1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sync/internal_api/sync_encryption_handler_impl.h"
9 #include "base/base64.h"
10 #include "base/json/json_string_value_serializer.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/run_loop.h"
13 #include "base/tracked_objects.h"
14 #include "sync/internal_api/public/base/model_type_test_util.h"
15 #include "sync/internal_api/public/read_node.h"
16 #include "sync/internal_api/public/read_transaction.h"
17 #include "sync/internal_api/public/test/test_user_share.h"
18 #include "sync/internal_api/public/write_node.h"
19 #include "sync/internal_api/public/write_transaction.h"
20 #include "sync/protocol/nigori_specifics.pb.h"
21 #include "sync/protocol/sync.pb.h"
22 #include "sync/syncable/entry.h"
23 #include "sync/syncable/mutable_entry.h"
24 #include "sync/syncable/syncable_write_transaction.h"
25 #include "sync/test/engine/test_id_factory.h"
26 #include "sync/test/fake_encryptor.h"
27 #include "sync/util/cryptographer.h"
28 #include "testing/gmock/include/gmock/gmock.h"
29 #include "testing/gtest/include/gtest/gtest.h"
36 using ::testing::AnyNumber
;
37 using ::testing::AtLeast
;
38 using ::testing::Mock
;
39 using ::testing::SaveArg
;
40 using ::testing::StrictMock
;
42 // The raw keystore key the server sends.
43 static const char kRawKeystoreKey
[] = "keystore_key";
44 // Base64 encoded version of |kRawKeystoreKey|.
45 static const char kKeystoreKey
[] = "a2V5c3RvcmVfa2V5";
47 class SyncEncryptionHandlerObserverMock
48 : public SyncEncryptionHandler::Observer
{
50 MOCK_METHOD2(OnPassphraseRequired
,
51 void(PassphraseRequiredReason
,
52 const sync_pb::EncryptedData
&)); // NOLINT
53 MOCK_METHOD0(OnPassphraseAccepted
, void()); // NOLINT
54 MOCK_METHOD2(OnBootstrapTokenUpdated
,
55 void(const std::string
&, BootstrapTokenType type
)); // NOLINT
56 MOCK_METHOD2(OnEncryptedTypesChanged
,
57 void(ModelTypeSet
, bool)); // NOLINT
58 MOCK_METHOD0(OnEncryptionComplete
, void()); // NOLINT
59 MOCK_METHOD1(OnCryptographerStateChanged
, void(Cryptographer
*)); // NOLINT
60 MOCK_METHOD2(OnPassphraseTypeChanged
, void(PassphraseType
,
61 base::Time
)); // NOLINT
62 MOCK_METHOD1(OnLocalSetPassphraseEncryption
,
63 void(const SyncEncryptionHandler::NigoriState
&)); // NOLINT
66 google::protobuf::RepeatedPtrField
<google::protobuf::string
>
67 BuildEncryptionKeyProto(std::string encryption_key
) {
68 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
69 keys
.Add()->assign(encryption_key
);
75 class SyncEncryptionHandlerImplTest
: public ::testing::Test
{
77 SyncEncryptionHandlerImplTest() {}
78 virtual ~SyncEncryptionHandlerImplTest() {}
80 virtual void SetUp() {
81 test_user_share_
.SetUp();
83 CreateRootForType(NIGORI
);
86 virtual void TearDown() {
88 test_user_share_
.TearDown();
92 void SetUpEncryption() {
93 SetUpEncryptionWithKeyForBootstrapping(std::string());
96 void SetUpEncryptionWithKeyForBootstrapping(
97 const std::string
& key_for_bootstrapping
) {
98 encryption_handler_
.reset(new SyncEncryptionHandlerImpl(
99 user_share(), &encryptor_
, key_for_bootstrapping
,
100 std::string() /* keystore key for bootstrapping */,
101 PASSPHRASE_TRANSITION_DO_NOT_CLEAR_DATA
));
102 encryption_handler_
->AddObserver(&observer_
);
105 void CreateRootForType(ModelType model_type
) {
106 syncer::syncable::Directory
* directory
= user_share()->directory
.get();
108 std::string tag_name
= ModelTypeToRootTag(model_type
);
110 syncable::WriteTransaction
wtrans(FROM_HERE
, syncable::UNITTEST
, directory
);
111 syncable::MutableEntry
node(&wtrans
,
116 node
.PutUniqueServerTag(tag_name
);
118 node
.PutServerIsDir(false);
119 node
.PutIsUnsynced(false);
120 node
.PutIsUnappliedUpdate(false);
121 node
.PutServerVersion(20);
122 node
.PutBaseVersion(20);
123 node
.PutIsDel(false);
124 node
.PutId(ids_
.MakeServer(tag_name
));
125 sync_pb::EntitySpecifics specifics
;
126 syncer::AddDefaultFieldValue(model_type
, &specifics
);
127 node
.PutSpecifics(specifics
);
131 base::RunLoop().RunUntilIdle();
134 // Getters for tests.
135 UserShare
* user_share() { return test_user_share_
.user_share(); }
136 SyncEncryptionHandlerImpl
* encryption_handler() {
137 return encryption_handler_
.get();
139 SyncEncryptionHandlerObserverMock
* observer() { return &observer_
; }
140 Cryptographer
* GetCryptographer() {
141 return encryption_handler_
->GetCryptographerUnsafe();
144 void VerifyMigratedNigori(PassphraseType passphrase_type
,
145 const std::string
& passphrase
) {
146 VerifyMigratedNigoriWithTimestamp(0, passphrase_type
, passphrase
);
149 void VerifyMigratedNigoriWithTimestamp(
150 int64 migration_time
,
151 PassphraseType passphrase_type
,
152 const std::string
& passphrase
) {
153 ReadTransaction
trans(FROM_HERE
, user_share());
154 ReadNode
nigori_node(&trans
);
155 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
156 const sync_pb::NigoriSpecifics
& nigori
= nigori_node
.GetNigoriSpecifics();
157 if (migration_time
> 0)
158 EXPECT_EQ(migration_time
, nigori
.keystore_migration_time());
160 EXPECT_TRUE(nigori
.has_keystore_migration_time());
161 EXPECT_TRUE(nigori
.keybag_is_frozen());
162 if (passphrase_type
== CUSTOM_PASSPHRASE
||
163 passphrase_type
== FROZEN_IMPLICIT_PASSPHRASE
) {
164 EXPECT_TRUE(nigori
.encrypt_everything());
165 EXPECT_TRUE(nigori
.keystore_decryptor_token().blob().empty());
166 if (passphrase_type
== CUSTOM_PASSPHRASE
) {
167 EXPECT_EQ(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE
,
168 nigori
.passphrase_type());
169 if (!encryption_handler()->custom_passphrase_time().is_null()) {
170 EXPECT_EQ(nigori
.custom_passphrase_time(),
172 encryption_handler()->custom_passphrase_time()));
175 EXPECT_EQ(sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE
,
176 nigori
.passphrase_type());
179 EXPECT_FALSE(nigori
.encrypt_everything());
180 EXPECT_FALSE(nigori
.keystore_decryptor_token().blob().empty());
181 EXPECT_EQ(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
,
182 nigori
.passphrase_type());
183 Cryptographer
keystore_cryptographer(&encryptor_
);
184 KeyParams params
= {"localhost", "dummy", kKeystoreKey
};
185 keystore_cryptographer
.AddKey(params
);
186 EXPECT_TRUE(keystore_cryptographer
.CanDecryptUsingDefaultKey(
187 nigori
.keystore_decryptor_token()));
190 Cryptographer
temp_cryptographer(&encryptor_
);
191 KeyParams params
= {"localhost", "dummy", passphrase
};
192 temp_cryptographer
.AddKey(params
);
193 EXPECT_TRUE(temp_cryptographer
.CanDecryptUsingDefaultKey(
194 nigori
.encryption_keybag()));
197 sync_pb::NigoriSpecifics
BuildMigratedNigori(
198 PassphraseType passphrase_type
,
199 int64 migration_time
,
200 const std::string
& default_passphrase
,
201 const std::string
& keystore_key
) {
202 DCHECK_NE(passphrase_type
, IMPLICIT_PASSPHRASE
);
203 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
205 std::string default_key
= default_passphrase
;
206 if (default_key
.empty()) {
207 default_key
= keystore_key
;
209 KeyParams keystore_params
= {"localhost", "dummy", keystore_key
};
210 other_cryptographer
.AddKey(keystore_params
);
212 KeyParams params
= {"localhost", "dummy", default_key
};
213 other_cryptographer
.AddKey(params
);
214 EXPECT_TRUE(other_cryptographer
.is_ready());
216 sync_pb::NigoriSpecifics nigori
;
217 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
218 nigori
.set_keybag_is_frozen(true);
219 nigori
.set_keystore_migration_time(migration_time
);
221 if (passphrase_type
== KEYSTORE_PASSPHRASE
) {
222 sync_pb::EncryptedData keystore_decryptor_token
;
223 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
226 &keystore_decryptor_token
));
227 nigori
.mutable_keystore_decryptor_token()->CopyFrom(
228 keystore_decryptor_token
);
229 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
231 nigori
.set_encrypt_everything(true);
232 nigori
.set_passphrase_type(
233 passphrase_type
== CUSTOM_PASSPHRASE
?
234 sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE
:
235 sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE
);
240 // Build a migrated nigori node with the specified default passphrase
241 // and keystore key and initialize the encryption handler with it.
242 void InitKeystoreMigratedNigori(int64 migration_time
,
243 const std::string
& default_passphrase
,
244 const std::string
& keystore_key
) {
246 WriteTransaction
trans(FROM_HERE
, user_share());
247 WriteNode
nigori_node(&trans
);
248 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
249 sync_pb::NigoriSpecifics nigori
= BuildMigratedNigori(
254 nigori_node
.SetNigoriSpecifics(nigori
);
257 EXPECT_CALL(*observer(),
258 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
259 EXPECT_CALL(*observer(),
260 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
261 EXPECT_CALL(*observer(),
262 OnCryptographerStateChanged(_
)).Times(AtLeast(1));
263 EXPECT_CALL(*observer(),
264 OnEncryptedTypesChanged(_
, false));
265 EXPECT_CALL(*observer(),
266 OnEncryptionComplete()).Times(AtLeast(1));
267 encryption_handler()->Init();
268 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
269 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
270 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
271 Mock::VerifyAndClearExpectations(observer());
274 // Build a migrated nigori node with the specified default passphrase
275 // as a custom passphrase.
276 void InitCustomPassMigratedNigori(int64 migration_time
,
277 const std::string
& default_passphrase
) {
279 WriteTransaction
trans(FROM_HERE
, user_share());
280 WriteNode
nigori_node(&trans
);
281 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
282 sync_pb::NigoriSpecifics nigori
= BuildMigratedNigori(
287 nigori_node
.SetNigoriSpecifics(nigori
);
290 EXPECT_CALL(*observer(),
291 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
292 EXPECT_CALL(*observer(),
293 OnCryptographerStateChanged(_
)).Times(AtLeast(1));
294 EXPECT_CALL(*observer(),
295 OnEncryptedTypesChanged(_
, true)).Times(AtLeast(1));
296 EXPECT_CALL(*observer(),
297 OnEncryptionComplete()).Times(AtLeast(1));
298 encryption_handler()->Init();
299 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
300 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE
);
301 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
302 Mock::VerifyAndClearExpectations(observer());
305 // Build an unmigrated nigori node with the specified passphrase and type and
306 // initialize the encryption handler with it.
307 void InitUnmigratedNigori(const std::string
& default_passphrase
,
308 PassphraseType passphrase_type
) {
309 DCHECK_NE(passphrase_type
, FROZEN_IMPLICIT_PASSPHRASE
);
310 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
311 KeyParams default_key
= {"localhost", "dummy", default_passphrase
};
312 other_cryptographer
.AddKey(default_key
);
313 EXPECT_TRUE(other_cryptographer
.is_ready());
316 WriteTransaction
trans(FROM_HERE
, user_share());
317 WriteNode
nigori_node(&trans
);
318 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
319 sync_pb::NigoriSpecifics nigori
;
320 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
321 nigori
.set_keybag_is_frozen(passphrase_type
== CUSTOM_PASSPHRASE
);
322 nigori_node
.SetNigoriSpecifics(nigori
);
325 if (passphrase_type
!= IMPLICIT_PASSPHRASE
) {
326 EXPECT_CALL(*observer(),
327 OnPassphraseTypeChanged(passphrase_type
, _
));
329 EXPECT_CALL(*observer(),
330 OnCryptographerStateChanged(_
)).Times(AtLeast(1));
331 EXPECT_CALL(*observer(),
332 OnEncryptedTypesChanged(_
, false));
333 encryption_handler()->Init();
334 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
335 EXPECT_EQ(encryption_handler()->GetPassphraseType(), passphrase_type
);
336 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
337 Mock::VerifyAndClearExpectations(observer());
340 // Verify we can restore the SyncEncryptionHandler state using a saved
341 // |bootstrap_token| and |nigori_state|.
343 // |migration_time| is the time migration occurred.
345 // |passphrase| is the custom passphrase.
346 void VerifyRestoreAfterCustomPassphrase(
347 int64 migration_time
,
348 const std::string
& passphrase
,
349 const std::string
& bootstrap_token
,
350 const SyncEncryptionHandler::NigoriState
& nigori_state
,
351 PassphraseType passphrase_type
) {
353 test_user_share_
.SetUp();
354 SetUpEncryptionWithKeyForBootstrapping(bootstrap_token
);
355 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_
)).Times(AnyNumber());
356 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(_
, true))
358 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(passphrase_type
, _
));
359 EXPECT_CALL(*observer(), OnEncryptionComplete());
360 encryption_handler()->RestoreNigori(nigori_state
);
361 encryption_handler()->Init();
362 Mock::VerifyAndClearExpectations(observer());
363 VerifyMigratedNigoriWithTimestamp(migration_time
, passphrase_type
,
368 TestUserShare test_user_share_
;
369 FakeEncryptor encryptor_
;
370 scoped_ptr
<SyncEncryptionHandlerImpl
> encryption_handler_
;
371 StrictMock
<SyncEncryptionHandlerObserverMock
> observer_
;
373 base::MessageLoop message_loop_
;
376 // Verify that the encrypted types are being written to and read from the
377 // nigori node properly.
378 TEST_F(SyncEncryptionHandlerImplTest
, NigoriEncryptionTypes
) {
379 sync_pb::NigoriSpecifics nigori
;
381 StrictMock
<SyncEncryptionHandlerObserverMock
> observer2
;
382 SyncEncryptionHandlerImpl
handler2(user_share(), &encryptor_
, std::string(),
383 std::string() /* bootstrap tokens */,
384 PASSPHRASE_TRANSITION_DO_NOT_CLEAR_DATA
);
385 handler2
.AddObserver(&observer2
);
387 // Just set the sensitive types (shouldn't trigger any notifications).
388 ModelTypeSet
encrypted_types(SyncEncryptionHandler::SensitiveTypes());
390 WriteTransaction
trans(FROM_HERE
, user_share());
391 encryption_handler()->MergeEncryptedTypes(
393 trans
.GetWrappedTrans());
394 encryption_handler()->UpdateNigoriFromEncryptedTypes(
396 trans
.GetWrappedTrans());
397 handler2
.UpdateEncryptedTypesFromNigori(nigori
, trans
.GetWrappedTrans());
399 EXPECT_TRUE(encrypted_types
.Equals(
400 encryption_handler()->GetEncryptedTypesUnsafe()));
401 EXPECT_TRUE(encrypted_types
.Equals(
402 handler2
.GetEncryptedTypesUnsafe()));
404 Mock::VerifyAndClearExpectations(observer());
405 Mock::VerifyAndClearExpectations(&observer2
);
407 ModelTypeSet encrypted_user_types
= EncryptableUserTypes();
409 EXPECT_CALL(*observer(),
410 OnEncryptedTypesChanged(
411 HasModelTypes(encrypted_user_types
), false));
412 EXPECT_CALL(observer2
,
413 OnEncryptedTypesChanged(
414 HasModelTypes(encrypted_user_types
), false));
416 // Set all encrypted types
417 encrypted_types
= EncryptableUserTypes();
419 WriteTransaction
trans(FROM_HERE
, user_share());
420 encryption_handler()->MergeEncryptedTypes(
422 trans
.GetWrappedTrans());
423 encryption_handler()->UpdateNigoriFromEncryptedTypes(
425 trans
.GetWrappedTrans());
426 handler2
.UpdateEncryptedTypesFromNigori(nigori
, trans
.GetWrappedTrans());
428 EXPECT_TRUE(encrypted_types
.Equals(
429 encryption_handler()->GetEncryptedTypesUnsafe()));
430 EXPECT_TRUE(encrypted_types
.Equals(handler2
.GetEncryptedTypesUnsafe()));
432 // Receiving an empty nigori should not reset any encrypted types or trigger
433 // an observer notification.
434 Mock::VerifyAndClearExpectations(observer());
435 Mock::VerifyAndClearExpectations(&observer2
);
436 nigori
= sync_pb::NigoriSpecifics();
438 WriteTransaction
trans(FROM_HERE
, user_share());
439 handler2
.UpdateEncryptedTypesFromNigori(nigori
, trans
.GetWrappedTrans());
441 EXPECT_TRUE(encrypted_types
.Equals(
442 encryption_handler()->GetEncryptedTypesUnsafe()));
445 // Verify the encryption handler processes the encrypt everything field
447 TEST_F(SyncEncryptionHandlerImplTest
, EncryptEverythingExplicit
) {
448 sync_pb::NigoriSpecifics nigori
;
449 nigori
.set_encrypt_everything(true);
451 EXPECT_CALL(*observer(),
452 OnEncryptedTypesChanged(
453 HasModelTypes(EncryptableUserTypes()), true));
455 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
456 ModelTypeSet encrypted_types
=
457 encryption_handler()->GetEncryptedTypesUnsafe();
458 EXPECT_TRUE(encrypted_types
.Equals(
459 ModelTypeSet(PASSWORDS
, WIFI_CREDENTIALS
)));
462 WriteTransaction
trans(FROM_HERE
, user_share());
463 encryption_handler()->UpdateEncryptedTypesFromNigori(
465 trans
.GetWrappedTrans());
468 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
469 encrypted_types
= encryption_handler()->GetEncryptedTypesUnsafe();
470 EXPECT_TRUE(encrypted_types
.HasAll(EncryptableUserTypes()));
472 // Receiving the nigori node again shouldn't trigger another notification.
473 Mock::VerifyAndClearExpectations(observer());
475 WriteTransaction
trans(FROM_HERE
, user_share());
476 encryption_handler()->UpdateEncryptedTypesFromNigori(
478 trans
.GetWrappedTrans());
482 // Verify the encryption handler can detect an implicit encrypt everything state
483 // (from clients that failed to write the encrypt everything field).
484 TEST_F(SyncEncryptionHandlerImplTest
, EncryptEverythingImplicit
) {
485 sync_pb::NigoriSpecifics nigori
;
486 nigori
.set_encrypt_bookmarks(true); // Non-passwords = encrypt everything
488 EXPECT_CALL(*observer(),
489 OnEncryptedTypesChanged(
490 HasModelTypes(EncryptableUserTypes()), true));
492 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
493 ModelTypeSet encrypted_types
=
494 encryption_handler()->GetEncryptedTypesUnsafe();
495 EXPECT_TRUE(encrypted_types
.Equals(
496 ModelTypeSet(PASSWORDS
, WIFI_CREDENTIALS
)));
499 WriteTransaction
trans(FROM_HERE
, user_share());
500 encryption_handler()->UpdateEncryptedTypesFromNigori(
502 trans
.GetWrappedTrans());
505 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
506 encrypted_types
= encryption_handler()->GetEncryptedTypesUnsafe();
507 EXPECT_TRUE(encrypted_types
.HasAll(EncryptableUserTypes()));
509 // Receiving a nigori node with encrypt everything explicitly set shouldn't
510 // trigger another notification.
511 Mock::VerifyAndClearExpectations(observer());
512 nigori
.set_encrypt_everything(true);
514 WriteTransaction
trans(FROM_HERE
, user_share());
515 encryption_handler()->UpdateEncryptedTypesFromNigori(
517 trans
.GetWrappedTrans());
521 // Verify the encryption handler can deal with new versions treating new types
522 // as Sensitive, and that it does not consider this an implicit encrypt
524 TEST_F(SyncEncryptionHandlerImplTest
, UnknownSensitiveTypes
) {
525 sync_pb::NigoriSpecifics nigori
;
526 nigori
.set_encrypt_everything(false);
527 nigori
.set_encrypt_bookmarks(true);
529 ModelTypeSet expected_encrypted_types
=
530 SyncEncryptionHandler::SensitiveTypes();
531 expected_encrypted_types
.Put(BOOKMARKS
);
533 EXPECT_CALL(*observer(),
534 OnEncryptedTypesChanged(
535 HasModelTypes(expected_encrypted_types
), false));
537 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
538 ModelTypeSet encrypted_types
=
539 encryption_handler()->GetEncryptedTypesUnsafe();
540 EXPECT_TRUE(encrypted_types
.Equals(
541 ModelTypeSet(PASSWORDS
, WIFI_CREDENTIALS
)));
544 WriteTransaction
trans(FROM_HERE
, user_share());
545 encryption_handler()->UpdateEncryptedTypesFromNigori(
547 trans
.GetWrappedTrans());
550 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
551 encrypted_types
= encryption_handler()->GetEncryptedTypesUnsafe();
552 EXPECT_TRUE(encrypted_types
.Equals(
553 ModelTypeSet(BOOKMARKS
, PASSWORDS
, WIFI_CREDENTIALS
)));
556 // Receive an old nigori with old encryption keys and encrypted types. We should
557 // not revert our default key or encrypted types, and should post a task to
558 // overwrite the existing nigori with the correct data.
559 TEST_F(SyncEncryptionHandlerImplTest
, ReceiveOldNigori
) {
560 KeyParams old_key
= {"localhost", "dummy", "old"};
561 KeyParams current_key
= {"localhost", "dummy", "cur"};
563 // Data for testing encryption/decryption.
564 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
565 other_cryptographer
.AddKey(old_key
);
566 sync_pb::EntitySpecifics other_encrypted_specifics
;
567 other_encrypted_specifics
.mutable_bookmark()->set_title("title");
568 other_cryptographer
.Encrypt(
569 other_encrypted_specifics
,
570 other_encrypted_specifics
.mutable_encrypted());
571 sync_pb::EntitySpecifics our_encrypted_specifics
;
572 our_encrypted_specifics
.mutable_bookmark()->set_title("title2");
573 ModelTypeSet encrypted_types
= EncryptableUserTypes();
575 // Set up the current encryption state (containing both keys and encrypt
577 sync_pb::NigoriSpecifics current_nigori_specifics
;
578 GetCryptographer()->AddKey(old_key
);
579 GetCryptographer()->AddKey(current_key
);
580 GetCryptographer()->Encrypt(
581 our_encrypted_specifics
,
582 our_encrypted_specifics
.mutable_encrypted());
583 GetCryptographer()->GetKeys(
584 current_nigori_specifics
.mutable_encryption_keybag());
585 current_nigori_specifics
.set_encrypt_everything(true);
587 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_
)).Times(AnyNumber());
588 EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
589 HasModelTypes(EncryptableUserTypes()), true));
591 // Update the encryption handler.
592 WriteTransaction
trans(FROM_HERE
, user_share());
593 encryption_handler()->ApplyNigoriUpdate(
594 current_nigori_specifics
,
595 trans
.GetWrappedTrans());
597 Mock::VerifyAndClearExpectations(observer());
599 // Now set up the old nigori specifics and apply it on top.
600 // Has an old set of keys, and no encrypted types.
601 sync_pb::NigoriSpecifics old_nigori
;
602 other_cryptographer
.GetKeys(old_nigori
.mutable_encryption_keybag());
604 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_
)).Times(AnyNumber());
606 // Update the encryption handler.
607 WriteTransaction
trans(FROM_HERE
, user_share());
608 encryption_handler()->ApplyNigoriUpdate(
610 trans
.GetWrappedTrans());
612 EXPECT_TRUE(GetCryptographer()->is_ready());
613 EXPECT_FALSE(GetCryptographer()->has_pending_keys());
615 // Encryption handler should have posted a task to overwrite the old
620 // The cryptographer should be able to decrypt both sets of keys and still
621 // be encrypting with the newest, and the encrypted types should be the
623 // In addition, the nigori node should match the current encryption state.
624 ReadTransaction
trans(FROM_HERE
, user_share());
625 ReadNode
nigori_node(&trans
);
626 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
627 const sync_pb::NigoriSpecifics
& nigori
= nigori_node
.GetNigoriSpecifics();
628 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(
629 our_encrypted_specifics
.encrypted()));
630 EXPECT_TRUE(GetCryptographer()->CanDecrypt(
631 other_encrypted_specifics
.encrypted()));
632 EXPECT_TRUE(GetCryptographer()->CanDecrypt(nigori
.encryption_keybag()));
633 EXPECT_TRUE(nigori
.encrypt_everything());
635 GetCryptographer()->CanDecryptUsingDefaultKey(
636 nigori
.encryption_keybag()));
638 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
641 // Ensure setting the keystore key works, updates the bootstrap token, and
642 // triggers a non-backwards compatible migration. Then verify that the
643 // bootstrap token can be correctly parsed by the encryption handler at startup
645 TEST_F(SyncEncryptionHandlerImplTest
, SetKeystoreMigratesAndUpdatesBootstrap
) {
646 // Passing no keys should do nothing.
647 EXPECT_CALL(*observer(), OnBootstrapTokenUpdated(_
, _
)).Times(0);
649 WriteTransaction
trans(FROM_HERE
, user_share());
650 EXPECT_FALSE(GetCryptographer()->is_initialized());
651 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans
.GetWrappedTrans()));
652 EXPECT_FALSE(encryption_handler()->SetKeystoreKeys(
653 BuildEncryptionKeyProto(std::string()), trans
.GetWrappedTrans()));
654 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans
.GetWrappedTrans()));
656 Mock::VerifyAndClearExpectations(observer());
658 // Build a set of keystore keys.
659 const char kRawOldKeystoreKey
[] = "old_keystore_key";
660 std::string old_keystore_key
;
661 base::Base64Encode(kRawOldKeystoreKey
, &old_keystore_key
);
662 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
663 keys
.Add()->assign(kRawOldKeystoreKey
);
664 keys
.Add()->assign(kRawKeystoreKey
);
666 // Pass them to the encryption handler, triggering a migration and bootstrap
668 std::string encoded_key
;
669 std::string keystore_bootstrap
;
670 EXPECT_CALL(*observer(), OnEncryptionComplete());
671 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_
));
672 EXPECT_CALL(*observer(), OnPassphraseAccepted());
673 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
674 EXPECT_CALL(*observer(),
675 OnBootstrapTokenUpdated(_
,
676 KEYSTORE_BOOTSTRAP_TOKEN
)).
677 WillOnce(SaveArg
<0>(&keystore_bootstrap
));
679 WriteTransaction
trans(FROM_HERE
, user_share());
681 encryption_handler()->SetKeystoreKeys(
683 trans
.GetWrappedTrans()));
685 encryption_handler()->NeedKeystoreKey(trans
.GetWrappedTrans()));
686 EXPECT_FALSE(GetCryptographer()->is_initialized());
689 EXPECT_TRUE(GetCryptographer()->is_initialized());
690 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kKeystoreKey
);
692 // Ensure the bootstrap is encoded properly (a base64 encoded encrypted blob
693 // of list values containing the keystore keys).
694 std::string decoded_bootstrap
;
695 ASSERT_TRUE(base::Base64Decode(keystore_bootstrap
, &decoded_bootstrap
));
696 std::string decrypted_bootstrap
;
698 GetCryptographer()->encryptor()->DecryptString(decoded_bootstrap
,
699 &decrypted_bootstrap
));
700 JSONStringValueDeserializer
json(decrypted_bootstrap
);
701 scoped_ptr
<base::Value
> deserialized_keystore_keys(
702 json
.Deserialize(NULL
, NULL
));
703 ASSERT_TRUE(deserialized_keystore_keys
.get());
704 base::ListValue
* keystore_list
= NULL
;
705 deserialized_keystore_keys
->GetAsList(&keystore_list
);
706 ASSERT_TRUE(keystore_list
);
707 ASSERT_EQ(2U, keystore_list
->GetSize());
708 std::string test_string
;
709 keystore_list
->GetString(0, &test_string
);
710 ASSERT_EQ(old_keystore_key
, test_string
);
711 keystore_list
->GetString(1, &test_string
);
712 ASSERT_EQ(kKeystoreKey
, test_string
);
715 // Now make sure a new encryption handler can correctly parse the bootstrap
717 SyncEncryptionHandlerImpl
handler2(user_share(), &encryptor_
,
718 std::string(), // Cryptographer bootstrap.
720 PASSPHRASE_TRANSITION_DO_NOT_CLEAR_DATA
);
723 WriteTransaction
trans(FROM_HERE
, user_share());
724 EXPECT_FALSE(handler2
.NeedKeystoreKey(trans
.GetWrappedTrans()));
728 // Ensure GetKeystoreDecryptor only updates the keystore decryptor token if it
729 // wasn't already set properly. Otherwise, the decryptor should remain the
731 TEST_F(SyncEncryptionHandlerImplTest
, GetKeystoreDecryptor
) {
732 const char kCurKey
[] = "cur";
733 sync_pb::EncryptedData encrypted
;
734 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
735 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
736 other_cryptographer
.AddKey(cur_key
);
737 EXPECT_TRUE(other_cryptographer
.is_ready());
738 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
742 std::string serialized
= encrypted
.SerializeAsString();
743 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
747 EXPECT_EQ(serialized
, encrypted
.SerializeAsString());
750 // Test that we don't attempt to migrate while an implicit passphrase is pending
751 // and that once we do decrypt pending keys we migrate the nigori. Once
752 // migrated, we should be in keystore passphrase state.
753 TEST_F(SyncEncryptionHandlerImplTest
, MigrateOnDecryptImplicitPass
) {
754 const char kOtherKey
[] = "other";
756 EXPECT_CALL(*observer(),
757 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
758 ReadTransaction
trans(FROM_HERE
, user_share());
759 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
761 trans
.GetWrappedTrans());
762 Mock::VerifyAndClearExpectations(observer());
764 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
767 WriteTransaction
trans(FROM_HERE
, user_share());
768 WriteNode
nigori_node(&trans
);
769 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
770 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
771 KeyParams other_key
= {"localhost", "dummy", kOtherKey
};
772 other_cryptographer
.AddKey(other_key
);
774 sync_pb::NigoriSpecifics nigori
;
775 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
776 nigori
.set_keybag_is_frozen(false);
777 nigori
.set_encrypt_everything(false);
778 EXPECT_CALL(*observer(),
779 OnCryptographerStateChanged(_
)).Times(AnyNumber());
780 EXPECT_CALL(*observer(),
781 OnPassphraseRequired(_
, _
));
782 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
783 nigori_node
.SetNigoriSpecifics(nigori
);
785 // Run any tasks posted via AppplyNigoriUpdate.
787 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
788 Mock::VerifyAndClearExpectations(observer());
790 EXPECT_CALL(*observer(),
791 OnCryptographerStateChanged(_
)).Times(AnyNumber());
792 EXPECT_CALL(*observer(),
793 OnPassphraseAccepted());
794 EXPECT_CALL(*observer(),
795 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
796 EXPECT_CALL(*observer(),
797 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
798 EXPECT_CALL(*observer(),
799 OnEncryptionComplete());
800 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
801 encryption_handler()->SetDecryptionPassphrase(kOtherKey
);
802 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
803 EXPECT_EQ(KEYSTORE_PASSPHRASE
, encryption_handler()->GetPassphraseType());
804 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kOtherKey
);
807 // Test that we don't attempt to migrate while a custom passphrase is pending,
808 // and that once we do decrypt pending keys we migrate the nigori. Once
809 // migrated, we should be in custom passphrase state with encrypt everything.
810 TEST_F(SyncEncryptionHandlerImplTest
, MigrateOnDecryptCustomPass
) {
811 const char kOtherKey
[] = "other";
813 EXPECT_CALL(*observer(),
814 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
815 ReadTransaction
trans(FROM_HERE
, user_share());
816 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
818 trans
.GetWrappedTrans());
819 Mock::VerifyAndClearExpectations(observer());
821 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
824 WriteTransaction
trans(FROM_HERE
, user_share());
825 WriteNode
nigori_node(&trans
);
826 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
827 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
828 KeyParams other_key
= {"localhost", "dummy", kOtherKey
};
829 other_cryptographer
.AddKey(other_key
);
831 sync_pb::NigoriSpecifics nigori
;
832 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
833 nigori
.set_keybag_is_frozen(true);
834 nigori
.set_encrypt_everything(false);
835 EXPECT_CALL(*observer(),
836 OnCryptographerStateChanged(_
)).Times(AnyNumber());
837 EXPECT_CALL(*observer(),
838 OnPassphraseRequired(_
, _
));
839 EXPECT_CALL(*observer(),
840 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
841 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
842 nigori_node
.SetNigoriSpecifics(nigori
);
844 // Run any tasks posted via AppplyNigoriUpdate.
846 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
847 Mock::VerifyAndClearExpectations(observer());
849 EXPECT_CALL(*observer(),
850 OnCryptographerStateChanged(_
)).Times(AnyNumber());
851 EXPECT_CALL(*observer(),
852 OnPassphraseAccepted());
853 std::string captured_bootstrap_token
;
854 EXPECT_CALL(*observer(),
855 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
))
856 .WillOnce(testing::SaveArg
<0>(&captured_bootstrap_token
));
857 EXPECT_CALL(*observer(),
858 OnEncryptedTypesChanged(_
, true));
859 SyncEncryptionHandler::NigoriState captured_nigori_state
;
860 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
861 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
862 EXPECT_CALL(*observer(),
863 OnEncryptionComplete()).Times(2);
864 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
865 encryption_handler()->SetDecryptionPassphrase(kOtherKey
);
866 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
867 const base::Time migration_time
= encryption_handler()->migration_time();
868 EXPECT_EQ(CUSTOM_PASSPHRASE
, encryption_handler()->GetPassphraseType());
869 VerifyMigratedNigori(CUSTOM_PASSPHRASE
, kOtherKey
);
871 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time
), kOtherKey
,
872 captured_bootstrap_token
,
873 captured_nigori_state
, CUSTOM_PASSPHRASE
);
876 // Test that we trigger a migration when we set the keystore key, had an
877 // implicit passphrase, and did not have encrypt everything. We should switch
878 // to KEYSTORE_PASSPHRASE.
879 TEST_F(SyncEncryptionHandlerImplTest
, MigrateOnKeystoreKeyAvailableImplicit
) {
880 const char kCurKey
[] = "cur";
881 KeyParams current_key
= {"localhost", "dummy", kCurKey
};
882 GetCryptographer()->AddKey(current_key
);
883 EXPECT_CALL(*observer(),
884 OnCryptographerStateChanged(_
)).Times(AnyNumber());
885 EXPECT_CALL(*observer(),
886 OnEncryptedTypesChanged(_
, false));
887 EXPECT_CALL(*observer(),
888 OnEncryptionComplete());
889 encryption_handler()->Init();
890 Mock::VerifyAndClearExpectations(observer());
893 ReadTransaction
trans(FROM_HERE
, user_share());
894 // Once we provide a keystore key, we should perform the migration.
895 EXPECT_CALL(*observer(),
896 OnCryptographerStateChanged(_
)).Times(AnyNumber());
897 EXPECT_CALL(*observer(),
898 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
899 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
901 trans
.GetWrappedTrans());
903 EXPECT_CALL(*observer(),
904 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
905 // The actual migration gets posted, so run all pending tasks.
907 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
908 EXPECT_EQ(KEYSTORE_PASSPHRASE
,
909 encryption_handler()->GetPassphraseType());
910 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
911 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kCurKey
);
914 // Test that we trigger a migration when we set the keystore key, had an
915 // implicit passphrase, and encrypt everything enabled. We should switch to
916 // FROZEN_IMPLICIT_PASSPHRASE.
917 TEST_F(SyncEncryptionHandlerImplTest
,
918 MigrateOnKeystoreKeyAvailableFrozenImplicit
) {
919 const char kCurKey
[] = "cur";
920 KeyParams current_key
= {"localhost", "dummy", kCurKey
};
921 GetCryptographer()->AddKey(current_key
);
922 EXPECT_CALL(*observer(),
923 OnCryptographerStateChanged(_
)).Times(AnyNumber());
924 EXPECT_CALL(*observer(),
925 OnEncryptedTypesChanged(_
, false));
926 EXPECT_CALL(*observer(),
927 OnEncryptionComplete());
928 encryption_handler()->Init();
929 Mock::VerifyAndClearExpectations(observer());
930 EXPECT_CALL(*observer(),
931 OnEncryptedTypesChanged(_
, true));
932 SyncEncryptionHandler::NigoriState captured_nigori_state
;
933 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
934 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
935 EXPECT_CALL(*observer(),
936 OnEncryptionComplete());
937 encryption_handler()->EnableEncryptEverything();
940 ReadTransaction
trans(FROM_HERE
, user_share());
941 // Once we provide a keystore key, we should perform the migration.
942 EXPECT_CALL(*observer(),
943 OnCryptographerStateChanged(_
)).Times(AnyNumber());
944 EXPECT_CALL(*observer(),
945 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
946 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
948 trans
.GetWrappedTrans());
950 EXPECT_CALL(*observer(),
951 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE
, _
));
953 // The actual migration gets posted, so run all pending tasks.
955 Mock::VerifyAndClearExpectations(observer());
957 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
958 const base::Time migration_time
= encryption_handler()->migration_time();
959 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE
,
960 encryption_handler()->GetPassphraseType());
961 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
962 VerifyMigratedNigori(FROZEN_IMPLICIT_PASSPHRASE
, kCurKey
);
964 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
965 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
966 // during a previous instance) so get it from the Cryptographer.
967 std::string passphrase_bootstrap_token
;
968 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token
);
969 VerifyRestoreAfterCustomPassphrase(
970 TimeToProtoTime(migration_time
), kCurKey
, passphrase_bootstrap_token
,
971 captured_nigori_state
, FROZEN_IMPLICIT_PASSPHRASE
);
974 // Test that we trigger a migration when we set the keystore key, had a
975 // custom passphrase, and encrypt everything enabled. The passphrase state
976 // should remain as CUSTOM_PASSPHRASE, and encrypt everything stay the same.
977 TEST_F(SyncEncryptionHandlerImplTest
,
978 MigrateOnKeystoreKeyAvailableCustomWithEncryption
) {
979 const char kCurKey
[] = "cur";
980 EXPECT_CALL(*observer(),
981 OnCryptographerStateChanged(_
)).Times(AnyNumber());
982 EXPECT_CALL(*observer(),
983 OnPassphraseRequired(_
, _
));
984 EXPECT_CALL(*observer(),
985 OnPassphraseAccepted());
986 EXPECT_CALL(*observer(),
987 OnEncryptedTypesChanged(_
, false));
988 EXPECT_CALL(*observer(),
989 OnEncryptionComplete());
990 EXPECT_CALL(*observer(),
991 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
992 std::string captured_bootstrap_token
;
993 EXPECT_CALL(*observer(),
994 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
))
995 .WillOnce(testing::SaveArg
<0>(&captured_bootstrap_token
));
996 encryption_handler()->Init();
997 encryption_handler()->SetEncryptionPassphrase(kCurKey
, true);
998 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
999 Mock::VerifyAndClearExpectations(observer());
1001 EXPECT_CALL(*observer(),
1002 OnEncryptedTypesChanged(_
, true));
1003 EXPECT_CALL(*observer(),
1004 OnEncryptionComplete());
1005 encryption_handler()->EnableEncryptEverything();
1006 Mock::VerifyAndClearExpectations(observer());
1008 SyncEncryptionHandler::NigoriState captured_nigori_state
;
1010 ReadTransaction
trans(FROM_HERE
, user_share());
1011 // Once we provide a keystore key, we should perform the migration.
1012 EXPECT_CALL(*observer(),
1013 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1014 EXPECT_CALL(*observer(),
1015 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1016 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
1017 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
1018 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1020 trans
.GetWrappedTrans());
1023 // The actual migration gets posted, so run all pending tasks.
1025 Mock::VerifyAndClearExpectations(observer());
1027 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1028 const base::Time migration_time
= encryption_handler()->migration_time();
1029 EXPECT_EQ(CUSTOM_PASSPHRASE
,
1030 encryption_handler()->GetPassphraseType());
1031 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1032 VerifyMigratedNigori(CUSTOM_PASSPHRASE
, kCurKey
);
1034 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time
), kCurKey
,
1035 captured_bootstrap_token
,
1036 captured_nigori_state
, CUSTOM_PASSPHRASE
);
1039 // Test that we trigger a migration when we set the keystore key, had a
1040 // custom passphrase, and did not have encrypt everything. The passphrase state
1041 // should remain as CUSTOM_PASSPHRASE, and encrypt everything should be enabled.
1042 TEST_F(SyncEncryptionHandlerImplTest
,
1043 MigrateOnKeystoreKeyAvailableCustomNoEncryption
) {
1044 const char kCurKey
[] = "cur";
1045 EXPECT_CALL(*observer(),
1046 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1047 EXPECT_CALL(*observer(),
1048 OnPassphraseRequired(_
, _
));
1049 EXPECT_CALL(*observer(),
1050 OnPassphraseAccepted());
1051 EXPECT_CALL(*observer(),
1052 OnEncryptedTypesChanged(_
, false));
1053 EXPECT_CALL(*observer(),
1054 OnEncryptionComplete());
1055 EXPECT_CALL(*observer(),
1056 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
1057 std::string captured_bootstrap_token
;
1058 EXPECT_CALL(*observer(),
1059 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
))
1060 .WillOnce(testing::SaveArg
<0>(&captured_bootstrap_token
));
1061 encryption_handler()->Init();
1062 encryption_handler()->SetEncryptionPassphrase(kCurKey
, true);
1063 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1064 Mock::VerifyAndClearExpectations(observer());
1067 ReadTransaction
trans(FROM_HERE
, user_share());
1068 // Once we provide a keystore key, we should perform the migration.
1069 EXPECT_CALL(*observer(),
1070 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1071 EXPECT_CALL(*observer(),
1072 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1073 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1075 trans
.GetWrappedTrans());
1077 EXPECT_CALL(*observer(),
1078 OnEncryptedTypesChanged(_
, true));
1079 SyncEncryptionHandler::NigoriState captured_nigori_state
;
1080 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
1081 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
1082 EXPECT_CALL(*observer(),
1083 OnEncryptionComplete());
1084 // The actual migration gets posted, so run all pending tasks.
1086 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1087 const base::Time migration_time
= encryption_handler()->migration_time();
1088 EXPECT_EQ(CUSTOM_PASSPHRASE
,
1089 encryption_handler()->GetPassphraseType());
1090 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1091 VerifyMigratedNigori(CUSTOM_PASSPHRASE
, kCurKey
);
1093 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time
), kCurKey
,
1094 captured_bootstrap_token
,
1095 captured_nigori_state
, CUSTOM_PASSPHRASE
);
1098 // Test that we can handle receiving a migrated nigori node in the
1099 // KEYSTORE_PASS state, and use the keystore decryptor token to decrypt the
1101 TEST_F(SyncEncryptionHandlerImplTest
, ReceiveMigratedNigoriKeystorePass
) {
1102 const char kCurKey
[] = "cur";
1103 sync_pb::EncryptedData keystore_decryptor_token
;
1104 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1105 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
1106 other_cryptographer
.AddKey(cur_key
);
1107 EXPECT_TRUE(other_cryptographer
.is_ready());
1108 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1109 other_cryptographer
,
1111 &keystore_decryptor_token
));
1112 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1113 EXPECT_FALSE(GetCryptographer()->is_ready());
1114 EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1116 // Now build a nigori node with the generated keystore decryptor token and
1117 // initialize the encryption handler with it. The cryptographer should be
1118 // initialized properly to decrypt both kCurKey and kKeystoreKey.
1120 WriteTransaction
trans(FROM_HERE
, user_share());
1121 WriteNode
nigori_node(&trans
);
1122 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1123 sync_pb::NigoriSpecifics nigori
;
1124 nigori
.mutable_keystore_decryptor_token()->CopyFrom(
1125 keystore_decryptor_token
);
1126 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1127 nigori
.set_keybag_is_frozen(true);
1128 nigori
.set_keystore_migration_time(1);
1129 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
1131 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1132 EXPECT_CALL(*observer(),
1133 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
1134 EXPECT_CALL(*observer(),
1135 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1136 EXPECT_CALL(*observer(),
1137 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
1138 EXPECT_CALL(*observer(),
1139 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1140 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1142 trans
.GetWrappedTrans());
1143 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
1144 nigori_node
.SetNigoriSpecifics(nigori
);
1146 // Run any tasks posted via AppplyNigoriUpdate.
1148 Mock::VerifyAndClearExpectations(observer());
1150 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1151 EXPECT_TRUE(GetCryptographer()->is_ready());
1152 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1153 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1154 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE
, kCurKey
);
1156 // Check that the cryptographer still encrypts with the current key.
1157 sync_pb::EncryptedData current_encrypted
;
1158 other_cryptographer
.EncryptString("string", ¤t_encrypted
);
1159 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted
));
1161 // Check that the cryptographer can decrypt keystore key based encryption.
1162 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
1163 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1164 keystore_cryptographer
.AddKey(keystore_key
);
1165 sync_pb::EncryptedData keystore_encrypted
;
1166 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
1167 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
1170 // Test that we handle receiving migrated nigori's with
1171 // FROZEN_IMPLICIT_PASSPHRASE state. We should be in a pending key state until
1172 // we supply the pending frozen implicit passphrase key.
1173 TEST_F(SyncEncryptionHandlerImplTest
, ReceiveMigratedNigoriFrozenImplicitPass
) {
1174 const char kCurKey
[] = "cur";
1175 sync_pb::EncryptedData encrypted
;
1176 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1177 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
1178 other_cryptographer
.AddKey(cur_key
);
1179 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1182 EXPECT_CALL(*observer(),
1183 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1184 ReadTransaction
trans(FROM_HERE
, user_share());
1185 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1187 trans
.GetWrappedTrans());
1189 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1192 EXPECT_CALL(*observer(),
1193 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE
, _
));
1194 EXPECT_CALL(*observer(),
1195 OnPassphraseRequired(_
, _
));
1196 EXPECT_CALL(*observer(),
1197 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1198 EXPECT_CALL(*observer(),
1199 OnEncryptedTypesChanged(_
, true));
1200 WriteTransaction
trans(FROM_HERE
, user_share());
1201 WriteNode
nigori_node(&trans
);
1202 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1203 sync_pb::NigoriSpecifics nigori
;
1204 nigori
.set_keybag_is_frozen(true);
1205 nigori
.set_passphrase_type(
1206 sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE
);
1207 nigori
.set_keystore_migration_time(1);
1208 nigori
.set_encrypt_everything(true);
1209 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1210 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
1211 nigori_node
.SetNigoriSpecifics(nigori
);
1213 // Run any tasks posted via AppplyNigoriUpdate.
1215 Mock::VerifyAndClearExpectations(observer());
1217 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1218 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE
,
1219 encryption_handler()->GetPassphraseType());
1220 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1221 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1223 EXPECT_CALL(*observer(),
1224 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
1225 EXPECT_CALL(*observer(),
1226 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1227 EXPECT_CALL(*observer(),
1228 OnEncryptionComplete());
1229 EXPECT_CALL(*observer(),
1230 OnPassphraseAccepted());
1231 encryption_handler()->SetDecryptionPassphrase(kCurKey
);
1232 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1233 EXPECT_TRUE(GetCryptographer()->is_ready());
1234 VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE
, kCurKey
);
1236 // Check that the cryptographer still encrypts with the current key.
1237 sync_pb::EncryptedData current_encrypted
;
1238 other_cryptographer
.EncryptString("string", ¤t_encrypted
);
1239 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted
));
1241 // Check that the cryptographer can decrypt keystore key based encryption.
1242 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
1243 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1244 keystore_cryptographer
.AddKey(keystore_key
);
1245 sync_pb::EncryptedData keystore_encrypted
;
1246 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
1247 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
1250 // Test that we handle receiving migrated nigori's with
1251 // CUSTOM_PASSPHRASE state. We should be in a pending key state until we
1252 // provide the custom passphrase key.
1253 TEST_F(SyncEncryptionHandlerImplTest
, ReceiveMigratedNigoriCustomPass
) {
1254 const char kCurKey
[] = "cur";
1255 sync_pb::EncryptedData encrypted
;
1256 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1257 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
1258 other_cryptographer
.AddKey(cur_key
);
1259 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1262 EXPECT_CALL(*observer(),
1263 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1264 ReadTransaction
trans(FROM_HERE
, user_share());
1265 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1267 trans
.GetWrappedTrans());
1269 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1272 EXPECT_CALL(*observer(),
1273 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
1274 EXPECT_CALL(*observer(),
1275 OnPassphraseRequired(_
, _
));
1276 EXPECT_CALL(*observer(),
1277 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1278 EXPECT_CALL(*observer(),
1279 OnEncryptedTypesChanged(_
, true));
1280 WriteTransaction
trans(FROM_HERE
, user_share());
1281 WriteNode
nigori_node(&trans
);
1282 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1283 sync_pb::NigoriSpecifics nigori
;
1284 nigori
.set_keybag_is_frozen(true);
1285 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE
);
1286 nigori
.set_keystore_migration_time(1);
1287 nigori
.set_encrypt_everything(true);
1288 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1289 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
1290 nigori_node
.SetNigoriSpecifics(nigori
);
1292 // Run any tasks posted via AppplyNigoriUpdate.
1294 Mock::VerifyAndClearExpectations(observer());
1296 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1297 EXPECT_EQ(CUSTOM_PASSPHRASE
, encryption_handler()->GetPassphraseType());
1298 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1299 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1301 EXPECT_CALL(*observer(),
1302 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
1303 EXPECT_CALL(*observer(),
1304 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1305 EXPECT_CALL(*observer(),
1306 OnEncryptionComplete());
1307 EXPECT_CALL(*observer(),
1308 OnPassphraseAccepted());
1309 encryption_handler()->SetDecryptionPassphrase(kCurKey
);
1310 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1311 EXPECT_TRUE(GetCryptographer()->is_ready());
1312 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE
, kCurKey
);
1314 // Check that the cryptographer still encrypts with the current key.
1315 sync_pb::EncryptedData current_encrypted
;
1316 other_cryptographer
.EncryptString("string", ¤t_encrypted
);
1317 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted
));
1319 // Check that the cryptographer can decrypt keystore key based encryption.
1320 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
1321 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1322 keystore_cryptographer
.AddKey(keystore_key
);
1323 sync_pb::EncryptedData keystore_encrypted
;
1324 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
1325 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
1328 // Test that if we have a migrated nigori with a custom passphrase, then receive
1329 // and old implicit passphrase nigori, we properly overwrite it with the current
1331 TEST_F(SyncEncryptionHandlerImplTest
, ReceiveUnmigratedNigoriAfterMigration
) {
1332 const char kOldKey
[] = "old";
1333 const char kCurKey
[] = "cur";
1334 sync_pb::EncryptedData encrypted
;
1335 KeyParams old_key
= {"localhost", "dummy", kOldKey
};
1336 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
1337 GetCryptographer()->AddKey(old_key
);
1338 GetCryptographer()->AddKey(cur_key
);
1340 // Build a migrated nigori with full encryption.
1341 const int64 migration_time
= 1;
1343 WriteTransaction
trans(FROM_HERE
, user_share());
1344 WriteNode
nigori_node(&trans
);
1345 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1346 sync_pb::NigoriSpecifics nigori
;
1347 GetCryptographer()->GetKeys(nigori
.mutable_encryption_keybag());
1348 nigori
.set_keybag_is_frozen(true);
1349 nigori
.set_keystore_migration_time(1);
1350 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE
);
1351 nigori
.set_encrypt_everything(true);
1352 nigori_node
.SetNigoriSpecifics(nigori
);
1355 EXPECT_CALL(*observer(),
1356 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
1357 EXPECT_CALL(*observer(),
1358 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1359 EXPECT_CALL(*observer(),
1360 OnEncryptedTypesChanged(_
, true)).Times(2);
1361 EXPECT_CALL(*observer(),
1362 OnEncryptionComplete());
1363 encryption_handler()->Init();
1364 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1365 EXPECT_TRUE(GetCryptographer()->is_ready());
1366 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE
);
1367 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1368 VerifyMigratedNigoriWithTimestamp(migration_time
, CUSTOM_PASSPHRASE
, kCurKey
);
1371 EXPECT_CALL(*observer(),
1372 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1373 ReadTransaction
trans(FROM_HERE
, user_share());
1374 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1376 trans
.GetWrappedTrans());
1378 Mock::VerifyAndClearExpectations(observer());
1380 // Now build an old unmigrated nigori node with old encrypted types. We should
1381 // properly overwrite it with the migrated + encrypt everything state.
1382 EXPECT_CALL(*observer(),
1383 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1384 SyncEncryptionHandler::NigoriState captured_nigori_state
;
1385 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
1386 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
1387 EXPECT_CALL(*observer(), OnEncryptionComplete());
1389 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1390 other_cryptographer
.AddKey(old_key
);
1391 WriteTransaction
trans(FROM_HERE
, user_share());
1392 WriteNode
nigori_node(&trans
);
1393 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1394 sync_pb::NigoriSpecifics nigori
;
1395 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1396 nigori
.set_keybag_is_frozen(false);
1397 nigori
.set_encrypt_everything(false);
1398 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
1399 nigori_node
.SetNigoriSpecifics(nigori
);
1403 // Verify we're still migrated and have proper encryption state.
1404 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1405 EXPECT_TRUE(GetCryptographer()->is_ready());
1406 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE
);
1407 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1408 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE
, kCurKey
);
1410 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
1411 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
1412 // during a previous instance) so get it from the Cryptographer.
1413 std::string passphrase_bootstrap_token
;
1414 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token
);
1415 VerifyRestoreAfterCustomPassphrase(migration_time
, kCurKey
,
1416 passphrase_bootstrap_token
,
1417 captured_nigori_state
, CUSTOM_PASSPHRASE
);
1420 // Test that if we have a migrated nigori with a custom passphrase, then receive
1421 // a migrated nigori with a keystore passphrase, we properly overwrite it with
1422 // the current state.
1423 TEST_F(SyncEncryptionHandlerImplTest
, ReceiveOldMigratedNigori
) {
1424 const char kOldKey
[] = "old";
1425 const char kCurKey
[] = "cur";
1426 sync_pb::EncryptedData encrypted
;
1427 KeyParams old_key
= {"localhost", "dummy", kOldKey
};
1428 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
1429 GetCryptographer()->AddKey(old_key
);
1430 GetCryptographer()->AddKey(cur_key
);
1432 // Build a migrated nigori with full encryption.
1434 WriteTransaction
trans(FROM_HERE
, user_share());
1435 WriteNode
nigori_node(&trans
);
1436 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1437 sync_pb::NigoriSpecifics nigori
;
1438 GetCryptographer()->GetKeys(nigori
.mutable_encryption_keybag());
1439 nigori
.set_keybag_is_frozen(true);
1440 nigori
.set_keystore_migration_time(1);
1441 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE
);
1442 nigori
.set_encrypt_everything(true);
1443 nigori_node
.SetNigoriSpecifics(nigori
);
1446 EXPECT_CALL(*observer(),
1447 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
1448 EXPECT_CALL(*observer(),
1449 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1450 EXPECT_CALL(*observer(),
1451 OnEncryptedTypesChanged(_
, true)).Times(2);
1452 EXPECT_CALL(*observer(),
1453 OnEncryptionComplete());
1454 encryption_handler()->Init();
1455 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1456 EXPECT_TRUE(GetCryptographer()->is_ready());
1457 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE
);
1458 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1459 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE
, kCurKey
);
1462 EXPECT_CALL(*observer(),
1463 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1464 ReadTransaction
trans(FROM_HERE
, user_share());
1465 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1467 trans
.GetWrappedTrans());
1469 Mock::VerifyAndClearExpectations(observer());
1471 // Now build an old keystore nigori node with old encrypted types. We should
1472 // properly overwrite it with the migrated + encrypt everything state.
1473 EXPECT_CALL(*observer(),
1474 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1475 SyncEncryptionHandler::NigoriState captured_nigori_state
;
1476 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
1477 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
1478 EXPECT_CALL(*observer(), OnEncryptionComplete());
1479 const int64 migration_time
= 1;
1481 WriteTransaction
trans(FROM_HERE
, user_share());
1482 WriteNode
nigori_node(&trans
);
1483 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1484 sync_pb::NigoriSpecifics nigori
;
1485 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1486 other_cryptographer
.AddKey(old_key
);
1487 encryption_handler()->GetKeystoreDecryptor(
1488 other_cryptographer
,
1490 nigori
.mutable_keystore_decryptor_token());
1491 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1492 nigori
.set_keybag_is_frozen(true);
1493 nigori
.set_encrypt_everything(false);
1494 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
1495 nigori
.set_keystore_migration_time(migration_time
);
1496 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
1497 nigori_node
.SetNigoriSpecifics(nigori
);
1501 // Verify we're still migrated and have proper encryption state.
1502 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1503 EXPECT_TRUE(GetCryptographer()->is_ready());
1504 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE
);
1505 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1506 VerifyMigratedNigoriWithTimestamp(migration_time
, CUSTOM_PASSPHRASE
, kCurKey
);
1508 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
1509 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
1510 // during a previous instance) so get it from the Cryptographer.
1511 std::string passphrase_bootstrap_token
;
1512 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token
);
1513 VerifyRestoreAfterCustomPassphrase(migration_time
, kCurKey
,
1514 passphrase_bootstrap_token
,
1515 captured_nigori_state
, CUSTOM_PASSPHRASE
);
1518 // Test that if we receive the keystore key after receiving a migrated nigori
1519 // node, we properly use the keystore decryptor token to decrypt the keybag.
1520 TEST_F(SyncEncryptionHandlerImplTest
, SetKeystoreAfterReceivingMigratedNigori
) {
1521 const char kCurKey
[] = "cur";
1522 sync_pb::EncryptedData keystore_decryptor_token
;
1523 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1524 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
1525 other_cryptographer
.AddKey(cur_key
);
1526 EXPECT_TRUE(other_cryptographer
.is_ready());
1527 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1528 other_cryptographer
,
1530 &keystore_decryptor_token
));
1531 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
1532 EXPECT_FALSE(GetCryptographer()->is_ready());
1533 EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1535 // Now build a nigori node with the generated keystore decryptor token and
1536 // initialize the encryption handler with it. The cryptographer should be
1537 // initialized properly to decrypt both kCurKey and kKeystoreKey.
1539 WriteTransaction
trans(FROM_HERE
, user_share());
1540 WriteNode
nigori_node(&trans
);
1541 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1542 sync_pb::NigoriSpecifics nigori
;
1543 nigori
.mutable_keystore_decryptor_token()->CopyFrom(
1544 keystore_decryptor_token
);
1545 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1546 nigori
.set_keybag_is_frozen(true);
1547 nigori
.set_keystore_migration_time(1);
1548 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
1550 EXPECT_CALL(*observer(),
1551 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
1552 EXPECT_CALL(*observer(),
1553 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1554 EXPECT_CALL(*observer(),
1555 OnPassphraseRequired(_
, _
));
1556 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
1557 nigori_node
.SetNigoriSpecifics(nigori
);
1559 // Run any tasks posted via AppplyNigoriUpdate.
1561 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1562 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1563 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1564 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1565 Mock::VerifyAndClearExpectations(observer());
1567 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1568 EXPECT_CALL(*observer(),
1569 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1570 EXPECT_CALL(*observer(),
1571 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
1573 EXPECT_CALL(*observer(),
1574 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1575 ReadTransaction
trans(FROM_HERE
, user_share());
1576 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1578 trans
.GetWrappedTrans());
1581 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1582 EXPECT_TRUE(GetCryptographer()->is_ready());
1583 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1584 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1585 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE
, kCurKey
);
1587 // Check that the cryptographer still encrypts with the current key.
1588 sync_pb::EncryptedData current_encrypted
;
1589 other_cryptographer
.EncryptString("string", ¤t_encrypted
);
1590 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted
));
1592 // Check that the cryptographer can decrypt keystore key based encryption.
1593 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
1594 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1595 keystore_cryptographer
.AddKey(keystore_key
);
1596 sync_pb::EncryptedData keystore_encrypted
;
1597 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
1598 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
1601 // Test that after receiving a migrated nigori and decrypting it using the
1602 // keystore key, we can then switch to a custom passphrase. The nigori should
1603 // remain migrated and encrypt everything should be enabled.
1604 TEST_F(SyncEncryptionHandlerImplTest
, SetCustomPassAfterMigration
) {
1605 const char kOldKey
[] = "old";
1606 sync_pb::EncryptedData keystore_decryptor_token
;
1607 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1608 KeyParams cur_key
= {"localhost", "dummy", kOldKey
};
1609 other_cryptographer
.AddKey(cur_key
);
1610 EXPECT_TRUE(other_cryptographer
.is_ready());
1611 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1612 other_cryptographer
,
1614 &keystore_decryptor_token
));
1616 // Build a nigori node with the generated keystore decryptor token and
1617 // initialize the encryption handler with it. The cryptographer should be
1618 // initialized properly to decrypt both kOldKey and kKeystoreKey.
1619 const int64 migration_time
= 1;
1621 WriteTransaction
trans(FROM_HERE
, user_share());
1622 WriteNode
nigori_node(&trans
);
1623 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1624 sync_pb::NigoriSpecifics nigori
;
1625 nigori
.mutable_keystore_decryptor_token()->CopyFrom(
1626 keystore_decryptor_token
);
1627 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1628 nigori
.set_keybag_is_frozen(true);
1629 nigori
.set_keystore_migration_time(migration_time
);
1630 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
1631 nigori_node
.SetNigoriSpecifics(nigori
);
1632 EXPECT_CALL(*observer(),
1633 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
1634 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
1636 trans
.GetWrappedTrans());
1639 EXPECT_CALL(*observer(), OnPassphraseAccepted());
1640 EXPECT_CALL(*observer(),
1641 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
1642 EXPECT_CALL(*observer(),
1643 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1644 EXPECT_CALL(*observer(),
1645 OnEncryptedTypesChanged(_
, false));
1646 EXPECT_CALL(*observer(),
1647 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
1648 EXPECT_CALL(*observer(),
1649 OnEncryptionComplete());
1650 encryption_handler()->Init();
1651 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1652 EXPECT_TRUE(GetCryptographer()->is_ready());
1653 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1654 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1655 Mock::VerifyAndClearExpectations(observer());
1657 const char kNewKey
[] = "new_key";
1658 EXPECT_CALL(*observer(),
1659 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1660 EXPECT_CALL(*observer(),
1661 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
1662 SyncEncryptionHandler::NigoriState captured_nigori_state
;
1663 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
1664 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
1665 std::string captured_bootstrap_token
;
1666 EXPECT_CALL(*observer(),
1667 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
))
1668 .WillOnce(testing::SaveArg
<0>(&captured_bootstrap_token
));
1669 EXPECT_CALL(*observer(),
1670 OnPassphraseAccepted());
1671 EXPECT_CALL(*observer(),
1672 OnEncryptedTypesChanged(_
, true));
1673 EXPECT_CALL(*observer(),
1674 OnEncryptionComplete()).Times(2);
1675 encryption_handler()->SetEncryptionPassphrase(kNewKey
, true);
1676 Mock::VerifyAndClearExpectations(observer());
1678 EXPECT_FALSE(captured_bootstrap_token
.empty());
1679 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1680 EXPECT_TRUE(GetCryptographer()->is_ready());
1681 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE
);
1682 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1683 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1684 VerifyMigratedNigoriWithTimestamp(migration_time
, CUSTOM_PASSPHRASE
, kNewKey
);
1686 // Check that the cryptographer can decrypt the old key.
1687 sync_pb::EncryptedData old_encrypted
;
1688 other_cryptographer
.EncryptString("string", &old_encrypted
);
1689 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted
));
1691 // Check that the cryptographer can decrypt keystore key based encryption.
1692 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
1693 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1694 keystore_cryptographer
.AddKey(keystore_key
);
1695 sync_pb::EncryptedData keystore_encrypted
;
1696 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
1697 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
1699 // Check the the cryptographer is encrypting with the new key.
1700 KeyParams new_key
= {"localhost", "dummy", kNewKey
};
1701 Cryptographer
new_cryptographer(GetCryptographer()->encryptor());
1702 new_cryptographer
.AddKey(new_key
);
1703 sync_pb::EncryptedData new_encrypted
;
1704 new_cryptographer
.EncryptString("string", &new_encrypted
);
1705 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted
));
1707 // Now verify that we can restore the current state using the captured
1708 // bootstrap token and nigori state.
1709 VerifyRestoreAfterCustomPassphrase(migration_time
, kNewKey
,
1710 captured_bootstrap_token
,
1711 captured_nigori_state
, CUSTOM_PASSPHRASE
);
1714 // Test that if a client without a keystore key (e.g. one without keystore
1715 // encryption enabled) receives a migrated nigori and then attempts to set a
1716 // custom passphrase, it also enables encrypt everything. The nigori node
1717 // should remain migrated.
1718 TEST_F(SyncEncryptionHandlerImplTest
,
1719 SetCustomPassAfterMigrationNoKeystoreKey
) {
1720 const char kOldKey
[] = "old";
1721 sync_pb::EncryptedData keystore_decryptor_token
;
1722 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1723 KeyParams cur_key
= {"localhost", "dummy", kOldKey
};
1724 other_cryptographer
.AddKey(cur_key
);
1725 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1726 other_cryptographer
.AddNonDefaultKey(keystore_key
);
1727 EXPECT_TRUE(other_cryptographer
.is_ready());
1728 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1729 other_cryptographer
,
1731 &keystore_decryptor_token
));
1733 // Build a nigori node with the generated keystore decryptor token and
1734 // initialize the encryption handler with it. The cryptographer will have
1735 // pending keys until we provide the decryption passphrase.
1736 const int64 migration_time
= 1;
1738 WriteTransaction
trans(FROM_HERE
, user_share());
1739 WriteNode
nigori_node(&trans
);
1740 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1741 sync_pb::NigoriSpecifics nigori
;
1742 nigori
.mutable_keystore_decryptor_token()->CopyFrom(
1743 keystore_decryptor_token
);
1744 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1745 nigori
.set_keybag_is_frozen(true);
1746 nigori
.set_keystore_migration_time(migration_time
);
1747 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
1748 nigori_node
.SetNigoriSpecifics(nigori
);
1751 EXPECT_CALL(*observer(),
1752 OnPassphraseRequired(_
, _
));
1753 EXPECT_CALL(*observer(),
1754 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
1755 EXPECT_CALL(*observer(),
1756 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1757 EXPECT_CALL(*observer(),
1758 OnEncryptedTypesChanged(_
, false));
1759 encryption_handler()->Init();
1760 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1761 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1762 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1763 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1764 Mock::VerifyAndClearExpectations(observer());
1766 EXPECT_CALL(*observer(),
1767 OnPassphraseAccepted());
1768 EXPECT_CALL(*observer(),
1769 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1770 EXPECT_CALL(*observer(),
1771 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
1772 EXPECT_CALL(*observer(),
1773 OnEncryptionComplete());
1774 encryption_handler()->SetDecryptionPassphrase(kOldKey
);
1775 EXPECT_TRUE(GetCryptographer()->is_ready());
1776 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1777 Mock::VerifyAndClearExpectations(observer());
1779 const char kNewKey
[] = "new_key";
1780 EXPECT_CALL(*observer(),
1781 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1782 EXPECT_CALL(*observer(),
1783 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE
, _
));
1784 SyncEncryptionHandler::NigoriState captured_nigori_state
;
1785 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
1786 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
1787 std::string captured_bootstrap_token
;
1788 EXPECT_CALL(*observer(),
1789 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
))
1790 .WillOnce(testing::SaveArg
<0>(&captured_bootstrap_token
));
1791 EXPECT_CALL(*observer(),
1792 OnPassphraseAccepted());
1793 EXPECT_CALL(*observer(),
1794 OnEncryptedTypesChanged(_
, true));
1795 EXPECT_CALL(*observer(),
1796 OnEncryptionComplete()).Times(2);
1797 encryption_handler()->SetEncryptionPassphrase(kNewKey
, true);
1798 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1799 EXPECT_TRUE(GetCryptographer()->is_ready());
1800 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE
);
1801 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
1802 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
1803 VerifyMigratedNigoriWithTimestamp(migration_time
, CUSTOM_PASSPHRASE
, kNewKey
);
1805 // Check that the cryptographer can decrypt the old key.
1806 sync_pb::EncryptedData old_encrypted
;
1807 other_cryptographer
.EncryptString("string", &old_encrypted
);
1808 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted
));
1810 // Check that the cryptographer can still decrypt keystore key based
1811 // encryption (should have been extracted from the encryption keybag).
1812 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
1813 keystore_cryptographer
.AddKey(keystore_key
);
1814 sync_pb::EncryptedData keystore_encrypted
;
1815 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
1816 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
1818 // Check the the cryptographer is encrypting with the new key.
1819 KeyParams new_key
= {"localhost", "dummy", kNewKey
};
1820 Cryptographer
new_cryptographer(GetCryptographer()->encryptor());
1821 new_cryptographer
.AddKey(new_key
);
1822 sync_pb::EncryptedData new_encrypted
;
1823 new_cryptographer
.EncryptString("string", &new_encrypted
);
1824 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted
));
1826 // Now verify that we can restore the current state using the captured
1827 // bootstrap token and nigori state.
1828 VerifyRestoreAfterCustomPassphrase(migration_time
, kNewKey
,
1829 captured_bootstrap_token
,
1830 captured_nigori_state
, CUSTOM_PASSPHRASE
);
1833 // Test that if a client without a keystore key (e.g. one without keystore
1834 // encryption enabled) receives a migrated nigori and then attempts to set a
1835 // new implicit passphrase, we do not modify the nigori node (the implicit
1836 // passphrase is dropped).
1837 TEST_F(SyncEncryptionHandlerImplTest
,
1838 SetImplicitPassAfterMigrationNoKeystoreKey
) {
1839 const char kOldKey
[] = "old";
1840 sync_pb::EncryptedData keystore_decryptor_token
;
1841 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1842 KeyParams cur_key
= {"localhost", "dummy", kOldKey
};
1843 other_cryptographer
.AddKey(cur_key
);
1844 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1845 other_cryptographer
.AddNonDefaultKey(keystore_key
);
1846 EXPECT_TRUE(other_cryptographer
.is_ready());
1847 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1848 other_cryptographer
,
1850 &keystore_decryptor_token
));
1852 // Build a nigori node with the generated keystore decryptor token and
1853 // initialize the encryption handler with it. The cryptographer will have
1854 // pending keys until we provide the decryption passphrase.
1856 WriteTransaction
trans(FROM_HERE
, user_share());
1857 WriteNode
nigori_node(&trans
);
1858 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1859 sync_pb::NigoriSpecifics nigori
;
1860 nigori
.mutable_keystore_decryptor_token()->CopyFrom(
1861 keystore_decryptor_token
);
1862 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1863 nigori
.set_keybag_is_frozen(true);
1864 nigori
.set_keystore_migration_time(1);
1865 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
1866 nigori_node
.SetNigoriSpecifics(nigori
);
1869 EXPECT_CALL(*observer(),
1870 OnPassphraseRequired(_
, _
));
1871 EXPECT_CALL(*observer(),
1872 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
1873 EXPECT_CALL(*observer(),
1874 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1875 EXPECT_CALL(*observer(),
1876 OnEncryptedTypesChanged(_
, false));
1877 encryption_handler()->Init();
1878 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1879 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1880 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1881 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1882 Mock::VerifyAndClearExpectations(observer());
1884 EXPECT_CALL(*observer(),
1885 OnPassphraseAccepted());
1886 EXPECT_CALL(*observer(),
1887 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1888 EXPECT_CALL(*observer(),
1889 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
1890 EXPECT_CALL(*observer(),
1891 OnEncryptionComplete());
1892 encryption_handler()->SetDecryptionPassphrase(kOldKey
);
1893 EXPECT_TRUE(GetCryptographer()->is_ready());
1894 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1895 Mock::VerifyAndClearExpectations(observer());
1897 // Should get dropped on the floor silently.
1898 const char kNewKey
[] = "new_key";
1899 encryption_handler()->SetEncryptionPassphrase(kNewKey
, false);
1900 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1901 EXPECT_TRUE(GetCryptographer()->is_ready());
1902 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1903 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1904 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE
, kOldKey
);
1906 // Check that the cryptographer can decrypt the old key.
1907 sync_pb::EncryptedData old_encrypted
;
1908 other_cryptographer
.EncryptString("string", &old_encrypted
);
1909 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(old_encrypted
));
1911 // Check that the cryptographer can still decrypt keystore key based
1912 // encryption (due to extracting the keystore key from the encryption keybag).
1913 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
1914 keystore_cryptographer
.AddKey(keystore_key
);
1915 sync_pb::EncryptedData keystore_encrypted
;
1916 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
1917 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
1919 // Check the the cryptographer does not have the new key.
1920 KeyParams new_key
= {"localhost", "dummy", kNewKey
};
1921 Cryptographer
new_cryptographer(GetCryptographer()->encryptor());
1922 new_cryptographer
.AddKey(new_key
);
1923 sync_pb::EncryptedData new_encrypted
;
1924 new_cryptographer
.EncryptString("string", &new_encrypted
);
1925 EXPECT_FALSE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted
));
1928 // Test that if a client without a keystore key (e.g. one without keystore
1929 // encryption enabled) receives a migrated nigori in keystore passphrase state
1930 // and then attempts to enable encrypt everything, we switch to a custom
1931 // passphrase. The nigori should remain migrated.
1932 TEST_F(SyncEncryptionHandlerImplTest
,
1933 MigrateOnEncryptEverythingKeystorePassphrase
) {
1934 const char kCurKey
[] = "cur";
1935 sync_pb::EncryptedData keystore_decryptor_token
;
1936 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
1937 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
1938 other_cryptographer
.AddKey(cur_key
);
1939 KeyParams keystore_key
= {"localhost", "dummy", kKeystoreKey
};
1940 other_cryptographer
.AddNonDefaultKey(keystore_key
);
1941 EXPECT_TRUE(other_cryptographer
.is_ready());
1942 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
1943 other_cryptographer
,
1945 &keystore_decryptor_token
));
1947 // Build a nigori node with the generated keystore decryptor token and
1948 // initialize the encryption handler with it. The cryptographer will have
1949 // pending keys until we provide the decryption passphrase.
1950 const int64 migration_time
= 1;
1952 WriteTransaction
trans(FROM_HERE
, user_share());
1953 WriteNode
nigori_node(&trans
);
1954 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
1955 sync_pb::NigoriSpecifics nigori
;
1956 nigori
.mutable_keystore_decryptor_token()->CopyFrom(
1957 keystore_decryptor_token
);
1958 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
1959 nigori
.set_keybag_is_frozen(true);
1960 nigori
.set_keystore_migration_time(migration_time
);
1961 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
1962 nigori_node
.SetNigoriSpecifics(nigori
);
1964 EXPECT_CALL(*observer(),
1965 OnPassphraseRequired(_
, _
));
1966 EXPECT_CALL(*observer(),
1967 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
1968 EXPECT_CALL(*observer(),
1969 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1970 EXPECT_CALL(*observer(),
1971 OnEncryptedTypesChanged(_
, false));
1972 encryption_handler()->Init();
1973 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
1974 EXPECT_TRUE(GetCryptographer()->has_pending_keys());
1975 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
1976 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
1977 Mock::VerifyAndClearExpectations(observer());
1979 EXPECT_CALL(*observer(),
1980 OnPassphraseAccepted());
1981 EXPECT_CALL(*observer(),
1982 OnCryptographerStateChanged(_
)).Times(AnyNumber());
1983 std::string captured_bootstrap_token
;
1984 EXPECT_CALL(*observer(),
1985 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
))
1986 .WillOnce(testing::SaveArg
<0>(&captured_bootstrap_token
));
1987 EXPECT_CALL(*observer(),
1988 OnEncryptionComplete());
1989 encryption_handler()->SetDecryptionPassphrase(kCurKey
);
1990 Mock::VerifyAndClearExpectations(observer());
1992 EXPECT_CALL(*observer(),
1993 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE
, _
));
1994 EXPECT_CALL(*observer(),
1995 OnEncryptionComplete());
1996 EXPECT_CALL(*observer(),
1997 OnEncryptedTypesChanged(_
, true));
1998 SyncEncryptionHandler::NigoriState captured_nigori_state
;
1999 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
2000 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
2001 EXPECT_CALL(*observer(),
2002 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2003 encryption_handler()->EnableEncryptEverything();
2004 Mock::VerifyAndClearExpectations(observer());
2006 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2007 EXPECT_TRUE(GetCryptographer()->is_ready());
2008 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE
,
2009 encryption_handler()->GetPassphraseType());
2010 EXPECT_TRUE(encryption_handler()->IsEncryptEverythingEnabled());
2011 VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE
, kCurKey
);
2013 // Check that the cryptographer is encrypting using the frozen current key.
2014 sync_pb::EncryptedData current_encrypted
;
2015 other_cryptographer
.EncryptString("string", ¤t_encrypted
);
2016 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted
));
2018 // Check that the cryptographer can still decrypt keystore key based
2019 // encryption (due to extracting the keystore key from the encryption keybag).
2020 Cryptographer
keystore_cryptographer(GetCryptographer()->encryptor());
2021 keystore_cryptographer
.AddKey(keystore_key
);
2022 sync_pb::EncryptedData keystore_encrypted
;
2023 keystore_cryptographer
.EncryptString("string", &keystore_encrypted
);
2024 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted
));
2026 VerifyRestoreAfterCustomPassphrase(
2027 migration_time
, kCurKey
, captured_bootstrap_token
, captured_nigori_state
,
2028 FROZEN_IMPLICIT_PASSPHRASE
);
2031 // If we receive a nigori migrated and with a KEYSTORE_PASSPHRASE type, but
2032 // using an old default key (i.e. old GAIA password), we should overwrite the
2033 // nigori, updating the keybag and keystore decryptor.
2034 TEST_F(SyncEncryptionHandlerImplTest
,
2035 ReceiveMigratedNigoriWithOldPassphrase
) {
2036 const char kOldKey
[] = "old";
2037 const char kCurKey
[] = "cur";
2038 sync_pb::EncryptedData encrypted
;
2039 KeyParams old_key
= {"localhost", "dummy", kOldKey
};
2040 KeyParams cur_key
= {"localhost", "dummy", kCurKey
};
2041 GetCryptographer()->AddKey(old_key
);
2042 GetCryptographer()->AddKey(cur_key
);
2044 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
2045 other_cryptographer
.AddKey(old_key
);
2046 EXPECT_TRUE(other_cryptographer
.is_ready());
2048 EXPECT_CALL(*observer(),
2049 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2050 EXPECT_CALL(*observer(),
2051 OnEncryptedTypesChanged(_
, false));
2052 EXPECT_CALL(*observer(),
2053 OnEncryptionComplete());
2054 encryption_handler()->Init();
2055 EXPECT_TRUE(GetCryptographer()->is_ready());
2056 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2059 EXPECT_CALL(*observer(),
2060 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2061 ReadTransaction
trans(FROM_HERE
, user_share());
2062 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2064 trans
.GetWrappedTrans());
2066 EXPECT_CALL(*observer(),
2067 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
2069 Mock::VerifyAndClearExpectations(observer());
2070 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2071 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
2072 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kCurKey
);
2074 // Now build an old keystore passphrase nigori node.
2075 EXPECT_CALL(*observer(),
2076 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2077 EXPECT_CALL(*observer(), OnEncryptionComplete());
2079 WriteTransaction
trans(FROM_HERE
, user_share());
2080 WriteNode
nigori_node(&trans
);
2081 ASSERT_EQ(nigori_node
.InitTypeRoot(NIGORI
), BaseNode::INIT_OK
);
2082 sync_pb::NigoriSpecifics nigori
;
2083 Cryptographer
other_cryptographer(GetCryptographer()->encryptor());
2084 other_cryptographer
.AddKey(old_key
);
2085 encryption_handler()->GetKeystoreDecryptor(
2086 other_cryptographer
,
2088 nigori
.mutable_keystore_decryptor_token());
2089 other_cryptographer
.GetKeys(nigori
.mutable_encryption_keybag());
2090 nigori
.set_keybag_is_frozen(true);
2091 nigori
.set_encrypt_everything(false);
2092 nigori
.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE
);
2093 nigori
.set_keystore_migration_time(1);
2094 encryption_handler()->ApplyNigoriUpdate(nigori
, trans
.GetWrappedTrans());
2095 nigori_node
.SetNigoriSpecifics(nigori
);
2099 // Verify we're still migrated and have proper encryption state.
2100 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2101 EXPECT_TRUE(GetCryptographer()->is_ready());
2102 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
2103 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2104 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kCurKey
);
2107 // Trigger a key rotation upon receiving new keys if we already had a keystore
2108 // migrated nigori with the gaia key as the default (still in backwards
2109 // compatible mode).
2110 TEST_F(SyncEncryptionHandlerImplTest
, RotateKeysGaiaDefault
) {
2111 // Destroy the existing nigori node so we init without a nigori node.
2113 test_user_share_
.SetUp();
2116 const char kOldGaiaKey
[] = "old_gaia_key";
2117 const char kRawOldKeystoreKey
[] = "old_keystore_key";
2118 std::string old_keystore_key
;
2119 base::Base64Encode(kRawOldKeystoreKey
, &old_keystore_key
);
2121 ReadTransaction
trans(FROM_HERE
, user_share());
2122 EXPECT_CALL(*observer(),
2123 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2124 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2125 kRawOldKeystoreKey
),
2126 trans
.GetWrappedTrans());
2129 Mock::VerifyAndClearExpectations(observer());
2131 // Then init the nigori node with a backwards compatible set of keys.
2132 CreateRootForType(NIGORI
);
2133 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2134 InitKeystoreMigratedNigori(1, kOldGaiaKey
, old_keystore_key
);
2136 // Now set some new keystore keys.
2137 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_
)).Times(AnyNumber());
2138 EXPECT_CALL(*observer(), OnEncryptionComplete());
2140 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
2141 keys
.Add()->assign(kRawOldKeystoreKey
);
2142 keys
.Add()->assign(kRawKeystoreKey
);
2143 EXPECT_CALL(*observer(),
2144 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2145 ReadTransaction
trans(FROM_HERE
, user_share());
2146 encryption_handler()->SetKeystoreKeys(keys
,
2147 trans
.GetWrappedTrans());
2149 // Pump for any posted tasks.
2151 Mock::VerifyAndClearExpectations(observer());
2153 // Verify we're still migrated and have proper encryption state. We should
2154 // have rotated the keybag so that it's now encrypted with the newest keystore
2155 // key (instead of the old gaia key).
2156 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2157 EXPECT_TRUE(GetCryptographer()->is_ready());
2158 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
2159 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2160 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kKeystoreKey
);
2163 // Trigger a key rotation upon receiving new keys if we already had a keystore
2164 // migrated nigori with the keystore key as the default.
2165 TEST_F(SyncEncryptionHandlerImplTest
, RotateKeysKeystoreDefault
) {
2166 // Destroy the existing nigori node so we init without a nigori node.
2168 test_user_share_
.SetUp();
2171 const char kRawOldKeystoreKey
[] = "old_keystore_key";
2172 std::string old_keystore_key
;
2173 base::Base64Encode(kRawOldKeystoreKey
, &old_keystore_key
);
2175 ReadTransaction
trans(FROM_HERE
, user_share());
2176 EXPECT_CALL(*observer(),
2177 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2178 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2179 kRawOldKeystoreKey
),
2180 trans
.GetWrappedTrans());
2183 Mock::VerifyAndClearExpectations(observer());
2185 // Then init the nigori node with a non-backwards compatible set of keys.
2186 CreateRootForType(NIGORI
);
2187 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2188 InitKeystoreMigratedNigori(1, old_keystore_key
, old_keystore_key
);
2190 // Now set some new keystore keys.
2191 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_
)).Times(AnyNumber());
2192 EXPECT_CALL(*observer(), OnEncryptionComplete());
2194 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
2195 keys
.Add()->assign(kRawOldKeystoreKey
);
2196 keys
.Add()->assign(kRawKeystoreKey
);
2197 EXPECT_CALL(*observer(),
2198 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2199 ReadTransaction
trans(FROM_HERE
, user_share());
2200 encryption_handler()->SetKeystoreKeys(keys
,
2201 trans
.GetWrappedTrans());
2203 // Pump for any posted tasks.
2205 Mock::VerifyAndClearExpectations(observer());
2207 // Verify we're still migrated and have proper encryption state. We should
2208 // have rotated the keybag so that it's now encrypted with the newest keystore
2209 // key (instead of the old gaia key).
2210 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2211 EXPECT_TRUE(GetCryptographer()->is_ready());
2212 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
2213 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2214 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kKeystoreKey
);
2217 // Trigger a key rotation upon when a pending gaia passphrase is resolved.
2218 TEST_F(SyncEncryptionHandlerImplTest
, RotateKeysAfterPendingGaiaResolved
) {
2219 const char kOldGaiaKey
[] = "old_gaia_key";
2220 const char kRawOldKeystoreKey
[] = "old_keystore_key";
2222 EXPECT_CALL(*observer(), OnPassphraseRequired(_
, _
));
2223 InitUnmigratedNigori(kOldGaiaKey
, IMPLICIT_PASSPHRASE
);
2226 // Pass multiple keystore keys, signaling a rotation has happened.
2227 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
2228 keys
.Add()->assign(kRawOldKeystoreKey
);
2229 keys
.Add()->assign(kRawKeystoreKey
);
2230 ReadTransaction
trans(FROM_HERE
, user_share());
2231 EXPECT_CALL(*observer(),
2232 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2233 encryption_handler()->SetKeystoreKeys(keys
,
2234 trans
.GetWrappedTrans());
2237 Mock::VerifyAndClearExpectations(observer());
2239 // Resolve the pending keys. This should trigger the key rotation.
2240 EXPECT_CALL(*observer(),
2241 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2242 EXPECT_CALL(*observer(),
2243 OnPassphraseAccepted());
2244 EXPECT_CALL(*observer(),
2245 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
2246 EXPECT_CALL(*observer(),
2247 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
2248 EXPECT_CALL(*observer(),
2249 OnEncryptionComplete()).Times(AtLeast(1));
2250 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
2251 encryption_handler()->SetDecryptionPassphrase(kOldGaiaKey
);
2252 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2253 EXPECT_EQ(KEYSTORE_PASSPHRASE
, encryption_handler()->GetPassphraseType());
2254 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kKeystoreKey
);
2257 // When signing in for the first time, make sure we can rotate keys if we
2258 // already have a keystore migrated nigori.
2259 TEST_F(SyncEncryptionHandlerImplTest
, RotateKeysGaiaDefaultOnInit
) {
2260 // Destroy the existing nigori node so we init without a nigori node.
2262 test_user_share_
.SetUp();
2265 const char kOldGaiaKey
[] = "old_gaia_key";
2266 const char kRawOldKeystoreKey
[] = "old_keystore_key";
2267 std::string old_keystore_key
;
2268 base::Base64Encode(kRawOldKeystoreKey
, &old_keystore_key
);
2270 // Set two keys, signaling that a rotation has been performed. No nigori
2271 // node is present yet, so we can't rotate.
2273 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
2274 keys
.Add()->assign(kRawOldKeystoreKey
);
2275 keys
.Add()->assign(kRawKeystoreKey
);
2276 EXPECT_CALL(*observer(),
2277 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2278 ReadTransaction
trans(FROM_HERE
, user_share());
2279 encryption_handler()->SetKeystoreKeys(keys
,
2280 trans
.GetWrappedTrans());
2283 // Then init the nigori node with an old set of keys.
2284 CreateRootForType(NIGORI
);
2285 EXPECT_CALL(*observer(), OnPassphraseAccepted());
2286 InitKeystoreMigratedNigori(1, kOldGaiaKey
, old_keystore_key
);
2288 Mock::VerifyAndClearExpectations(observer());
2290 // Verify we're still migrated and have proper encryption state. We should
2291 // have rotated the keybag so that it's now encrypted with the newest keystore
2292 // key (instead of the old gaia key).
2293 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2294 EXPECT_TRUE(GetCryptographer()->is_ready());
2295 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE
);
2296 EXPECT_FALSE(encryption_handler()->IsEncryptEverythingEnabled());
2297 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kKeystoreKey
);
2300 // Trigger a key rotation when a migrated nigori (with an old keystore key) is
2302 TEST_F(SyncEncryptionHandlerImplTest
, RotateKeysWhenMigratedNigoriArrives
) {
2303 const char kOldGaiaKey
[] = "old_gaia_key";
2304 const char kRawOldKeystoreKey
[] = "old_keystore_key";
2305 std::string old_keystore_key
;
2306 base::Base64Encode(kRawOldKeystoreKey
, &old_keystore_key
);
2308 EXPECT_CALL(*observer(), OnPassphraseRequired(_
, _
));
2309 InitUnmigratedNigori(kOldGaiaKey
, IMPLICIT_PASSPHRASE
);
2312 // Pass multiple keystore keys, signaling a rotation has happened.
2313 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
2314 keys
.Add()->assign(kRawOldKeystoreKey
);
2315 keys
.Add()->assign(kRawKeystoreKey
);
2316 ReadTransaction
trans(FROM_HERE
, user_share());
2317 EXPECT_CALL(*observer(),
2318 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2319 encryption_handler()->SetKeystoreKeys(keys
,
2320 trans
.GetWrappedTrans());
2323 Mock::VerifyAndClearExpectations(observer());
2325 // Now simulate downloading a nigori node that was migrated before the
2326 // keys were rotated, and hence still encrypt with the old gaia key.
2327 EXPECT_CALL(*observer(),
2328 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2329 EXPECT_CALL(*observer(),
2330 OnPassphraseAccepted());
2331 EXPECT_CALL(*observer(),
2332 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
2333 EXPECT_CALL(*observer(),
2334 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
));
2335 EXPECT_CALL(*observer(),
2336 OnEncryptionComplete()).Times(AtLeast(1));
2338 sync_pb::NigoriSpecifics nigori
= BuildMigratedNigori(
2339 KEYSTORE_PASSPHRASE
,
2343 // Update the encryption handler.
2344 WriteTransaction
trans(FROM_HERE
, user_share());
2345 encryption_handler()->ApplyNigoriUpdate(
2347 trans
.GetWrappedTrans());
2349 EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
2352 EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
2353 EXPECT_EQ(KEYSTORE_PASSPHRASE
, encryption_handler()->GetPassphraseType());
2354 VerifyMigratedNigori(KEYSTORE_PASSPHRASE
, kKeystoreKey
);
2357 // Verify that performing a migration while having more than one keystore key
2358 // preserves a custom passphrase.
2359 TEST_F(SyncEncryptionHandlerImplTest
, RotateKeysUnmigratedCustomPassphrase
) {
2360 const char kCustomPass
[] = "custom_passphrase";
2361 const char kRawOldKeystoreKey
[] = "old_keystore_key";
2363 EXPECT_CALL(*observer(), OnPassphraseRequired(_
, _
));
2364 InitUnmigratedNigori(kCustomPass
, CUSTOM_PASSPHRASE
);
2367 // Pass multiple keystore keys, signaling a rotation has happened.
2368 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
2369 keys
.Add()->assign(kRawOldKeystoreKey
);
2370 keys
.Add()->assign(kRawKeystoreKey
);
2371 ReadTransaction
trans(FROM_HERE
, user_share());
2372 EXPECT_CALL(*observer(),
2373 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2374 encryption_handler()->SetKeystoreKeys(keys
,
2375 trans
.GetWrappedTrans());
2378 Mock::VerifyAndClearExpectations(observer());
2380 // Pass the decryption passphrase. This will also trigger the migration,
2381 // but should not overwrite the default key.
2382 EXPECT_CALL(*observer(),
2383 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2384 EXPECT_CALL(*observer(),
2385 OnPassphraseAccepted());
2386 EXPECT_CALL(*observer(),
2387 OnEncryptedTypesChanged(_
, true));
2388 SyncEncryptionHandler::NigoriState captured_nigori_state
;
2389 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
2390 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
2391 EXPECT_CALL(*observer(),
2392 OnEncryptionComplete()).Times(AnyNumber());
2393 std::string captured_bootstrap_token
;
2394 EXPECT_CALL(*observer(),
2395 OnBootstrapTokenUpdated(_
, PASSPHRASE_BOOTSTRAP_TOKEN
))
2396 .WillOnce(testing::SaveArg
<0>(&captured_bootstrap_token
));
2397 encryption_handler()->SetDecryptionPassphrase(kCustomPass
);
2398 Mock::VerifyAndClearExpectations(observer());
2400 VerifyMigratedNigori(CUSTOM_PASSPHRASE
, kCustomPass
);
2402 const base::Time migration_time
= encryption_handler()->migration_time();
2403 VerifyRestoreAfterCustomPassphrase(TimeToProtoTime(migration_time
),
2404 kCustomPass
, captured_bootstrap_token
,
2405 captured_nigori_state
, CUSTOM_PASSPHRASE
);
2408 // Verify that a key rotation done after we've migrated a custom passphrase
2409 // nigori node preserves the custom passphrase.
2410 TEST_F(SyncEncryptionHandlerImplTest
, RotateKeysMigratedCustomPassphrase
) {
2411 const char kCustomPass
[] = "custom_passphrase";
2412 const char kRawOldKeystoreKey
[] = "old_keystore_key";
2414 KeyParams custom_key
= {"localhost", "dummy", kCustomPass
};
2415 GetCryptographer()->AddKey(custom_key
);
2417 const int64 migration_time
= 1;
2418 InitCustomPassMigratedNigori(migration_time
, kCustomPass
);
2419 VerifyMigratedNigoriWithTimestamp(migration_time
, CUSTOM_PASSPHRASE
,
2422 SyncEncryptionHandler::NigoriState captured_nigori_state
;
2424 // Pass multiple keystore keys, signaling a rotation has happened.
2425 google::protobuf::RepeatedPtrField
<google::protobuf::string
> keys
;
2426 keys
.Add()->assign(kRawOldKeystoreKey
);
2427 keys
.Add()->assign(kRawKeystoreKey
);
2428 ReadTransaction
trans(FROM_HERE
, user_share());
2429 EXPECT_CALL(*observer(),
2430 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2431 EXPECT_CALL(*observer(),
2432 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2433 EXPECT_CALL(*observer(), OnLocalSetPassphraseEncryption(_
))
2434 .WillOnce(testing::SaveArg
<0>(&captured_nigori_state
));
2435 encryption_handler()->SetKeystoreKeys(keys
,
2436 trans
.GetWrappedTrans());
2439 Mock::VerifyAndClearExpectations(observer());
2441 VerifyMigratedNigoriWithTimestamp(migration_time
, CUSTOM_PASSPHRASE
,
2444 // We need the passphrase bootstrap token, but OnBootstrapTokenUpdated(_,
2445 // PASSPHRASE_BOOTSTRAP_TOKEN) has not been invoked (because it was invoked
2446 // during a previous instance) so get it from the Cryptographer.
2447 std::string passphrase_bootstrap_token
;
2448 GetCryptographer()->GetBootstrapToken(&passphrase_bootstrap_token
);
2449 VerifyRestoreAfterCustomPassphrase(migration_time
, kCustomPass
,
2450 passphrase_bootstrap_token
,
2451 captured_nigori_state
, CUSTOM_PASSPHRASE
);
2454 // Verify that the client can gracefully handle a nigori node that is missing
2455 // the keystore migration time field.
2456 TEST_F(SyncEncryptionHandlerImplTest
, MissingKeystoreMigrationTime
) {
2457 EXPECT_CALL(*observer(),
2458 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2459 EXPECT_CALL(*observer(),
2460 OnPassphraseRequired(_
, _
));
2461 EXPECT_CALL(*observer(),
2462 OnEncryptedTypesChanged(_
, false));
2463 encryption_handler()->Init();
2464 Mock::VerifyAndClearExpectations(observer());
2466 // Now simulate downloading a nigori node that that is missing the keystore
2467 // migration time. It should be interpreted properly, and the passphrase type
2468 // should switch to keystore passphrase.
2469 EXPECT_CALL(*observer(),
2470 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2471 EXPECT_CALL(*observer(),
2472 OnPassphraseRequired(_
, _
));
2473 EXPECT_CALL(*observer(),
2474 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE
, _
));
2476 sync_pb::NigoriSpecifics nigori
= BuildMigratedNigori(
2477 KEYSTORE_PASSPHRASE
,
2481 nigori
.clear_keystore_migration_time();
2482 // Update the encryption handler.
2483 WriteTransaction
trans(FROM_HERE
, user_share());
2484 encryption_handler()->ApplyNigoriUpdate(
2486 trans
.GetWrappedTrans());
2488 Mock::VerifyAndClearExpectations(observer());
2490 // Now provide the keystore key to fully initialize the cryptographer.
2491 EXPECT_CALL(*observer(),
2492 OnCryptographerStateChanged(_
)).Times(AnyNumber());
2493 EXPECT_CALL(*observer(),
2494 OnBootstrapTokenUpdated(_
, KEYSTORE_BOOTSTRAP_TOKEN
));
2496 ReadTransaction
trans(FROM_HERE
, user_share());
2497 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
2499 trans
.GetWrappedTrans());
2504 } // namespace syncer