Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(113)

Side by Side Diff: sync/internal_api/sync_encryption_handler_impl_unittest.cc

Issue 10905191: [Sync] Add keystore migration conflict support. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sync/internal_api/sync_encryption_handler_impl.h" 5 #include "sync/internal_api/sync_encryption_handler_impl.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/memory/scoped_ptr.h" 9 #include "base/memory/scoped_ptr.h"
10 #include "base/message_loop.h" 10 #include "base/message_loop.h"
(...skipping 1585 matching lines...) Expand 10 before | Expand all | Expand 10 after
1596 1596
1597 // Check that the cryptographer can still decrypt keystore key based 1597 // Check that the cryptographer can still decrypt keystore key based
1598 // encryption (due to extracting the keystore key from the encryption keybag). 1598 // encryption (due to extracting the keystore key from the encryption keybag).
1599 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1599 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1600 keystore_cryptographer.AddKey(keystore_key); 1600 keystore_cryptographer.AddKey(keystore_key);
1601 sync_pb::EncryptedData keystore_encrypted; 1601 sync_pb::EncryptedData keystore_encrypted;
1602 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1602 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1603 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1603 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1604 } 1604 }
1605 1605
1606 // If we receive a nigori migrated and with a KEYSTORE_PASSPHRASE type, but
1607 // using an old default key (i.e. old GAIA password), we should overwrite the
1608 // nigori, updating the keybag and keystore decryptor.
1609 TEST_F(SyncEncryptionHandlerImplTest,
1610 ReceiveMigratedNigoriWithOldPassphrase) {
1611 const char kOldKey[] = "old";
1612 const char kCurKey[] = "cur";
1613 sync_pb::EncryptedData encrypted;
1614 KeyParams old_key = {"localhost", "dummy", kOldKey};
1615 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1616 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1617 GetCryptographer()->AddKey(old_key);
1618 GetCryptographer()->AddKey(cur_key);
1619
1620 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1621 other_cryptographer.AddKey(old_key);
1622 EXPECT_TRUE(other_cryptographer.is_ready());
1623
1624 EXPECT_CALL(*observer(),
1625 OnCryptographerStateChanged(_));
1626 EXPECT_CALL(*observer(),
1627 OnEncryptedTypesChanged(_, false));
1628 EXPECT_CALL(*observer(),
1629 OnEncryptionComplete());
1630 encryption_handler()->Init();
1631 EXPECT_TRUE(GetCryptographer()->is_ready());
1632 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
1633
1634 {
1635 EXPECT_CALL(*observer(),
1636 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1637 ReadTransaction trans(FROM_HERE, user_share());
1638 encryption_handler()->SetKeystoreKey(kKeystoreKey, trans.GetWrappedTrans());
1639 }
1640 EXPECT_CALL(*observer(),
1641 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE));
1642 PumpLoop();
1643 Mock::VerifyAndClearExpectations(observer());
1644 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1645 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1646 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
1647
1648 // Now build an old keystore passphrase nigori node.
1649 EXPECT_CALL(*observer(),
1650 OnCryptographerStateChanged(_));
1651 {
1652 WriteTransaction trans(FROM_HERE, user_share());
1653 WriteNode nigori_node(&trans);
1654 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK);
1655 sync_pb::NigoriSpecifics nigori;
1656 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1657 other_cryptographer.AddKey(old_key);
1658 encryption_handler()->GetKeystoreDecryptor(
1659 other_cryptographer,
1660 kKeystoreKey,
1661 nigori.mutable_keystore_decryptor_token());
1662 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1663 nigori.set_keybag_is_frozen(true);
1664 nigori.set_encrypt_everything(false);
1665 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1666 nigori.set_keystore_migration_time(1);
1667 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1668 nigori_node.SetNigoriSpecifics(nigori);
1669 }
1670 PumpLoop();
1671
1672 // Verify we're still migrated and have proper encryption state.
1673 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1674 EXPECT_TRUE(GetCryptographer()->is_ready());
1675 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1676 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
1677 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
1678 }
1679
1606 } // namespace syncer 1680 } // namespace syncer
OLDNEW
« no previous file with comments | « sync/internal_api/sync_encryption_handler_impl.cc ('k') | sync/internal_api/test/test_entry_factory.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698