| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "sync/internal_api/sync_encryption_handler_impl.h" |
| 6 |
| 7 #include <string> |
| 8 |
| 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/message_loop.h" |
| 11 #include "base/tracked_objects.h" |
| 12 #include "sync/internal_api/public/base/model_type_test_util.h" |
| 13 #include "sync/internal_api/public/read_node.h" |
| 14 #include "sync/internal_api/public/read_transaction.h" |
| 15 #include "sync/internal_api/public/write_transaction.h" |
| 16 #include "sync/internal_api/public/test/test_user_share.h" |
| 17 #include "sync/protocol/nigori_specifics.pb.h" |
| 18 #include "sync/protocol/sync.pb.h" |
| 19 #include "sync/syncable/entry.h" |
| 20 #include "sync/syncable/mutable_entry.h" |
| 21 #include "sync/syncable/write_transaction.h" |
| 22 #include "sync/test/engine/test_id_factory.h" |
| 23 #include "sync/util/cryptographer.h" |
| 24 #include "testing/gmock/include/gmock/gmock.h" |
| 25 #include "testing/gtest/include/gtest/gtest.h" |
| 26 |
| 27 namespace syncer { |
| 28 |
| 29 namespace { |
| 30 |
| 31 using ::testing::_; |
| 32 using ::testing::Mock; |
| 33 using ::testing::StrictMock; |
| 34 |
| 35 class SyncEncryptionHandlerObserverMock |
| 36 : public SyncEncryptionHandler::Observer { |
| 37 public: |
| 38 MOCK_METHOD2(OnPassphraseRequired, |
| 39 void(PassphraseRequiredReason, |
| 40 const sync_pb::EncryptedData&)); // NOLINT |
| 41 MOCK_METHOD0(OnPassphraseAccepted, void()); // NOLINT |
| 42 MOCK_METHOD1(OnBootstrapTokenUpdated, void(const std::string&)); // NOLINT |
| 43 MOCK_METHOD2(OnEncryptedTypesChanged, |
| 44 void(ModelTypeSet, bool)); // NOLINT |
| 45 MOCK_METHOD0(OnEncryptionComplete, void()); // NOLINT |
| 46 MOCK_METHOD1(OnCryptographerStateChanged, void(Cryptographer*)); // NOLINT |
| 47 }; |
| 48 |
| 49 } // namespace |
| 50 |
| 51 class SyncEncryptionHandlerImplTest : public ::testing::Test { |
| 52 public: |
| 53 SyncEncryptionHandlerImplTest() : cryptographer_(NULL) {} |
| 54 virtual ~SyncEncryptionHandlerImplTest() {} |
| 55 |
| 56 virtual void SetUp() { |
| 57 test_user_share_.SetUp(); |
| 58 SetUpEncryption(); |
| 59 CreateRootForType(NIGORI); |
| 60 } |
| 61 |
| 62 virtual void TearDown() { |
| 63 test_user_share_.TearDown(); |
| 64 } |
| 65 |
| 66 protected: |
| 67 void SetUpEncryption() { |
| 68 ReadTransaction trans(FROM_HERE, user_share()); |
| 69 cryptographer_ = trans.GetCryptographer(); |
| 70 encryption_handler_.reset( |
| 71 new SyncEncryptionHandlerImpl(user_share(), |
| 72 cryptographer_)); |
| 73 cryptographer_->SetNigoriHandler( |
| 74 encryption_handler_.get()); |
| 75 encryption_handler_->AddObserver(&observer_); |
| 76 } |
| 77 |
| 78 void CreateRootForType(ModelType model_type) { |
| 79 syncer::syncable::Directory* directory = user_share()->directory.get(); |
| 80 |
| 81 std::string tag_name = ModelTypeToRootTag(model_type); |
| 82 |
| 83 syncable::WriteTransaction wtrans(FROM_HERE, syncable::UNITTEST, directory); |
| 84 syncable::MutableEntry node(&wtrans, |
| 85 syncable::CREATE, |
| 86 wtrans.root_id(), |
| 87 tag_name); |
| 88 node.Put(syncable::UNIQUE_SERVER_TAG, tag_name); |
| 89 node.Put(syncable::IS_DIR, true); |
| 90 node.Put(syncable::SERVER_IS_DIR, false); |
| 91 node.Put(syncable::IS_UNSYNCED, false); |
| 92 node.Put(syncable::IS_UNAPPLIED_UPDATE, false); |
| 93 node.Put(syncable::SERVER_VERSION, 20); |
| 94 node.Put(syncable::BASE_VERSION, 20); |
| 95 node.Put(syncable::IS_DEL, false); |
| 96 node.Put(syncable::ID, ids_.MakeServer(tag_name)); |
| 97 sync_pb::EntitySpecifics specifics; |
| 98 syncer::AddDefaultFieldValue(model_type, &specifics); |
| 99 node.Put(syncable::SPECIFICS, specifics); |
| 100 } |
| 101 |
| 102 void PumpLoop() { |
| 103 message_loop_.RunAllPending(); |
| 104 } |
| 105 |
| 106 // Getters for tests. |
| 107 UserShare* user_share() { return test_user_share_.user_share(); } |
| 108 SyncEncryptionHandlerImpl* encryption_handler() { |
| 109 return encryption_handler_.get(); |
| 110 } |
| 111 SyncEncryptionHandlerObserverMock* observer() { return &observer_; } |
| 112 Cryptographer* cryptographer() { return cryptographer_; } |
| 113 |
| 114 private: |
| 115 TestUserShare test_user_share_; |
| 116 scoped_ptr<SyncEncryptionHandlerImpl> encryption_handler_; |
| 117 StrictMock<SyncEncryptionHandlerObserverMock> observer_; |
| 118 Cryptographer* cryptographer_; |
| 119 TestIdFactory ids_; |
| 120 MessageLoop message_loop_; |
| 121 }; |
| 122 |
| 123 // Verify that the encrypted types are being written to and read from the |
| 124 // nigori node properly. |
| 125 TEST_F(SyncEncryptionHandlerImplTest, NigoriEncryptionTypes) { |
| 126 sync_pb::NigoriSpecifics nigori; |
| 127 |
| 128 StrictMock<SyncEncryptionHandlerObserverMock> observer2; |
| 129 SyncEncryptionHandlerImpl handler2(user_share(), |
| 130 cryptographer()); |
| 131 handler2.AddObserver(&observer2); |
| 132 |
| 133 // Just set the sensitive types (shouldn't trigger any notifications). |
| 134 ModelTypeSet encrypted_types(SyncEncryptionHandler::SensitiveTypes()); |
| 135 encryption_handler()->MergeEncryptedTypes(encrypted_types); |
| 136 { |
| 137 WriteTransaction trans(FROM_HERE, user_share()); |
| 138 encryption_handler()->UpdateNigoriFromEncryptedTypes( |
| 139 &nigori, |
| 140 trans.GetWrappedTrans()); |
| 141 } |
| 142 handler2.UpdateEncryptedTypesFromNigori(nigori); |
| 143 EXPECT_TRUE(encrypted_types.Equals( |
| 144 encryption_handler()->GetEncryptedTypes())); |
| 145 EXPECT_TRUE(encrypted_types.Equals( |
| 146 handler2.GetEncryptedTypes())); |
| 147 |
| 148 Mock::VerifyAndClearExpectations(observer()); |
| 149 Mock::VerifyAndClearExpectations(&observer2); |
| 150 |
| 151 EXPECT_CALL(*observer(), |
| 152 OnEncryptedTypesChanged( |
| 153 HasModelTypes(ModelTypeSet::All()), false)); |
| 154 EXPECT_CALL(observer2, |
| 155 OnEncryptedTypesChanged( |
| 156 HasModelTypes(ModelTypeSet::All()), false)); |
| 157 |
| 158 // Set all encrypted types |
| 159 encrypted_types = ModelTypeSet::All(); |
| 160 encryption_handler()->MergeEncryptedTypes(encrypted_types); |
| 161 { |
| 162 WriteTransaction trans(FROM_HERE, user_share()); |
| 163 encryption_handler()->UpdateNigoriFromEncryptedTypes( |
| 164 &nigori, |
| 165 trans.GetWrappedTrans()); |
| 166 } |
| 167 handler2.UpdateEncryptedTypesFromNigori(nigori); |
| 168 EXPECT_TRUE(encrypted_types.Equals( |
| 169 encryption_handler()->GetEncryptedTypes())); |
| 170 EXPECT_TRUE(encrypted_types.Equals(handler2.GetEncryptedTypes())); |
| 171 |
| 172 // Receiving an empty nigori should not reset any encrypted types or trigger |
| 173 // an observer notification. |
| 174 Mock::VerifyAndClearExpectations(observer()); |
| 175 Mock::VerifyAndClearExpectations(&observer2); |
| 176 nigori = sync_pb::NigoriSpecifics(); |
| 177 encryption_handler()->UpdateEncryptedTypesFromNigori(nigori); |
| 178 EXPECT_TRUE(encrypted_types.Equals( |
| 179 encryption_handler()->GetEncryptedTypes())); |
| 180 } |
| 181 |
| 182 // Verify the encryption handler processes the encrypt everything field |
| 183 // properly. |
| 184 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingExplicit) { |
| 185 ModelTypeSet real_types = ModelTypeSet::All(); |
| 186 sync_pb::NigoriSpecifics specifics; |
| 187 specifics.set_encrypt_everything(true); |
| 188 |
| 189 EXPECT_CALL(*observer(), |
| 190 OnEncryptedTypesChanged( |
| 191 HasModelTypes(ModelTypeSet::All()), true)); |
| 192 |
| 193 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); |
| 194 ModelTypeSet encrypted_types = encryption_handler()->GetEncryptedTypes(); |
| 195 for (ModelTypeSet::Iterator iter = real_types.First(); |
| 196 iter.Good(); iter.Inc()) { |
| 197 if (iter.Get() == PASSWORDS || iter.Get() == NIGORI) |
| 198 EXPECT_TRUE(encrypted_types.Has(iter.Get())); |
| 199 else |
| 200 EXPECT_FALSE(encrypted_types.Has(iter.Get())); |
| 201 } |
| 202 |
| 203 encryption_handler()->UpdateEncryptedTypesFromNigori(specifics); |
| 204 |
| 205 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); |
| 206 encrypted_types = encryption_handler()->GetEncryptedTypes(); |
| 207 for (ModelTypeSet::Iterator iter = real_types.First(); |
| 208 iter.Good(); iter.Inc()) { |
| 209 EXPECT_TRUE(encrypted_types.Has(iter.Get())); |
| 210 } |
| 211 |
| 212 // Receiving the nigori node again shouldn't trigger another notification. |
| 213 Mock::VerifyAndClearExpectations(observer()); |
| 214 encryption_handler()->UpdateEncryptedTypesFromNigori(specifics); |
| 215 } |
| 216 |
| 217 // Verify the encryption handler can detect an implicit encrypt everything state |
| 218 // (from clients that failed to write the encrypt everything field). |
| 219 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingImplicit) { |
| 220 ModelTypeSet real_types = ModelTypeSet::All(); |
| 221 sync_pb::NigoriSpecifics specifics; |
| 222 specifics.set_encrypt_bookmarks(true); // Non-passwords = encrypt everything |
| 223 |
| 224 EXPECT_CALL(*observer(), |
| 225 OnEncryptedTypesChanged( |
| 226 HasModelTypes(ModelTypeSet::All()), true)); |
| 227 |
| 228 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); |
| 229 ModelTypeSet encrypted_types = encryption_handler()->GetEncryptedTypes(); |
| 230 for (ModelTypeSet::Iterator iter = real_types.First(); |
| 231 iter.Good(); iter.Inc()) { |
| 232 if (iter.Get() == PASSWORDS || iter.Get() == NIGORI) |
| 233 EXPECT_TRUE(encrypted_types.Has(iter.Get())); |
| 234 else |
| 235 EXPECT_FALSE(encrypted_types.Has(iter.Get())); |
| 236 } |
| 237 |
| 238 encryption_handler()->UpdateEncryptedTypesFromNigori(specifics); |
| 239 |
| 240 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); |
| 241 encrypted_types = encryption_handler()->GetEncryptedTypes(); |
| 242 for (ModelTypeSet::Iterator iter = real_types.First(); |
| 243 iter.Good(); iter.Inc()) { |
| 244 EXPECT_TRUE(encrypted_types.Has(iter.Get())); |
| 245 } |
| 246 |
| 247 // Receiving a nigori node with encrypt everything explicitly set shouldn't |
| 248 // trigger another notification. |
| 249 Mock::VerifyAndClearExpectations(observer()); |
| 250 specifics.set_encrypt_everything(true); |
| 251 encryption_handler()->UpdateEncryptedTypesFromNigori(specifics); |
| 252 } |
| 253 |
| 254 // Verify the encryption handler can deal with new versions treating new types |
| 255 // as Sensitive, and that it does not consider this an implicit encrypt |
| 256 // everything case. |
| 257 TEST_F(SyncEncryptionHandlerImplTest, UnknownSensitiveTypes) { |
| 258 ModelTypeSet real_types = ModelTypeSet::All(); |
| 259 sync_pb::NigoriSpecifics specifics; |
| 260 specifics.set_encrypt_everything(false); |
| 261 specifics.set_encrypt_bookmarks(true); |
| 262 |
| 263 ModelTypeSet expected_encrypted_types = |
| 264 SyncEncryptionHandler::SensitiveTypes(); |
| 265 expected_encrypted_types.Put(BOOKMARKS); |
| 266 |
| 267 EXPECT_CALL(*observer(), |
| 268 OnEncryptedTypesChanged( |
| 269 HasModelTypes(expected_encrypted_types), false)); |
| 270 |
| 271 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); |
| 272 ModelTypeSet encrypted_types = encryption_handler()->GetEncryptedTypes(); |
| 273 for (ModelTypeSet::Iterator iter = real_types.First(); |
| 274 iter.Good(); iter.Inc()) { |
| 275 if (iter.Get() == PASSWORDS || iter.Get() == NIGORI) |
| 276 EXPECT_TRUE(encrypted_types.Has(iter.Get())); |
| 277 else |
| 278 EXPECT_FALSE(encrypted_types.Has(iter.Get())); |
| 279 } |
| 280 |
| 281 encryption_handler()->UpdateEncryptedTypesFromNigori(specifics); |
| 282 |
| 283 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); |
| 284 encrypted_types = encryption_handler()->GetEncryptedTypes(); |
| 285 for (ModelTypeSet::Iterator iter = real_types.First(); |
| 286 iter.Good(); iter.Inc()) { |
| 287 if (iter.Get() == PASSWORDS || |
| 288 iter.Get() == NIGORI || |
| 289 iter.Get() == BOOKMARKS) |
| 290 EXPECT_TRUE(encrypted_types.Has(iter.Get())); |
| 291 else |
| 292 EXPECT_FALSE(encrypted_types.Has(iter.Get())); |
| 293 } |
| 294 } |
| 295 |
| 296 // Receive an old nigori with old encryption keys and encrypted types. We should |
| 297 // not revert our default key or encrypted types, and should post a task to |
| 298 // overwrite the existing nigori with the correct data. |
| 299 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldNigori) { |
| 300 KeyParams old_key = {"localhost", "dummy", "old"}; |
| 301 KeyParams current_key = {"localhost", "dummy", "cur"}; |
| 302 |
| 303 // Data for testing encryption/decryption. |
| 304 Cryptographer other_cryptographer(cryptographer()->encryptor()); |
| 305 other_cryptographer.AddKey(old_key); |
| 306 sync_pb::EntitySpecifics other_encrypted_specifics; |
| 307 other_encrypted_specifics.mutable_bookmark()->set_title("title"); |
| 308 other_cryptographer.Encrypt( |
| 309 other_encrypted_specifics, |
| 310 other_encrypted_specifics.mutable_encrypted()); |
| 311 sync_pb::EntitySpecifics our_encrypted_specifics; |
| 312 our_encrypted_specifics.mutable_bookmark()->set_title("title2"); |
| 313 ModelTypeSet encrypted_types = ModelTypeSet::All(); |
| 314 |
| 315 // Set up the current encryption state (containing both keys and encrypt |
| 316 // everything). |
| 317 sync_pb::NigoriSpecifics current_nigori_specifics; |
| 318 cryptographer()->AddKey(old_key); |
| 319 cryptographer()->AddKey(current_key); |
| 320 cryptographer()->Encrypt( |
| 321 our_encrypted_specifics, |
| 322 our_encrypted_specifics.mutable_encrypted()); |
| 323 cryptographer()->GetKeys( |
| 324 current_nigori_specifics.mutable_encrypted()); |
| 325 current_nigori_specifics.set_encrypt_everything(true); |
| 326 |
| 327 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)); |
| 328 EXPECT_CALL(*observer(), OnEncryptedTypesChanged( |
| 329 HasModelTypes(ModelTypeSet::All()), true)); |
| 330 { |
| 331 // Update the encryption handler. |
| 332 WriteTransaction trans(FROM_HERE, user_share()); |
| 333 encryption_handler()->ApplyNigoriUpdate( |
| 334 current_nigori_specifics, |
| 335 trans.GetWrappedTrans()); |
| 336 } |
| 337 Mock::VerifyAndClearExpectations(observer()); |
| 338 |
| 339 // Now set up the old nigori specifics and apply it on top. |
| 340 // Has an old set of keys, and no encrypted types. |
| 341 sync_pb::NigoriSpecifics old_nigori; |
| 342 other_cryptographer.GetKeys(old_nigori.mutable_encrypted()); |
| 343 |
| 344 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)); |
| 345 { |
| 346 // Update the encryption handler. |
| 347 WriteTransaction trans(FROM_HERE, user_share()); |
| 348 encryption_handler()->ApplyNigoriUpdate( |
| 349 old_nigori, |
| 350 trans.GetWrappedTrans()); |
| 351 } |
| 352 EXPECT_TRUE(cryptographer()->is_ready()); |
| 353 EXPECT_FALSE(cryptographer()->has_pending_keys()); |
| 354 |
| 355 // Encryption handler should have posted a task to overwrite the old |
| 356 // specifics. |
| 357 PumpLoop(); |
| 358 |
| 359 { |
| 360 // The cryptographer should be able to decrypt both sets of keys and still |
| 361 // be encrypting with the newest, and the encrypted types should be the |
| 362 // most recent. |
| 363 // In addition, the nigori node should match the current encryption state. |
| 364 ReadTransaction trans(FROM_HERE, user_share()); |
| 365 ReadNode nigori_node(&trans); |
| 366 ASSERT_EQ(nigori_node.InitByTagLookup(ModelTypeToRootTag(NIGORI)), |
| 367 BaseNode::INIT_OK); |
| 368 const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics(); |
| 369 EXPECT_TRUE(cryptographer()->CanDecryptUsingDefaultKey( |
| 370 our_encrypted_specifics.encrypted())); |
| 371 EXPECT_TRUE(cryptographer()->CanDecrypt( |
| 372 other_encrypted_specifics.encrypted())); |
| 373 EXPECT_TRUE(cryptographer()->CanDecrypt(nigori.encrypted())); |
| 374 EXPECT_TRUE(nigori.encrypt_everything()); |
| 375 EXPECT_TRUE(cryptographer()->CanDecryptUsingDefaultKey(nigori.encrypted())); |
| 376 } |
| 377 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); |
| 378 } |
| 379 |
| 380 } // namespace syncer |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10827266:
[Sync] Add SyncEncryptionHandler (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src