCantEncrypt) { | |
| 45 Cryptographer cryptographer; | |
| 46 EXPECT_FALSE(cryptographer.is_ready()); | |
| 47 | |
| 48 sync_pb::EncryptedData encrypted; | |
| 49 sync_pb::PasswordSpecificsData original; | |
| 50 EXPECT_FALSE(cryptographer.Encrypt(original, &encrypted)); | |
| 51 } | |
| 52 | |
| 53 TEST(CryptographerTest, MissingCantDecrypt) { | |
| 54 Cryptographer cryptographer; | |
| 55 | |
| 56 KeyParams params = {"localhost", "dummy", "dummy"}; | |
| 57 cryptographer.AddKey(params); | |
| 58 EXPECT_TRUE(cryptographer.is_ready()); | |
| 59 | |
| 60 sync_pb::EncryptedData encrypted; | |
| 61 encrypted.set_key_name("foo"); | |
| 62 encrypted.set_blob("bar"); | |
| 63 | |
| 64 EXPECT_FALSE(cryptographer.CanDecrypt(encrypted)); | |
| 65 } | |
| 66 | |
| 67 TEST(CryptographerTest, CanEncryptAndDecrypt) { | |
| 68 Cryptographer cryptographer; | |
| 69 | |
| 70 KeyParams params = {"localhost", "dummy", "dummy"}; | |
| 71 EXPECT_TRUE(cryptographer.AddKey(params)); | |
| 72 EXPECT_TRUE(cryptographer.is_ready()); | |
| 73 | |
| 74 sync_pb::PasswordSpecificsData original; | |
| 75 original.set_origin("http://example.com"); | |
| 76 original.set_username_value("azure"); | |
| 77 original.set_password_value("hunter2"); | |
| 78 | |
| 79 sync_pb::EncryptedData encrypted; | |
| 80 EXPECT_TRUE(cryptographer.Encrypt(original, &encrypted)); | |
| 81 | |
| 82 sync_pb::PasswordSpecificsData decrypted; | |
| 83 EXPECT_TRUE(cryptographer.Decrypt(encrypted, &decrypted)); | |
| 84 | |
| 85 EXPECT_EQ(original.SerializeAsString(), decrypted.SerializeAsString()); | |
| 86 } | |
| 87 | |
| 88 TEST(CryptographerTest, AddKeySetsDefault) { | |
| 89 Cryptographer cryptographer; | |
| 90 | |
| 91 KeyParams params1 = {"localhost", "dummy", "dummy1"}; | |
| 92 EXPECT_TRUE(cryptographer.AddKey(params1)); | |
| 93 EXPECT_TRUE(cryptographer.is_ready()); | |
| 94 | |
| 95 sync_pb::PasswordSpecificsData original; | |
| 96 original.set_origin("http://example.com"); | |
| 97 original.set_username_value("azure"); | |
| 98 original.set_password_value("hunter2"); | |
| 99 | |
| 100 sync_pb::EncryptedData encrypted1; | |
| 101 EXPECT_TRUE(cryptographer.Encrypt(original, &encrypted1)); | |
| 102 sync_pb::EncryptedData encrypted2; | |
| 103 EXPECT_TRUE(cryptographer.Encrypt(original, &encrypted2)); | |
| 104 | |
| 105 KeyParams params2 = {"localhost", "dummy", "dummy2"}; | |
| 106 EXPECT_TRUE(cryptographer.AddKey(params2)); | |
| 107 EXPECT_TRUE(cryptographer.is_ready()); | |
| 108 | |
| 109 sync_pb::EncryptedData encrypted3; | |
| 110 EXPECT_TRUE(cryptographer.Encrypt(original, &encrypted3)); | |
| 111 sync_pb::EncryptedData encrypted4; | |
| 112 EXPECT_TRUE(cryptographer.Encrypt(original, &encrypted4)); | |
| 113 | |
| 114 EXPECT_EQ(encrypted1.key_name(), encrypted2.key_name()); | |
| 115 EXPECT_NE(encrypted1.key_name(), encrypted3.key_name()); | |
| 116 EXPECT_EQ(encrypted3.key_name(), encrypted4.key_name()); | |
| 117 } | |
| 118 | |
| 119 // Crashes, Bug 55178. | |
| 120 #if defined(OS_WIN) | |
| 121 #define MAYBE_EncryptExportDecrypt DISABLED_EncryptExportDecrypt | |
| 122 #else | |
| 123 #define MAYBE_EncryptExportDecrypt EncryptExportDecrypt | |
| 124 #endif | |
| 125 TEST(CryptographerTest, MAYBE_EncryptExportDecrypt) { | |
| 126 sync_pb::EncryptedData nigori; | |
| 127 sync_pb::EncryptedData encrypted; | |
| 128 | |
| 129 sync_pb::PasswordSpecificsData original; | |
| 130 original.set_origin("http://example.com"); | |
| 131 original.set_username_value("azure"); | |
| 132 original.set_password_value("hunter2"); | |
| 133 | |
| 134 { | |
| 135 Cryptographer cryptographer; | |
| 136 | |
| 137 KeyParams params = {"localhost", "dummy", "dummy"}; | |
| 138 cryptographer.AddKey(params); | |
| 139 EXPECT_TRUE(cryptographer.is_ready()); | |
| 140 | |
| 141 EXPECT_TRUE(cryptographer.Encrypt(original, &encrypted)); | |
| 142 EXPECT_TRUE(cryptographer.GetKeys(&nigori)); | |
| 143 } | |
| 144 | |
| 145 { | |
| 146 Cryptographer cryptographer; | |
| 147 EXPECT_FALSE(cryptographer.CanDecrypt(nigori)); | |
| 148 | |
| 149 cryptographer.SetPendingKeys(nigori); | |
| 150 EXPECT_FALSE(cryptographer.is_ready()); | |
| 151 EXPECT_TRUE(cryptographer.has_pending_keys()); | |
| 152 | |
| 153 KeyParams params = {"localhost", "dummy", "dummy"}; | |
| 154 EXPECT_TRUE(cryptographer.DecryptPendingKeys(params)); | |
| 155 EXPECT_TRUE(cryptographer.is_ready()); | |
| 156 EXPECT_FALSE(cryptographer.has_pending_keys()); | |
| 157 | |
| 158 sync_pb::PasswordSpecificsData decrypted; | |
| 159 EXPECT_TRUE(cryptographer.Decrypt(encrypted, &decrypted)); | |
| 160 EXPECT_EQ(original.SerializeAsString(), decrypted.SerializeAsString()); | |
| 161 } | |
| 162 } | |
| 163 | |
| 164 // Crashes, Bug 55178. | |
| 165 #if defined(OS_WIN) | |
| 166 #define MAYBE_PackUnpack DISABLED_PackUnpack | |
| 167 #else | |
| 168 #define MAYBE_PackUnpack PackUnpack | |
| 169 #endif | |
| 170 TEST(CryptographerTest, MAYBE_PackUnpack) { | |
| 171 #if defined(OS_MACOSX) | |
| 172 Encryptor::UseMockKeychain(true); | |
| 173 #endif | |
| 174 | |
| 175 Nigori nigori; | |
| 176 ASSERT_TRUE(nigori.InitByDerivation("example.com", "username", "password")); | |
| 177 std::string expected_user, expected_encryption, expected_mac; | |
| 178 ASSERT_TRUE(nigori.ExportKeys(&expected_user, &expected_encryption, | |
| 179 &expected_mac)); | |
| 180 | |
| 181 Cryptographer cryptographer; | |
| 182 std::string token; | |
| 183 EXPECT_TRUE(cryptographer.PackBootstrapToken(&nigori, &token)); | |
| 184 EXPECT_TRUE(IsStringUTF8(token)); | |
| 185 | |
| 186 scoped_ptr<Nigori> unpacked(cryptographer.UnpackBootstrapToken(token)); | |
| 187 EXPECT_NE(static_cast<Nigori*>(NULL), unpacked.get()); | |
| 188 | |
| 189 std::string user_key, encryption_key, mac_key; | |
| 190 ASSERT_TRUE(unpacked->ExportKeys(&user_key, &encryption_key, &mac_key)); | |
| 191 | |
| 192 EXPECT_EQ(expected_user, user_key); | |
| 193 EXPECT_EQ(expected_encryption, encryption_key); | |
| 194 EXPECT_EQ(expected_mac, mac_key); | |
| 195 } | |
| 196 | |
| 197 TEST(CryptographerTest, NigoriEncryptionTypes) { | |
| 198 Cryptographer cryptographer; | |
| 199 Cryptographer cryptographer2; | |
| 200 sync_pb::NigoriSpecifics nigori; | |
| 201 | |
| 202 StrictMock<MockObserver> observer; | |
| 203 cryptographer.AddObserver(&observer); | |
| 204 StrictMock<MockObserver> observer2; | |
| 205 cryptographer2.AddObserver(&observer2); | |
| 206 | |
| 207 // Just set the sensitive types (shouldn't trigger any | |
| 208 // notifications). | |
| 209 ModelTypeSet encrypted_types(Cryptographer::SensitiveTypes()); | |
| 210 cryptographer.SetEncryptedTypesForTest(encrypted_types); | |
| 211 cryptographer.UpdateNigoriFromEncryptedTypes(&nigori); | |
| 212 cryptographer2.UpdateEncryptedTypesFromNigori(nigori); | |
| 213 EXPECT_EQ(encrypted_types, cryptographer.GetEncryptedTypes()); | |
| 214 EXPECT_EQ(encrypted_types, cryptographer2.GetEncryptedTypes()); | |
| 215 | |
| 216 Mock::VerifyAndClearExpectations(&observer); | |
| 217 Mock::VerifyAndClearExpectations(&observer2); | |
| 218 | |
| 219 EXPECT_CALL(observer, | |
| 220 OnEncryptedTypesChanged(syncable::GetAllRealModelTypes(), | |
| 221 false)); | |
| 222 EXPECT_CALL(observer2, | |
| 223 OnEncryptedTypesChanged(syncable::GetAllRealModelTypes(), | |
| 224 false)); | |
| 225 | |
| 226 // Set all encrypted types | |
| 227 encrypted_types = syncable::GetAllRealModelTypes(); | |
| 228 cryptographer.SetEncryptedTypesForTest(encrypted_types); | |
| 229 cryptographer.UpdateNigoriFromEncryptedTypes(&nigori); | |
| 230 cryptographer2.UpdateEncryptedTypesFromNigori(nigori); | |
| 231 EXPECT_EQ(encrypted_types, cryptographer.GetEncryptedTypes()); | |
| 232 EXPECT_EQ(encrypted_types, cryptographer2.GetEncryptedTypes()); | |
| 233 } | |
| 234 | |
| 235 TEST(CryptographerTest, EncryptEverythingExplicit) { | |
| 236 ModelTypeSet real_types = syncable::GetAllRealModelTypes(); | |
| 237 sync_pb::NigoriSpecifics specifics; | |
| 238 specifics.set_encrypt_everything(true); | |
| 239 | |
| 240 Cryptographer cryptographer; | |
| 241 StrictMock<MockObserver> observer; | |
| 242 cryptographer.AddObserver(&observer); | |
| 243 | |
| 244 EXPECT_CALL(observer, | |
| 245 OnEncryptedTypesChanged(syncable::GetAllRealModelTypes(), | |
| 246 true)); | |
| 247 | |
| 248 EXPECT_FALSE(cryptographer.encrypt_everything()); | |
| 249 ModelTypeSet encrypted_types = cryptographer.GetEncryptedTypes(); | |
| 250 for (ModelTypeSet::iterator iter = real_types.begin(); | |
| 251 iter != real_types.end(); | |
| 252 ++iter) { | |
| 253 if (*iter == syncable::PASSWORDS || *iter == syncable::NIGORI) | |
| 254 EXPECT_EQ(1U, encrypted_types.count(*iter)); | |
| 255 else | |
| 256 EXPECT_EQ(0U, encrypted_types.count(*iter)); | |
| 257 } | |
| 258 | |
| 259 cryptographer.UpdateEncryptedTypesFromNigori(specifics); | |
| 260 | |
| 261 EXPECT_TRUE(cryptographer.encrypt_everything()); | |
| 262 encrypted_types = cryptographer.GetEncryptedTypes(); | |
| 263 for (ModelTypeSet::iterator iter = real_types.begin(); | |
| 264 iter != real_types.end(); | |
| 265 ++iter) { | |
| 266 EXPECT_EQ(1U, encrypted_types.count(*iter)); | |
| 267 } | |
| 268 | |
| 269 // Shouldn't trigger another notification. | |
| 270 specifics.set_encrypt_everything(true); | |
| 271 | |
| 272 cryptographer.RemoveObserver(&observer); | |
| 273 } | |
| 274 | |
| 275 TEST(CryptographerTest, EncryptEverythingImplicit) { | |
| 276 ModelTypeSet real_types = syncable::GetAllRealModelTypes(); | |
| 277 sync_pb::NigoriSpecifics specifics; | |
| 278 specifics.set_encrypt_bookmarks(true); // Non-passwords = encrypt everything | |
| 279 | |
| 280 Cryptographer cryptographer; | |
| 281 StrictMock<MockObserver> observer; | |
| 282 cryptographer.AddObserver(&observer); | |
| 283 | |
| 284 EXPECT_CALL(observer, | |
| 285 OnEncryptedTypesChanged(syncable::GetAllRealModelTypes(), | |
| 286 true)); | |
| 287 | |
| 288 EXPECT_FALSE(cryptographer.encrypt_everything()); | |
| 289 ModelTypeSet encrypted_types = cryptographer.GetEncryptedTypes(); | |
| 290 for (ModelTypeSet::iterator iter = real_types.begin(); | |
| 291 iter != real_types.end(); | |
| 292 ++iter) { | |
| 293 if (*iter == syncable::PASSWORDS || *iter == syncable::NIGORI) | |
| 294 EXPECT_EQ(1U, encrypted_types.count(*iter)); | |
| 295 else | |
| 296 EXPECT_EQ(0U, encrypted_types.count(*iter)); | |
| 297 } | |
| 298 | |
| 299 cryptographer.UpdateEncryptedTypesFromNigori(specifics); | |
| 300 | |
| 301 EXPECT_TRUE(cryptographer.encrypt_everything()); | |
| 302 encrypted_types = cryptographer.GetEncryptedTypes(); | |
| 303 for (ModelTypeSet::iterator iter = real_types.begin(); | |
| 304 iter != real_types.end(); | |
| 305 ++iter) { | |
| 306 EXPECT_EQ(1U, encrypted_types.count(*iter)); | |
| 307 } | |
| 308 | |
| 309 // Shouldn't trigger another notification. | |
| 310 specifics.set_encrypt_everything(true); | |
| 311 | |
| 312 cryptographer.RemoveObserver(&observer); | |
| 313 } | |
| 314 | |
| 315 TEST(CryptographerTest, UnknownSensitiveTypes) { | |
| 316 ModelTypeSet real_types = syncable::GetAllRealModelTypes(); | |
| 317 sync_pb::NigoriSpecifics specifics; | |
| 318 // Explicitly setting encrypt everything should override logic for implicit | |
| 319 // encrypt everything. | |
| 320 specifics.set_encrypt_everything(false); | |
| 321 specifics.set_encrypt_bookmarks(true); | |
| 322 | |
| 323 Cryptographer cryptographer; | |
| 324 StrictMock<MockObserver> observer; | |
| 325 cryptographer.AddObserver(&observer); | |
| 326 | |
| 327 syncable::ModelTypeSet expected_encrypted_types = | |
| 328 Cryptographer::SensitiveTypes(); | |
| 329 expected_encrypted_types.insert(syncable::BOOKMARKS); | |
| 330 | |
| 331 EXPECT_CALL(observer, | |
| 332 OnEncryptedTypesChanged(expected_encrypted_types, | |
| 333 false)); | |
| 334 | |
| 335 EXPECT_FALSE(cryptographer.encrypt_everything()); | |
| 336 ModelTypeSet encrypted_types = cryptographer.GetEncryptedTypes(); | |
| 337 for (ModelTypeSet::iterator iter = real_types.begin(); | |
| 338 iter != real_types.end(); | |
| 339 ++iter) { | |
| 340 if (*iter == syncable::PASSWORDS || *iter == syncable::NIGORI) | |
| 341 EXPECT_EQ(1U, encrypted_types.count(*iter)); | |
| 342 else | |
| 343 EXPECT_EQ(0U, encrypted_types.count(*iter)); | |
| 344 } | |
| 345 | |
| 346 cryptographer.UpdateEncryptedTypesFromNigori(specifics); | |
| 347 | |
| 348 EXPECT_FALSE(cryptographer.encrypt_everything()); | |
| 349 encrypted_types = cryptographer.GetEncryptedTypes(); | |
| 350 for (ModelTypeSet::iterator iter = real_types.begin(); | |
| 351 iter != real_types.end(); | |
| 352 ++iter) { | |
| 353 if (*iter == syncable::PASSWORDS || | |
| 354 *iter == syncable::NIGORI || | |
| 355 *iter == syncable::BOOKMARKS) | |
| 356 EXPECT_EQ(1U, encrypted_types.count(*iter)); | |
| 357 else | |
| 358 EXPECT_EQ(0U, encrypted_types.count(*iter)); | |
| 359 } | |
| 360 | |
| 361 cryptographer.RemoveObserver(&observer); | |
| 362 } | |
| 363 | |
| 364 } // namespace browser_sync | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8468023:
Move encryption related files from util folder to encryption folder. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src