Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(4)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sync/internal_api/sync_encryption_handler_impl_unittest.cc

Issue 2130453004: [Sync] Move //sync to //components/sync. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase. Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sync/internal_api/sync_encryption_handler_impl.cc ('k') | sync/internal_api/sync_manager_factory.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "sync/internal_api/sync_encryption_handler_impl.h"
6
7 #include <stdint.h>
8
9 #include <memory>
10 #include <string>
11
12 #include "base/base64.h"
13 #include "base/json/json_string_value_serializer.h"
14 #include "base/run_loop.h"
15 #include "base/tracked_objects.h"
16 #include "sync/internal_api/public/base/model_type_test_util.h"
17 #include "sync/internal_api/public/read_node.h"
18 #include "sync/internal_api/public/read_transaction.h"
19 #include "sync/internal_api/public/test/test_user_share.h"
20 #include "sync/internal_api/public/write_node.h"
21 #include "sync/internal_api/public/write_transaction.h"
22 #include "sync/protocol/nigori_specifics.pb.h"
23 #include "sync/protocol/sync.pb.h"
24 #include "sync/syncable/entry.h"
25 #include "sync/syncable/mutable_entry.h"
26 #include "sync/syncable/syncable_write_transaction.h"
27 #include "sync/test/engine/test_id_factory.h"
28 #include "sync/test/fake_encryptor.h"
29 #include "sync/util/cryptographer.h"
30 #include "testing/gmock/include/gmock/gmock.h"
31 #include "testing/gtest/include/gtest/gtest.h"
32
33 namespace syncer {
34
35 namespace {
36
37 using ::testing::_;
38 using ::testing::AnyNumber;
39 using ::testing::AtLeast;
40 using ::testing::Mock;
41 using ::testing::SaveArg;
42 using ::testing::StrictMock;
43
44 // The raw keystore key the server sends.
45 static const char kRawKeystoreKey[] = "keystore_key";
46 // Base64 encoded version of |kRawKeystoreKey|.
47 static const char kKeystoreKey[] = "a2V5c3RvcmVfa2V5";
48
49 class SyncEncryptionHandlerObserverMock
50 : public SyncEncryptionHandler::Observer {
51 public:
52 MOCK_METHOD2(OnPassphraseRequired,
53 void(PassphraseRequiredReason,
54 const sync_pb::EncryptedData&)); // NOLINT
55 MOCK_METHOD0(OnPassphraseAccepted, void()); // NOLINT
56 MOCK_METHOD2(OnBootstrapTokenUpdated,
57 void(const std::string&, BootstrapTokenType type)); // NOLINT
58 MOCK_METHOD2(OnEncryptedTypesChanged,
59 void(ModelTypeSet, bool)); // NOLINT
60 MOCK_METHOD0(OnEncryptionComplete, void()); // NOLINT
61 MOCK_METHOD1(OnCryptographerStateChanged, void(Cryptographer*)); // NOLINT
62 MOCK_METHOD2(OnPassphraseTypeChanged, void(PassphraseType,
63 base::Time)); // NOLINT
64 MOCK_METHOD1(OnLocalSetPassphraseEncryption,
65 void(const SyncEncryptionHandler::NigoriState&)); // NOLINT
66 };
67
68 google::protobuf::RepeatedPtrField<google::protobuf::string>
69 BuildEncryptionKeyProto(const std::string& encryption_key) {
70 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
71 keys.Add()->assign(encryption_key);
72 return keys;
73 }
74
75 } // namespace
76
77 class SyncEncryptionHandlerImplTest : public ::testing::Test {
78 public:
79 SyncEncryptionHandlerImplTest() {}
80 virtual ~SyncEncryptionHandlerImplTest() {}
81
82 virtual void SetUp() {
83 test_user_share_.SetUp();
84 SetUpEncryption();
85 CreateRootForType(NIGORI);
86 }
87
88 virtual void TearDown() {
89 PumpLoop();
90 test_user_share_.TearDown();
91 }
92
93 protected:
94 void SetUpEncryption() {
95 SetUpEncryptionWithKeyForBootstrapping(std::string());
96 }
97
98 void SetUpEncryptionWithKeyForBootstrapping(
99 const std::string& key_for_bootstrapping) {
100 encryption_handler_.reset(new SyncEncryptionHandlerImpl(
101 user_share(), &encryptor_, key_for_bootstrapping,
102 std::string() /* keystore key for bootstrapping */));
103 encryption_handler_->AddObserver(&observer_);
104 }
105
106 void CreateRootForType(ModelType model_type) {
107 syncer::syncable::Directory* directory = user_share()->directory.get();
108
109 std::string tag_name = ModelTypeToRootTag(model_type);
110
111 syncable::WriteTransaction wtrans(FROM_HERE, syncable::UNITTEST, directory);
112 syncable::MutableEntry node(&wtrans,
113 syncable::CREATE,
114 model_type,
115 wtrans.root_id(),
116 tag_name);
117 node.PutUniqueServerTag(tag_name);
118 node.PutIsDir(true);
119 node.PutServerIsDir(false);
120 node.PutIsUnsynced(false);
121 node.PutIsUnappliedUpdate(false);
122 node.PutServerVersion(20);
123 node.PutBaseVersion(20);
124 node.PutIsDel(false);
125 node.PutId(ids_.MakeServer(tag_name));
126 sync_pb::EntitySpecifics specifics;
127 syncer::AddDefaultFieldValue(model_type, &specifics);
128 node.PutSpecifics(specifics);
129 }
130
131 void PumpLoop() {
132 base::RunLoop().RunUntilIdle();
133 }
134
135 // Getters for tests.
136 UserShare* user_share() { return test_user_share_.user_share(); }
137 SyncEncryptionHandlerImpl* encryption_handler() {
138 return encryption_handler_.get();
139 }
140 SyncEncryptionHandlerObserverMock* observer() { return &observer_; }
141 Cryptographer* GetCryptographer() {
142 return encryption_handler_->GetCryptographerUnsafe();
143 }
144
145 void VerifyMigratedNigori(PassphraseType passphrase_type,
146 const std::string& passphrase) {
147 VerifyMigratedNigoriWithTimestamp(0, passphrase_type, passphrase);
148 }
149
150 void VerifyMigratedNigoriWithTimestamp(int64_t migration_time,
151 PassphraseType passphrase_type,
152 const std::string& passphrase) {
153 ReadTransaction trans(FROM_HERE, user_share());
154 ReadNode nigori_node(&trans);
155 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
156 const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics();
157 if (migration_time > 0)
158 EXPECT_EQ(migration_time, nigori.keystore_migration_time());
159 else
160 EXPECT_TRUE(nigori.has_keystore_migration_time());
161 EXPECT_TRUE(nigori.keybag_is_frozen());
162 if (passphrase_type == CUSTOM_PASSPHRASE ||
163 passphrase_type == FROZEN_IMPLICIT_PASSPHRASE) {
164 EXPECT_TRUE(nigori.encrypt_everything());
165 EXPECT_TRUE(nigori.keystore_decryptor_token().blob().empty());
166 if (passphrase_type == CUSTOM_PASSPHRASE) {
167 EXPECT_EQ(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE,
168 nigori.passphrase_type());
169 if (!encryption_handler()->custom_passphrase_time().is_null()) {
170 EXPECT_EQ(nigori.custom_passphrase_time(),
171 TimeToProtoTime(
172 encryption_handler()->custom_passphrase_time()));
173 }
174 } else {
175 EXPECT_EQ(sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE,
176 nigori.passphrase_type());
177 }
178 } else {
179 EXPECT_FALSE(nigori.encrypt_everything());
180 EXPECT_FALSE(nigori.keystore_decryptor_token().blob().empty());
181 EXPECT_EQ(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE,
182 nigori.passphrase_type());
183 Cryptographer keystore_cryptographer(&encryptor_);
184 KeyParams params = {"localhost", "dummy", kKeystoreKey};
185 keystore_cryptographer.AddKey(params);
186 EXPECT_TRUE(keystore_cryptographer.CanDecryptUsingDefaultKey(
187 nigori.keystore_decryptor_token()));
188 }
189
190 Cryptographer temp_cryptographer(&encryptor_);
191 KeyParams params = {"localhost", "dummy", passphrase};
192 temp_cryptographer.AddKey(params);
193 EXPECT_TRUE(temp_cryptographer.CanDecryptUsingDefaultKey(
194 nigori.encryption_keybag()));
195 }
196
197 sync_pb::NigoriSpecifics BuildMigratedNigori(
198 PassphraseType passphrase_type,
199 int64_t migration_time,
200 const std::string& default_passphrase,
201 const std::string& keystore_key) {
202 DCHECK_NE(passphrase_type, IMPLICIT_PASSPHRASE);
203 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
204
205 std::string default_key = default_passphrase;
206 if (default_key.empty()) {
207 default_key = keystore_key;
208 } else {
209 KeyParams keystore_params = {"localhost", "dummy", keystore_key};
210 other_cryptographer.AddKey(keystore_params);
211 }
212 KeyParams params = {"localhost", "dummy", default_key};
213 other_cryptographer.AddKey(params);
214 EXPECT_TRUE(other_cryptographer.is_ready());
215
216 sync_pb::NigoriSpecifics nigori;
217 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
218 nigori.set_keybag_is_frozen(true);
219 nigori.set_keystore_migration_time(migration_time);
220
221 if (passphrase_type == KEYSTORE_PASSPHRASE) {
222 sync_pb::EncryptedData keystore_decryptor_token;
223 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
224 other_cryptographer,
225 keystore_key,
226 &keystore_decryptor_token));
227 nigori.mutable_keystore_decryptor_token()->CopyFrom(
228 keystore_decryptor_token);
229 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
230 } else {
231 nigori.set_encrypt_everything(true);
232 nigori.set_passphrase_type(
233 passphrase_type == CUSTOM_PASSPHRASE ?
234 sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE :
235 sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE);
236 }
237 return nigori;
238 }
239
240 // Build a migrated nigori node with the specified default passphrase
241 // and keystore key and initialize the encryption handler with it.
242 void InitKeystoreMigratedNigori(int64_t migration_time,
243 const std::string& default_passphrase,
244 const std::string& keystore_key) {
245 {
246 WriteTransaction trans(FROM_HERE, user_share());
247 WriteNode nigori_node(&trans);
248 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
249 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
250 KEYSTORE_PASSPHRASE,
251 migration_time,
252 default_passphrase,
253 keystore_key);
254 nigori_node.SetNigoriSpecifics(nigori);
255 }
256
257 EXPECT_CALL(*observer(),
258 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
259 EXPECT_CALL(*observer(),
260 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
261 EXPECT_CALL(*observer(),
262 OnCryptographerStateChanged(_)).Times(AtLeast(1));
263 EXPECT_CALL(*observer(),
264 OnEncryptedTypesChanged(_, false));
265 EXPECT_CALL(*observer(),
266 OnEncryptionComplete()).Times(AtLeast(1));
267 encryption_handler()->Init();
268 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
269 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
270 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
271 Mock::VerifyAndClearExpectations(observer());
272 }
273
274 // Build a migrated nigori node with the specified default passphrase
275 // as a custom passphrase.
276 void InitCustomPassMigratedNigori(int64_t migration_time,
277 const std::string& default_passphrase) {
278 {
279 WriteTransaction trans(FROM_HERE, user_share());
280 WriteNode nigori_node(&trans);
281 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
282 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
283 CUSTOM_PASSPHRASE,
284 migration_time,
285 default_passphrase,
286 kKeystoreKey);
287 nigori_node.SetNigoriSpecifics(nigori);
288 }
289
290 EXPECT_CALL(*observer(),
291 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
292 EXPECT_CALL(*observer(),
293 OnCryptographerStateChanged(_)).Times(AtLeast(1));
294 EXPECT_CALL(*observer(),
295 OnEncryptedTypesChanged(_, true)).Times(AtLeast(1));
296 EXPECT_CALL(*observer(),
297 OnEncryptionComplete()).Times(AtLeast(1));
298 encryption_handler()->Init();
299 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
300 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
301 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
302 Mock::VerifyAndClearExpectations(observer());
303 }
304
305 // Build an unmigrated nigori node with the specified passphrase and type and
306 // initialize the encryption handler with it.
307 void InitUnmigratedNigori(const std::string& default_passphrase,
308 PassphraseType passphrase_type) {
309 DCHECK_NE(passphrase_type, FROZEN_IMPLICIT_PASSPHRASE);
310 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
311 KeyParams default_key = {"localhost", "dummy", default_passphrase};
312 other_cryptographer.AddKey(default_key);
313 EXPECT_TRUE(other_cryptographer.is_ready());
314
315 {
316 WriteTransaction trans(FROM_HERE, user_share());
317 WriteNode nigori_node(&trans);
318 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
319 sync_pb::NigoriSpecifics nigori;
320 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
321 nigori.set_keybag_is_frozen(passphrase_type == CUSTOM_PASSPHRASE);
322 nigori_node.SetNigoriSpecifics(nigori);
323 }
324
325 if (passphrase_type != IMPLICIT_PASSPHRASE) {
326 EXPECT_CALL(*observer(),
327 OnPassphraseTypeChanged(passphrase_type, _));
328 }
329 EXPECT_CALL(*observer(),
330 OnCryptographerStateChanged(_)).Times(AtLeast(1));
331 EXPECT_CALL(*observer(),
332 OnEncryptedTypesChanged(_, false));
333 encryption_handler()->Init();
334 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
335 EXPECT_EQ(encryption_handler()->GetPassphraseType(), passphrase_type);
336 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
337 Mock::VerifyAndClearExpectations(observer());
338 }
339
340 // Verify we can restore the SyncEncryptionHandler state using a saved
341 // |bootstrap_token| and |nigori_state|.
342 //
343 // |migration_time| is the time migration occurred.
344 //
345 // |passphrase| is the custom passphrase.
346 void VerifyRestoreAfterCustomPassphrase(
347 int64_t migration_time,
348 const std::string& passphrase,
349 const std::string& bootstrap_token,
350 const SyncEncryptionHandler::NigoriState& nigori_state,
351 PassphraseType passphrase_type) {
352 TearDown();
353 test_user_share_.SetUp();
354 SetUpEncryptionWithKeyForBootstrapping(bootstrap_token);
355 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
356 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_, true))
357 .Times(AnyNumber());
358 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(passphrase_type, _));
359 EXPECT_CALL(*observer(), OnEncryptionComplete());
360 encryption_handler()->RestoreNigori(nigori_state);
361 encryption_handler()->Init();
362 Mock::VerifyAndClearExpectations(observer());
363 VerifyMigratedNigoriWithTimestamp(migration_time, passphrase_type,
364 passphrase);
365 }
366
367 protected:
368 TestUserShare test_user_share_;
369 FakeEncryptor encryptor_;
370 std::unique_ptr<SyncEncryptionHandlerImpl> encryption_handler_;
371 StrictMock<SyncEncryptionHandlerObserverMock> observer_;
372 TestIdFactory ids_;
373 base::MessageLoop message_loop_;
374 };
375
376 // Verify that the encrypted types are being written to and read from the
377 // nigori node properly.
378 TEST_F(SyncEncryptionHandlerImplTest, NigoriEncryptionTypes) {
379 sync_pb::NigoriSpecifics nigori;
380
381 StrictMock<SyncEncryptionHandlerObserverMock> observer2;
382 SyncEncryptionHandlerImpl handler2(user_share(), &encryptor_, std::string(),
383 std::string() /* bootstrap tokens */);
384 handler2.AddObserver(&observer2);
385
386 // Just set the sensitive types (shouldn't trigger any notifications).
387 ModelTypeSet encrypted_types(SyncEncryptionHandler::SensitiveTypes());
388 {
389 WriteTransaction trans(FROM_HERE, user_share());
390 encryption_handler()->MergeEncryptedTypes(
391 encrypted_types,
392 trans.GetWrappedTrans());
393 encryption_handler()->UpdateNigoriFromEncryptedTypes(
394 &nigori,
395 trans.GetWrappedTrans());
396 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
397 }
398 EXPECT_EQ(encrypted_types, encryption_handler()->GetEncryptedTypesUnsafe());
399 EXPECT_EQ(encrypted_types, handler2.GetEncryptedTypesUnsafe());
400
401 Mock::VerifyAndClearExpectations(observer());
402 Mock::VerifyAndClearExpectations(&observer2);
403
404 ModelTypeSet encrypted_user_types = EncryptableUserTypes();
405
406 EXPECT_CALL(*observer(),
407 OnEncryptedTypesChanged(
408 HasModelTypes(encrypted_user_types), false));
409 EXPECT_CALL(observer2,
410 OnEncryptedTypesChanged(
411 HasModelTypes(encrypted_user_types), false));
412
413 // Set all encrypted types
414 encrypted_types = EncryptableUserTypes();
415 {
416 WriteTransaction trans(FROM_HERE, user_share());
417 encryption_handler()->MergeEncryptedTypes(
418 encrypted_types,
419 trans.GetWrappedTrans());
420 encryption_handler()->UpdateNigoriFromEncryptedTypes(
421 &nigori,
422 trans.GetWrappedTrans());
423 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
424 }
425 EXPECT_EQ(encrypted_types, encryption_handler()->GetEncryptedTypesUnsafe());
426 EXPECT_EQ(encrypted_types, handler2.GetEncryptedTypesUnsafe());
427
428 // Receiving an empty nigori should not reset any encrypted types or trigger
429 // an observer notification.
430 Mock::VerifyAndClearExpectations(observer());
431 Mock::VerifyAndClearExpectations(&observer2);
432 nigori = sync_pb::NigoriSpecifics();
433 {
434 WriteTransaction trans(FROM_HERE, user_share());
435 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
436 }
437 EXPECT_EQ(encrypted_types, encryption_handler()->GetEncryptedTypesUnsafe());
438 }
439
440 // Verify the encryption handler processes the encrypt everything field
441 // properly.
442 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingExplicit) {
443 sync_pb::NigoriSpecifics nigori;
444 nigori.set_encrypt_everything(true);
445
446 EXPECT_CALL(*observer(),
447 OnEncryptedTypesChanged(
448 HasModelTypes(EncryptableUserTypes()), true));
449
450 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
451 ModelTypeSet encrypted_types =
452 encryption_handler()->GetEncryptedTypesUnsafe();
453 EXPECT_EQ(ModelTypeSet(PASSWORDS, WIFI_CREDENTIALS), encrypted_types);
454
455 {
456 WriteTransaction trans(FROM_HERE, user_share());
457 encryption_handler()->UpdateEncryptedTypesFromNigori(
458 nigori,
459 trans.GetWrappedTrans());
460 }
461
462 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
463 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
464 EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes()));
465
466 // Receiving the nigori node again shouldn't trigger another notification.
467 Mock::VerifyAndClearExpectations(observer());
468 {
469 WriteTransaction trans(FROM_HERE, user_share());
470 encryption_handler()->UpdateEncryptedTypesFromNigori(
471 nigori,
472 trans.GetWrappedTrans());
473 }
474 }
475
476 // Verify the encryption handler can detect an implicit encrypt everything state
477 // (from clients that failed to write the encrypt everything field).
478 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingImplicit) {
479 sync_pb::NigoriSpecifics nigori;
480 nigori.set_encrypt_bookmarks(true); // Non-passwords = encrypt everything
481
482 EXPECT_CALL(*observer(),
483 OnEncryptedTypesChanged(
484 HasModelTypes(EncryptableUserTypes()), true));
485
486 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
487 ModelTypeSet encrypted_types =
488 encryption_handler()->GetEncryptedTypesUnsafe();
489 EXPECT_EQ(ModelTypeSet(PASSWORDS, WIFI_CREDENTIALS), encrypted_types);
490
491 {
492 WriteTransaction trans(FROM_HERE, user_share());
493 encryption_handler()->UpdateEncryptedTypesFromNigori(
494 nigori,
495 trans.GetWrappedTrans());
496 }
497
498 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
499 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
500 EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes()));
501
502 // Receiving a nigori node with encrypt everything explicitly set shouldn't
503 // trigger another notification.
504 Mock::VerifyAndClearExpectations(observer());
505 nigori.set_encrypt_everything(true);
506 {
507 WriteTransaction trans(FROM_HERE, user_share());
508 encryption_handler()->UpdateEncryptedTypesFromNigori(
509 nigori,
510 trans.GetWrappedTrans());
511 }
512 }
513
514 // Verify the encryption handler can deal with new versions treating new types
515 // as Sensitive, and that it does not consider this an implicit encrypt
516 // everything case.
517 TEST_F(SyncEncryptionHandlerImplTest, UnknownSensitiveTypes) {
518 sync_pb::NigoriSpecifics nigori;
519 nigori.set_encrypt_everything(false);
520 nigori.set_encrypt_bookmarks(true);
521
522 ModelTypeSet expected_encrypted_types =
523 SyncEncryptionHandler::SensitiveTypes();
524 expected_encrypted_types.Put(BOOKMARKS);
525
526 EXPECT_CALL(*observer(),
527 OnEncryptedTypesChanged(
528 HasModelTypes(expected_encrypted_types), false));
529
530 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
531 ModelTypeSet encrypted_types =
532 encryption_handler()->GetEncryptedTypesUnsafe();
533 EXPECT_EQ(ModelTypeSet(PASSWORDS, WIFI_CREDENTIALS), encrypted_types);
534
535 {
536 WriteTransaction trans(FROM_HERE, user_share());
537 encryption_handler()->UpdateEncryptedTypesFromNigori(
538 nigori,
539 trans.GetWrappedTrans());
540 }
541
542 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
543 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
544 EXPECT_EQ(ModelTypeSet(BOOKMARKS, PASSWORDS, WIFI_CREDENTIALS),
545 encrypted_types);
546 }
547
548 // Receive an old nigori with old encryption keys and encrypted types. We should
549 // not revert our default key or encrypted types, and should post a task to
550 // overwrite the existing nigori with the correct data.
551 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldNigori) {
552 KeyParams old_key = {"localhost", "dummy", "old"};
553 KeyParams current_key = {"localhost", "dummy", "cur"};
554
555 // Data for testing encryption/decryption.
556 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
557 other_cryptographer.AddKey(old_key);
558 sync_pb::EntitySpecifics other_encrypted_specifics;
559 other_encrypted_specifics.mutable_bookmark()->set_title("title");
560 other_cryptographer.Encrypt(
561 other_encrypted_specifics,
562 other_encrypted_specifics.mutable_encrypted());
563 sync_pb::EntitySpecifics our_encrypted_specifics;
564 our_encrypted_specifics.mutable_bookmark()->set_title("title2");
565 ModelTypeSet encrypted_types = EncryptableUserTypes();
566
567 // Set up the current encryption state (containing both keys and encrypt
568 // everything).
569 sync_pb::NigoriSpecifics current_nigori_specifics;
570 GetCryptographer()->AddKey(old_key);
571 GetCryptographer()->AddKey(current_key);
572 GetCryptographer()->Encrypt(
573 our_encrypted_specifics,
574 our_encrypted_specifics.mutable_encrypted());
575 GetCryptographer()->GetKeys(
576 current_nigori_specifics.mutable_encryption_keybag());
577 current_nigori_specifics.set_encrypt_everything(true);
578
579 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
580 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
581 HasModelTypes(EncryptableUserTypes()), true));
582 {
583 // Update the encryption handler.
584 WriteTransaction trans(FROM_HERE, user_share());
585 encryption_handler()->ApplyNigoriUpdate(
586 current_nigori_specifics,
587 trans.GetWrappedTrans());
588 }
589 Mock::VerifyAndClearExpectations(observer());
590
591 // Now set up the old nigori specifics and apply it on top.
592 // Has an old set of keys, and no encrypted types.
593 sync_pb::NigoriSpecifics old_nigori;
594 other_cryptographer.GetKeys(old_nigori.mutable_encryption_keybag());
595
596 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
597 {
598 // Update the encryption handler.
599 WriteTransaction trans(FROM_HERE, user_share());
600 encryption_handler()->ApplyNigoriUpdate(
601 old_nigori,
602 trans.GetWrappedTrans());
603 }
604 EXPECT_TRUE(GetCryptographer()->is_ready());
605 EXPECT_FALSE(GetCryptographer()->has_pending_keys());
606
607 // Encryption handler should have posted a task to overwrite the old
608 // specifics.
609 PumpLoop();
610
611 {
612 // The cryptographer should be able to decrypt both sets of keys and still
613 // be encrypting with the newest, and the encrypted types should be the
614 // most recent.
615 // In addition, the nigori node should match the current encryption state.
616 ReadTransaction trans(FROM_HERE, user_share());
617 ReadNode nigori_node(&trans);
618 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
619 const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics();
620 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(
621 our_encrypted_specifics.encrypted()));
622 EXPECT_TRUE(GetCryptographer()->CanDecrypt(
623 other_encrypted_specifics.encrypted()));
624 EXPECT_TRUE(GetCryptographer()->CanDecrypt(nigori.encryption_keybag()));
625 EXPECT_TRUE(nigori.encrypt_everything());
626 EXPECT_TRUE(
627 GetCryptographer()->CanDecryptUsingDefaultKey(
628 nigori.encryption_keybag()));
629 }
630 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
631 }
632
633 // Ensure setting the keystore key works, updates the bootstrap token, and
634 // triggers a non-backwards compatible migration. Then verify that the
635 // bootstrap token can be correctly parsed by the encryption handler at startup
636 // time.
637 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreMigratesAndUpdatesBootstrap) {
638 // Passing no keys should do nothing.
639 EXPECT_CALL(*observer(), OnBootstrapTokenUpdated(_, _)).Times(0);
640 {
641 WriteTransaction trans(FROM_HERE, user_share());
642 EXPECT_FALSE(GetCryptographer()->is_initialized());
643 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
644 EXPECT_FALSE(encryption_handler()->SetKeystoreKeys(
645 BuildEncryptionKeyProto(std::string()), trans.GetWrappedTrans()));
646 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
647 }
648 Mock::VerifyAndClearExpectations(observer());
649
650 // Build a set of keystore keys.
651 const char kRawOldKeystoreKey[] = "old_keystore_key";
652 std::string old_keystore_key;
653 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
654 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
655 keys.Add()->assign(kRawOldKeystoreKey);
656 keys.Add()->assign(kRawKeystoreKey);
657
658 // Pass them to the encryption handler, triggering a migration and bootstrap
659 // token update.
660 std::string encoded_key;
661 std::string keystore_bootstrap;
662 EXPECT_CALL(*observer(), OnEncryptionComplete());
663 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_));
664 EXPECT_CALL(*observer(), OnPassphraseAccepted());
665 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
666 EXPECT_CALL(*observer(),
667 OnBootstrapTokenUpdated(_,
668 KEYSTORE_BOOTSTRAP_TOKEN)).
669 WillOnce(SaveArg<0>(&keystore_bootstrap));
670 {
671 WriteTransaction trans(FROM_HERE, user_share());
672 EXPECT_TRUE(
673 encryption_handler()->SetKeystoreKeys(
674 keys,
675 trans.GetWrappedTrans()));
676 EXPECT_FALSE(
677 encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
678 EXPECT_FALSE(GetCryptographer()->is_initialized());
679 }
680 PumpLoop();
681 EXPECT_TRUE(GetCryptographer()->is_initialized());
682 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
683
684 // Ensure the bootstrap is encoded properly (a base64 encoded encrypted blob
685 // of list values containing the keystore keys).
686 std::string decoded_bootstrap;
687 ASSERT_TRUE(base::Base64Decode(keystore_bootstrap, &decoded_bootstrap));
688 std::string decrypted_bootstrap;
689 ASSERT_TRUE(
690 GetCryptographer()->encryptor()->DecryptString(decoded_bootstrap,
691 &decrypted_bootstrap));
692 JSONStringValueDeserializer json(decrypted_bootstrap);
693 std::unique_ptr<base::Value> deserialized_keystore_keys(
694 json.Deserialize(NULL, NULL));
695 ASSERT_TRUE(deserialized_keystore_keys.get());
696 base::ListValue* keystore_list = NULL;
697 deserialized_keystore_keys->GetAsList(&keystore_list);
698 ASSERT_TRUE(keystore_list);
699 ASSERT_EQ(2U, keystore_list->GetSize());
700 std::string test_string;
701 keystore_list->GetString(0, &test_string);
702 ASSERT_EQ(old_keystore_key, test_string);
703 keystore_list->GetString(1, &test_string);
704 ASSERT_EQ(kKeystoreKey, test_string);
705
706
707 // Now make sure a new encryption handler can correctly parse the bootstrap
708 // token.
709 SyncEncryptionHandlerImpl handler2(user_share(), &encryptor_,
710 std::string(), // Cryptographer bootstrap.
711 keystore_bootstrap);
712
713 {
714 WriteTransaction trans(FROM_HERE, user_share());
715 EXPECT_FALSE(handler2.NeedKeystoreKey(trans.GetWrappedTrans()));
716 }
717 }
718
719 // Ensure GetKeystoreDecryptor only updates the keystore decryptor token if it
720 // wasn't already set properly. Otherwise, the decryptor should remain the
721 // same.
722 TEST_F(SyncEncryptionHandlerImplTest, GetKeystoreDecryptor) {
723 const char kCurKey[] = "cur";
724 sync_pb::EncryptedData encrypted;
725 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
726 KeyParams cur_key = {"localhost", "dummy", kCurKey};
727 other_cryptographer.AddKey(cur_key);
728 EXPECT_TRUE(other_cryptographer.is_ready());
729 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
730 other_cryptographer,
731 kKeystoreKey,
732 &encrypted));
733 std::string serialized = encrypted.SerializeAsString();
734 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
735 other_cryptographer,
736 kKeystoreKey,
737 &encrypted));
738 EXPECT_EQ(serialized, encrypted.SerializeAsString());
739 }
740
741 // Test that we don't attempt to migrate while an implicit passphrase is pending
742 // and that once we do decrypt pending keys we migrate the nigori. Once
743 // migrated, we should be in keystore passphrase state.
744 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptImplicitPass) {
745 const char kOtherKey[] = "other";
746 {
747 EXPECT_CALL(*observer(),
748 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
749 ReadTransaction trans(FROM_HERE, user_share());
750 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
751 kRawKeystoreKey),
752 trans.GetWrappedTrans());
753 Mock::VerifyAndClearExpectations(observer());
754 }
755 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
756
757 {
758 WriteTransaction trans(FROM_HERE, user_share());
759 WriteNode nigori_node(&trans);
760 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
761 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
762 KeyParams other_key = {"localhost", "dummy", kOtherKey};
763 other_cryptographer.AddKey(other_key);
764
765 sync_pb::NigoriSpecifics nigori;
766 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
767 nigori.set_keybag_is_frozen(false);
768 nigori.set_encrypt_everything(false);
769 EXPECT_CALL(*observer(),
770 OnCryptographerStateChanged(_)).Times(AnyNumber());
771 EXPECT_CALL(*observer(),
772 OnPassphraseRequired(_, _));
773 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
774 nigori_node.SetNigoriSpecifics(nigori);
775 }
776 // Run any tasks posted via AppplyNigoriUpdate.
777 PumpLoop();
778 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
779 Mock::VerifyAndClearExpectations(observer());
780
781 EXPECT_CALL(*observer(),
782 OnCryptographerStateChanged(_)).Times(AnyNumber());
783 EXPECT_CALL(*observer(),
784 OnPassphraseAccepted());
785 EXPECT_CALL(*observer(),
786 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
787 EXPECT_CALL(*observer(),
788 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
789 EXPECT_CALL(*observer(),
790 OnEncryptionComplete());
791 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
792 encryption_handler()->SetDecryptionPassphrase(kOtherKey);
793 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
794 EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType());
795 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kOtherKey);
796 }
797
798 // Test that we don't attempt to migrate while a custom passphrase is pending,
799 // and that once we do decrypt pending keys we migrate the nigori. Once
800 // migrated, we should be in custom passphrase state with encrypt everything.
801 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptCustomPass) {
802 const char kOtherKey[] = "other";
803 {
804 EXPECT_CALL(*observer(),
805 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
806 ReadTransaction trans(FROM_HERE, user_share());
807 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
808 kRawKeystoreKey),
809 trans.GetWrappedTrans());
810 Mock::VerifyAndClearExpectations(observer());
811 }
812 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
813
814 {
815 WriteTransaction trans(FROM_HERE, user_share());
816 WriteNode nigori_node(&trans);
817 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
818 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
819 KeyParams other_key = {"localhost", "dummy", kOtherKey};
820 other_cryptographer.AddKey(other_key);
821
822 sync_pb::NigoriSpecifics nigori;
823 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
824 nigori.set_keybag_is_frozen(true);
825 nigori.set_encrypt_everything(false);
826 EXPECT_CALL(*observer(),
827 OnCryptographerStateChanged(_)).Times(AnyNumber());
828 EXPECT_CALL(*observer(),
829 OnPassphraseRequired(_, _));
830 EXPECT_CALL(*observer(),
831 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
832 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
833 nigori_node.SetNigoriSpecifics(nigori);
834 }
835 // Run any tasks posted via AppplyNigoriUpdate.
836 PumpLoop();
837 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
838 Mock::VerifyAndClearExpectations(observer());
839
840 EXPECT_CALL(*observer(),
841 OnCryptographerStateChanged(_)).Times(AnyNumber());
842 EXPECT_CALL(*observer(),
843 OnPassphraseAccepted());
844 std::string captured_bootstrap_token;
845 EXPECT_CALL(*observer(),
846 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
847 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
848 EXPECT_CALL(*observer(),
849 OnEncryptedTypesChanged(_, true));
850 SyncEncryptionHandler::NigoriState captured_nigori_state;
851 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
852 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
853 EXPECT_CALL(*observer(),
854 OnEncryptionComplete()).Times(2);
855 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
856 encryption_handler()->SetDecryptionPassphrase(kOtherKey);
857 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
858 const base::Time migration_time = encryption_handler()->migration_time();
859 EXPECT_EQ(CUSTOM_PASSPHRASE, encryption_handler()->GetPassphraseType());
860 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kOtherKey);
861
862 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time), kOtherKey,
863 captured_bootstrap_token,
864 captured_nigori_state, CUSTOM_PASSPHRASE);
865 }
866
867 // Test that we trigger a migration when we set the keystore key, had an
868 // implicit passphrase, and did not have encrypt everything. We should switch
869 // to KEYSTORE_PASSPHRASE.
870 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnKeystoreKeyAvailableImplicit) {
871 const char kCurKey[] = "cur";
872 KeyParams current_key = {"localhost", "dummy", kCurKey};
873 GetCryptographer()->AddKey(current_key);
874 EXPECT_CALL(*observer(),
875 OnCryptographerStateChanged(_)).Times(AnyNumber());
876 EXPECT_CALL(*observer(),
877 OnEncryptedTypesChanged(_, false));
878 EXPECT_CALL(*observer(),
879 OnEncryptionComplete());
880 encryption_handler()->Init();
881 Mock::VerifyAndClearExpectations(observer());
882
883 {
884 ReadTransaction trans(FROM_HERE, user_share());
885 // Once we provide a keystore key, we should perform the migration.
886 EXPECT_CALL(*observer(),
887 OnCryptographerStateChanged(_)).Times(AnyNumber());
888 EXPECT_CALL(*observer(),
889 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
890 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
891 kRawKeystoreKey),
892 trans.GetWrappedTrans());
893 }
894 EXPECT_CALL(*observer(),
895 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
896 // The actual migration gets posted, so run all pending tasks.
897 PumpLoop();
898 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
899 EXPECT_EQ(KEYSTORE_PASSPHRASE,
900 encryption_handler()->GetPassphraseType());
901 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
902 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
903 }
904
905 // Test that we trigger a migration when we set the keystore key, had an
906 // implicit passphrase, and encrypt everything enabled. We should switch to
907 // FROZEN_IMPLICIT_PASSPHRASE.
908 TEST_F(SyncEncryptionHandlerImplTest,
909 MigrateOnKeystoreKeyAvailableFrozenImplicit) {
910 const char kCurKey[] = "cur";
911 KeyParams current_key = {"localhost", "dummy", kCurKey};
912 GetCryptographer()->AddKey(current_key);
913 EXPECT_CALL(*observer(),
914 OnCryptographerStateChanged(_)).Times(AnyNumber());
915 EXPECT_CALL(*observer(),
916 OnEncryptedTypesChanged(_, false));
917 EXPECT_CALL(*observer(),
918 OnEncryptionComplete());
919 encryption_handler()->Init();
920 Mock::VerifyAndClearExpectations(observer());
921 EXPECT_CALL(*observer(),
922 OnEncryptedTypesChanged(_, true));
923 SyncEncryptionHandler::NigoriState captured_nigori_state;
924 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
925 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
926 EXPECT_CALL(*observer(),
927 OnEncryptionComplete());
928 encryption_handler()->EnableEncryptEverything();
929
930 {
931 ReadTransaction trans(FROM_HERE, user_share());
932 // Once we provide a keystore key, we should perform the migration.
933 EXPECT_CALL(*observer(),
934 OnCryptographerStateChanged(_)).Times(AnyNumber());
935 EXPECT_CALL(*observer(),
936 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
937 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
938 kRawKeystoreKey),
939 trans.GetWrappedTrans());
940 }
941 EXPECT_CALL(*observer(),
942 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _));
943
944 // The actual migration gets posted, so run all pending tasks.
945 PumpLoop();
946 Mock::VerifyAndClearExpectations(observer());
947
948 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
949 const base::Time migration_time = encryption_handler()->migration_time();
950 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE,
951 encryption_handler()->GetPassphraseType());
952 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
953 VerifyMigratedNigori(FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
954
955 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
956 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
957 // during a previous instance) so get it from the Cryptographer.
958 std::string passphrase_bootstrap_token;
959 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
960 VerifyRestoreAfterCustomPassphrase(
961 TimeToProtoTime(migration_time), kCurKey, passphrase_bootstrap_token,
962 captured_nigori_state, FROZEN_IMPLICIT_PASSPHRASE);
963 }
964
965 // Test that we trigger a migration when we set the keystore key, had a
966 // custom passphrase, and encrypt everything enabled. The passphrase state
967 // should remain as CUSTOM_PASSPHRASE, and encrypt everything stay the same.
968 TEST_F(SyncEncryptionHandlerImplTest,
969 MigrateOnKeystoreKeyAvailableCustomWithEncryption) {
970 const char kCurKey[] = "cur";
971 EXPECT_CALL(*observer(),
972 OnCryptographerStateChanged(_)).Times(AnyNumber());
973 EXPECT_CALL(*observer(),
974 OnPassphraseRequired(_, _));
975 EXPECT_CALL(*observer(),
976 OnPassphraseAccepted());
977 EXPECT_CALL(*observer(),
978 OnEncryptedTypesChanged(_, false));
979 EXPECT_CALL(*observer(),
980 OnEncryptionComplete());
981 EXPECT_CALL(*observer(),
982 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
983 std::string captured_bootstrap_token;
984 EXPECT_CALL(*observer(),
985 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
986 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
987 encryption_handler()->Init();
988 encryption_handler()->SetEncryptionPassphrase(kCurKey, true);
989 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
990 Mock::VerifyAndClearExpectations(observer());
991
992 EXPECT_CALL(*observer(),
993 OnEncryptedTypesChanged(_, true));
994 EXPECT_CALL(*observer(),
995 OnEncryptionComplete());
996 encryption_handler()->EnableEncryptEverything();
997 Mock::VerifyAndClearExpectations(observer());
998
999 SyncEncryptionHandler::NigoriState captured_nigori_state;
1000 {
1001 ReadTransaction trans(FROM_HERE, user_share());
1002 // Once we provide a keystore key, we should perform the migration.
1003 EXPECT_CALL(*observer(),
1004 OnCryptographerStateChanged(_)).Times(AnyNumber());
1005 EXPECT_CALL(*observer(),
1006 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1007 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1008 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1009 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1010 kRawKeystoreKey),
1011 trans.GetWrappedTrans());
1012 }
1013
1014 // The actual migration gets posted, so run all pending tasks.
1015 PumpLoop();
1016 Mock::VerifyAndClearExpectations(observer());
1017
1018 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1019 const base::Time migration_time = encryption_handler()->migration_time();
1020 EXPECT_EQ(CUSTOM_PASSPHRASE,
1021 encryption_handler()->GetPassphraseType());
1022 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1023 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCurKey);
1024
1025 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time), kCurKey,
1026 captured_bootstrap_token,
1027 captured_nigori_state, CUSTOM_PASSPHRASE);
1028 }
1029
1030 // Test that we trigger a migration when we set the keystore key, had a
1031 // custom passphrase, and did not have encrypt everything. The passphrase state
1032 // should remain as CUSTOM_PASSPHRASE, and encrypt everything should be enabled.
1033 TEST_F(SyncEncryptionHandlerImplTest,
1034 MigrateOnKeystoreKeyAvailableCustomNoEncryption) {
1035 const char kCurKey[] = "cur";
1036 EXPECT_CALL(*observer(),
1037 OnCryptographerStateChanged(_)).Times(AnyNumber());
1038 EXPECT_CALL(*observer(),
1039 OnPassphraseRequired(_, _));
1040 EXPECT_CALL(*observer(),
1041 OnPassphraseAccepted());
1042 EXPECT_CALL(*observer(),
1043 OnEncryptedTypesChanged(_, false));
1044 EXPECT_CALL(*observer(),
1045 OnEncryptionComplete());
1046 EXPECT_CALL(*observer(),
1047 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
1048 std::string captured_bootstrap_token;
1049 EXPECT_CALL(*observer(),
1050 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
1051 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
1052 encryption_handler()->Init();
1053 encryption_handler()->SetEncryptionPassphrase(kCurKey, true);
1054 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1055 Mock::VerifyAndClearExpectations(observer());
1056
1057 {
1058 ReadTransaction trans(FROM_HERE, user_share());
1059 // Once we provide a keystore key, we should perform the migration.
1060 EXPECT_CALL(*observer(),
1061 OnCryptographerStateChanged(_)).Times(AnyNumber());
1062 EXPECT_CALL(*observer(),
1063 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1064 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1065 kRawKeystoreKey),
1066 trans.GetWrappedTrans());
1067 }
1068 EXPECT_CALL(*observer(),
1069 OnEncryptedTypesChanged(_, true));
1070 SyncEncryptionHandler::NigoriState captured_nigori_state;
1071 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1072 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1073 EXPECT_CALL(*observer(),
1074 OnEncryptionComplete());
1075 // The actual migration gets posted, so run all pending tasks.
1076 PumpLoop();
1077 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1078 const base::Time migration_time = encryption_handler()->migration_time();
1079 EXPECT_EQ(CUSTOM_PASSPHRASE,
1080 encryption_handler()->GetPassphraseType());
1081 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1082 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCurKey);
1083
1084 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time), kCurKey,
1085 captured_bootstrap_token,
1086 captured_nigori_state, CUSTOM_PASSPHRASE);
1087 }
1088
1089 // Test that we can handle receiving a migrated nigori node in the
1090 // KEYSTORE_PASS state, and use the keystore decryptor token to decrypt the
1091 // keybag.
1092 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriKeystorePass) {
1093 const char kCurKey[] = "cur";
1094 sync_pb::EncryptedData keystore_decryptor_token;
1095 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1096 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1097 other_cryptographer.AddKey(cur_key);
1098 EXPECT_TRUE(other_cryptographer.is_ready());
1099 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1100 other_cryptographer,
1101 kKeystoreKey,
1102 &keystore_decryptor_token));
1103 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1104 EXPECT_FALSE(GetCryptographer()->is_ready());
1105 EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1106
1107 // Now build a nigori node with the generated keystore decryptor token and
1108 // initialize the encryption handler with it. The cryptographer should be
1109 // initialized properly to decrypt both kCurKey and kKeystoreKey.
1110 {
1111 WriteTransaction trans(FROM_HERE, user_share());
1112 WriteNode nigori_node(&trans);
1113 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1114 sync_pb::NigoriSpecifics nigori;
1115 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1116 keystore_decryptor_token);
1117 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1118 nigori.set_keybag_is_frozen(true);
1119 nigori.set_keystore_migration_time(1);
1120 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1121
1122 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1123 EXPECT_CALL(*observer(),
1124 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1125 EXPECT_CALL(*observer(),
1126 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1127 EXPECT_CALL(*observer(),
1128 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
1129 EXPECT_CALL(*observer(),
1130 OnCryptographerStateChanged(_)).Times(AnyNumber());
1131 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1132 kRawKeystoreKey),
1133 trans.GetWrappedTrans());
1134 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1135 nigori_node.SetNigoriSpecifics(nigori);
1136 }
1137 // Run any tasks posted via AppplyNigoriUpdate.
1138 PumpLoop();
1139 Mock::VerifyAndClearExpectations(observer());
1140
1141 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1142 EXPECT_TRUE(GetCryptographer()->is_ready());
1143 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1144 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1145 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kCurKey);
1146
1147 // Check that the cryptographer still encrypts with the current key.
1148 sync_pb::EncryptedData current_encrypted;
1149 other_cryptographer.EncryptString("string", &current_encrypted);
1150 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1151
1152 // Check that the cryptographer can decrypt keystore key based encryption.
1153 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1154 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1155 keystore_cryptographer.AddKey(keystore_key);
1156 sync_pb::EncryptedData keystore_encrypted;
1157 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1158 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1159 }
1160
1161 // Test that we handle receiving migrated nigori's with
1162 // FROZEN_IMPLICIT_PASSPHRASE state. We should be in a pending key state until
1163 // we supply the pending frozen implicit passphrase key.
1164 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriFrozenImplicitPass) {
1165 const char kCurKey[] = "cur";
1166 sync_pb::EncryptedData encrypted;
1167 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1168 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1169 other_cryptographer.AddKey(cur_key);
1170 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1171
1172 {
1173 EXPECT_CALL(*observer(),
1174 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1175 ReadTransaction trans(FROM_HERE, user_share());
1176 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1177 kRawKeystoreKey),
1178 trans.GetWrappedTrans());
1179 }
1180 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1181
1182 {
1183 EXPECT_CALL(*observer(),
1184 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _));
1185 EXPECT_CALL(*observer(),
1186 OnPassphraseRequired(_, _));
1187 EXPECT_CALL(*observer(),
1188 OnCryptographerStateChanged(_)).Times(AnyNumber());
1189 EXPECT_CALL(*observer(),
1190 OnEncryptedTypesChanged(_, true));
1191 WriteTransaction trans(FROM_HERE, user_share());
1192 WriteNode nigori_node(&trans);
1193 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1194 sync_pb::NigoriSpecifics nigori;
1195 nigori.set_keybag_is_frozen(true);
1196 nigori.set_passphrase_type(
1197 sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE);
1198 nigori.set_keystore_migration_time(1);
1199 nigori.set_encrypt_everything(true);
1200 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1201 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1202 nigori_node.SetNigoriSpecifics(nigori);
1203 }
1204 // Run any tasks posted via AppplyNigoriUpdate.
1205 PumpLoop();
1206 Mock::VerifyAndClearExpectations(observer());
1207
1208 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1209 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE,
1210 encryption_handler()->GetPassphraseType());
1211 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1212 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1213
1214 EXPECT_CALL(*observer(),
1215 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1216 EXPECT_CALL(*observer(),
1217 OnCryptographerStateChanged(_)).Times(AnyNumber());
1218 EXPECT_CALL(*observer(),
1219 OnEncryptionComplete());
1220 EXPECT_CALL(*observer(),
1221 OnPassphraseAccepted());
1222 encryption_handler()->SetDecryptionPassphrase(kCurKey);
1223 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1224 EXPECT_TRUE(GetCryptographer()->is_ready());
1225 VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
1226
1227 // Check that the cryptographer still encrypts with the current key.
1228 sync_pb::EncryptedData current_encrypted;
1229 other_cryptographer.EncryptString("string", &current_encrypted);
1230 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1231
1232 // Check that the cryptographer can decrypt keystore key based encryption.
1233 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1234 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1235 keystore_cryptographer.AddKey(keystore_key);
1236 sync_pb::EncryptedData keystore_encrypted;
1237 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1238 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1239 }
1240
1241 // Test that we handle receiving migrated nigori's with
1242 // CUSTOM_PASSPHRASE state. We should be in a pending key state until we
1243 // provide the custom passphrase key.
1244 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriCustomPass) {
1245 const char kCurKey[] = "cur";
1246 sync_pb::EncryptedData encrypted;
1247 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1248 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1249 other_cryptographer.AddKey(cur_key);
1250 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1251
1252 {
1253 EXPECT_CALL(*observer(),
1254 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1255 ReadTransaction trans(FROM_HERE, user_share());
1256 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1257 kRawKeystoreKey),
1258 trans.GetWrappedTrans());
1259 }
1260 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1261
1262 {
1263 EXPECT_CALL(*observer(),
1264 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
1265 EXPECT_CALL(*observer(),
1266 OnPassphraseRequired(_, _));
1267 EXPECT_CALL(*observer(),
1268 OnCryptographerStateChanged(_)).Times(AnyNumber());
1269 EXPECT_CALL(*observer(),
1270 OnEncryptedTypesChanged(_, true));
1271 WriteTransaction trans(FROM_HERE, user_share());
1272 WriteNode nigori_node(&trans);
1273 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1274 sync_pb::NigoriSpecifics nigori;
1275 nigori.set_keybag_is_frozen(true);
1276 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
1277 nigori.set_keystore_migration_time(1);
1278 nigori.set_encrypt_everything(true);
1279 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1280 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1281 nigori_node.SetNigoriSpecifics(nigori);
1282 }
1283 // Run any tasks posted via AppplyNigoriUpdate.
1284 PumpLoop();
1285 Mock::VerifyAndClearExpectations(observer());
1286
1287 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1288 EXPECT_EQ(CUSTOM_PASSPHRASE, encryption_handler()->GetPassphraseType());
1289 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1290 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1291
1292 EXPECT_CALL(*observer(),
1293 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1294 EXPECT_CALL(*observer(),
1295 OnCryptographerStateChanged(_)).Times(AnyNumber());
1296 EXPECT_CALL(*observer(),
1297 OnEncryptionComplete());
1298 EXPECT_CALL(*observer(),
1299 OnPassphraseAccepted());
1300 encryption_handler()->SetDecryptionPassphrase(kCurKey);
1301 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1302 EXPECT_TRUE(GetCryptographer()->is_ready());
1303 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
1304
1305 // Check that the cryptographer still encrypts with the current key.
1306 sync_pb::EncryptedData current_encrypted;
1307 other_cryptographer.EncryptString("string", &current_encrypted);
1308 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1309
1310 // Check that the cryptographer can decrypt keystore key based encryption.
1311 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1312 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1313 keystore_cryptographer.AddKey(keystore_key);
1314 sync_pb::EncryptedData keystore_encrypted;
1315 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1316 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1317 }
1318
1319 // Test that if we have a migrated nigori with a custom passphrase, then receive
1320 // and old implicit passphrase nigori, we properly overwrite it with the current
1321 // state.
1322 TEST_F(SyncEncryptionHandlerImplTest, ReceiveUnmigratedNigoriAfterMigration) {
1323 const char kOldKey[] = "old";
1324 const char kCurKey[] = "cur";
1325 sync_pb::EncryptedData encrypted;
1326 KeyParams old_key = {"localhost", "dummy", kOldKey};
1327 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1328 GetCryptographer()->AddKey(old_key);
1329 GetCryptographer()->AddKey(cur_key);
1330
1331 // Build a migrated nigori with full encryption.
1332 const int64_t migration_time = 1;
1333 {
1334 WriteTransaction trans(FROM_HERE, user_share());
1335 WriteNode nigori_node(&trans);
1336 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1337 sync_pb::NigoriSpecifics nigori;
1338 GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag());
1339 nigori.set_keybag_is_frozen(true);
1340 nigori.set_keystore_migration_time(1);
1341 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
1342 nigori.set_encrypt_everything(true);
1343 nigori_node.SetNigoriSpecifics(nigori);
1344 }
1345
1346 EXPECT_CALL(*observer(),
1347 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
1348 EXPECT_CALL(*observer(),
1349 OnCryptographerStateChanged(_)).Times(AnyNumber());
1350 EXPECT_CALL(*observer(),
1351 OnEncryptedTypesChanged(_, true)).Times(2);
1352 EXPECT_CALL(*observer(),
1353 OnEncryptionComplete());
1354 encryption_handler()->Init();
1355 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1356 EXPECT_TRUE(GetCryptographer()->is_ready());
1357 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
1358 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1359 VerifyMigratedNigoriWithTimestamp(migration_time, CUSTOM_PASSPHRASE, kCurKey);
1360
1361 {
1362 EXPECT_CALL(*observer(),
1363 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1364 ReadTransaction trans(FROM_HERE, user_share());
1365 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1366 kRawKeystoreKey),
1367 trans.GetWrappedTrans());
1368 }
1369 Mock::VerifyAndClearExpectations(observer());
1370
1371 // Now build an old unmigrated nigori node with old encrypted types. We should
1372 // properly overwrite it with the migrated + encrypt everything state.
1373 EXPECT_CALL(*observer(),
1374 OnCryptographerStateChanged(_)).Times(AnyNumber());
1375 SyncEncryptionHandler::NigoriState captured_nigori_state;
1376 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1377 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1378 EXPECT_CALL(*observer(), OnEncryptionComplete());
1379 {
1380 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1381 other_cryptographer.AddKey(old_key);
1382 WriteTransaction trans(FROM_HERE, user_share());
1383 WriteNode nigori_node(&trans);
1384 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1385 sync_pb::NigoriSpecifics nigori;
1386 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1387 nigori.set_keybag_is_frozen(false);
1388 nigori.set_encrypt_everything(false);
1389 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1390 nigori_node.SetNigoriSpecifics(nigori);
1391 }
1392 PumpLoop();
1393
1394 // Verify we're still migrated and have proper encryption state.
1395 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1396 EXPECT_TRUE(GetCryptographer()->is_ready());
1397 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
1398 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1399 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
1400
1401 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
1402 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
1403 // during a previous instance) so get it from the Cryptographer.
1404 std::string passphrase_bootstrap_token;
1405 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
1406 VerifyRestoreAfterCustomPassphrase(migration_time, kCurKey,
1407 passphrase_bootstrap_token,
1408 captured_nigori_state, CUSTOM_PASSPHRASE);
1409 }
1410
1411 // Test that if we have a migrated nigori with a custom passphrase, then receive
1412 // a migrated nigori with a keystore passphrase, we properly overwrite it with
1413 // the current state.
1414 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldMigratedNigori) {
1415 const char kOldKey[] = "old";
1416 const char kCurKey[] = "cur";
1417 sync_pb::EncryptedData encrypted;
1418 KeyParams old_key = {"localhost", "dummy", kOldKey};
1419 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1420 GetCryptographer()->AddKey(old_key);
1421 GetCryptographer()->AddKey(cur_key);
1422
1423 // Build a migrated nigori with full encryption.
1424 {
1425 WriteTransaction trans(FROM_HERE, user_share());
1426 WriteNode nigori_node(&trans);
1427 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1428 sync_pb::NigoriSpecifics nigori;
1429 GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag());
1430 nigori.set_keybag_is_frozen(true);
1431 nigori.set_keystore_migration_time(1);
1432 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
1433 nigori.set_encrypt_everything(true);
1434 nigori_node.SetNigoriSpecifics(nigori);
1435 }
1436
1437 EXPECT_CALL(*observer(),
1438 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
1439 EXPECT_CALL(*observer(),
1440 OnCryptographerStateChanged(_)).Times(AnyNumber());
1441 EXPECT_CALL(*observer(),
1442 OnEncryptedTypesChanged(_, true)).Times(2);
1443 EXPECT_CALL(*observer(),
1444 OnEncryptionComplete());
1445 encryption_handler()->Init();
1446 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1447 EXPECT_TRUE(GetCryptographer()->is_ready());
1448 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
1449 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1450 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
1451
1452 {
1453 EXPECT_CALL(*observer(),
1454 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1455 ReadTransaction trans(FROM_HERE, user_share());
1456 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1457 kRawKeystoreKey),
1458 trans.GetWrappedTrans());
1459 }
1460 Mock::VerifyAndClearExpectations(observer());
1461
1462 // Now build an old keystore nigori node with old encrypted types. We should
1463 // properly overwrite it with the migrated + encrypt everything state.
1464 EXPECT_CALL(*observer(),
1465 OnCryptographerStateChanged(_)).Times(AnyNumber());
1466 SyncEncryptionHandler::NigoriState captured_nigori_state;
1467 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1468 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1469 EXPECT_CALL(*observer(), OnEncryptionComplete());
1470 const int64_t migration_time = 1;
1471 {
1472 WriteTransaction trans(FROM_HERE, user_share());
1473 WriteNode nigori_node(&trans);
1474 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1475 sync_pb::NigoriSpecifics nigori;
1476 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1477 other_cryptographer.AddKey(old_key);
1478 encryption_handler()->GetKeystoreDecryptor(
1479 other_cryptographer,
1480 kKeystoreKey,
1481 nigori.mutable_keystore_decryptor_token());
1482 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1483 nigori.set_keybag_is_frozen(true);
1484 nigori.set_encrypt_everything(false);
1485 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1486 nigori.set_keystore_migration_time(migration_time);
1487 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1488 nigori_node.SetNigoriSpecifics(nigori);
1489 }
1490 PumpLoop();
1491
1492 // Verify we're still migrated and have proper encryption state.
1493 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1494 EXPECT_TRUE(GetCryptographer()->is_ready());
1495 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
1496 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1497 VerifyMigratedNigoriWithTimestamp(migration_time, CUSTOM_PASSPHRASE, kCurKey);
1498
1499 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
1500 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
1501 // during a previous instance) so get it from the Cryptographer.
1502 std::string passphrase_bootstrap_token;
1503 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
1504 VerifyRestoreAfterCustomPassphrase(migration_time, kCurKey,
1505 passphrase_bootstrap_token,
1506 captured_nigori_state, CUSTOM_PASSPHRASE);
1507 }
1508
1509 // Test that if we receive the keystore key after receiving a migrated nigori
1510 // node, we properly use the keystore decryptor token to decrypt the keybag.
1511 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreAfterReceivingMigratedNigori) {
1512 const char kCurKey[] = "cur";
1513 sync_pb::EncryptedData keystore_decryptor_token;
1514 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1515 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1516 other_cryptographer.AddKey(cur_key);
1517 EXPECT_TRUE(other_cryptographer.is_ready());
1518 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1519 other_cryptographer,
1520 kKeystoreKey,
1521 &keystore_decryptor_token));
1522 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1523 EXPECT_FALSE(GetCryptographer()->is_ready());
1524 EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1525
1526 // Now build a nigori node with the generated keystore decryptor token and
1527 // initialize the encryption handler with it. The cryptographer should be
1528 // initialized properly to decrypt both kCurKey and kKeystoreKey.
1529 {
1530 WriteTransaction trans(FROM_HERE, user_share());
1531 WriteNode nigori_node(&trans);
1532 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1533 sync_pb::NigoriSpecifics nigori;
1534 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1535 keystore_decryptor_token);
1536 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1537 nigori.set_keybag_is_frozen(true);
1538 nigori.set_keystore_migration_time(1);
1539 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1540
1541 EXPECT_CALL(*observer(),
1542 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
1543 EXPECT_CALL(*observer(),
1544 OnCryptographerStateChanged(_)).Times(AnyNumber());
1545 EXPECT_CALL(*observer(),
1546 OnPassphraseRequired(_, _));
1547 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
1548 nigori_node.SetNigoriSpecifics(nigori);
1549 }
1550 // Run any tasks posted via AppplyNigoriUpdate.
1551 PumpLoop();
1552 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1553 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1554 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1555 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1556 Mock::VerifyAndClearExpectations(observer());
1557
1558 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1559 EXPECT_CALL(*observer(),
1560 OnCryptographerStateChanged(_)).Times(AnyNumber());
1561 EXPECT_CALL(*observer(),
1562 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1563 {
1564 EXPECT_CALL(*observer(),
1565 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1566 ReadTransaction trans(FROM_HERE, user_share());
1567 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1568 kRawKeystoreKey),
1569 trans.GetWrappedTrans());
1570 }
1571 PumpLoop();
1572 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1573 EXPECT_TRUE(GetCryptographer()->is_ready());
1574 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1575 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1576 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kCurKey);
1577
1578 // Check that the cryptographer still encrypts with the current key.
1579 sync_pb::EncryptedData current_encrypted;
1580 other_cryptographer.EncryptString("string", &current_encrypted);
1581 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
1582
1583 // Check that the cryptographer can decrypt keystore key based encryption.
1584 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1585 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1586 keystore_cryptographer.AddKey(keystore_key);
1587 sync_pb::EncryptedData keystore_encrypted;
1588 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1589 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1590 }
1591
1592 // Test that after receiving a migrated nigori and decrypting it using the
1593 // keystore key, we can then switch to a custom passphrase. The nigori should
1594 // remain migrated and encrypt everything should be enabled.
1595 TEST_F(SyncEncryptionHandlerImplTest, SetCustomPassAfterMigration) {
1596 const char kOldKey[] = "old";
1597 sync_pb::EncryptedData keystore_decryptor_token;
1598 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1599 KeyParams cur_key = {"localhost", "dummy", kOldKey};
1600 other_cryptographer.AddKey(cur_key);
1601 EXPECT_TRUE(other_cryptographer.is_ready());
1602 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1603 other_cryptographer,
1604 kKeystoreKey,
1605 &keystore_decryptor_token));
1606
1607 // Build a nigori node with the generated keystore decryptor token and
1608 // initialize the encryption handler with it. The cryptographer should be
1609 // initialized properly to decrypt both kOldKey and kKeystoreKey.
1610 const int64_t migration_time = 1;
1611 {
1612 WriteTransaction trans(FROM_HERE, user_share());
1613 WriteNode nigori_node(&trans);
1614 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1615 sync_pb::NigoriSpecifics nigori;
1616 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1617 keystore_decryptor_token);
1618 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1619 nigori.set_keybag_is_frozen(true);
1620 nigori.set_keystore_migration_time(migration_time);
1621 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1622 nigori_node.SetNigoriSpecifics(nigori);
1623 EXPECT_CALL(*observer(),
1624 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
1625 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1626 kRawKeystoreKey),
1627 trans.GetWrappedTrans());
1628 }
1629
1630 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1631 EXPECT_CALL(*observer(),
1632 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
1633 EXPECT_CALL(*observer(),
1634 OnCryptographerStateChanged(_)).Times(AnyNumber());
1635 EXPECT_CALL(*observer(),
1636 OnEncryptedTypesChanged(_, false));
1637 EXPECT_CALL(*observer(),
1638 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1639 EXPECT_CALL(*observer(),
1640 OnEncryptionComplete());
1641 encryption_handler()->Init();
1642 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1643 EXPECT_TRUE(GetCryptographer()->is_ready());
1644 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1645 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1646 Mock::VerifyAndClearExpectations(observer());
1647
1648 const char kNewKey[] = "new_key";
1649 EXPECT_CALL(*observer(),
1650 OnCryptographerStateChanged(_)).Times(AnyNumber());
1651 EXPECT_CALL(*observer(),
1652 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
1653 SyncEncryptionHandler::NigoriState captured_nigori_state;
1654 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1655 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1656 std::string captured_bootstrap_token;
1657 EXPECT_CALL(*observer(),
1658 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
1659 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
1660 EXPECT_CALL(*observer(),
1661 OnPassphraseAccepted());
1662 EXPECT_CALL(*observer(),
1663 OnEncryptedTypesChanged(_, true));
1664 EXPECT_CALL(*observer(),
1665 OnEncryptionComplete()).Times(2);
1666 encryption_handler()->SetEncryptionPassphrase(kNewKey, true);
1667 Mock::VerifyAndClearExpectations(observer());
1668
1669 EXPECT_FALSE(captured_bootstrap_token.empty());
1670 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1671 EXPECT_TRUE(GetCryptographer()->is_ready());
1672 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
1673 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1674 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1675 VerifyMigratedNigoriWithTimestamp(migration_time, CUSTOM_PASSPHRASE, kNewKey);
1676
1677 // Check that the cryptographer can decrypt the old key.
1678 sync_pb::EncryptedData old_encrypted;
1679 other_cryptographer.EncryptString("string", &old_encrypted);
1680 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted));
1681
1682 // Check that the cryptographer can decrypt keystore key based encryption.
1683 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1684 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1685 keystore_cryptographer.AddKey(keystore_key);
1686 sync_pb::EncryptedData keystore_encrypted;
1687 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1688 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1689
1690 // Check the the cryptographer is encrypting with the new key.
1691 KeyParams new_key = {"localhost", "dummy", kNewKey};
1692 Cryptographer new_cryptographer(GetCryptographer()->encryptor());
1693 new_cryptographer.AddKey(new_key);
1694 sync_pb::EncryptedData new_encrypted;
1695 new_cryptographer.EncryptString("string", &new_encrypted);
1696 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
1697
1698 // Now verify that we can restore the current state using the captured
1699 // bootstrap token and nigori state.
1700 VerifyRestoreAfterCustomPassphrase(migration_time, kNewKey,
1701 captured_bootstrap_token,
1702 captured_nigori_state, CUSTOM_PASSPHRASE);
1703 }
1704
1705 // Test that if a client without a keystore key (e.g. one without keystore
1706 // encryption enabled) receives a migrated nigori and then attempts to set a
1707 // custom passphrase, it also enables encrypt everything. The nigori node
1708 // should remain migrated.
1709 TEST_F(SyncEncryptionHandlerImplTest,
1710 SetCustomPassAfterMigrationNoKeystoreKey) {
1711 const char kOldKey[] = "old";
1712 sync_pb::EncryptedData keystore_decryptor_token;
1713 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1714 KeyParams cur_key = {"localhost", "dummy", kOldKey};
1715 other_cryptographer.AddKey(cur_key);
1716 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1717 other_cryptographer.AddNonDefaultKey(keystore_key);
1718 EXPECT_TRUE(other_cryptographer.is_ready());
1719 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1720 other_cryptographer,
1721 kKeystoreKey,
1722 &keystore_decryptor_token));
1723
1724 // Build a nigori node with the generated keystore decryptor token and
1725 // initialize the encryption handler with it. The cryptographer will have
1726 // pending keys until we provide the decryption passphrase.
1727 const int64_t migration_time = 1;
1728 {
1729 WriteTransaction trans(FROM_HERE, user_share());
1730 WriteNode nigori_node(&trans);
1731 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1732 sync_pb::NigoriSpecifics nigori;
1733 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1734 keystore_decryptor_token);
1735 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1736 nigori.set_keybag_is_frozen(true);
1737 nigori.set_keystore_migration_time(migration_time);
1738 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1739 nigori_node.SetNigoriSpecifics(nigori);
1740 }
1741
1742 EXPECT_CALL(*observer(),
1743 OnPassphraseRequired(_, _));
1744 EXPECT_CALL(*observer(),
1745 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
1746 EXPECT_CALL(*observer(),
1747 OnCryptographerStateChanged(_)).Times(AnyNumber());
1748 EXPECT_CALL(*observer(),
1749 OnEncryptedTypesChanged(_, false));
1750 encryption_handler()->Init();
1751 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1752 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1753 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1754 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1755 Mock::VerifyAndClearExpectations(observer());
1756
1757 EXPECT_CALL(*observer(),
1758 OnPassphraseAccepted());
1759 EXPECT_CALL(*observer(),
1760 OnCryptographerStateChanged(_)).Times(AnyNumber());
1761 EXPECT_CALL(*observer(),
1762 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1763 EXPECT_CALL(*observer(),
1764 OnEncryptionComplete());
1765 encryption_handler()->SetDecryptionPassphrase(kOldKey);
1766 EXPECT_TRUE(GetCryptographer()->is_ready());
1767 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1768 Mock::VerifyAndClearExpectations(observer());
1769
1770 const char kNewKey[] = "new_key";
1771 EXPECT_CALL(*observer(),
1772 OnCryptographerStateChanged(_)).Times(AnyNumber());
1773 EXPECT_CALL(*observer(),
1774 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
1775 SyncEncryptionHandler::NigoriState captured_nigori_state;
1776 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1777 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1778 std::string captured_bootstrap_token;
1779 EXPECT_CALL(*observer(),
1780 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
1781 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
1782 EXPECT_CALL(*observer(),
1783 OnPassphraseAccepted());
1784 EXPECT_CALL(*observer(),
1785 OnEncryptedTypesChanged(_, true));
1786 EXPECT_CALL(*observer(),
1787 OnEncryptionComplete()).Times(2);
1788 encryption_handler()->SetEncryptionPassphrase(kNewKey, true);
1789 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1790 EXPECT_TRUE(GetCryptographer()->is_ready());
1791 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
1792 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1793 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1794 VerifyMigratedNigoriWithTimestamp(migration_time, CUSTOM_PASSPHRASE, kNewKey);
1795
1796 // Check that the cryptographer can decrypt the old key.
1797 sync_pb::EncryptedData old_encrypted;
1798 other_cryptographer.EncryptString("string", &old_encrypted);
1799 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted));
1800
1801 // Check that the cryptographer can still decrypt keystore key based
1802 // encryption (should have been extracted from the encryption keybag).
1803 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1804 keystore_cryptographer.AddKey(keystore_key);
1805 sync_pb::EncryptedData keystore_encrypted;
1806 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1807 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1808
1809 // Check the the cryptographer is encrypting with the new key.
1810 KeyParams new_key = {"localhost", "dummy", kNewKey};
1811 Cryptographer new_cryptographer(GetCryptographer()->encryptor());
1812 new_cryptographer.AddKey(new_key);
1813 sync_pb::EncryptedData new_encrypted;
1814 new_cryptographer.EncryptString("string", &new_encrypted);
1815 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
1816
1817 // Now verify that we can restore the current state using the captured
1818 // bootstrap token and nigori state.
1819 VerifyRestoreAfterCustomPassphrase(migration_time, kNewKey,
1820 captured_bootstrap_token,
1821 captured_nigori_state, CUSTOM_PASSPHRASE);
1822 }
1823
1824 // Test that if a client without a keystore key (e.g. one without keystore
1825 // encryption enabled) receives a migrated nigori and then attempts to set a
1826 // new implicit passphrase, we do not modify the nigori node (the implicit
1827 // passphrase is dropped).
1828 TEST_F(SyncEncryptionHandlerImplTest,
1829 SetImplicitPassAfterMigrationNoKeystoreKey) {
1830 const char kOldKey[] = "old";
1831 sync_pb::EncryptedData keystore_decryptor_token;
1832 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1833 KeyParams cur_key = {"localhost", "dummy", kOldKey};
1834 other_cryptographer.AddKey(cur_key);
1835 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1836 other_cryptographer.AddNonDefaultKey(keystore_key);
1837 EXPECT_TRUE(other_cryptographer.is_ready());
1838 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1839 other_cryptographer,
1840 kKeystoreKey,
1841 &keystore_decryptor_token));
1842
1843 // Build a nigori node with the generated keystore decryptor token and
1844 // initialize the encryption handler with it. The cryptographer will have
1845 // pending keys until we provide the decryption passphrase.
1846 {
1847 WriteTransaction trans(FROM_HERE, user_share());
1848 WriteNode nigori_node(&trans);
1849 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1850 sync_pb::NigoriSpecifics nigori;
1851 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1852 keystore_decryptor_token);
1853 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1854 nigori.set_keybag_is_frozen(true);
1855 nigori.set_keystore_migration_time(1);
1856 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1857 nigori_node.SetNigoriSpecifics(nigori);
1858 }
1859
1860 EXPECT_CALL(*observer(),
1861 OnPassphraseRequired(_, _));
1862 EXPECT_CALL(*observer(),
1863 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
1864 EXPECT_CALL(*observer(),
1865 OnCryptographerStateChanged(_)).Times(AnyNumber());
1866 EXPECT_CALL(*observer(),
1867 OnEncryptedTypesChanged(_, false));
1868 encryption_handler()->Init();
1869 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1870 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1871 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1872 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1873 Mock::VerifyAndClearExpectations(observer());
1874
1875 EXPECT_CALL(*observer(),
1876 OnPassphraseAccepted());
1877 EXPECT_CALL(*observer(),
1878 OnCryptographerStateChanged(_)).Times(AnyNumber());
1879 EXPECT_CALL(*observer(),
1880 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
1881 EXPECT_CALL(*observer(),
1882 OnEncryptionComplete());
1883 encryption_handler()->SetDecryptionPassphrase(kOldKey);
1884 EXPECT_TRUE(GetCryptographer()->is_ready());
1885 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1886 Mock::VerifyAndClearExpectations(observer());
1887
1888 // Should get dropped on the floor silently.
1889 const char kNewKey[] = "new_key";
1890 encryption_handler()->SetEncryptionPassphrase(kNewKey, false);
1891 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1892 EXPECT_TRUE(GetCryptographer()->is_ready());
1893 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1894 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1895 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kOldKey);
1896
1897 // Check that the cryptographer can decrypt the old key.
1898 sync_pb::EncryptedData old_encrypted;
1899 other_cryptographer.EncryptString("string", &old_encrypted);
1900 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(old_encrypted));
1901
1902 // Check that the cryptographer can still decrypt keystore key based
1903 // encryption (due to extracting the keystore key from the encryption keybag).
1904 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
1905 keystore_cryptographer.AddKey(keystore_key);
1906 sync_pb::EncryptedData keystore_encrypted;
1907 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
1908 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
1909
1910 // Check the the cryptographer does not have the new key.
1911 KeyParams new_key = {"localhost", "dummy", kNewKey};
1912 Cryptographer new_cryptographer(GetCryptographer()->encryptor());
1913 new_cryptographer.AddKey(new_key);
1914 sync_pb::EncryptedData new_encrypted;
1915 new_cryptographer.EncryptString("string", &new_encrypted);
1916 EXPECT_FALSE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
1917 }
1918
1919 // Test that if a client without a keystore key (e.g. one without keystore
1920 // encryption enabled) receives a migrated nigori in keystore passphrase state
1921 // and then attempts to enable encrypt everything, we switch to a custom
1922 // passphrase. The nigori should remain migrated.
1923 TEST_F(SyncEncryptionHandlerImplTest,
1924 MigrateOnEncryptEverythingKeystorePassphrase) {
1925 const char kCurKey[] = "cur";
1926 sync_pb::EncryptedData keystore_decryptor_token;
1927 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
1928 KeyParams cur_key = {"localhost", "dummy", kCurKey};
1929 other_cryptographer.AddKey(cur_key);
1930 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
1931 other_cryptographer.AddNonDefaultKey(keystore_key);
1932 EXPECT_TRUE(other_cryptographer.is_ready());
1933 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1934 other_cryptographer,
1935 kKeystoreKey,
1936 &keystore_decryptor_token));
1937
1938 // Build a nigori node with the generated keystore decryptor token and
1939 // initialize the encryption handler with it. The cryptographer will have
1940 // pending keys until we provide the decryption passphrase.
1941 const int64_t migration_time = 1;
1942 {
1943 WriteTransaction trans(FROM_HERE, user_share());
1944 WriteNode nigori_node(&trans);
1945 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
1946 sync_pb::NigoriSpecifics nigori;
1947 nigori.mutable_keystore_decryptor_token()->CopyFrom(
1948 keystore_decryptor_token);
1949 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
1950 nigori.set_keybag_is_frozen(true);
1951 nigori.set_keystore_migration_time(migration_time);
1952 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
1953 nigori_node.SetNigoriSpecifics(nigori);
1954 }
1955 EXPECT_CALL(*observer(),
1956 OnPassphraseRequired(_, _));
1957 EXPECT_CALL(*observer(),
1958 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
1959 EXPECT_CALL(*observer(),
1960 OnCryptographerStateChanged(_)).Times(AnyNumber());
1961 EXPECT_CALL(*observer(),
1962 OnEncryptedTypesChanged(_, false));
1963 encryption_handler()->Init();
1964 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1965 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1966 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
1967 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1968 Mock::VerifyAndClearExpectations(observer());
1969
1970 EXPECT_CALL(*observer(),
1971 OnPassphraseAccepted());
1972 EXPECT_CALL(*observer(),
1973 OnCryptographerStateChanged(_)).Times(AnyNumber());
1974 std::string captured_bootstrap_token;
1975 EXPECT_CALL(*observer(),
1976 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
1977 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
1978 EXPECT_CALL(*observer(),
1979 OnEncryptionComplete());
1980 encryption_handler()->SetDecryptionPassphrase(kCurKey);
1981 Mock::VerifyAndClearExpectations(observer());
1982
1983 EXPECT_CALL(*observer(),
1984 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _));
1985 EXPECT_CALL(*observer(),
1986 OnEncryptionComplete());
1987 EXPECT_CALL(*observer(),
1988 OnEncryptedTypesChanged(_, true));
1989 SyncEncryptionHandler::NigoriState captured_nigori_state;
1990 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
1991 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
1992 EXPECT_CALL(*observer(),
1993 OnCryptographerStateChanged(_)).Times(AnyNumber());
1994 encryption_handler()->EnableEncryptEverything();
1995 Mock::VerifyAndClearExpectations(observer());
1996
1997 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1998 EXPECT_TRUE(GetCryptographer()->is_ready());
1999 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE,
2000 encryption_handler()->GetPassphraseType());
2001 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
2002 VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
2003
2004 // Check that the cryptographer is encrypting using the frozen current key.
2005 sync_pb::EncryptedData current_encrypted;
2006 other_cryptographer.EncryptString("string", &current_encrypted);
2007 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
2008
2009 // Check that the cryptographer can still decrypt keystore key based
2010 // encryption (due to extracting the keystore key from the encryption keybag).
2011 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
2012 keystore_cryptographer.AddKey(keystore_key);
2013 sync_pb::EncryptedData keystore_encrypted;
2014 keystore_cryptographer.EncryptString("string", &keystore_encrypted);
2015 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
2016
2017 VerifyRestoreAfterCustomPassphrase(
2018 migration_time, kCurKey, captured_bootstrap_token, captured_nigori_state,
2019 FROZEN_IMPLICIT_PASSPHRASE);
2020 }
2021
2022 // If we receive a nigori migrated and with a KEYSTORE_PASSPHRASE type, but
2023 // using an old default key (i.e. old GAIA password), we should overwrite the
2024 // nigori, updating the keybag and keystore decryptor.
2025 TEST_F(SyncEncryptionHandlerImplTest,
2026 ReceiveMigratedNigoriWithOldPassphrase) {
2027 const char kOldKey[] = "old";
2028 const char kCurKey[] = "cur";
2029 sync_pb::EncryptedData encrypted;
2030 KeyParams old_key = {"localhost", "dummy", kOldKey};
2031 KeyParams cur_key = {"localhost", "dummy", kCurKey};
2032 GetCryptographer()->AddKey(old_key);
2033 GetCryptographer()->AddKey(cur_key);
2034
2035 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
2036 other_cryptographer.AddKey(old_key);
2037 EXPECT_TRUE(other_cryptographer.is_ready());
2038
2039 EXPECT_CALL(*observer(),
2040 OnCryptographerStateChanged(_)).Times(AnyNumber());
2041 EXPECT_CALL(*observer(),
2042 OnEncryptedTypesChanged(_, false));
2043 EXPECT_CALL(*observer(),
2044 OnEncryptionComplete());
2045 encryption_handler()->Init();
2046 EXPECT_TRUE(GetCryptographer()->is_ready());
2047 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2048
2049 {
2050 EXPECT_CALL(*observer(),
2051 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2052 ReadTransaction trans(FROM_HERE, user_share());
2053 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2054 kRawKeystoreKey),
2055 trans.GetWrappedTrans());
2056 }
2057 EXPECT_CALL(*observer(),
2058 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
2059 PumpLoop();
2060 Mock::VerifyAndClearExpectations(observer());
2061 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2062 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
2063 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
2064
2065 // Now build an old keystore passphrase nigori node.
2066 EXPECT_CALL(*observer(),
2067 OnCryptographerStateChanged(_)).Times(AnyNumber());
2068 EXPECT_CALL(*observer(), OnEncryptionComplete());
2069 {
2070 WriteTransaction trans(FROM_HERE, user_share());
2071 WriteNode nigori_node(&trans);
2072 ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
2073 sync_pb::NigoriSpecifics nigori;
2074 Cryptographer other_cryptographer(GetCryptographer()->encryptor());
2075 other_cryptographer.AddKey(old_key);
2076 encryption_handler()->GetKeystoreDecryptor(
2077 other_cryptographer,
2078 kKeystoreKey,
2079 nigori.mutable_keystore_decryptor_token());
2080 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
2081 nigori.set_keybag_is_frozen(true);
2082 nigori.set_encrypt_everything(false);
2083 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
2084 nigori.set_keystore_migration_time(1);
2085 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
2086 nigori_node.SetNigoriSpecifics(nigori);
2087 }
2088 PumpLoop();
2089
2090 // Verify we're still migrated and have proper encryption state.
2091 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2092 EXPECT_TRUE(GetCryptographer()->is_ready());
2093 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
2094 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2095 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
2096 }
2097
2098 // Trigger a key rotation upon receiving new keys if we already had a keystore
2099 // migrated nigori with the gaia key as the default (still in backwards
2100 // compatible mode).
2101 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefault) {
2102 // Destroy the existing nigori node so we init without a nigori node.
2103 TearDown();
2104 test_user_share_.SetUp();
2105 SetUpEncryption();
2106
2107 const char kOldGaiaKey[] = "old_gaia_key";
2108 const char kRawOldKeystoreKey[] = "old_keystore_key";
2109 std::string old_keystore_key;
2110 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
2111 {
2112 ReadTransaction trans(FROM_HERE, user_share());
2113 EXPECT_CALL(*observer(),
2114 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2115 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2116 kRawOldKeystoreKey),
2117 trans.GetWrappedTrans());
2118 }
2119 PumpLoop();
2120 Mock::VerifyAndClearExpectations(observer());
2121
2122 // Then init the nigori node with a backwards compatible set of keys.
2123 CreateRootForType(NIGORI);
2124 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2125 InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key);
2126
2127 // Now set some new keystore keys.
2128 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2129 EXPECT_CALL(*observer(), OnEncryptionComplete());
2130 {
2131 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2132 keys.Add()->assign(kRawOldKeystoreKey);
2133 keys.Add()->assign(kRawKeystoreKey);
2134 EXPECT_CALL(*observer(),
2135 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2136 ReadTransaction trans(FROM_HERE, user_share());
2137 encryption_handler()->SetKeystoreKeys(keys,
2138 trans.GetWrappedTrans());
2139 }
2140 // Pump for any posted tasks.
2141 PumpLoop();
2142 Mock::VerifyAndClearExpectations(observer());
2143
2144 // Verify we're still migrated and have proper encryption state. We should
2145 // have rotated the keybag so that it's now encrypted with the newest keystore
2146 // key (instead of the old gaia key).
2147 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2148 EXPECT_TRUE(GetCryptographer()->is_ready());
2149 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
2150 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2151 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
2152 }
2153
2154 // Trigger a key rotation upon receiving new keys if we already had a keystore
2155 // migrated nigori with the keystore key as the default.
2156 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysKeystoreDefault) {
2157 // Destroy the existing nigori node so we init without a nigori node.
2158 TearDown();
2159 test_user_share_.SetUp();
2160 SetUpEncryption();
2161
2162 const char kRawOldKeystoreKey[] = "old_keystore_key";
2163 std::string old_keystore_key;
2164 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
2165 {
2166 ReadTransaction trans(FROM_HERE, user_share());
2167 EXPECT_CALL(*observer(),
2168 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2169 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2170 kRawOldKeystoreKey),
2171 trans.GetWrappedTrans());
2172 }
2173 PumpLoop();
2174 Mock::VerifyAndClearExpectations(observer());
2175
2176 // Then init the nigori node with a non-backwards compatible set of keys.
2177 CreateRootForType(NIGORI);
2178 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2179 InitKeystoreMigratedNigori(1, old_keystore_key, old_keystore_key);
2180
2181 // Now set some new keystore keys.
2182 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
2183 EXPECT_CALL(*observer(), OnEncryptionComplete());
2184 {
2185 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2186 keys.Add()->assign(kRawOldKeystoreKey);
2187 keys.Add()->assign(kRawKeystoreKey);
2188 EXPECT_CALL(*observer(),
2189 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2190 ReadTransaction trans(FROM_HERE, user_share());
2191 encryption_handler()->SetKeystoreKeys(keys,
2192 trans.GetWrappedTrans());
2193 }
2194 // Pump for any posted tasks.
2195 PumpLoop();
2196 Mock::VerifyAndClearExpectations(observer());
2197
2198 // Verify we're still migrated and have proper encryption state. We should
2199 // have rotated the keybag so that it's now encrypted with the newest keystore
2200 // key (instead of the old gaia key).
2201 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2202 EXPECT_TRUE(GetCryptographer()->is_ready());
2203 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
2204 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2205 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
2206 }
2207
2208 // Trigger a key rotation upon when a pending gaia passphrase is resolved.
2209 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysAfterPendingGaiaResolved) {
2210 const char kOldGaiaKey[] = "old_gaia_key";
2211 const char kRawOldKeystoreKey[] = "old_keystore_key";
2212
2213 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2214 InitUnmigratedNigori(kOldGaiaKey, IMPLICIT_PASSPHRASE);
2215
2216 {
2217 // Pass multiple keystore keys, signaling a rotation has happened.
2218 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2219 keys.Add()->assign(kRawOldKeystoreKey);
2220 keys.Add()->assign(kRawKeystoreKey);
2221 ReadTransaction trans(FROM_HERE, user_share());
2222 EXPECT_CALL(*observer(),
2223 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2224 encryption_handler()->SetKeystoreKeys(keys,
2225 trans.GetWrappedTrans());
2226 }
2227 PumpLoop();
2228 Mock::VerifyAndClearExpectations(observer());
2229
2230 // Resolve the pending keys. This should trigger the key rotation.
2231 EXPECT_CALL(*observer(),
2232 OnCryptographerStateChanged(_)).Times(AnyNumber());
2233 EXPECT_CALL(*observer(),
2234 OnPassphraseAccepted());
2235 EXPECT_CALL(*observer(),
2236 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
2237 EXPECT_CALL(*observer(),
2238 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
2239 EXPECT_CALL(*observer(),
2240 OnEncryptionComplete()).Times(AtLeast(1));
2241 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
2242 encryption_handler()->SetDecryptionPassphrase(kOldGaiaKey);
2243 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2244 EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType());
2245 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
2246 }
2247
2248 // When signing in for the first time, make sure we can rotate keys if we
2249 // already have a keystore migrated nigori.
2250 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefaultOnInit) {
2251 // Destroy the existing nigori node so we init without a nigori node.
2252 TearDown();
2253 test_user_share_.SetUp();
2254 SetUpEncryption();
2255
2256 const char kOldGaiaKey[] = "old_gaia_key";
2257 const char kRawOldKeystoreKey[] = "old_keystore_key";
2258 std::string old_keystore_key;
2259 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
2260
2261 // Set two keys, signaling that a rotation has been performed. No nigori
2262 // node is present yet, so we can't rotate.
2263 {
2264 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2265 keys.Add()->assign(kRawOldKeystoreKey);
2266 keys.Add()->assign(kRawKeystoreKey);
2267 EXPECT_CALL(*observer(),
2268 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2269 ReadTransaction trans(FROM_HERE, user_share());
2270 encryption_handler()->SetKeystoreKeys(keys,
2271 trans.GetWrappedTrans());
2272 }
2273
2274 // Then init the nigori node with an old set of keys.
2275 CreateRootForType(NIGORI);
2276 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2277 InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key);
2278 PumpLoop();
2279 Mock::VerifyAndClearExpectations(observer());
2280
2281 // Verify we're still migrated and have proper encryption state. We should
2282 // have rotated the keybag so that it's now encrypted with the newest keystore
2283 // key (instead of the old gaia key).
2284 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2285 EXPECT_TRUE(GetCryptographer()->is_ready());
2286 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
2287 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2288 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
2289 }
2290
2291 // Trigger a key rotation when a migrated nigori (with an old keystore key) is
2292 // applied.
2293 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysWhenMigratedNigoriArrives) {
2294 const char kOldGaiaKey[] = "old_gaia_key";
2295 const char kRawOldKeystoreKey[] = "old_keystore_key";
2296 std::string old_keystore_key;
2297 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
2298
2299 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2300 InitUnmigratedNigori(kOldGaiaKey, IMPLICIT_PASSPHRASE);
2301
2302 {
2303 // Pass multiple keystore keys, signaling a rotation has happened.
2304 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2305 keys.Add()->assign(kRawOldKeystoreKey);
2306 keys.Add()->assign(kRawKeystoreKey);
2307 ReadTransaction trans(FROM_HERE, user_share());
2308 EXPECT_CALL(*observer(),
2309 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2310 encryption_handler()->SetKeystoreKeys(keys,
2311 trans.GetWrappedTrans());
2312 }
2313 PumpLoop();
2314 Mock::VerifyAndClearExpectations(observer());
2315
2316 // Now simulate downloading a nigori node that was migrated before the
2317 // keys were rotated, and hence still encrypt with the old gaia key.
2318 EXPECT_CALL(*observer(),
2319 OnCryptographerStateChanged(_)).Times(AnyNumber());
2320 EXPECT_CALL(*observer(),
2321 OnPassphraseAccepted());
2322 EXPECT_CALL(*observer(),
2323 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
2324 EXPECT_CALL(*observer(),
2325 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
2326 EXPECT_CALL(*observer(),
2327 OnEncryptionComplete()).Times(AtLeast(1));
2328 {
2329 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
2330 KEYSTORE_PASSPHRASE,
2331 1,
2332 kOldGaiaKey,
2333 old_keystore_key);
2334 // Update the encryption handler.
2335 WriteTransaction trans(FROM_HERE, user_share());
2336 encryption_handler()->ApplyNigoriUpdate(
2337 nigori,
2338 trans.GetWrappedTrans());
2339 }
2340 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
2341 PumpLoop();
2342
2343 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2344 EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType());
2345 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
2346 }
2347
2348 // Verify that performing a migration while having more than one keystore key
2349 // preserves a custom passphrase.
2350 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysUnmigratedCustomPassphrase) {
2351 const char kCustomPass[] = "custom_passphrase";
2352 const char kRawOldKeystoreKey[] = "old_keystore_key";
2353
2354 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
2355 InitUnmigratedNigori(kCustomPass, CUSTOM_PASSPHRASE);
2356
2357 {
2358 // Pass multiple keystore keys, signaling a rotation has happened.
2359 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2360 keys.Add()->assign(kRawOldKeystoreKey);
2361 keys.Add()->assign(kRawKeystoreKey);
2362 ReadTransaction trans(FROM_HERE, user_share());
2363 EXPECT_CALL(*observer(),
2364 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2365 encryption_handler()->SetKeystoreKeys(keys,
2366 trans.GetWrappedTrans());
2367 }
2368 PumpLoop();
2369 Mock::VerifyAndClearExpectations(observer());
2370
2371 // Pass the decryption passphrase. This will also trigger the migration,
2372 // but should not overwrite the default key.
2373 EXPECT_CALL(*observer(),
2374 OnCryptographerStateChanged(_)).Times(AnyNumber());
2375 EXPECT_CALL(*observer(),
2376 OnPassphraseAccepted());
2377 EXPECT_CALL(*observer(),
2378 OnEncryptedTypesChanged(_, true));
2379 SyncEncryptionHandler::NigoriState captured_nigori_state;
2380 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
2381 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
2382 EXPECT_CALL(*observer(),
2383 OnEncryptionComplete()).Times(AnyNumber());
2384 std::string captured_bootstrap_token;
2385 EXPECT_CALL(*observer(),
2386 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN))
2387 .WillOnce(testing::SaveArg<0>(&captured_bootstrap_token));
2388 encryption_handler()->SetDecryptionPassphrase(kCustomPass);
2389 Mock::VerifyAndClearExpectations(observer());
2390
2391 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCustomPass);
2392
2393 const base::Time migration_time = encryption_handler()->migration_time();
2394 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time),
2395 kCustomPass, captured_bootstrap_token,
2396 captured_nigori_state, CUSTOM_PASSPHRASE);
2397 }
2398
2399 // Verify that a key rotation done after we've migrated a custom passphrase
2400 // nigori node preserves the custom passphrase.
2401 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysMigratedCustomPassphrase) {
2402 const char kCustomPass[] = "custom_passphrase";
2403 const char kRawOldKeystoreKey[] = "old_keystore_key";
2404
2405 KeyParams custom_key = {"localhost", "dummy", kCustomPass};
2406 GetCryptographer()->AddKey(custom_key);
2407
2408 const int64_t migration_time = 1;
2409 InitCustomPassMigratedNigori(migration_time, kCustomPass);
2410 VerifyMigratedNigoriWithTimestamp(migration_time, CUSTOM_PASSPHRASE,
2411 kCustomPass);
2412
2413 SyncEncryptionHandler::NigoriState captured_nigori_state;
2414 {
2415 // Pass multiple keystore keys, signaling a rotation has happened.
2416 google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
2417 keys.Add()->assign(kRawOldKeystoreKey);
2418 keys.Add()->assign(kRawKeystoreKey);
2419 ReadTransaction trans(FROM_HERE, user_share());
2420 EXPECT_CALL(*observer(),
2421 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2422 EXPECT_CALL(*observer(),
2423 OnCryptographerStateChanged(_)).Times(AnyNumber());
2424 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_))
2425 .WillOnce(testing::SaveArg<0>(&captured_nigori_state));
2426 encryption_handler()->SetKeystoreKeys(keys,
2427 trans.GetWrappedTrans());
2428 }
2429 PumpLoop();
2430 Mock::VerifyAndClearExpectations(observer());
2431
2432 VerifyMigratedNigoriWithTimestamp(migration_time, CUSTOM_PASSPHRASE,
2433 kCustomPass);
2434
2435 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
2436 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
2437 // during a previous instance) so get it from the Cryptographer.
2438 std::string passphrase_bootstrap_token;
2439 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token);
2440 VerifyRestoreAfterCustomPassphrase(migration_time, kCustomPass,
2441 passphrase_bootstrap_token,
2442 captured_nigori_state, CUSTOM_PASSPHRASE);
2443 }
2444
2445 // Verify that the client can gracefully handle a nigori node that is missing
2446 // the keystore migration time field.
2447 TEST_F(SyncEncryptionHandlerImplTest, MissingKeystoreMigrationTime) {
2448 EXPECT_CALL(*observer(),
2449 OnCryptographerStateChanged(_)).Times(AnyNumber());
2450 EXPECT_CALL(*observer(),
2451 OnPassphraseRequired(_, _));
2452 EXPECT_CALL(*observer(),
2453 OnEncryptedTypesChanged(_, false));
2454 encryption_handler()->Init();
2455 Mock::VerifyAndClearExpectations(observer());
2456
2457 // Now simulate downloading a nigori node that that is missing the keystore
2458 // migration time. It should be interpreted properly, and the passphrase type
2459 // should switch to keystore passphrase.
2460 EXPECT_CALL(*observer(),
2461 OnCryptographerStateChanged(_)).Times(AnyNumber());
2462 EXPECT_CALL(*observer(),
2463 OnPassphraseRequired(_, _));
2464 EXPECT_CALL(*observer(),
2465 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
2466 {
2467 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
2468 KEYSTORE_PASSPHRASE,
2469 1,
2470 kKeystoreKey,
2471 kKeystoreKey);
2472 nigori.clear_keystore_migration_time();
2473 // Update the encryption handler.
2474 WriteTransaction trans(FROM_HERE, user_share());
2475 encryption_handler()->ApplyNigoriUpdate(
2476 nigori,
2477 trans.GetWrappedTrans());
2478 }
2479 Mock::VerifyAndClearExpectations(observer());
2480
2481 // Now provide the keystore key to fully initialize the cryptographer.
2482 EXPECT_CALL(*observer(),
2483 OnCryptographerStateChanged(_)).Times(AnyNumber());
2484 EXPECT_CALL(*observer(),
2485 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
2486 {
2487 ReadTransaction trans(FROM_HERE, user_share());
2488 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2489 kRawKeystoreKey),
2490 trans.GetWrappedTrans());
2491 }
2492 }
2493
2494 } // namespace syncer
OLDNEW
« no previous file with comments | « sync/internal_api/sync_encryption_handler_impl.cc ('k') | sync/internal_api/sync_manager_factory.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698