Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(116)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/sync/core_impl/sync_encryption_handler_impl_unittest.cc

Issue 2413313004: [Sync] Move the last things out of core/. (Closed)
Patch Set: Address comments. Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/sync/core_impl/sync_encryption_handler_impl.cc ('k') | components/sync/core_impl/sync_manager_impl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "components/sync/core_impl/sync_encryption_handler_impl.h"
6
7 #include <stdint.h>
8
9 #include <memory>
10
11 #include "base/base64.h"
12 #include "base/json/json_string_value_serializer.h"
13 #include "base/run_loop.h"
14 #include "base/tracked_objects.h"
15 #include "components/sync/base/fake_encryptor.h"
16 #include "components/sync/base/model_type_test_util.h"
17 #include "components/sync/protocol/nigori_specifics.pb.h"
18 #include "components/sync/protocol/sync.pb.h"
19 #include "components/sync/syncable/entry.h"
20 #include "components/sync/syncable/mutable_entry.h"
21 #include "components/sync/syncable/read_node.h"
22 #include "components/sync/syncable/read_transaction.h"
23 #include "components/sync/syncable/syncable_write_transaction.h"
24 #include "components/sync/syncable/test_user_share.h"
25 #include "components/sync/syncable/write_node.h"
26 #include "components/sync/syncable/write_transaction.h"
27 #include "components/sync/test/engine/test_id_factory.h"
28 #include "testing/gmock/include/gmock/gmock.h"
29 #include "testing/gtest/include/gtest/gtest.h"
30
31 namespace syncer {
32
33 namespace {
34
35 using ::testing::_;
36 using ::testing::AnyNumber;
37 using ::testing::AtLeast;
38 using ::testing::Mock;
39 using ::testing::SaveArg;
40 using ::testing::StrictMock;
41
42 // The raw keystore key the server sends.
43 static const char kRawKeystoreKey[] = "keystore_key";
44 // Base64 encoded version of |kRawKeystoreKey|.
45 static const char kKeystoreKey[] = "a2V5c3RvcmVfa2V5";
46
47 class SyncEncryptionHandlerObserverMock
48 : public SyncEncryptionHandler::Observer {
49 public:
50 MOCK_METHOD2(OnPassphraseRequired,
51 void(PassphraseRequiredReason,
52 const sync_pb::EncryptedData&)); // NOLINT
53 MOCK_METHOD0(OnPassphraseAccepted, void()); // NOLINT
54 MOCK_METHOD2(OnBootstrapTokenUpdated,
55 void(const std::string&, BootstrapTokenType type)); // NOLINT
56 MOCK_METHOD2(OnEncryptedTypesChanged, void(ModelTypeSet, bool)); // NOLINT
57 MOCK_METHOD0(OnEncryptionComplete, void()); // NOLINT
58 MOCK_METHOD1(OnCryptographerStateChanged, void(Cryptographer*)); // NOLINT
59 MOCK_METHOD2(OnPassphraseTypeChanged,
60 void(PassphraseType,
61 base::Time)); // NOLINT
62 MOCK_METHOD1(OnLocalSetPassphraseEncryption,
63 void(const SyncEncryptionHandler::NigoriState&)); // NOLINT
64 };
65
66 google::protobuf::RepeatedPtrField<google::protobuf::string>
67 BuildEncryptionKeyProto(const std::string& encryption_key) {
68 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
69 keys.Add()->assign(encryption_key);
70 return keys;
71 }
72
73 } // namespace
74
75 class SyncEncryptionHandlerImplTest : public ::testing::Test {
76 public:
77 SyncEncryptionHandlerImplTest() {}
78 virtual ~SyncEncryptionHandlerImplTest() {}
79
80 virtual void SetUp() {
81 test_user_share_.SetUp();
82 SetUpEncryption();
83 CreateRootForType(NIGORI);
84 }
85
86 virtual void TearDown() {
87 PumpLoop();
88 test_user_share_.TearDown();
89 }
90
91 protected:
92 void SetUpEncryption() {
93 SetUpEncryptionWithKeyForBootstrapping(std::string());
94 }
95
96 void SetUpEncryptionWithKeyForBootstrapping(
97 const std::string& key_for_bootstrapping) {
98 encryption_handler_.reset(new SyncEncryptionHandlerImpl(
99 user_share(), &encryptor_, key_for_bootstrapping,
100 std::string() /* keystore key for bootstrapping */));
101 encryption_handler_->AddObserver(&observer_);
102 }
103
104 void CreateRootForType(ModelType model_type) {
105 syncable::Directory* directory = user_share()->directory.get();
106
107 std::string tag_name = ModelTypeToRootTag(model_type);
108
109 syncable::WriteTransaction wtrans(FROM_HERE, syncable::UNITTEST, directory);
110 syncable::MutableEntry node(&wtrans, syncable::CREATE, model_type,
111 wtrans.root_id(), tag_name);
112 node.PutUniqueServerTag(tag_name);
113 node.PutIsDir(true);
114 node.PutServerIsDir(false);
115 node.PutIsUnsynced(false);
116 node.PutIsUnappliedUpdate(false);
117 node.PutServerVersion(20);
118 node.PutBaseVersion(20);
119 node.PutIsDel(false);
120 node.PutId(ids_.MakeServer(tag_name));
121 sync_pb::EntitySpecifics specifics;
122 AddDefaultFieldValue(model_type, &specifics);
123 node.PutSpecifics(specifics);
124 }
125
126 void PumpLoop() { base::RunLoop().RunUntilIdle(); }
127
128 // Getters for tests.
129 UserShare* user_share() { return test_user_share_.user_share(); }
130 SyncEncryptionHandlerImpl* encryption_handler() {
131 return encryption_handler_.get();
132 }
133 SyncEncryptionHandlerObserverMock* observer() { return &observer_; }
134 Cryptographer* GetCryptographer() {
135 return encryption_handler_->GetCryptographerUnsafe();
136 }
137
138 void VerifyMigratedNigori(PassphraseType passphrase_type,
139 const std::string& passphrase) {
140 VerifyMigratedNigoriWithTimestamp(0, passphrase_type, passphrase);
141 }
142
143 void VerifyMigratedNigoriWithTimestamp(int64_t migration_time,
144 PassphraseType passphrase_type,
145 const std::string& passphrase) {
146 ReadTransaction trans(FROM_HERE, user_share());
147 ReadNode nigori_node(&trans);
148 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
149 const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics();
150 if (migration_time > 0)
151 EXPECT_EQ(migration_time, nigori.keystore_migration_time());
152 else
153 EXPECT_TRUE(nigori.has_keystore_migration_time());
154 EXPECT_TRUE(nigori.keybag_is_frozen());
155 if (passphrase_type == PassphraseType::CUSTOM_PASSPHRASE ||
156 passphrase_type == PassphraseType::FROZEN_IMPLICIT_PASSPHRASE) {
157 EXPECT_TRUE(nigori.encrypt_everything());
158 EXPECT_TRUE(nigori.keystore_decryptor_token().blob().empty());
159 if (passphrase_type == PassphraseType::CUSTOM_PASSPHRASE) {
160 EXPECT_EQ(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE,
161 nigori.passphrase_type());
162 if (!encryption_handler()->custom_passphrase_time().is_null()) {
163 EXPECT_EQ(
164 nigori.custom_passphrase_time(),
165 TimeToProtoTime(encryption_handler()->custom_passphrase_time()));
166 }
167 } else {
168 EXPECT_EQ(sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE,
169 nigori.passphrase_type());
170 }
171 } else {
172 EXPECT_FALSE(nigori.encrypt_everything());
173 EXPECT_FALSE(nigori.keystore_decryptor_token().blob().empty());
174 EXPECT_EQ(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE,
175 nigori.passphrase_type());
176 Cryptographer keystore_cryptographer(&encryptor_);
177 KeyParams params = {"localhost", "dummy", kKeystoreKey};
178 keystore_cryptographer.AddKey(params);
179 EXPECT_TRUE(keystore_cryptographer.CanDecryptUsingDefaultKey(
180 nigori.keystore_decryptor_token()));
181 }
182
183 Cryptographer temp_cryptographer(&encryptor_);
184 KeyParams params = {"localhost", "dummy", passphrase};
185 temp_cryptographer.AddKey(params);
186 EXPECT_TRUE(temp_cryptographer.CanDecryptUsingDefaultKey(
187 nigori.encryption_keybag()));
188 }
189
190 sync_pb::NigoriSpecifics BuildMigratedNigori(
191 PassphraseType passphrase_type,
192 int64_t migration_time,
193 const std::string& default_passphrase,
194 const std::string& keystore_key) {
195 DCHECK_NE(passphrase_type, PassphraseType::IMPLICIT_PASSPHRASE);
196 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
197
198 std::string default_key = default_passphrase;
199 if (default_key.empty()) {
200 default_key = keystore_key;
201 } else {
202 KeyParams keystore_params = {"localhost", "dummy", keystore_key};
203 other_cryptographer.AddKey(keystore_params);
204 }
205 KeyParams params = {"localhost", "dummy", default_key};
206 other_cryptographer.AddKey(params);
207 EXPECT_TRUE(other_cryptographer.is_ready());
208
209 sync_pb::NigoriSpecifics nigori;
210 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
211 nigori.set_keybag_is_frozen(true);
212 nigori.set_keystore_migration_time(migration_time);
213
214 if (passphrase_type == PassphraseType::KEYSTORE_PASSPHRASE) {
215 sync_pb::EncryptedData keystore_decryptor_token;
216 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
217 other_cryptographer, keystore_key, &keystore_decryptor_token));
218 nigori.mutable_keystore_decryptor_token()->CopyFrom(
219 keystore_decryptor_token);
220 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
221 } else {
222 nigori.set_encrypt_everything(true);
223 nigori.set_passphrase_type(
224 passphrase_type == PassphraseType::CUSTOM_PASSPHRASE
225 ? sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE
226 : sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE);
227 }
228 return nigori;
229 }
230
231 void VerifyPassphraseType(PassphraseType passphrase_type) {
232 ReadTransaction trans(FROM_HERE, user_share());
233 EXPECT_EQ(passphrase_type,
234 encryption_handler()->GetPassphraseType(trans.GetWrappedTrans()));
235 }
236
237 // Build a migrated nigori node with the specified default passphrase
238 // and keystore key and initialize the encryption handler with it.
239 void InitKeystoreMigratedNigori(int64_t migration_time,
240 const std::string& default_passphrase,
241 const std::string& keystore_key) {
242 {
243 WriteTransaction trans(FROM_HERE, user_share());
244 WriteNode nigori_node(&trans);
245 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
246 sync_pb::NigoriSpecifics nigori =
247 BuildMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE,
248 migration_time, default_passphrase, keystore_key);
249 nigori_node.SetNigoriSpecifics(nigori);
250 }
251
252 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(
253 PassphraseType::KEYSTORE_PASSPHRASE, _));
254 EXPECT_CALL(*observer(),
255 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
256 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AtLeast(1));
257 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
258 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(AtLeast(1));
259 encryption_handler()->Init();
260 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
261 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
262 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
263 Mock::VerifyAndClearExpectations(observer());
264 }
265
266 // Build a migrated nigori node with the specified default passphrase
267 // as a custom passphrase.
268 void InitCustomPassMigratedNigori(int64_t migration_time,
269 const std::string& default_passphrase) {
270 {
271 WriteTransaction trans(FROM_HERE, user_share());
272 WriteNode nigori_node(&trans);
273 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
274 sync_pb::NigoriSpecifics nigori =
275 BuildMigratedNigori(PassphraseType::CUSTOM_PASSPHRASE, migration_time,
276 default_passphrase, kKeystoreKey);
277 nigori_node.SetNigoriSpecifics(nigori);
278 }
279
280 EXPECT_CALL(*observer(),
281 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
282 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AtLeast(1));
283 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true))
284 .Times(AtLeast(1));
285 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(AtLeast(1));
286 encryption_handler()->Init();
287 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
288 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
289 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
290 Mock::VerifyAndClearExpectations(observer());
291 }
292
293 // Build an unmigrated nigori node with the specified passphrase and type and
294 // initialize the encryption handler with it.
295 void InitUnmigratedNigori(const std::string& default_passphrase,
296 PassphraseType passphrase_type) {
297 DCHECK_NE(passphrase_type, PassphraseType::FROZEN_IMPLICIT_PASSPHRASE);
298 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
299 KeyParams default_key = {"localhost", "dummy", default_passphrase};
300 other_cryptographer.AddKey(default_key);
301 EXPECT_TRUE(other_cryptographer.is_ready());
302
303 {
304 WriteTransaction trans(FROM_HERE, user_share());
305 WriteNode nigori_node(&trans);
306 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
307 sync_pb::NigoriSpecifics nigori;
308 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
309 nigori.set_keybag_is_frozen(passphrase_type ==
310 PassphraseType::CUSTOM_PASSPHRASE);
311 nigori_node.SetNigoriSpecifics(nigori);
312 }
313
314 if (passphrase_type != PassphraseType::IMPLICIT_PASSPHRASE) {
315 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(passphrase_type, _));
316 }
317 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AtLeast(1));
318 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
319 encryption_handler()->Init();
320 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
321 VerifyPassphraseType(passphrase_type);
322 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
323 Mock::VerifyAndClearExpectations(observer());
324 }
325
326 // Verify we can restore the SyncEncryptionHandler state using a saved
327 // |bootstrap_token| and |nigori_state|.
328 //
329 // |migration_time| is the time migration occurred.
330 //
331 // |passphrase| is the custom passphrase.
332 void VerifyRestoreAfterCustomPassphrase(
333 int64_t migration_time,
334 const std::string& passphrase,
335 const std::string& bootstrap_token,
336 const SyncEncryptionHandler::NigoriState& nigori_state,
337 PassphraseType passphrase_type) {
338 TearDown();
339 test_user_share_.SetUp();
340 SetUpEncryptionWithKeyForBootstrapping(bootstrap_token);
341 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
342 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true))
343 .Times(AnyNumber());
344 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(passphrase_type, _));
345 EXPECT_CALL(*observer(), OnEncryptionComplete());
346 encryption_handler()->RestoreNigori(nigori_state);
347 encryption_handler()->Init();
348 Mock::VerifyAndClearExpectations(observer());
349 VerifyMigratedNigoriWithTimestamp(migration_time, passphrase_type,
350 passphrase);
351 }
352
353 protected:
354 TestUserShare test_user_share_;
355 FakeEncryptor encryptor_;
356 std::unique_ptr<SyncEncryptionHandlerImpl> encryption_handler_;
357 StrictMock<SyncEncryptionHandlerObserverMock> observer_;
358 TestIdFactory ids_;
359 base::MessageLoop message_loop_;
360 };
361
362 // Verify that the encrypted types are being written to and read from the
363 // nigori node properly.
364 TEST_F(SyncEncryptionHandlerImplTest, NigoriEncryptionTypes) {
365 sync_pb::NigoriSpecifics nigori;
366
367 StrictMock<SyncEncryptionHandlerObserverMock> observer2;
368 SyncEncryptionHandlerImpl handler2(user_share(), &encryptor_, std::string(),
369 std::string() /* bootstrap tokens */);
370 handler2.AddObserver(&observer2);
371
372 // Just set the sensitive types (shouldn't trigger any notifications).
373 ModelTypeSet encrypted_types(SyncEncryptionHandler::SensitiveTypes());
374 {
375 WriteTransaction trans(FROM_HERE, user_share());
376 encryption_handler()->MergeEncryptedTypes(encrypted_types,
377 trans.GetWrappedTrans());
378 encryption_handler()->UpdateNigoriFromEncryptedTypes(
379 &nigori, trans.GetWrappedTrans());
380 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
381 }
382 EXPECT_EQ(encrypted_types, encryption_handler()->GetEncryptedTypesUnsafe());
383 EXPECT_EQ(encrypted_types, handler2.GetEncryptedTypesUnsafe());
384
385 Mock::VerifyAndClearExpectations(observer());
386 Mock::VerifyAndClearExpectations(&observer2);
387
388 ModelTypeSet encrypted_user_types = EncryptableUserTypes();
389
390 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
391 HasModelTypes(encrypted_user_types), false));
392 EXPECT_CALL(observer2, OnEncryptedTypesChanged(
393 HasModelTypes(encrypted_user_types), false));
394
395 // Set all encrypted types
396 encrypted_types = EncryptableUserTypes();
397 {
398 WriteTransaction trans(FROM_HERE, user_share());
399 encryption_handler()->MergeEncryptedTypes(encrypted_types,
400 trans.GetWrappedTrans());
401 encryption_handler()->UpdateNigoriFromEncryptedTypes(
402 &nigori, trans.GetWrappedTrans());
403 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
404 }
405 EXPECT_EQ(encrypted_types, encryption_handler()->GetEncryptedTypesUnsafe());
406 EXPECT_EQ(encrypted_types, handler2.GetEncryptedTypesUnsafe());
407
408 // Receiving an empty nigori should not reset any encrypted types or trigger
409 // an observer notification.
410 Mock::VerifyAndClearExpectations(observer());
411 Mock::VerifyAndClearExpectations(&observer2);
412 nigori = sync_pb::NigoriSpecifics();
413 {
414 WriteTransaction trans(FROM_HERE, user_share());
415 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
416 }
417 EXPECT_EQ(encrypted_types, encryption_handler()->GetEncryptedTypesUnsafe());
418 }
419
420 // Verify the encryption handler processes the encrypt everything field
421 // properly.
422 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingExplicit) {
423 sync_pb::NigoriSpecifics nigori;
424 nigori.set_encrypt_everything(true);
425
426 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
427 HasModelTypes(EncryptableUserTypes()), true));
428
429 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
430 ModelTypeSet encrypted_types =
431 encryption_handler()->GetEncryptedTypesUnsafe();
432 EXPECT_EQ(ModelTypeSet(PASSWORDS, WIFI_CREDENTIALS), encrypted_types);
433
434 {
435 WriteTransaction trans(FROM_HERE, user_share());
436 encryption_handler()->UpdateEncryptedTypesFromNigori(
437 nigori, trans.GetWrappedTrans());
438 }
439
440 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
441 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
442 EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes()));
443
444 // Receiving the nigori node again shouldn't trigger another notification.
445 Mock::VerifyAndClearExpectations(observer());
446 {
447 WriteTransaction trans(FROM_HERE, user_share());
448 encryption_handler()->UpdateEncryptedTypesFromNigori(
449 nigori, trans.GetWrappedTrans());
450 }
451 }
452
453 // Verify the encryption handler can detect an implicit encrypt everything state
454 // (from clients that failed to write the encrypt everything field).
455 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingImplicit) {
456 sync_pb::NigoriSpecifics nigori;
457 nigori.set_encrypt_bookmarks(true); // Non-passwords = encrypt everything
458
459 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
460 HasModelTypes(EncryptableUserTypes()), true));
461
462 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
463 ModelTypeSet encrypted_types =
464 encryption_handler()->GetEncryptedTypesUnsafe();
465 EXPECT_EQ(ModelTypeSet(PASSWORDS, WIFI_CREDENTIALS), encrypted_types);
466
467 {
468 WriteTransaction trans(FROM_HERE, user_share());
469 encryption_handler()->UpdateEncryptedTypesFromNigori(
470 nigori, trans.GetWrappedTrans());
471 }
472
473 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
474 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
475 EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes()));
476
477 // Receiving a nigori node with encrypt everything explicitly set shouldn't
478 // trigger another notification.
479 Mock::VerifyAndClearExpectations(observer());
480 nigori.set_encrypt_everything(true);
481 {
482 WriteTransaction trans(FROM_HERE, user_share());
483 encryption_handler()->UpdateEncryptedTypesFromNigori(
484 nigori, trans.GetWrappedTrans());
485 }
486 }
487
488 // Verify the encryption handler can deal with new versions treating new types
489 // as Sensitive, and that it does not consider this an implicit encrypt
490 // everything case.
491 TEST_F(SyncEncryptionHandlerImplTest, UnknownSensitiveTypes) {
492 sync_pb::NigoriSpecifics nigori;
493 nigori.set_encrypt_everything(false);
494 nigori.set_encrypt_bookmarks(true);
495
496 ModelTypeSet expected_encrypted_types =
497 SyncEncryptionHandler::SensitiveTypes();
498 expected_encrypted_types.Put(BOOKMARKS);
499
500 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
501 HasModelTypes(expected_encrypted_types), false));
502
503 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
504 ModelTypeSet encrypted_types =
505 encryption_handler()->GetEncryptedTypesUnsafe();
506 EXPECT_EQ(ModelTypeSet(PASSWORDS, WIFI_CREDENTIALS), encrypted_types);
507
508 {
509 WriteTransaction trans(FROM_HERE, user_share());
510 encryption_handler()->UpdateEncryptedTypesFromNigori(
511 nigori, trans.GetWrappedTrans());
512 }
513
514 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
515 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
516 EXPECT_EQ(ModelTypeSet(BOOKMARKS, PASSWORDS, WIFI_CREDENTIALS),
517 encrypted_types);
518 }
519
520 // Receive an old nigori with old encryption keys and encrypted types. We should
521 // not revert our default key or encrypted types, and should post a task to
522 // overwrite the existing nigori with the correct data.
523 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldNigori) {
524 KeyParams old_key = {"localhost", "dummy", "old"};
525 KeyParams current_key = {"localhost", "dummy", "cur"};
526
527 // Data for testing encryption/decryption.
528 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
529 other_cryptographer.AddKey(old_key);
530 sync_pb::EntitySpecifics other_encrypted_specifics;
531 other_encrypted_specifics.mutable_bookmark()->set_title("title");
532 other_cryptographer.Encrypt(other_encrypted_specifics,
533 other_encrypted_specifics.mutable_encrypted());
534 sync_pb::EntitySpecifics our_encrypted_specifics;
535 our_encrypted_specifics.mutable_bookmark()->set_title("title2");
536 ModelTypeSet encrypted_types = EncryptableUserTypes();
537
538 // Set up the current encryption state (containing both keys and encrypt
539 // everything).
540 sync_pb::NigoriSpecifics current_nigori_specifics;
541 GetCryptographer()->AddKey(old_key);
542 GetCryptographer()->AddKey(current_key);
543 GetCryptographer()->Encrypt(our_encrypted_specifics,
544 our_encrypted_specifics.mutable_encrypted());
545 GetCryptographer()->GetKeys(
546 current_nigori_specifics.mutable_encryption_keybag());
547 current_nigori_specifics.set_encrypt_everything(true);
548
549 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
550 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
551 HasModelTypes(EncryptableUserTypes()), true));
552 {
553 // Update the encryption handler.
554 WriteTransaction trans(FROM_HERE, user_share());
555 encryption_handler()->ApplyNigoriUpdate(current_nigori_specifics,
556 trans.GetWrappedTrans());
557 }
558 Mock::VerifyAndClearExpectations(observer());
559
560 // Now set up the old nigori specifics and apply it on top.
561 // Has an old set of keys, and no encrypted types.
562 sync_pb::NigoriSpecifics old_nigori;
563 other_cryptographer.GetKeys(old_nigori.mutable_encryption_keybag());
564
565 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
566 {
567 // Update the encryption handler.
568 WriteTransaction trans(FROM_HERE, user_share());
569 encryption_handler()->ApplyNigoriUpdate(old_nigori,
570 trans.GetWrappedTrans());
571 }
572 EXPECT_TRUE(GetCryptographer()->is_ready());
573 EXPECT_FALSE(GetCryptographer()->has_pending_keys());
574
575 // Encryption handler should have posted a task to overwrite the old
576 // specifics.
577 PumpLoop();
578
579 {
580 // The cryptographer should be able to decrypt both sets of keys and still
581 // be encrypting with the newest, and the encrypted types should be the
582 // most recent.
583 // In addition, the nigori node should match the current encryption state.
584 ReadTransaction trans(FROM_HERE, user_share());
585 ReadNode nigori_node(&trans);
586 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
587 const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics();
588 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(
589 our_encrypted_specifics.encrypted()));
590 EXPECT_TRUE(
591 GetCryptographer()->CanDecrypt(other_encrypted_specifics.encrypted()));
592 EXPECT_TRUE(GetCryptographer()->CanDecrypt(nigori.encryption_keybag()));
593 EXPECT_TRUE(nigori.encrypt_everything());
594 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(
595 nigori.encryption_keybag()));
596 }
597 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
598 }
599
600 // Ensure setting the keystore key works, updates the bootstrap token, and
601 // triggers a non-backwards compatible migration. Then verify that the
602 // bootstrap token can be correctly parsed by the encryption handler at startup
603 // time.
604 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreMigratesAndUpdatesBootstrap) {
605 // Passing no keys should do nothing.
606 EXPECT_CALL(*observer(), OnBootstrapTokenUpdated(_, _)).Times(0);
607 {
608 WriteTransaction trans(FROM_HERE, user_share());
609 EXPECT_FALSE(GetCryptographer()->is_initialized());
610 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
611 EXPECT_FALSE(encryption_handler()->SetKeystoreKeys(
612 BuildEncryptionKeyProto(std::string()), trans.GetWrappedTrans()));
613 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
614 }
615 Mock::VerifyAndClearExpectations(observer());
616
617 // Build a set of keystore keys.
618 const char kRawOldKeystoreKey[] = "old_keystore_key";
619 std::string old_keystore_key;
620 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
621 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
622 keys.Add()->assign(kRawOldKeystoreKey);
623 keys.Add()->assign(kRawKeystoreKey);
624
625 // Pass them to the encryption handler, triggering a migration and bootstrap
626 // token update.
627 std::string encoded_key;
628 std::string keystore_bootstrap;
629 EXPECT_CALL(*observer(), OnEncryptionComplete());
630 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_));
631 EXPECT_CALL(*observer(), OnPassphraseAccepted());
632 EXPECT_CALL(*observer(),
633 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
634 EXPECT_CALL(*observer(), OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN))
635 .WillOnce(SaveArg<0>(&keystore_bootstrap));
636 {
637 WriteTransaction trans(FROM_HERE, user_share());
638 EXPECT_TRUE(
639 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans()));
640 EXPECT_FALSE(
641 encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
642 EXPECT_FALSE(GetCryptographer()->is_initialized());
643 }
644 PumpLoop();
645 EXPECT_TRUE(GetCryptographer()->is_initialized());
646 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kKeystoreKey);
647
648 // Ensure the bootstrap is encoded properly (a base64 encoded encrypted blob
649 // of list values containing the keystore keys).
650 std::string decoded_bootstrap;
651 ASSERT_TRUE(base::Base64Decode(keystore_bootstrap, &decoded_bootstrap));
652 std::string decrypted_bootstrap;
653 ASSERT_TRUE(GetCryptographer()->encryptor()->DecryptString(
654 decoded_bootstrap, &decrypted_bootstrap));
655 JSONStringValueDeserializer json(decrypted_bootstrap);
656 std::unique_ptr<base::Value> deserialized_keystore_keys(
657 json.Deserialize(NULL, NULL));
658 ASSERT_TRUE(deserialized_keystore_keys.get());
659 base::ListValue* keystore_list = NULL;
660 deserialized_keystore_keys->GetAsList(&keystore_list);
661 ASSERT_TRUE(keystore_list);
662 ASSERT_EQ(2U, keystore_list->GetSize());
663 std::string test_string;
664 keystore_list->GetString(0, &test_string);
665 ASSERT_EQ(old_keystore_key, test_string);
666 keystore_list->GetString(1, &test_string);
667 ASSERT_EQ(kKeystoreKey, test_string);
668
669 // Now make sure a new encryption handler can correctly parse the bootstrap
670 // token.
671 SyncEncryptionHandlerImpl handler2(user_share(), &encryptor_,
672 std::string(), // Cryptographer bootstrap.
673 keystore_bootstrap);
674
675 {
676 WriteTransaction trans(FROM_HERE, user_share());
677 EXPECT_FALSE(handler2.NeedKeystoreKey(trans.GetWrappedTrans()));
678 }
679 }
680
681 // Ensure GetKeystoreDecryptor only updates the keystore decryptor token if it
682 // wasn't already set properly. Otherwise, the decryptor should remain the
683 // same.
684 TEST_F(SyncEncryptionHandlerImplTest, GetKeystoreDecryptor) {
685 const char kCurKey[] = "cur";
686 sync_pb::EncryptedData encrypted;
687 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
688 KeyParams cur_key = {"localhost", "dummy", kCurKey};
689 other_cryptographer.AddKey(cur_key);
690 EXPECT_TRUE(other_cryptographer.is_ready());
691 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
692 other_cryptographer, kKeystoreKey, &encrypted));
693 std::string serialized = encrypted.SerializeAsString();
694 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
695 other_cryptographer, kKeystoreKey, &encrypted));
696 EXPECT_EQ(serialized, encrypted.SerializeAsString());
697 }
698
699 // Test that we don't attempt to migrate while an implicit passphrase is pending
700 // and that once we do decrypt pending keys we migrate the nigori. Once
701 // migrated, we should be in keystore passphrase state.
702 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptImplicitPass) {
703 const char kOtherKey[] = "other";
704 {
705 EXPECT_CALL(*observer(),
706 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
707 ReadTransaction trans(FROM_HERE, user_share());
708 encryption_handler()->SetKeystoreKeys(
709 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
710 Mock::VerifyAndClearExpectations(observer());
711 }
712 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
713
714 {
715 WriteTransaction trans(FROM_HERE, user_share());
716 WriteNode nigori_node(&trans);
717 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
718 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
719 KeyParams other_key = {"localhost", "dummy", kOtherKey};
720 other_cryptographer.AddKey(other_key);
721
722 sync_pb::NigoriSpecifics nigori;
723 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
724 nigori.set_keybag_is_frozen(false);
725 nigori.set_encrypt_everything(false);
726 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
727 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
728 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
729 nigori_node.SetNigoriSpecifics(nigori);
730 }
731 // Run any tasks posted via AppplyNigoriUpdate.
732 PumpLoop();
733 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
734 Mock::VerifyAndClearExpectations(observer());
735
736 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
737 EXPECT_CALL(*observer(), OnPassphraseAccepted());
738 EXPECT_CALL(*observer(),
739 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
740 EXPECT_CALL(*observer(),
741 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
742 EXPECT_CALL(*observer(), OnEncryptionComplete());
743 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
744 encryption_handler()->SetDecryptionPassphrase(kOtherKey);
745 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
746 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
747 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kOtherKey);
748 }
749
750 // Test that we don't attempt to migrate while a custom passphrase is pending,
751 // and that once we do decrypt pending keys we migrate the nigori. Once
752 // migrated, we should be in custom passphrase state with encrypt everything.
753 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptCustomPass) {
754 const char kOtherKey[] = "other";
755 {
756 EXPECT_CALL(*observer(),
757 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
758 ReadTransaction trans(FROM_HERE, user_share());
759 encryption_handler()->SetKeystoreKeys(
760 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
761 Mock::VerifyAndClearExpectations(observer());
762 }
763 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
764
765 {
766 WriteTransaction trans(FROM_HERE, user_share());
767 WriteNode nigori_node(&trans);
768 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
769 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
770 KeyParams other_key = {"localhost", "dummy", kOtherKey};
771 other_cryptographer.AddKey(other_key);
772
773 sync_pb::NigoriSpecifics nigori;
774 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
775 nigori.set_keybag_is_frozen(true);
776 nigori.set_encrypt_everything(false);
777 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
778 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
779 EXPECT_CALL(*observer(),
780 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
781 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
782 nigori_node.SetNigoriSpecifics(nigori);
783 }
784 // Run any tasks posted via AppplyNigoriUpdate.
785 PumpLoop();
786 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
787 Mock::VerifyAndClearExpectations(observer());
788
789 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
790 EXPECT_CALL(*observer(), OnPassphraseAccepted());
791 std::string captured_bootstrap_token;
792 EXPECT_CALL(*observer(),
793 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
794 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
795 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
796 SyncEncryptionHandler::NigoriState captured_nigori_state;
797 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
798 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
799 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(2);
800 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
801 encryption_handler()->SetDecryptionPassphrase(kOtherKey);
802 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
803 const base::Time migration_time = encryption_handler()->migration_time();
804 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
805 VerifyMigratedNigori(PassphraseType::CUSTOM_PASSPHRASE, kOtherKey);
806
807 VerifyRestoreAfterCustomPassphrase(
808 TimeToProtoTime(migration_time), kOtherKey, captured_bootstrap_token,
809 captured_nigori_state, PassphraseType::CUSTOM_PASSPHRASE);
810 }
811
812 // Test that we trigger a migration when we set the keystore key, had an
813 // implicit passphrase, and did not have encrypt everything. We should switch
814 // to PassphraseType::KEYSTORE_PASSPHRASE.
815 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnKeystoreKeyAvailableImplicit) {
816 const char kCurKey[] = "cur";
817 KeyParams current_key = {"localhost", "dummy", kCurKey};
818 GetCryptographer()->AddKey(current_key);
819 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
820 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
821 EXPECT_CALL(*observer(), OnEncryptionComplete());
822 encryption_handler()->Init();
823 Mock::VerifyAndClearExpectations(observer());
824
825 {
826 ReadTransaction trans(FROM_HERE, user_share());
827 // Once we provide a keystore key, we should perform the migration.
828 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
829 EXPECT_CALL(*observer(),
830 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
831 encryption_handler()->SetKeystoreKeys(
832 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
833 }
834 EXPECT_CALL(*observer(),
835 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
836 // The actual migration gets posted, so run all pending tasks.
837 PumpLoop();
838 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
839 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
840 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
841 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kCurKey);
842 }
843
844 // Test that we trigger a migration when we set the keystore key, had an
845 // implicit passphrase, and encrypt everything enabled. We should switch to
846 // PassphraseType::FROZEN_IMPLICIT_PASSPHRASE.
847 TEST_F(SyncEncryptionHandlerImplTest,
848 MigrateOnKeystoreKeyAvailableFrozenImplicit) {
849 const char kCurKey[] = "cur";
850 KeyParams current_key = {"localhost", "dummy", kCurKey};
851 GetCryptographer()->AddKey(current_key);
852 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
853 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
854 EXPECT_CALL(*observer(), OnEncryptionComplete());
855 encryption_handler()->Init();
856 Mock::VerifyAndClearExpectations(observer());
857 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
858 SyncEncryptionHandler::NigoriState captured_nigori_state;
859 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
860 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
861 EXPECT_CALL(*observer(), OnEncryptionComplete());
862 encryption_handler()->EnableEncryptEverything();
863
864 {
865 ReadTransaction trans(FROM_HERE, user_share());
866 // Once we provide a keystore key, we should perform the migration.
867 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
868 EXPECT_CALL(*observer(),
869 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
870 encryption_handler()->SetKeystoreKeys(
871 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
872 }
873 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(
874 PassphraseType::FROZEN_IMPLICIT_PASSPHRASE, _));
875
876 // The actual migration gets posted, so run all pending tasks.
877 PumpLoop();
878 Mock::VerifyAndClearExpectations(observer());
879
880 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
881 const base::Time migration_time = encryption_handler()->migration_time();
882 VerifyPassphraseType(PassphraseType::FROZEN_IMPLICIT_PASSPHRASE);
883 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
884 VerifyMigratedNigori(PassphraseType::FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
885
886 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
887 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
888 // during a previous instance) so get it from the Cryptographer.
889 std::string passphrase_bootstrap_token;
890 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
891 VerifyRestoreAfterCustomPassphrase(
892 TimeToProtoTime(migration_time), kCurKey, passphrase_bootstrap_token,
893 captured_nigori_state, PassphraseType::FROZEN_IMPLICIT_PASSPHRASE);
894 }
895
896 // Test that we trigger a migration when we set the keystore key, had a
897 // custom passphrase, and encrypt everything enabled. The passphrase state
898 // should remain as CUSTOM_PASSPHRASE, and encrypt everything stay the same.
899 TEST_F(SyncEncryptionHandlerImplTest,
900 MigrateOnKeystoreKeyAvailableCustomWithEncryption) {
901 const char kCurKey[] = "cur";
902 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
903 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
904 EXPECT_CALL(*observer(), OnPassphraseAccepted());
905 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
906 EXPECT_CALL(*observer(), OnEncryptionComplete());
907 EXPECT_CALL(*observer(),
908 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
909 std::string captured_bootstrap_token;
910 EXPECT_CALL(*observer(),
911 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
912 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
913 encryption_handler()->Init();
914 encryption_handler()->SetEncryptionPassphrase(kCurKey, true);
915 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
916 Mock::VerifyAndClearExpectations(observer());
917
918 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
919 EXPECT_CALL(*observer(), OnEncryptionComplete());
920 encryption_handler()->EnableEncryptEverything();
921 Mock::VerifyAndClearExpectations(observer());
922
923 SyncEncryptionHandler::NigoriState captured_nigori_state;
924 {
925 ReadTransaction trans(FROM_HERE, user_share());
926 // Once we provide a keystore key, we should perform the migration.
927 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
928 EXPECT_CALL(*observer(),
929 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
930 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
931 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
932 encryption_handler()->SetKeystoreKeys(
933 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
934 }
935
936 // The actual migration gets posted, so run all pending tasks.
937 PumpLoop();
938 Mock::VerifyAndClearExpectations(observer());
939
940 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
941 const base::Time migration_time = encryption_handler()->migration_time();
942 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
943 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
944 VerifyMigratedNigori(PassphraseType::CUSTOM_PASSPHRASE, kCurKey);
945
946 VerifyRestoreAfterCustomPassphrase(
947 TimeToProtoTime(migration_time), kCurKey, captured_bootstrap_token,
948 captured_nigori_state, PassphraseType::CUSTOM_PASSPHRASE);
949 }
950
951 // Test that we trigger a migration when we set the keystore key, had a
952 // custom passphrase, and did not have encrypt everything. The passphrase state
953 // should remain as PassphraseType::CUSTOM_PASSPHRASE, and encrypt everything
954 // should be enabled.
955 TEST_F(SyncEncryptionHandlerImplTest,
956 MigrateOnKeystoreKeyAvailableCustomNoEncryption) {
957 const char kCurKey[] = "cur";
958 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
959 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
960 EXPECT_CALL(*observer(), OnPassphraseAccepted());
961 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
962 EXPECT_CALL(*observer(), OnEncryptionComplete());
963 EXPECT_CALL(*observer(),
964 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
965 std::string captured_bootstrap_token;
966 EXPECT_CALL(*observer(),
967 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
968 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
969 encryption_handler()->Init();
970 encryption_handler()->SetEncryptionPassphrase(kCurKey, true);
971 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
972 Mock::VerifyAndClearExpectations(observer());
973
974 {
975 ReadTransaction trans(FROM_HERE, user_share());
976 // Once we provide a keystore key, we should perform the migration.
977 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
978 EXPECT_CALL(*observer(),
979 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
980 encryption_handler()->SetKeystoreKeys(
981 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
982 }
983 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
984 SyncEncryptionHandler::NigoriState captured_nigori_state;
985 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
986 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
987 EXPECT_CALL(*observer(), OnEncryptionComplete());
988 // The actual migration gets posted, so run all pending tasks.
989 PumpLoop();
990 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
991 const base::Time migration_time = encryption_handler()->migration_time();
992 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
993 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
994 VerifyMigratedNigori(PassphraseType::CUSTOM_PASSPHRASE, kCurKey);
995
996 VerifyRestoreAfterCustomPassphrase(
997 TimeToProtoTime(migration_time), kCurKey, captured_bootstrap_token,
998 captured_nigori_state, PassphraseType::CUSTOM_PASSPHRASE);
999 }
1000
1001 // Test that we can handle receiving a migrated nigori node in the
1002 // KEYSTORE_PASS state, and use the keystore decryptor token to decrypt the
1003 // keybag.
1004 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriKeystorePass) {
1005 const char kCurKey[] = "cur";
1006 sync_pb::EncryptedData keystore_decryptor_token;
1007 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1008 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1009 other_cryptographer.AddKey(cur_key);
1010 EXPECT_TRUE(other_cryptographer.is_ready());
1011 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1012 other_cryptographer, kKeystoreKey, &keystore_decryptor_token));
1013 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1014 EXPECT_FALSE(GetCryptographer()->is_ready());
1015 {
1016 ReadTransaction trans(FROM_HERE, user_share());
1017 EXPECT_NE(encryption_handler()->GetPassphraseType(trans.GetWrappedTrans()),
1018 PassphraseType::KEYSTORE_PASSPHRASE);
1019 }
1020 // Now build a nigori node with the generated keystore decryptor token and
1021 // initialize the encryption handler with it. The cryptographer should be
1022 // initialized properly to decrypt both kCurKey and kKeystoreKey.
1023 {
1024 WriteTransaction trans(FROM_HERE, user_share());
1025 WriteNode nigori_node(&trans);
1026 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1027 sync_pb::NigoriSpecifics nigori;
1028 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1029 keystore_decryptor_token);
1030 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1031 nigori.set_keybag_is_frozen(true);
1032 nigori.set_keystore_migration_time(1);
1033 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1034
1035 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1036 EXPECT_CALL(*observer(),
1037 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1038 EXPECT_CALL(*observer(),
1039 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1040 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(
1041 PassphraseType::KEYSTORE_PASSPHRASE, _));
1042 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1043 encryption_handler()->SetKeystoreKeys(
1044 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1045 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1046 nigori_node.SetNigoriSpecifics(nigori);
1047 }
1048 // Run any tasks posted via AppplyNigoriUpdate.
1049 PumpLoop();
1050 Mock::VerifyAndClearExpectations(observer());
1051
1052 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1053 EXPECT_TRUE(GetCryptographer()->is_ready());
1054 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1055 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1056 VerifyMigratedNigoriWithTimestamp(1, PassphraseType::KEYSTORE_PASSPHRASE,
1057 kCurKey);
1058
1059 // Check that the cryptographer still encrypts with the current key.
1060 sync_pb::EncryptedData current_encrypted;
1061 other_cryptographer.EncryptString("string", &current_encrypted);
1062 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1063
1064 // Check that the cryptographer can decrypt keystore key based encryption.
1065 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1066 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1067 keystore_cryptographer.AddKey(keystore_key);
1068 sync_pb::EncryptedData keystore_encrypted;
1069 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1070 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1071 }
1072
1073 // Test that we handle receiving migrated nigori's with
1074 // PassphraseType::FROZEN_IMPLICIT_PASSPHRASE state. We should be in a pending
1075 // key state until
1076 // we supply the pending frozen implicit passphrase key.
1077 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriFrozenImplicitPass) {
1078 const char kCurKey[] = "cur";
1079 sync_pb::EncryptedData encrypted;
1080 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1081 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1082 other_cryptographer.AddKey(cur_key);
1083 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1084
1085 {
1086 EXPECT_CALL(*observer(),
1087 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1088 ReadTransaction trans(FROM_HERE, user_share());
1089 encryption_handler()->SetKeystoreKeys(
1090 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1091 }
1092 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1093
1094 {
1095 EXPECT_CALL(
1096 *observer(),
1097 OnPassphraseTypeChanged(PassphraseType::FROZEN_IMPLICIT_PASSPHRASE, _));
1098 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
1099 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1100 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
1101 WriteTransaction trans(FROM_HERE, user_share());
1102 WriteNode nigori_node(&trans);
1103 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1104 sync_pb::NigoriSpecifics nigori;
1105 nigori.set_keybag_is_frozen(true);
1106 nigori.set_passphrase_type(
1107 sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE);
1108 nigori.set_keystore_migration_time(1);
1109 nigori.set_encrypt_everything(true);
1110 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1111 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1112 nigori_node.SetNigoriSpecifics(nigori);
1113 }
1114 // Run any tasks posted via AppplyNigoriUpdate.
1115 PumpLoop();
1116 Mock::VerifyAndClearExpectations(observer());
1117
1118 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1119 VerifyPassphraseType(PassphraseType::FROZEN_IMPLICIT_PASSPHRASE);
1120 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1121 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1122
1123 EXPECT_CALL(*observer(),
1124 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1125 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1126 EXPECT_CALL(*observer(), OnEncryptionComplete());
1127 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1128 encryption_handler()->SetDecryptionPassphrase(kCurKey);
1129 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1130 EXPECT_TRUE(GetCryptographer()->is_ready());
1131 VerifyMigratedNigoriWithTimestamp(
1132 1, PassphraseType::FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
1133
1134 // Check that the cryptographer still encrypts with the current key.
1135 sync_pb::EncryptedData current_encrypted;
1136 other_cryptographer.EncryptString("string", &current_encrypted);
1137 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1138
1139 // Check that the cryptographer can decrypt keystore key based encryption.
1140 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1141 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1142 keystore_cryptographer.AddKey(keystore_key);
1143 sync_pb::EncryptedData keystore_encrypted;
1144 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1145 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1146 }
1147
1148 // Test that we handle receiving migrated nigori's with
1149 // PassphraseType::CUSTOM_PASSPHRASE state. We should be in a pending key state
1150 // until we
1151 // provide the custom passphrase key.
1152 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriCustomPass) {
1153 const char kCurKey[] = "cur";
1154 sync_pb::EncryptedData encrypted;
1155 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1156 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1157 other_cryptographer.AddKey(cur_key);
1158 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1159
1160 {
1161 EXPECT_CALL(*observer(),
1162 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1163 ReadTransaction trans(FROM_HERE, user_share());
1164 encryption_handler()->SetKeystoreKeys(
1165 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1166 }
1167 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1168
1169 {
1170 EXPECT_CALL(*observer(),
1171 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
1172 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
1173 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1174 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
1175 WriteTransaction trans(FROM_HERE, user_share());
1176 WriteNode nigori_node(&trans);
1177 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1178 sync_pb::NigoriSpecifics nigori;
1179 nigori.set_keybag_is_frozen(true);
1180 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
1181 nigori.set_keystore_migration_time(1);
1182 nigori.set_encrypt_everything(true);
1183 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1184 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1185 nigori_node.SetNigoriSpecifics(nigori);
1186 }
1187 // Run any tasks posted via AppplyNigoriUpdate.
1188 PumpLoop();
1189 Mock::VerifyAndClearExpectations(observer());
1190
1191 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1192 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
1193 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1194 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1195
1196 EXPECT_CALL(*observer(),
1197 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1198 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1199 EXPECT_CALL(*observer(), OnEncryptionComplete());
1200 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1201 encryption_handler()->SetDecryptionPassphrase(kCurKey);
1202 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1203 EXPECT_TRUE(GetCryptographer()->is_ready());
1204 VerifyMigratedNigoriWithTimestamp(1, PassphraseType::CUSTOM_PASSPHRASE,
1205 kCurKey);
1206
1207 // Check that the cryptographer still encrypts with the current key.
1208 sync_pb::EncryptedData current_encrypted;
1209 other_cryptographer.EncryptString("string", &current_encrypted);
1210 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1211
1212 // Check that the cryptographer can decrypt keystore key based encryption.
1213 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1214 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1215 keystore_cryptographer.AddKey(keystore_key);
1216 sync_pb::EncryptedData keystore_encrypted;
1217 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1218 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1219 }
1220
1221 // Test that if we have a migrated nigori with a custom passphrase, then receive
1222 // and old implicit passphrase nigori, we properly overwrite it with the current
1223 // state.
1224 TEST_F(SyncEncryptionHandlerImplTest, ReceiveUnmigratedNigoriAfterMigration) {
1225 const char kOldKey[] = "old";
1226 const char kCurKey[] = "cur";
1227 sync_pb::EncryptedData encrypted;
1228 KeyParams old_key = {"localhost", "dummy", kOldKey};
1229 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1230 GetCryptographer()->AddKey(old_key);
1231 GetCryptographer()->AddKey(cur_key);
1232
1233 // Build a migrated nigori with full encryption.
1234 const int64_t migration_time = 1;
1235 {
1236 WriteTransaction trans(FROM_HERE, user_share());
1237 WriteNode nigori_node(&trans);
1238 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1239 sync_pb::NigoriSpecifics nigori;
1240 GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag());
1241 nigori.set_keybag_is_frozen(true);
1242 nigori.set_keystore_migration_time(1);
1243 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
1244 nigori.set_encrypt_everything(true);
1245 nigori_node.SetNigoriSpecifics(nigori);
1246 }
1247
1248 EXPECT_CALL(*observer(),
1249 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
1250 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1251 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true)).Times(2);
1252 EXPECT_CALL(*observer(), OnEncryptionComplete());
1253 encryption_handler()->Init();
1254 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1255 EXPECT_TRUE(GetCryptographer()->is_ready());
1256 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
1257 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1258 VerifyMigratedNigoriWithTimestamp(migration_time,
1259 PassphraseType::CUSTOM_PASSPHRASE, kCurKey);
1260
1261 {
1262 EXPECT_CALL(*observer(),
1263 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1264 ReadTransaction trans(FROM_HERE, user_share());
1265 encryption_handler()->SetKeystoreKeys(
1266 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1267 }
1268 Mock::VerifyAndClearExpectations(observer());
1269
1270 // Now build an old unmigrated nigori node with old encrypted types. We should
1271 // properly overwrite it with the migrated + encrypt everything state.
1272 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1273 SyncEncryptionHandler::NigoriState captured_nigori_state;
1274 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1275 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1276 EXPECT_CALL(*observer(), OnEncryptionComplete());
1277 {
1278 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1279 other_cryptographer.AddKey(old_key);
1280 WriteTransaction trans(FROM_HERE, user_share());
1281 WriteNode nigori_node(&trans);
1282 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1283 sync_pb::NigoriSpecifics nigori;
1284 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1285 nigori.set_keybag_is_frozen(false);
1286 nigori.set_encrypt_everything(false);
1287 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1288 nigori_node.SetNigoriSpecifics(nigori);
1289 }
1290 PumpLoop();
1291
1292 // Verify we're still migrated and have proper encryption state.
1293 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1294 EXPECT_TRUE(GetCryptographer()->is_ready());
1295 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
1296 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1297 VerifyMigratedNigoriWithTimestamp(1, PassphraseType::CUSTOM_PASSPHRASE,
1298 kCurKey);
1299
1300 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
1301 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
1302 // during a previous instance) so get it from the Cryptographer.
1303 std::string passphrase_bootstrap_token;
1304 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
1305 VerifyRestoreAfterCustomPassphrase(
1306 migration_time, kCurKey, passphrase_bootstrap_token,
1307 captured_nigori_state, PassphraseType::CUSTOM_PASSPHRASE);
1308 }
1309
1310 // Test that if we have a migrated nigori with a custom passphrase, then receive
1311 // a migrated nigori with a keystore passphrase, we properly overwrite it with
1312 // the current state.
1313 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldMigratedNigori) {
1314 const char kOldKey[] = "old";
1315 const char kCurKey[] = "cur";
1316 sync_pb::EncryptedData encrypted;
1317 KeyParams old_key = {"localhost", "dummy", kOldKey};
1318 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1319 GetCryptographer()->AddKey(old_key);
1320 GetCryptographer()->AddKey(cur_key);
1321
1322 // Build a migrated nigori with full encryption.
1323 {
1324 WriteTransaction trans(FROM_HERE, user_share());
1325 WriteNode nigori_node(&trans);
1326 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1327 sync_pb::NigoriSpecifics nigori;
1328 GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag());
1329 nigori.set_keybag_is_frozen(true);
1330 nigori.set_keystore_migration_time(1);
1331 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
1332 nigori.set_encrypt_everything(true);
1333 nigori_node.SetNigoriSpecifics(nigori);
1334 }
1335
1336 EXPECT_CALL(*observer(),
1337 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
1338 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1339 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true)).Times(2);
1340 EXPECT_CALL(*observer(), OnEncryptionComplete());
1341 encryption_handler()->Init();
1342 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1343 EXPECT_TRUE(GetCryptographer()->is_ready());
1344 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
1345 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1346 VerifyMigratedNigoriWithTimestamp(1, PassphraseType::CUSTOM_PASSPHRASE,
1347 kCurKey);
1348
1349 {
1350 EXPECT_CALL(*observer(),
1351 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1352 ReadTransaction trans(FROM_HERE, user_share());
1353 encryption_handler()->SetKeystoreKeys(
1354 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1355 }
1356 Mock::VerifyAndClearExpectations(observer());
1357
1358 // Now build an old keystore nigori node with old encrypted types. We should
1359 // properly overwrite it with the migrated + encrypt everything state.
1360 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1361 SyncEncryptionHandler::NigoriState captured_nigori_state;
1362 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1363 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1364 EXPECT_CALL(*observer(), OnEncryptionComplete());
1365 const int64_t migration_time = 1;
1366 {
1367 WriteTransaction trans(FROM_HERE, user_share());
1368 WriteNode nigori_node(&trans);
1369 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1370 sync_pb::NigoriSpecifics nigori;
1371 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1372 other_cryptographer.AddKey(old_key);
1373 encryption_handler()->GetKeystoreDecryptor(
1374 other_cryptographer, kKeystoreKey,
1375 nigori.mutable_keystore_decryptor_token());
1376 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1377 nigori.set_keybag_is_frozen(true);
1378 nigori.set_encrypt_everything(false);
1379 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1380 nigori.set_keystore_migration_time(migration_time);
1381 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1382 nigori_node.SetNigoriSpecifics(nigori);
1383 }
1384 PumpLoop();
1385
1386 // Verify we're still migrated and have proper encryption state.
1387 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1388 EXPECT_TRUE(GetCryptographer()->is_ready());
1389 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
1390 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1391 VerifyMigratedNigoriWithTimestamp(migration_time,
1392 PassphraseType::CUSTOM_PASSPHRASE, kCurKey);
1393
1394 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
1395 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
1396 // during a previous instance) so get it from the Cryptographer.
1397 std::string passphrase_bootstrap_token;
1398 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
1399 VerifyRestoreAfterCustomPassphrase(
1400 migration_time, kCurKey, passphrase_bootstrap_token,
1401 captured_nigori_state, PassphraseType::CUSTOM_PASSPHRASE);
1402 }
1403
1404 // Test that if we receive the keystore key after receiving a migrated nigori
1405 // node, we properly use the keystore decryptor token to decrypt the keybag.
1406 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreAfterReceivingMigratedNigori) {
1407 const char kCurKey[] = "cur";
1408 sync_pb::EncryptedData keystore_decryptor_token;
1409 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1410 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1411 other_cryptographer.AddKey(cur_key);
1412 EXPECT_TRUE(other_cryptographer.is_ready());
1413 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1414 other_cryptographer, kKeystoreKey, &keystore_decryptor_token));
1415 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1416 EXPECT_FALSE(GetCryptographer()->is_ready());
1417 {
1418 ReadTransaction trans(FROM_HERE, user_share());
1419 EXPECT_NE(encryption_handler()->GetPassphraseType(trans.GetWrappedTrans()),
1420 PassphraseType::KEYSTORE_PASSPHRASE);
1421 }
1422 // Now build a nigori node with the generated keystore decryptor token and
1423 // initialize the encryption handler with it. The cryptographer should be
1424 // initialized properly to decrypt both kCurKey and kKeystoreKey.
1425 {
1426 WriteTransaction trans(FROM_HERE, user_share());
1427 WriteNode nigori_node(&trans);
1428 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1429 sync_pb::NigoriSpecifics nigori;
1430 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1431 keystore_decryptor_token);
1432 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1433 nigori.set_keybag_is_frozen(true);
1434 nigori.set_keystore_migration_time(1);
1435 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1436
1437 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(
1438 PassphraseType::KEYSTORE_PASSPHRASE, _));
1439 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1440 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
1441 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1442 nigori_node.SetNigoriSpecifics(nigori);
1443 }
1444 // Run any tasks posted via AppplyNigoriUpdate.
1445 PumpLoop();
1446 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1447 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1448 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1449 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1450 Mock::VerifyAndClearExpectations(observer());
1451
1452 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1453 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1454 EXPECT_CALL(*observer(),
1455 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1456 {
1457 EXPECT_CALL(*observer(),
1458 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1459 ReadTransaction trans(FROM_HERE, user_share());
1460 encryption_handler()->SetKeystoreKeys(
1461 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1462 }
1463 PumpLoop();
1464 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1465 EXPECT_TRUE(GetCryptographer()->is_ready());
1466 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1467 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1468 VerifyMigratedNigoriWithTimestamp(1, PassphraseType::KEYSTORE_PASSPHRASE,
1469 kCurKey);
1470
1471 // Check that the cryptographer still encrypts with the current key.
1472 sync_pb::EncryptedData current_encrypted;
1473 other_cryptographer.EncryptString("string", &current_encrypted);
1474 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1475
1476 // Check that the cryptographer can decrypt keystore key based encryption.
1477 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1478 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1479 keystore_cryptographer.AddKey(keystore_key);
1480 sync_pb::EncryptedData keystore_encrypted;
1481 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1482 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1483 }
1484
1485 // Test that after receiving a migrated nigori and decrypting it using the
1486 // keystore key, we can then switch to a custom passphrase. The nigori should
1487 // remain migrated and encrypt everything should be enabled.
1488 TEST_F(SyncEncryptionHandlerImplTest, SetCustomPassAfterMigration) {
1489 const char kOldKey[] = "old";
1490 sync_pb::EncryptedData keystore_decryptor_token;
1491 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1492 KeyParams cur_key = {"localhost", "dummy", kOldKey};
1493 other_cryptographer.AddKey(cur_key);
1494 EXPECT_TRUE(other_cryptographer.is_ready());
1495 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1496 other_cryptographer, kKeystoreKey, &keystore_decryptor_token));
1497
1498 // Build a nigori node with the generated keystore decryptor token and
1499 // initialize the encryption handler with it. The cryptographer should be
1500 // initialized properly to decrypt both kOldKey and kKeystoreKey.
1501 const int64_t migration_time = 1;
1502 {
1503 WriteTransaction trans(FROM_HERE, user_share());
1504 WriteNode nigori_node(&trans);
1505 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1506 sync_pb::NigoriSpecifics nigori;
1507 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1508 keystore_decryptor_token);
1509 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1510 nigori.set_keybag_is_frozen(true);
1511 nigori.set_keystore_migration_time(migration_time);
1512 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1513 nigori_node.SetNigoriSpecifics(nigori);
1514 EXPECT_CALL(*observer(),
1515 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1516 encryption_handler()->SetKeystoreKeys(
1517 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1518 }
1519
1520 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1521 EXPECT_CALL(*observer(),
1522 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
1523 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1524 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
1525 EXPECT_CALL(*observer(),
1526 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1527 EXPECT_CALL(*observer(), OnEncryptionComplete());
1528 encryption_handler()->Init();
1529 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1530 EXPECT_TRUE(GetCryptographer()->is_ready());
1531 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1532 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1533 Mock::VerifyAndClearExpectations(observer());
1534
1535 const char kNewKey[] = "new_key";
1536 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1537 EXPECT_CALL(*observer(),
1538 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
1539 SyncEncryptionHandler::NigoriState captured_nigori_state;
1540 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1541 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1542 std::string captured_bootstrap_token;
1543 EXPECT_CALL(*observer(),
1544 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
1545 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
1546 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1547 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
1548 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(2);
1549 encryption_handler()->SetEncryptionPassphrase(kNewKey, true);
1550 Mock::VerifyAndClearExpectations(observer());
1551
1552 EXPECT_FALSE(captured_bootstrap_token.empty());
1553 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1554 EXPECT_TRUE(GetCryptographer()->is_ready());
1555 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
1556 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1557 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1558 VerifyMigratedNigoriWithTimestamp(migration_time,
1559 PassphraseType::CUSTOM_PASSPHRASE, kNewKey);
1560
1561 // Check that the cryptographer can decrypt the old key.
1562 sync_pb::EncryptedData old_encrypted;
1563 other_cryptographer.EncryptString("string", &old_encrypted);
1564 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted));
1565
1566 // Check that the cryptographer can decrypt keystore key based encryption.
1567 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1568 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1569 keystore_cryptographer.AddKey(keystore_key);
1570 sync_pb::EncryptedData keystore_encrypted;
1571 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1572 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1573
1574 // Check the the cryptographer is encrypting with the new key.
1575 KeyParams new_key = {"localhost", "dummy", kNewKey};
1576 Cryptographer new_cryptographer(GetCryptographer()->encryptor());
1577 new_cryptographer.AddKey(new_key);
1578 sync_pb::EncryptedData new_encrypted;
1579 new_cryptographer.EncryptString("string", &new_encrypted);
1580 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
1581
1582 // Now verify that we can restore the current state using the captured
1583 // bootstrap token and nigori state.
1584 VerifyRestoreAfterCustomPassphrase(
1585 migration_time, kNewKey, captured_bootstrap_token, captured_nigori_state,
1586 PassphraseType::CUSTOM_PASSPHRASE);
1587 }
1588
1589 // Test that if a client without a keystore key (e.g. one without keystore
1590 // encryption enabled) receives a migrated nigori and then attempts to set a
1591 // custom passphrase, it also enables encrypt everything. The nigori node
1592 // should remain migrated.
1593 TEST_F(SyncEncryptionHandlerImplTest,
1594 SetCustomPassAfterMigrationNoKeystoreKey) {
1595 const char kOldKey[] = "old";
1596 sync_pb::EncryptedData keystore_decryptor_token;
1597 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1598 KeyParams cur_key = {"localhost", "dummy", kOldKey};
1599 other_cryptographer.AddKey(cur_key);
1600 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1601 other_cryptographer.AddNonDefaultKey(keystore_key);
1602 EXPECT_TRUE(other_cryptographer.is_ready());
1603 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1604 other_cryptographer, kKeystoreKey, &keystore_decryptor_token));
1605
1606 // Build a nigori node with the generated keystore decryptor token and
1607 // initialize the encryption handler with it. The cryptographer will have
1608 // pending keys until we provide the decryption passphrase.
1609 const int64_t migration_time = 1;
1610 {
1611 WriteTransaction trans(FROM_HERE, user_share());
1612 WriteNode nigori_node(&trans);
1613 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1614 sync_pb::NigoriSpecifics nigori;
1615 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1616 keystore_decryptor_token);
1617 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1618 nigori.set_keybag_is_frozen(true);
1619 nigori.set_keystore_migration_time(migration_time);
1620 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1621 nigori_node.SetNigoriSpecifics(nigori);
1622 }
1623
1624 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
1625 EXPECT_CALL(*observer(),
1626 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
1627 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1628 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
1629 encryption_handler()->Init();
1630 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1631 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1632 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1633 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1634 Mock::VerifyAndClearExpectations(observer());
1635
1636 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1637 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1638 EXPECT_CALL(*observer(),
1639 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1640 EXPECT_CALL(*observer(), OnEncryptionComplete());
1641 encryption_handler()->SetDecryptionPassphrase(kOldKey);
1642 EXPECT_TRUE(GetCryptographer()->is_ready());
1643 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1644 Mock::VerifyAndClearExpectations(observer());
1645
1646 const char kNewKey[] = "new_key";
1647 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1648 EXPECT_CALL(*observer(),
1649 OnPassphraseTypeChanged(PassphraseType::CUSTOM_PASSPHRASE, _));
1650 SyncEncryptionHandler::NigoriState captured_nigori_state;
1651 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1652 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1653 std::string captured_bootstrap_token;
1654 EXPECT_CALL(*observer(),
1655 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
1656 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
1657 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1658 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
1659 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(2);
1660 encryption_handler()->SetEncryptionPassphrase(kNewKey, true);
1661 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1662 EXPECT_TRUE(GetCryptographer()->is_ready());
1663 VerifyPassphraseType(PassphraseType::CUSTOM_PASSPHRASE);
1664 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1665 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1666 VerifyMigratedNigoriWithTimestamp(migration_time,
1667 PassphraseType::CUSTOM_PASSPHRASE, kNewKey);
1668
1669 // Check that the cryptographer can decrypt the old key.
1670 sync_pb::EncryptedData old_encrypted;
1671 other_cryptographer.EncryptString("string", &old_encrypted);
1672 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted));
1673
1674 // Check that the cryptographer can still decrypt keystore key based
1675 // encryption (should have been extracted from the encryption keybag).
1676 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1677 keystore_cryptographer.AddKey(keystore_key);
1678 sync_pb::EncryptedData keystore_encrypted;
1679 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1680 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1681
1682 // Check the the cryptographer is encrypting with the new key.
1683 KeyParams new_key = {"localhost", "dummy", kNewKey};
1684 Cryptographer new_cryptographer(GetCryptographer()->encryptor());
1685 new_cryptographer.AddKey(new_key);
1686 sync_pb::EncryptedData new_encrypted;
1687 new_cryptographer.EncryptString("string", &new_encrypted);
1688 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
1689
1690 // Now verify that we can restore the current state using the captured
1691 // bootstrap token and nigori state.
1692 VerifyRestoreAfterCustomPassphrase(
1693 migration_time, kNewKey, captured_bootstrap_token, captured_nigori_state,
1694 PassphraseType::CUSTOM_PASSPHRASE);
1695 }
1696
1697 // Test that if a client without a keystore key (e.g. one without keystore
1698 // encryption enabled) receives a migrated nigori and then attempts to set a
1699 // new implicit passphrase, we do not modify the nigori node (the implicit
1700 // passphrase is dropped).
1701 TEST_F(SyncEncryptionHandlerImplTest,
1702 SetImplicitPassAfterMigrationNoKeystoreKey) {
1703 const char kOldKey[] = "old";
1704 sync_pb::EncryptedData keystore_decryptor_token;
1705 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1706 KeyParams cur_key = {"localhost", "dummy", kOldKey};
1707 other_cryptographer.AddKey(cur_key);
1708 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1709 other_cryptographer.AddNonDefaultKey(keystore_key);
1710 EXPECT_TRUE(other_cryptographer.is_ready());
1711 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1712 other_cryptographer, kKeystoreKey, &keystore_decryptor_token));
1713
1714 // Build a nigori node with the generated keystore decryptor token and
1715 // initialize the encryption handler with it. The cryptographer will have
1716 // pending keys until we provide the decryption passphrase.
1717 {
1718 WriteTransaction trans(FROM_HERE, user_share());
1719 WriteNode nigori_node(&trans);
1720 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1721 sync_pb::NigoriSpecifics nigori;
1722 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1723 keystore_decryptor_token);
1724 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1725 nigori.set_keybag_is_frozen(true);
1726 nigori.set_keystore_migration_time(1);
1727 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1728 nigori_node.SetNigoriSpecifics(nigori);
1729 }
1730
1731 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
1732 EXPECT_CALL(*observer(),
1733 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
1734 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1735 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
1736 encryption_handler()->Init();
1737 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1738 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1739 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1740 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1741 Mock::VerifyAndClearExpectations(observer());
1742
1743 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1744 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1745 EXPECT_CALL(*observer(),
1746 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1747 EXPECT_CALL(*observer(), OnEncryptionComplete());
1748 encryption_handler()->SetDecryptionPassphrase(kOldKey);
1749 EXPECT_TRUE(GetCryptographer()->is_ready());
1750 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1751 Mock::VerifyAndClearExpectations(observer());
1752
1753 // Should get dropped on the floor silently.
1754 const char kNewKey[] = "new_key";
1755 encryption_handler()->SetEncryptionPassphrase(kNewKey, false);
1756 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1757 EXPECT_TRUE(GetCryptographer()->is_ready());
1758 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1759 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1760 VerifyMigratedNigoriWithTimestamp(1, PassphraseType::KEYSTORE_PASSPHRASE,
1761 kOldKey);
1762
1763 // Check that the cryptographer can decrypt the old key.
1764 sync_pb::EncryptedData old_encrypted;
1765 other_cryptographer.EncryptString("string", &old_encrypted);
1766 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(old_encrypted));
1767
1768 // Check that the cryptographer can still decrypt keystore key based
1769 // encryption (due to extracting the keystore key from the encryption keybag).
1770 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1771 keystore_cryptographer.AddKey(keystore_key);
1772 sync_pb::EncryptedData keystore_encrypted;
1773 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1774 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1775
1776 // Check the the cryptographer does not have the new key.
1777 KeyParams new_key = {"localhost", "dummy", kNewKey};
1778 Cryptographer new_cryptographer(GetCryptographer()->encryptor());
1779 new_cryptographer.AddKey(new_key);
1780 sync_pb::EncryptedData new_encrypted;
1781 new_cryptographer.EncryptString("string", &new_encrypted);
1782 EXPECT_FALSE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
1783 }
1784
1785 // Test that if a client without a keystore key (e.g. one without keystore
1786 // encryption enabled) receives a migrated nigori in keystore passphrase state
1787 // and then attempts to enable encrypt everything, we switch to a custom
1788 // passphrase. The nigori should remain migrated.
1789 TEST_F(SyncEncryptionHandlerImplTest,
1790 MigrateOnEncryptEverythingKeystorePassphrase) {
1791 const char kCurKey[] = "cur";
1792 sync_pb::EncryptedData keystore_decryptor_token;
1793 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1794 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1795 other_cryptographer.AddKey(cur_key);
1796 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1797 other_cryptographer.AddNonDefaultKey(keystore_key);
1798 EXPECT_TRUE(other_cryptographer.is_ready());
1799 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1800 other_cryptographer, kKeystoreKey, &keystore_decryptor_token));
1801
1802 // Build a nigori node with the generated keystore decryptor token and
1803 // initialize the encryption handler with it. The cryptographer will have
1804 // pending keys until we provide the decryption passphrase.
1805 const int64_t migration_time = 1;
1806 {
1807 WriteTransaction trans(FROM_HERE, user_share());
1808 WriteNode nigori_node(&trans);
1809 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1810 sync_pb::NigoriSpecifics nigori;
1811 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1812 keystore_decryptor_token);
1813 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1814 nigori.set_keybag_is_frozen(true);
1815 nigori.set_keystore_migration_time(migration_time);
1816 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1817 nigori_node.SetNigoriSpecifics(nigori);
1818 }
1819 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
1820 EXPECT_CALL(*observer(),
1821 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
1822 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1823 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
1824 encryption_handler()->Init();
1825 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1826 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1827 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1828 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1829 Mock::VerifyAndClearExpectations(observer());
1830
1831 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1832 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1833 std::string captured_bootstrap_token;
1834 EXPECT_CALL(*observer(),
1835 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
1836 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
1837 EXPECT_CALL(*observer(), OnEncryptionComplete());
1838 encryption_handler()->SetDecryptionPassphrase(kCurKey);
1839 Mock::VerifyAndClearExpectations(observer());
1840
1841 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(
1842 PassphraseType::FROZEN_IMPLICIT_PASSPHRASE, _));
1843 EXPECT_CALL(*observer(), OnEncryptionComplete());
1844 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
1845 SyncEncryptionHandler::NigoriState captured_nigori_state;
1846 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1847 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1848 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1849 encryption_handler()->EnableEncryptEverything();
1850 Mock::VerifyAndClearExpectations(observer());
1851
1852 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1853 EXPECT_TRUE(GetCryptographer()->is_ready());
1854 VerifyPassphraseType(PassphraseType::FROZEN_IMPLICIT_PASSPHRASE);
1855 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1856 VerifyMigratedNigoriWithTimestamp(
1857 1, PassphraseType::FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
1858
1859 // Check that the cryptographer is encrypting using the frozen current key.
1860 sync_pb::EncryptedData current_encrypted;
1861 other_cryptographer.EncryptString("string", &current_encrypted);
1862 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1863
1864 // Check that the cryptographer can still decrypt keystore key based
1865 // encryption (due to extracting the keystore key from the encryption keybag).
1866 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1867 keystore_cryptographer.AddKey(keystore_key);
1868 sync_pb::EncryptedData keystore_encrypted;
1869 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1870 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1871
1872 VerifyRestoreAfterCustomPassphrase(
1873 migration_time, kCurKey, captured_bootstrap_token, captured_nigori_state,
1874 PassphraseType::FROZEN_IMPLICIT_PASSPHRASE);
1875 }
1876
1877 // If we receive a nigori migrated and with a KEYSTORE_PASSPHRASE type, but
1878 // using an old default key (i.e. old GAIA password), we should overwrite the
1879 // nigori, updating the keybag and keystore decryptor.
1880 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriWithOldPassphrase) {
1881 const char kOldKey[] = "old";
1882 const char kCurKey[] = "cur";
1883 sync_pb::EncryptedData encrypted;
1884 KeyParams old_key = {"localhost", "dummy", kOldKey};
1885 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1886 GetCryptographer()->AddKey(old_key);
1887 GetCryptographer()->AddKey(cur_key);
1888
1889 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1890 other_cryptographer.AddKey(old_key);
1891 EXPECT_TRUE(other_cryptographer.is_ready());
1892
1893 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1894 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
1895 EXPECT_CALL(*observer(), OnEncryptionComplete());
1896 encryption_handler()->Init();
1897 EXPECT_TRUE(GetCryptographer()->is_ready());
1898 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1899
1900 {
1901 EXPECT_CALL(*observer(),
1902 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1903 ReadTransaction trans(FROM_HERE, user_share());
1904 encryption_handler()->SetKeystoreKeys(
1905 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
1906 }
1907 EXPECT_CALL(*observer(),
1908 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
1909 PumpLoop();
1910 Mock::VerifyAndClearExpectations(observer());
1911 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1912 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1913 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kCurKey);
1914
1915 // Now build an old keystore passphrase nigori node.
1916 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1917 EXPECT_CALL(*observer(), OnEncryptionComplete());
1918 {
1919 WriteTransaction trans(FROM_HERE, user_share());
1920 WriteNode nigori_node(&trans);
1921 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1922 sync_pb::NigoriSpecifics nigori;
1923 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1924 other_cryptographer.AddKey(old_key);
1925 encryption_handler()->GetKeystoreDecryptor(
1926 other_cryptographer, kKeystoreKey,
1927 nigori.mutable_keystore_decryptor_token());
1928 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1929 nigori.set_keybag_is_frozen(true);
1930 nigori.set_encrypt_everything(false);
1931 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1932 nigori.set_keystore_migration_time(1);
1933 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1934 nigori_node.SetNigoriSpecifics(nigori);
1935 }
1936 PumpLoop();
1937
1938 // Verify we're still migrated and have proper encryption state.
1939 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1940 EXPECT_TRUE(GetCryptographer()->is_ready());
1941 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1942 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1943 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kCurKey);
1944 }
1945
1946 // Trigger a key rotation upon receiving new keys if we already had a keystore
1947 // migrated nigori with the gaia key as the default (still in backwards
1948 // compatible mode).
1949 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefault) {
1950 // Destroy the existing nigori node so we init without a nigori node.
1951 TearDown();
1952 test_user_share_.SetUp();
1953 SetUpEncryption();
1954
1955 const char kOldGaiaKey[] = "old_gaia_key";
1956 const char kRawOldKeystoreKey[] = "old_keystore_key";
1957 std::string old_keystore_key;
1958 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
1959 {
1960 ReadTransaction trans(FROM_HERE, user_share());
1961 EXPECT_CALL(*observer(),
1962 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1963 encryption_handler()->SetKeystoreKeys(
1964 BuildEncryptionKeyProto(kRawOldKeystoreKey), trans.GetWrappedTrans());
1965 }
1966 PumpLoop();
1967 Mock::VerifyAndClearExpectations(observer());
1968
1969 // Then init the nigori node with a backwards compatible set of keys.
1970 CreateRootForType(NIGORI);
1971 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1972 InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key);
1973
1974 // Now set some new keystore keys.
1975 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
1976 EXPECT_CALL(*observer(), OnEncryptionComplete());
1977 {
1978 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
1979 keys.Add()->assign(kRawOldKeystoreKey);
1980 keys.Add()->assign(kRawKeystoreKey);
1981 EXPECT_CALL(*observer(),
1982 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1983 ReadTransaction trans(FROM_HERE, user_share());
1984 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans());
1985 }
1986 // Pump for any posted tasks.
1987 PumpLoop();
1988 Mock::VerifyAndClearExpectations(observer());
1989
1990 // Verify we're still migrated and have proper encryption state. We should
1991 // have rotated the keybag so that it's now encrypted with the newest keystore
1992 // key (instead of the old gaia key).
1993 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1994 EXPECT_TRUE(GetCryptographer()->is_ready());
1995 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
1996 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1997 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kKeystoreKey);
1998 }
1999
2000 // Trigger a key rotation upon receiving new keys if we already had a keystore
2001 // migrated nigori with the keystore key as the default.
2002 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysKeystoreDefault) {
2003 // Destroy the existing nigori node so we init without a nigori node.
2004 TearDown();
2005 test_user_share_.SetUp();
2006 SetUpEncryption();
2007
2008 const char kRawOldKeystoreKey[] = "old_keystore_key";
2009 std::string old_keystore_key;
2010 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
2011 {
2012 ReadTransaction trans(FROM_HERE, user_share());
2013 EXPECT_CALL(*observer(),
2014 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2015 encryption_handler()->SetKeystoreKeys(
2016 BuildEncryptionKeyProto(kRawOldKeystoreKey), trans.GetWrappedTrans());
2017 }
2018 PumpLoop();
2019 Mock::VerifyAndClearExpectations(observer());
2020
2021 // Then init the nigori node with a non-backwards compatible set of keys.
2022 CreateRootForType(NIGORI);
2023 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2024 InitKeystoreMigratedNigori(1, old_keystore_key, old_keystore_key);
2025
2026 // Now set some new keystore keys.
2027 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2028 EXPECT_CALL(*observer(), OnEncryptionComplete());
2029 {
2030 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2031 keys.Add()->assign(kRawOldKeystoreKey);
2032 keys.Add()->assign(kRawKeystoreKey);
2033 EXPECT_CALL(*observer(),
2034 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2035 ReadTransaction trans(FROM_HERE, user_share());
2036 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans());
2037 }
2038 // Pump for any posted tasks.
2039 PumpLoop();
2040 Mock::VerifyAndClearExpectations(observer());
2041
2042 // Verify we're still migrated and have proper encryption state. We should
2043 // have rotated the keybag so that it's now encrypted with the newest keystore
2044 // key (instead of the old gaia key).
2045 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2046 EXPECT_TRUE(GetCryptographer()->is_ready());
2047 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
2048 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2049 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kKeystoreKey);
2050 }
2051
2052 // Trigger a key rotation upon when a pending gaia passphrase is resolved.
2053 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysAfterPendingGaiaResolved) {
2054 const char kOldGaiaKey[] = "old_gaia_key";
2055 const char kRawOldKeystoreKey[] = "old_keystore_key";
2056
2057 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2058 InitUnmigratedNigori(kOldGaiaKey, PassphraseType::IMPLICIT_PASSPHRASE);
2059
2060 {
2061 // Pass multiple keystore keys, signaling a rotation has happened.
2062 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2063 keys.Add()->assign(kRawOldKeystoreKey);
2064 keys.Add()->assign(kRawKeystoreKey);
2065 ReadTransaction trans(FROM_HERE, user_share());
2066 EXPECT_CALL(*observer(),
2067 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2068 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans());
2069 }
2070 PumpLoop();
2071 Mock::VerifyAndClearExpectations(observer());
2072
2073 // Resolve the pending keys. This should trigger the key rotation.
2074 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2075 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2076 EXPECT_CALL(*observer(),
2077 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
2078 EXPECT_CALL(*observer(),
2079 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
2080 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(AtLeast(1));
2081 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
2082 encryption_handler()->SetDecryptionPassphrase(kOldGaiaKey);
2083 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2084 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
2085 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kKeystoreKey);
2086 }
2087
2088 // When signing in for the first time, make sure we can rotate keys if we
2089 // already have a keystore migrated nigori.
2090 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefaultOnInit) {
2091 // Destroy the existing nigori node so we init without a nigori node.
2092 TearDown();
2093 test_user_share_.SetUp();
2094 SetUpEncryption();
2095
2096 const char kOldGaiaKey[] = "old_gaia_key";
2097 const char kRawOldKeystoreKey[] = "old_keystore_key";
2098 std::string old_keystore_key;
2099 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
2100
2101 // Set two keys, signaling that a rotation has been performed. No nigori
2102 // node is present yet, so we can't rotate.
2103 {
2104 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2105 keys.Add()->assign(kRawOldKeystoreKey);
2106 keys.Add()->assign(kRawKeystoreKey);
2107 EXPECT_CALL(*observer(),
2108 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2109 ReadTransaction trans(FROM_HERE, user_share());
2110 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans());
2111 }
2112
2113 // Then init the nigori node with an old set of keys.
2114 CreateRootForType(NIGORI);
2115 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2116 InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key);
2117 PumpLoop();
2118 Mock::VerifyAndClearExpectations(observer());
2119
2120 // Verify we're still migrated and have proper encryption state. We should
2121 // have rotated the keybag so that it's now encrypted with the newest keystore
2122 // key (instead of the old gaia key).
2123 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2124 EXPECT_TRUE(GetCryptographer()->is_ready());
2125 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
2126 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2127 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kKeystoreKey);
2128 }
2129
2130 // Trigger a key rotation when a migrated nigori (with an old keystore key) is
2131 // applied.
2132 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysWhenMigratedNigoriArrives) {
2133 const char kOldGaiaKey[] = "old_gaia_key";
2134 const char kRawOldKeystoreKey[] = "old_keystore_key";
2135 std::string old_keystore_key;
2136 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
2137
2138 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2139 InitUnmigratedNigori(kOldGaiaKey, PassphraseType::IMPLICIT_PASSPHRASE);
2140
2141 {
2142 // Pass multiple keystore keys, signaling a rotation has happened.
2143 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2144 keys.Add()->assign(kRawOldKeystoreKey);
2145 keys.Add()->assign(kRawKeystoreKey);
2146 ReadTransaction trans(FROM_HERE, user_share());
2147 EXPECT_CALL(*observer(),
2148 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2149 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans());
2150 }
2151 PumpLoop();
2152 Mock::VerifyAndClearExpectations(observer());
2153
2154 // Now simulate downloading a nigori node that was migrated before the
2155 // keys were rotated, and hence still encrypt with the old gaia key.
2156 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2157 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2158 EXPECT_CALL(*observer(),
2159 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
2160 EXPECT_CALL(*observer(),
2161 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
2162 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(AtLeast(1));
2163 {
2164 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
2165 PassphraseType::KEYSTORE_PASSPHRASE, 1, kOldGaiaKey, old_keystore_key);
2166 // Update the encryption handler.
2167 WriteTransaction trans(FROM_HERE, user_share());
2168 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
2169 }
2170 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
2171 PumpLoop();
2172
2173 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2174 VerifyPassphraseType(PassphraseType::KEYSTORE_PASSPHRASE);
2175 VerifyMigratedNigori(PassphraseType::KEYSTORE_PASSPHRASE, kKeystoreKey);
2176 }
2177
2178 // Verify that performing a migration while having more than one keystore key
2179 // preserves a custom passphrase.
2180 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysUnmigratedCustomPassphrase) {
2181 const char kCustomPass[] = "custom_passphrase";
2182 const char kRawOldKeystoreKey[] = "old_keystore_key";
2183
2184 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2185 InitUnmigratedNigori(kCustomPass, PassphraseType::CUSTOM_PASSPHRASE);
2186
2187 {
2188 // Pass multiple keystore keys, signaling a rotation has happened.
2189 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2190 keys.Add()->assign(kRawOldKeystoreKey);
2191 keys.Add()->assign(kRawKeystoreKey);
2192 ReadTransaction trans(FROM_HERE, user_share());
2193 EXPECT_CALL(*observer(),
2194 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2195 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans());
2196 }
2197 PumpLoop();
2198 Mock::VerifyAndClearExpectations(observer());
2199
2200 // Pass the decryption passphrase. This will also trigger the migration,
2201 // but should not overwrite the default key.
2202 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2203 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2204 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true));
2205 SyncEncryptionHandler::NigoriState captured_nigori_state;
2206 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
2207 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
2208 EXPECT_CALL(*observer(), OnEncryptionComplete()).Times(AnyNumber());
2209 std::string captured_bootstrap_token;
2210 EXPECT_CALL(*observer(),
2211 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
2212 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
2213 encryption_handler()->SetDecryptionPassphrase(kCustomPass);
2214 Mock::VerifyAndClearExpectations(observer());
2215
2216 VerifyMigratedNigori(PassphraseType::CUSTOM_PASSPHRASE, kCustomPass);
2217
2218 const base::Time migration_time = encryption_handler()->migration_time();
2219 VerifyRestoreAfterCustomPassphrase(
2220 TimeToProtoTime(migration_time), kCustomPass, captured_bootstrap_token,
2221 captured_nigori_state, PassphraseType::CUSTOM_PASSPHRASE);
2222 }
2223
2224 // Verify that a key rotation done after we've migrated a custom passphrase
2225 // nigori node preserves the custom passphrase.
2226 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysMigratedCustomPassphrase) {
2227 const char kCustomPass[] = "custom_passphrase";
2228 const char kRawOldKeystoreKey[] = "old_keystore_key";
2229
2230 KeyParams custom_key = {"localhost", "dummy", kCustomPass};
2231 GetCryptographer()->AddKey(custom_key);
2232
2233 const int64_t migration_time = 1;
2234 InitCustomPassMigratedNigori(migration_time, kCustomPass);
2235 VerifyMigratedNigoriWithTimestamp(
2236 migration_time, PassphraseType::CUSTOM_PASSPHRASE, kCustomPass);
2237
2238 SyncEncryptionHandler::NigoriState captured_nigori_state;
2239 {
2240 // Pass multiple keystore keys, signaling a rotation has happened.
2241 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2242 keys.Add()->assign(kRawOldKeystoreKey);
2243 keys.Add()->assign(kRawKeystoreKey);
2244 ReadTransaction trans(FROM_HERE, user_share());
2245 EXPECT_CALL(*observer(),
2246 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2247 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2248 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
2249 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
2250 encryption_handler()->SetKeystoreKeys(keys, trans.GetWrappedTrans());
2251 }
2252 PumpLoop();
2253 Mock::VerifyAndClearExpectations(observer());
2254
2255 VerifyMigratedNigoriWithTimestamp(
2256 migration_time, PassphraseType::CUSTOM_PASSPHRASE, kCustomPass);
2257
2258 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
2259 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
2260 // during a previous instance) so get it from the Cryptographer.
2261 std::string passphrase_bootstrap_token;
2262 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
2263 VerifyRestoreAfterCustomPassphrase(
2264 migration_time, kCustomPass, passphrase_bootstrap_token,
2265 captured_nigori_state, PassphraseType::CUSTOM_PASSPHRASE);
2266 }
2267
2268 // Verify that the client can gracefully handle a nigori node that is missing
2269 // the keystore migration time field.
2270 TEST_F(SyncEncryptionHandlerImplTest, MissingKeystoreMigrationTime) {
2271 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2272 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2273 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, false));
2274 encryption_handler()->Init();
2275 Mock::VerifyAndClearExpectations(observer());
2276
2277 // Now simulate downloading a nigori node that that is missing the keystore
2278 // migration time. It should be interpreted properly, and the passphrase type
2279 // should switch to keystore passphrase.
2280 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2281 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2282 EXPECT_CALL(*observer(),
2283 OnPassphraseTypeChanged(PassphraseType::KEYSTORE_PASSPHRASE, _));
2284 {
2285 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
2286 PassphraseType::KEYSTORE_PASSPHRASE, 1, kKeystoreKey, kKeystoreKey);
2287 nigori.clear_keystore_migration_time();
2288 // Update the encryption handler.
2289 WriteTransaction trans(FROM_HERE, user_share());
2290 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
2291 }
2292 Mock::VerifyAndClearExpectations(observer());
2293
2294 // Now provide the keystore key to fully initialize the cryptographer.
2295 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2296 EXPECT_CALL(*observer(),
2297 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2298 {
2299 ReadTransaction trans(FROM_HERE, user_share());
2300 encryption_handler()->SetKeystoreKeys(
2301 BuildEncryptionKeyProto(kRawKeystoreKey), trans.GetWrappedTrans());
2302 }
2303 }
2304
2305 } // namespace syncer
OLDNEW
« no previous file with comments | « components/sync/core_impl/sync_encryption_handler_impl.cc ('k') | components/sync/core_impl/sync_manager_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698