1 // Copyright 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "sync/internal_api/sync_encryption_handler_impl.h" 6 7 #include <string> 8 9 #include "base/base64.h" 10 #include "base/json/json_string_value_serializer.h" 11 #include "base/memory/scoped_ptr.h" 12 #include "base/message_loop/message_loop.h" 13 #include "base/tracked_objects.h" 14 #include "sync/internal_api/public/base/model_type_test_util.h" 15 #include "sync/internal_api/public/read_node.h" 16 #include "sync/internal_api/public/read_transaction.h" 17 #include "sync/internal_api/public/test/test_user_share.h" 18 #include "sync/internal_api/public/write_node.h" 19 #include "sync/internal_api/public/write_transaction.h" 20 #include "sync/protocol/nigori_specifics.pb.h" 21 #include "sync/protocol/sync.pb.h" 22 #include "sync/syncable/entry.h" 23 #include "sync/syncable/mutable_entry.h" 24 #include "sync/syncable/syncable_write_transaction.h" 25 #include "sync/test/engine/test_id_factory.h" 26 #include "sync/test/fake_encryptor.h" 27 #include "sync/util/cryptographer.h" 28 #include "testing/gmock/include/gmock/gmock.h" 29 #include "testing/gtest/include/gtest/gtest.h" 30 31 namespace syncer { 32 33 namespace { 34 35 using ::testing::_; 36 using ::testing::AnyNumber; 37 using ::testing::AtLeast; 38 using ::testing::Mock; 39 using ::testing::SaveArg; 40 using ::testing::StrictMock; 41 42 // The raw keystore key the server sends. 43 static const char kRawKeystoreKey[] = "keystore_key"; 44 // Base64 encoded version of |kRawKeystoreKey|. 45 static const char kKeystoreKey[] = "a2V5c3RvcmVfa2V5"; 46 47 class SyncEncryptionHandlerObserverMock 48 : public SyncEncryptionHandler::Observer { 49 public: 50 MOCK_METHOD2(OnPassphraseRequired, 51 void(PassphraseRequiredReason, 52 const sync_pb::EncryptedData&)); // NOLINT 53 MOCK_METHOD0(OnPassphraseAccepted, void()); // NOLINT 54 MOCK_METHOD2(OnBootstrapTokenUpdated, 55 void(const std::string&, BootstrapTokenType type)); // NOLINT 56 MOCK_METHOD2(OnEncryptedTypesChanged, 57 void(ModelTypeSet, bool)); // NOLINT 58 MOCK_METHOD0(OnEncryptionComplete, void()); // NOLINT 59 MOCK_METHOD1(OnCryptographerStateChanged, void(Cryptographer*)); // NOLINT 60 MOCK_METHOD2(OnPassphraseTypeChanged, void(PassphraseType, 61 base::Time)); // NOLINT 62 }; 63 64 google::protobuf::RepeatedPtrField<google::protobuf::string> 65 BuildEncryptionKeyProto(std::string encryption_key) { 66 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 67 keys.Add()->assign(encryption_key); 68 return keys; 69 } 70 71 } // namespace 72 73 class SyncEncryptionHandlerImplTest : public ::testing::Test { 74 public: 75 SyncEncryptionHandlerImplTest() {} 76 virtual ~SyncEncryptionHandlerImplTest() {} 77 78 virtual void SetUp() { 79 test_user_share_.SetUp(); 80 SetUpEncryption(); 81 CreateRootForType(NIGORI); 82 } 83 84 virtual void TearDown() { 85 PumpLoop(); 86 test_user_share_.TearDown(); 87 } 88 89 protected: 90 void SetUpEncryption() { 91 encryption_handler_.reset( 92 new SyncEncryptionHandlerImpl(user_share(), 93 &encryptor_, 94 std::string(), 95 std::string() /* bootstrap tokens */)); 96 encryption_handler_->AddObserver(&observer_); 97 } 98 99 void CreateRootForType(ModelType model_type) { 100 syncer::syncable::Directory* directory = user_share()->directory.get(); 101 102 std::string tag_name = ModelTypeToRootTag(model_type); 103 104 syncable::WriteTransaction wtrans(FROM_HERE, syncable::UNITTEST, directory); 105 syncable::MutableEntry node(&wtrans, 106 syncable::CREATE, 107 model_type, 108 wtrans.root_id(), 109 tag_name); 110 node.PutUniqueServerTag(tag_name); 111 node.PutIsDir(true); 112 node.PutServerIsDir(false); 113 node.PutIsUnsynced(false); 114 node.PutIsUnappliedUpdate(false); 115 node.PutServerVersion(20); 116 node.PutBaseVersion(20); 117 node.PutIsDel(false); 118 node.PutId(ids_.MakeServer(tag_name)); 119 sync_pb::EntitySpecifics specifics; 120 syncer::AddDefaultFieldValue(model_type, &specifics); 121 node.PutSpecifics(specifics); 122 } 123 124 void PumpLoop() { 125 message_loop_.RunUntilIdle(); 126 } 127 128 // Getters for tests. 129 UserShare* user_share() { return test_user_share_.user_share(); } 130 SyncEncryptionHandlerImpl* encryption_handler() { 131 return encryption_handler_.get(); 132 } 133 SyncEncryptionHandlerObserverMock* observer() { return &observer_; } 134 Cryptographer* GetCryptographer() { 135 return encryption_handler_->GetCryptographerUnsafe(); 136 } 137 138 void VerifyMigratedNigori(PassphraseType passphrase_type, 139 const std::string& passphrase) { 140 VerifyMigratedNigoriWithTimestamp(0, passphrase_type, passphrase); 141 } 142 143 void VerifyMigratedNigoriWithTimestamp( 144 int64 migration_time, 145 PassphraseType passphrase_type, 146 const std::string& passphrase) { 147 ReadTransaction trans(FROM_HERE, user_share()); 148 ReadNode nigori_node(&trans); 149 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 150 const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics(); 151 if (migration_time > 0) 152 EXPECT_EQ(migration_time, nigori.keystore_migration_time()); 153 else 154 EXPECT_TRUE(nigori.has_keystore_migration_time()); 155 EXPECT_TRUE(nigori.keybag_is_frozen()); 156 if (passphrase_type == CUSTOM_PASSPHRASE || 157 passphrase_type == FROZEN_IMPLICIT_PASSPHRASE) { 158 EXPECT_TRUE(nigori.encrypt_everything()); 159 EXPECT_TRUE(nigori.keystore_decryptor_token().blob().empty()); 160 if (passphrase_type == CUSTOM_PASSPHRASE) { 161 EXPECT_EQ(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE, 162 nigori.passphrase_type()); 163 if (!encryption_handler()->custom_passphrase_time().is_null()) { 164 EXPECT_EQ(nigori.custom_passphrase_time(), 165 TimeToProtoTime( 166 encryption_handler()->custom_passphrase_time())); 167 } 168 } else { 169 EXPECT_EQ(sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE, 170 nigori.passphrase_type()); 171 } 172 } else { 173 EXPECT_FALSE(nigori.encrypt_everything()); 174 EXPECT_FALSE(nigori.keystore_decryptor_token().blob().empty()); 175 EXPECT_EQ(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE, 176 nigori.passphrase_type()); 177 Cryptographer keystore_cryptographer(&encryptor_); 178 KeyParams params = {"localhost", "dummy", kKeystoreKey}; 179 keystore_cryptographer.AddKey(params); 180 EXPECT_TRUE(keystore_cryptographer.CanDecryptUsingDefaultKey( 181 nigori.keystore_decryptor_token())); 182 } 183 184 Cryptographer temp_cryptographer(&encryptor_); 185 KeyParams params = {"localhost", "dummy", passphrase}; 186 temp_cryptographer.AddKey(params); 187 EXPECT_TRUE(temp_cryptographer.CanDecryptUsingDefaultKey( 188 nigori.encryption_keybag())); 189 } 190 191 sync_pb::NigoriSpecifics BuildMigratedNigori( 192 PassphraseType passphrase_type, 193 int64 migration_time, 194 const std::string& default_passphrase, 195 const std::string& keystore_key) { 196 DCHECK_NE(passphrase_type, IMPLICIT_PASSPHRASE); 197 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 198 199 std::string default_key = default_passphrase; 200 if (default_key.empty()) { 201 default_key = keystore_key; 202 } else { 203 KeyParams keystore_params = {"localhost", "dummy", keystore_key}; 204 other_cryptographer.AddKey(keystore_params); 205 } 206 KeyParams params = {"localhost", "dummy", default_key}; 207 other_cryptographer.AddKey(params); 208 EXPECT_TRUE(other_cryptographer.is_ready()); 209 210 sync_pb::NigoriSpecifics nigori; 211 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 212 nigori.set_keybag_is_frozen(true); 213 nigori.set_keystore_migration_time(migration_time); 214 215 if (passphrase_type == KEYSTORE_PASSPHRASE) { 216 sync_pb::EncryptedData keystore_decryptor_token; 217 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 218 other_cryptographer, 219 keystore_key, 220 &keystore_decryptor_token)); 221 nigori.mutable_keystore_decryptor_token()->CopyFrom( 222 keystore_decryptor_token); 223 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 224 } else { 225 nigori.set_encrypt_everything(true); 226 nigori.set_passphrase_type( 227 passphrase_type == CUSTOM_PASSPHRASE ? 228 sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE : 229 sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE); 230 } 231 return nigori; 232 } 233 234 // Build a migrated nigori node with the specified default passphrase 235 // and keystore key and initialize the encryption handler with it. 236 void InitKeystoreMigratedNigori(int64 migration_time, 237 const std::string& default_passphrase, 238 const std::string& keystore_key) { 239 { 240 WriteTransaction trans(FROM_HERE, user_share()); 241 WriteNode nigori_node(&trans); 242 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 243 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori( 244 KEYSTORE_PASSPHRASE, 245 migration_time, 246 default_passphrase, 247 keystore_key); 248 nigori_node.SetNigoriSpecifics(nigori); 249 } 250 251 EXPECT_CALL(*observer(), 252 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 253 EXPECT_CALL(*observer(), 254 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 255 EXPECT_CALL(*observer(), 256 OnCryptographerStateChanged(_)).Times(AtLeast(1)); 257 EXPECT_CALL(*observer(), 258 OnEncryptedTypesChanged(_, false)); 259 EXPECT_CALL(*observer(), 260 OnEncryptionComplete()).Times(AtLeast(1)); 261 encryption_handler()->Init(); 262 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 263 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 264 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 265 Mock::VerifyAndClearExpectations(observer()); 266 } 267 268 // Build a migrated nigori node with the specified default passphrase 269 // as a custom passphrase. 270 void InitCustomPassMigratedNigori(int64 migration_time, 271 const std::string& default_passphrase) { 272 { 273 WriteTransaction trans(FROM_HERE, user_share()); 274 WriteNode nigori_node(&trans); 275 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 276 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori( 277 CUSTOM_PASSPHRASE, 278 migration_time, 279 default_passphrase, 280 kKeystoreKey); 281 nigori_node.SetNigoriSpecifics(nigori); 282 } 283 284 EXPECT_CALL(*observer(), 285 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 286 EXPECT_CALL(*observer(), 287 OnCryptographerStateChanged(_)).Times(AtLeast(1)); 288 EXPECT_CALL(*observer(), 289 OnEncryptedTypesChanged(_, true)).Times(AtLeast(1)); 290 EXPECT_CALL(*observer(), 291 OnEncryptionComplete()).Times(AtLeast(1)); 292 encryption_handler()->Init(); 293 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 294 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE); 295 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 296 Mock::VerifyAndClearExpectations(observer()); 297 } 298 299 // Build an unmigrated nigori node with the specified passphrase and type and 300 // initialize the encryption handler with it. 301 void InitUnmigratedNigori(const std::string& default_passphrase, 302 PassphraseType passphrase_type) { 303 DCHECK_NE(passphrase_type, FROZEN_IMPLICIT_PASSPHRASE); 304 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 305 KeyParams default_key = {"localhost", "dummy", default_passphrase}; 306 other_cryptographer.AddKey(default_key); 307 EXPECT_TRUE(other_cryptographer.is_ready()); 308 309 { 310 WriteTransaction trans(FROM_HERE, user_share()); 311 WriteNode nigori_node(&trans); 312 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 313 sync_pb::NigoriSpecifics nigori; 314 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 315 nigori.set_keybag_is_frozen(passphrase_type == CUSTOM_PASSPHRASE); 316 nigori_node.SetNigoriSpecifics(nigori); 317 } 318 319 if (passphrase_type != IMPLICIT_PASSPHRASE) { 320 EXPECT_CALL(*observer(), 321 OnPassphraseTypeChanged(passphrase_type, _)); 322 } 323 EXPECT_CALL(*observer(), 324 OnCryptographerStateChanged(_)).Times(AtLeast(1)); 325 EXPECT_CALL(*observer(), 326 OnEncryptedTypesChanged(_, false)); 327 encryption_handler()->Init(); 328 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 329 EXPECT_EQ(encryption_handler()->GetPassphraseType(), passphrase_type); 330 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 331 Mock::VerifyAndClearExpectations(observer()); 332 } 333 334 protected: 335 TestUserShare test_user_share_; 336 FakeEncryptor encryptor_; 337 scoped_ptr<SyncEncryptionHandlerImpl> encryption_handler_; 338 StrictMock<SyncEncryptionHandlerObserverMock> observer_; 339 TestIdFactory ids_; 340 base::MessageLoop message_loop_; 341 }; 342 343 // Verify that the encrypted types are being written to and read from the 344 // nigori node properly. 345 TEST_F(SyncEncryptionHandlerImplTest, NigoriEncryptionTypes) { 346 sync_pb::NigoriSpecifics nigori; 347 348 StrictMock<SyncEncryptionHandlerObserverMock> observer2; 349 SyncEncryptionHandlerImpl handler2(user_share(), 350 &encryptor_, 351 std::string(), 352 std::string() /* bootstrap tokens */); 353 handler2.AddObserver(&observer2); 354 355 // Just set the sensitive types (shouldn't trigger any notifications). 356 ModelTypeSet encrypted_types(SyncEncryptionHandler::SensitiveTypes()); 357 { 358 WriteTransaction trans(FROM_HERE, user_share()); 359 encryption_handler()->MergeEncryptedTypes( 360 encrypted_types, 361 trans.GetWrappedTrans()); 362 encryption_handler()->UpdateNigoriFromEncryptedTypes( 363 &nigori, 364 trans.GetWrappedTrans()); 365 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans()); 366 } 367 EXPECT_TRUE(encrypted_types.Equals( 368 encryption_handler()->GetEncryptedTypesUnsafe())); 369 EXPECT_TRUE(encrypted_types.Equals( 370 handler2.GetEncryptedTypesUnsafe())); 371 372 Mock::VerifyAndClearExpectations(observer()); 373 Mock::VerifyAndClearExpectations(&observer2); 374 375 ModelTypeSet encrypted_user_types = EncryptableUserTypes(); 376 377 EXPECT_CALL(*observer(), 378 OnEncryptedTypesChanged( 379 HasModelTypes(encrypted_user_types), false)); 380 EXPECT_CALL(observer2, 381 OnEncryptedTypesChanged( 382 HasModelTypes(encrypted_user_types), false)); 383 384 // Set all encrypted types 385 encrypted_types = EncryptableUserTypes(); 386 { 387 WriteTransaction trans(FROM_HERE, user_share()); 388 encryption_handler()->MergeEncryptedTypes( 389 encrypted_types, 390 trans.GetWrappedTrans()); 391 encryption_handler()->UpdateNigoriFromEncryptedTypes( 392 &nigori, 393 trans.GetWrappedTrans()); 394 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans()); 395 } 396 EXPECT_TRUE(encrypted_types.Equals( 397 encryption_handler()->GetEncryptedTypesUnsafe())); 398 EXPECT_TRUE(encrypted_types.Equals(handler2.GetEncryptedTypesUnsafe())); 399 400 // Receiving an empty nigori should not reset any encrypted types or trigger 401 // an observer notification. 402 Mock::VerifyAndClearExpectations(observer()); 403 Mock::VerifyAndClearExpectations(&observer2); 404 nigori = sync_pb::NigoriSpecifics(); 405 { 406 WriteTransaction trans(FROM_HERE, user_share()); 407 handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans()); 408 } 409 EXPECT_TRUE(encrypted_types.Equals( 410 encryption_handler()->GetEncryptedTypesUnsafe())); 411 } 412 413 // Verify the encryption handler processes the encrypt everything field 414 // properly. 415 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingExplicit) { 416 sync_pb::NigoriSpecifics nigori; 417 nigori.set_encrypt_everything(true); 418 419 EXPECT_CALL(*observer(), 420 OnEncryptedTypesChanged( 421 HasModelTypes(EncryptableUserTypes()), true)); 422 423 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 424 ModelTypeSet encrypted_types = 425 encryption_handler()->GetEncryptedTypesUnsafe(); 426 EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(PASSWORDS))); 427 428 { 429 WriteTransaction trans(FROM_HERE, user_share()); 430 encryption_handler()->UpdateEncryptedTypesFromNigori( 431 nigori, 432 trans.GetWrappedTrans()); 433 } 434 435 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 436 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe(); 437 EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes())); 438 439 // Receiving the nigori node again shouldn't trigger another notification. 440 Mock::VerifyAndClearExpectations(observer()); 441 { 442 WriteTransaction trans(FROM_HERE, user_share()); 443 encryption_handler()->UpdateEncryptedTypesFromNigori( 444 nigori, 445 trans.GetWrappedTrans()); 446 } 447 } 448 449 // Verify the encryption handler can detect an implicit encrypt everything state 450 // (from clients that failed to write the encrypt everything field). 451 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingImplicit) { 452 sync_pb::NigoriSpecifics nigori; 453 nigori.set_encrypt_bookmarks(true); // Non-passwords = encrypt everything 454 455 EXPECT_CALL(*observer(), 456 OnEncryptedTypesChanged( 457 HasModelTypes(EncryptableUserTypes()), true)); 458 459 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 460 ModelTypeSet encrypted_types = 461 encryption_handler()->GetEncryptedTypesUnsafe(); 462 EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(PASSWORDS))); 463 464 { 465 WriteTransaction trans(FROM_HERE, user_share()); 466 encryption_handler()->UpdateEncryptedTypesFromNigori( 467 nigori, 468 trans.GetWrappedTrans()); 469 } 470 471 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 472 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe(); 473 EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes())); 474 475 // Receiving a nigori node with encrypt everything explicitly set shouldn't 476 // trigger another notification. 477 Mock::VerifyAndClearExpectations(observer()); 478 nigori.set_encrypt_everything(true); 479 { 480 WriteTransaction trans(FROM_HERE, user_share()); 481 encryption_handler()->UpdateEncryptedTypesFromNigori( 482 nigori, 483 trans.GetWrappedTrans()); 484 } 485 } 486 487 // Verify the encryption handler can deal with new versions treating new types 488 // as Sensitive, and that it does not consider this an implicit encrypt 489 // everything case. 490 TEST_F(SyncEncryptionHandlerImplTest, UnknownSensitiveTypes) { 491 sync_pb::NigoriSpecifics nigori; 492 nigori.set_encrypt_everything(false); 493 nigori.set_encrypt_bookmarks(true); 494 495 ModelTypeSet expected_encrypted_types = 496 SyncEncryptionHandler::SensitiveTypes(); 497 expected_encrypted_types.Put(BOOKMARKS); 498 499 EXPECT_CALL(*observer(), 500 OnEncryptedTypesChanged( 501 HasModelTypes(expected_encrypted_types), false)); 502 503 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 504 ModelTypeSet encrypted_types = 505 encryption_handler()->GetEncryptedTypesUnsafe(); 506 EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(PASSWORDS))); 507 508 { 509 WriteTransaction trans(FROM_HERE, user_share()); 510 encryption_handler()->UpdateEncryptedTypesFromNigori( 511 nigori, 512 trans.GetWrappedTrans()); 513 } 514 515 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 516 encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe(); 517 EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(BOOKMARKS, PASSWORDS))); 518 } 519 520 // Receive an old nigori with old encryption keys and encrypted types. We should 521 // not revert our default key or encrypted types, and should post a task to 522 // overwrite the existing nigori with the correct data. 523 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldNigori) { 524 KeyParams old_key = {"localhost", "dummy", "old"}; 525 KeyParams current_key = {"localhost", "dummy", "cur"}; 526 527 // Data for testing encryption/decryption. 528 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 529 other_cryptographer.AddKey(old_key); 530 sync_pb::EntitySpecifics other_encrypted_specifics; 531 other_encrypted_specifics.mutable_bookmark()->set_title("title"); 532 other_cryptographer.Encrypt( 533 other_encrypted_specifics, 534 other_encrypted_specifics.mutable_encrypted()); 535 sync_pb::EntitySpecifics our_encrypted_specifics; 536 our_encrypted_specifics.mutable_bookmark()->set_title("title2"); 537 ModelTypeSet encrypted_types = EncryptableUserTypes(); 538 539 // Set up the current encryption state (containing both keys and encrypt 540 // everything). 541 sync_pb::NigoriSpecifics current_nigori_specifics; 542 GetCryptographer()->AddKey(old_key); 543 GetCryptographer()->AddKey(current_key); 544 GetCryptographer()->Encrypt( 545 our_encrypted_specifics, 546 our_encrypted_specifics.mutable_encrypted()); 547 GetCryptographer()->GetKeys( 548 current_nigori_specifics.mutable_encryption_keybag()); 549 current_nigori_specifics.set_encrypt_everything(true); 550 551 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber()); 552 EXPECT_CALL(*observer(), OnEncryptedTypesChanged( 553 HasModelTypes(EncryptableUserTypes()), true)); 554 { 555 // Update the encryption handler. 556 WriteTransaction trans(FROM_HERE, user_share()); 557 encryption_handler()->ApplyNigoriUpdate( 558 current_nigori_specifics, 559 trans.GetWrappedTrans()); 560 } 561 Mock::VerifyAndClearExpectations(observer()); 562 563 // Now set up the old nigori specifics and apply it on top. 564 // Has an old set of keys, and no encrypted types. 565 sync_pb::NigoriSpecifics old_nigori; 566 other_cryptographer.GetKeys(old_nigori.mutable_encryption_keybag()); 567 568 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber()); 569 { 570 // Update the encryption handler. 571 WriteTransaction trans(FROM_HERE, user_share()); 572 encryption_handler()->ApplyNigoriUpdate( 573 old_nigori, 574 trans.GetWrappedTrans()); 575 } 576 EXPECT_TRUE(GetCryptographer()->is_ready()); 577 EXPECT_FALSE(GetCryptographer()->has_pending_keys()); 578 579 // Encryption handler should have posted a task to overwrite the old 580 // specifics. 581 PumpLoop(); 582 583 { 584 // The cryptographer should be able to decrypt both sets of keys and still 585 // be encrypting with the newest, and the encrypted types should be the 586 // most recent. 587 // In addition, the nigori node should match the current encryption state. 588 ReadTransaction trans(FROM_HERE, user_share()); 589 ReadNode nigori_node(&trans); 590 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 591 const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics(); 592 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey( 593 our_encrypted_specifics.encrypted())); 594 EXPECT_TRUE(GetCryptographer()->CanDecrypt( 595 other_encrypted_specifics.encrypted())); 596 EXPECT_TRUE(GetCryptographer()->CanDecrypt(nigori.encryption_keybag())); 597 EXPECT_TRUE(nigori.encrypt_everything()); 598 EXPECT_TRUE( 599 GetCryptographer()->CanDecryptUsingDefaultKey( 600 nigori.encryption_keybag())); 601 } 602 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 603 } 604 605 // Ensure setting the keystore key works, updates the bootstrap token, and 606 // triggers a non-backwards compatible migration. Then verify that the 607 // bootstrap token can be correctly parsed by the encryption handler at startup 608 // time. 609 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreMigratesAndUpdatesBootstrap) { 610 // Passing no keys should do nothing. 611 EXPECT_CALL(*observer(), OnBootstrapTokenUpdated(_, _)).Times(0); 612 { 613 WriteTransaction trans(FROM_HERE, user_share()); 614 EXPECT_FALSE(GetCryptographer()->is_initialized()); 615 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans())); 616 EXPECT_FALSE(encryption_handler()->SetKeystoreKeys( 617 BuildEncryptionKeyProto(std::string()), trans.GetWrappedTrans())); 618 EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans())); 619 } 620 Mock::VerifyAndClearExpectations(observer()); 621 622 // Build a set of keystore keys. 623 const char kRawOldKeystoreKey[] = "old_keystore_key"; 624 std::string old_keystore_key; 625 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key); 626 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 627 keys.Add()->assign(kRawOldKeystoreKey); 628 keys.Add()->assign(kRawKeystoreKey); 629 630 // Pass them to the encryption handler, triggering a migration and bootstrap 631 // token update. 632 std::string encoded_key; 633 std::string keystore_bootstrap; 634 EXPECT_CALL(*observer(), OnEncryptionComplete()); 635 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)); 636 EXPECT_CALL(*observer(), OnPassphraseAccepted()); 637 EXPECT_CALL(*observer(), OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 638 EXPECT_CALL(*observer(), 639 OnBootstrapTokenUpdated(_, 640 KEYSTORE_BOOTSTRAP_TOKEN)). 641 WillOnce(SaveArg<0>(&keystore_bootstrap)); 642 { 643 WriteTransaction trans(FROM_HERE, user_share()); 644 EXPECT_TRUE( 645 encryption_handler()->SetKeystoreKeys( 646 keys, 647 trans.GetWrappedTrans())); 648 EXPECT_FALSE( 649 encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans())); 650 EXPECT_FALSE(GetCryptographer()->is_initialized()); 651 } 652 PumpLoop(); 653 EXPECT_TRUE(GetCryptographer()->is_initialized()); 654 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey); 655 656 // Ensure the bootstrap is encoded properly (a base64 encoded encrypted blob 657 // of list values containing the keystore keys). 658 std::string decoded_bootstrap; 659 ASSERT_TRUE(base::Base64Decode(keystore_bootstrap, &decoded_bootstrap)); 660 std::string decrypted_bootstrap; 661 ASSERT_TRUE( 662 GetCryptographer()->encryptor()->DecryptString(decoded_bootstrap, 663 &decrypted_bootstrap)); 664 JSONStringValueSerializer json(decrypted_bootstrap); 665 scoped_ptr<base::Value> deserialized_keystore_keys( 666 json.Deserialize(NULL, NULL)); 667 ASSERT_TRUE(deserialized_keystore_keys.get()); 668 base::ListValue* keystore_list = NULL; 669 deserialized_keystore_keys->GetAsList(&keystore_list); 670 ASSERT_TRUE(keystore_list); 671 ASSERT_EQ(2U, keystore_list->GetSize()); 672 std::string test_string; 673 keystore_list->GetString(0, &test_string); 674 ASSERT_EQ(old_keystore_key, test_string); 675 keystore_list->GetString(1, &test_string); 676 ASSERT_EQ(kKeystoreKey, test_string); 677 678 679 // Now make sure a new encryption handler can correctly parse the bootstrap 680 // token. 681 SyncEncryptionHandlerImpl handler2(user_share(), 682 &encryptor_, 683 std::string(), // Cryptographer bootstrap. 684 keystore_bootstrap); 685 686 { 687 WriteTransaction trans(FROM_HERE, user_share()); 688 EXPECT_FALSE(handler2.NeedKeystoreKey(trans.GetWrappedTrans())); 689 } 690 } 691 692 // Ensure GetKeystoreDecryptor only updates the keystore decryptor token if it 693 // wasn't already set properly. Otherwise, the decryptor should remain the 694 // same. 695 TEST_F(SyncEncryptionHandlerImplTest, GetKeystoreDecryptor) { 696 const char kCurKey[] = "cur"; 697 sync_pb::EncryptedData encrypted; 698 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 699 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 700 other_cryptographer.AddKey(cur_key); 701 EXPECT_TRUE(other_cryptographer.is_ready()); 702 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 703 other_cryptographer, 704 kKeystoreKey, 705 &encrypted)); 706 std::string serialized = encrypted.SerializeAsString(); 707 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 708 other_cryptographer, 709 kKeystoreKey, 710 &encrypted)); 711 EXPECT_EQ(serialized, encrypted.SerializeAsString()); 712 } 713 714 // Test that we don't attempt to migrate while an implicit passphrase is pending 715 // and that once we do decrypt pending keys we migrate the nigori. Once 716 // migrated, we should be in keystore passphrase state. 717 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptImplicitPass) { 718 const char kOtherKey[] = "other"; 719 { 720 EXPECT_CALL(*observer(), 721 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 722 ReadTransaction trans(FROM_HERE, user_share()); 723 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 724 kRawKeystoreKey), 725 trans.GetWrappedTrans()); 726 Mock::VerifyAndClearExpectations(observer()); 727 } 728 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 729 730 { 731 WriteTransaction trans(FROM_HERE, user_share()); 732 WriteNode nigori_node(&trans); 733 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 734 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 735 KeyParams other_key = {"localhost", "dummy", kOtherKey}; 736 other_cryptographer.AddKey(other_key); 737 738 sync_pb::NigoriSpecifics nigori; 739 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 740 nigori.set_keybag_is_frozen(false); 741 nigori.set_encrypt_everything(false); 742 EXPECT_CALL(*observer(), 743 OnCryptographerStateChanged(_)).Times(AnyNumber()); 744 EXPECT_CALL(*observer(), 745 OnPassphraseRequired(_, _)); 746 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 747 nigori_node.SetNigoriSpecifics(nigori); 748 } 749 // Run any tasks posted via AppplyNigoriUpdate. 750 PumpLoop(); 751 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 752 Mock::VerifyAndClearExpectations(observer()); 753 754 EXPECT_CALL(*observer(), 755 OnCryptographerStateChanged(_)).Times(AnyNumber()); 756 EXPECT_CALL(*observer(), 757 OnPassphraseAccepted()); 758 EXPECT_CALL(*observer(), 759 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 760 EXPECT_CALL(*observer(), 761 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 762 EXPECT_CALL(*observer(), 763 OnEncryptionComplete()); 764 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 765 encryption_handler()->SetDecryptionPassphrase(kOtherKey); 766 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 767 EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType()); 768 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kOtherKey); 769 } 770 771 // Test that we don't attempt to migrate while a custom passphrase is pending, 772 // and that once we do decrypt pending keys we migrate the nigori. Once 773 // migrated, we should be in custom passphrase state with encrypt everything. 774 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptCustomPass) { 775 const char kOtherKey[] = "other"; 776 { 777 EXPECT_CALL(*observer(), 778 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 779 ReadTransaction trans(FROM_HERE, user_share()); 780 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 781 kRawKeystoreKey), 782 trans.GetWrappedTrans()); 783 Mock::VerifyAndClearExpectations(observer()); 784 } 785 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 786 787 { 788 WriteTransaction trans(FROM_HERE, user_share()); 789 WriteNode nigori_node(&trans); 790 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 791 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 792 KeyParams other_key = {"localhost", "dummy", kOtherKey}; 793 other_cryptographer.AddKey(other_key); 794 795 sync_pb::NigoriSpecifics nigori; 796 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 797 nigori.set_keybag_is_frozen(true); 798 nigori.set_encrypt_everything(false); 799 EXPECT_CALL(*observer(), 800 OnCryptographerStateChanged(_)).Times(AnyNumber()); 801 EXPECT_CALL(*observer(), 802 OnPassphraseRequired(_, _)); 803 EXPECT_CALL(*observer(), 804 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 805 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 806 nigori_node.SetNigoriSpecifics(nigori); 807 } 808 // Run any tasks posted via AppplyNigoriUpdate. 809 PumpLoop(); 810 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 811 Mock::VerifyAndClearExpectations(observer()); 812 813 EXPECT_CALL(*observer(), 814 OnCryptographerStateChanged(_)).Times(AnyNumber()); 815 EXPECT_CALL(*observer(), 816 OnPassphraseAccepted()); 817 EXPECT_CALL(*observer(), 818 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 819 EXPECT_CALL(*observer(), 820 OnEncryptedTypesChanged(_, true)); 821 EXPECT_CALL(*observer(), 822 OnEncryptionComplete()).Times(2); 823 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 824 encryption_handler()->SetDecryptionPassphrase(kOtherKey); 825 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 826 EXPECT_EQ(CUSTOM_PASSPHRASE, encryption_handler()->GetPassphraseType()); 827 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kOtherKey); 828 } 829 830 // Test that we trigger a migration when we set the keystore key, had an 831 // implicit passphrase, and did not have encrypt everything. We should switch 832 // to KEYSTORE_PASSPHRASE. 833 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnKeystoreKeyAvailableImplicit) { 834 const char kCurKey[] = "cur"; 835 KeyParams current_key = {"localhost", "dummy", kCurKey}; 836 GetCryptographer()->AddKey(current_key); 837 EXPECT_CALL(*observer(), 838 OnCryptographerStateChanged(_)).Times(AnyNumber()); 839 EXPECT_CALL(*observer(), 840 OnEncryptedTypesChanged(_, false)); 841 EXPECT_CALL(*observer(), 842 OnEncryptionComplete()); 843 encryption_handler()->Init(); 844 Mock::VerifyAndClearExpectations(observer()); 845 846 { 847 ReadTransaction trans(FROM_HERE, user_share()); 848 // Once we provide a keystore key, we should perform the migration. 849 EXPECT_CALL(*observer(), 850 OnCryptographerStateChanged(_)).Times(AnyNumber()); 851 EXPECT_CALL(*observer(), 852 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 853 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 854 kRawKeystoreKey), 855 trans.GetWrappedTrans()); 856 } 857 EXPECT_CALL(*observer(), 858 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 859 // The actual migration gets posted, so run all pending tasks. 860 PumpLoop(); 861 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 862 EXPECT_EQ(KEYSTORE_PASSPHRASE, 863 encryption_handler()->GetPassphraseType()); 864 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 865 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey); 866 } 867 868 // Test that we trigger a migration when we set the keystore key, had an 869 // implicit passphrase, and encrypt everything enabled. We should switch to 870 // FROZEN_IMPLICIT_PASSPHRASE. 871 TEST_F(SyncEncryptionHandlerImplTest, 872 MigrateOnKeystoreKeyAvailableFrozenImplicit) { 873 const char kCurKey[] = "cur"; 874 KeyParams current_key = {"localhost", "dummy", kCurKey}; 875 GetCryptographer()->AddKey(current_key); 876 EXPECT_CALL(*observer(), 877 OnCryptographerStateChanged(_)).Times(AnyNumber()); 878 EXPECT_CALL(*observer(), 879 OnEncryptedTypesChanged(_, false)); 880 EXPECT_CALL(*observer(), 881 OnEncryptionComplete()); 882 encryption_handler()->Init(); 883 Mock::VerifyAndClearExpectations(observer()); 884 885 EXPECT_CALL(*observer(), 886 OnEncryptedTypesChanged(_, true)); 887 EXPECT_CALL(*observer(), 888 OnEncryptionComplete()); 889 encryption_handler()->EnableEncryptEverything(); 890 891 { 892 ReadTransaction trans(FROM_HERE, user_share()); 893 // Once we provide a keystore key, we should perform the migration. 894 EXPECT_CALL(*observer(), 895 OnCryptographerStateChanged(_)).Times(AnyNumber()); 896 EXPECT_CALL(*observer(), 897 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 898 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 899 kRawKeystoreKey), 900 trans.GetWrappedTrans()); 901 } 902 EXPECT_CALL(*observer(), 903 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _)); 904 // The actual migration gets posted, so run all pending tasks. 905 PumpLoop(); 906 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 907 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE, 908 encryption_handler()->GetPassphraseType()); 909 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 910 VerifyMigratedNigori(FROZEN_IMPLICIT_PASSPHRASE, kCurKey); 911 } 912 913 // Test that we trigger a migration when we set the keystore key, had a 914 // custom passphrase, and encrypt everything enabled. The passphrase state 915 // should remain as CUSTOM_PASSPHRASE, and encrypt everything stay the same. 916 TEST_F(SyncEncryptionHandlerImplTest, 917 MigrateOnKeystoreKeyAvailableCustomWithEncryption) { 918 const char kCurKey[] = "cur"; 919 EXPECT_CALL(*observer(), 920 OnCryptographerStateChanged(_)).Times(AnyNumber()); 921 EXPECT_CALL(*observer(), 922 OnPassphraseRequired(_, _)); 923 EXPECT_CALL(*observer(), 924 OnPassphraseAccepted()); 925 EXPECT_CALL(*observer(), 926 OnEncryptedTypesChanged(_, false)); 927 EXPECT_CALL(*observer(), 928 OnEncryptionComplete()); 929 EXPECT_CALL(*observer(), 930 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 931 EXPECT_CALL(*observer(), 932 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 933 encryption_handler()->Init(); 934 encryption_handler()->SetEncryptionPassphrase(kCurKey, true); 935 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null()); 936 Mock::VerifyAndClearExpectations(observer()); 937 938 EXPECT_CALL(*observer(), 939 OnEncryptedTypesChanged(_, true)); 940 EXPECT_CALL(*observer(), 941 OnEncryptionComplete()); 942 encryption_handler()->EnableEncryptEverything(); 943 Mock::VerifyAndClearExpectations(observer()); 944 945 { 946 ReadTransaction trans(FROM_HERE, user_share()); 947 // Once we provide a keystore key, we should perform the migration. 948 EXPECT_CALL(*observer(), 949 OnCryptographerStateChanged(_)).Times(AnyNumber()); 950 EXPECT_CALL(*observer(), 951 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 952 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 953 kRawKeystoreKey), 954 trans.GetWrappedTrans()); 955 } 956 // The actual migration gets posted, so run all pending tasks. 957 PumpLoop(); 958 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 959 EXPECT_EQ(CUSTOM_PASSPHRASE, 960 encryption_handler()->GetPassphraseType()); 961 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 962 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCurKey); 963 } 964 965 // Test that we trigger a migration when we set the keystore key, had a 966 // custom passphrase, and did not have encrypt everything. The passphrase state 967 // should remain as CUSTOM_PASSPHRASE, and encrypt everything should be enabled. 968 TEST_F(SyncEncryptionHandlerImplTest, 969 MigrateOnKeystoreKeyAvailableCustomNoEncryption) { 970 const char kCurKey[] = "cur"; 971 EXPECT_CALL(*observer(), 972 OnCryptographerStateChanged(_)).Times(AnyNumber()); 973 EXPECT_CALL(*observer(), 974 OnPassphraseRequired(_, _)); 975 EXPECT_CALL(*observer(), 976 OnPassphraseAccepted()); 977 EXPECT_CALL(*observer(), 978 OnEncryptedTypesChanged(_, false)); 979 EXPECT_CALL(*observer(), 980 OnEncryptionComplete()); 981 EXPECT_CALL(*observer(), 982 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 983 EXPECT_CALL(*observer(), 984 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 985 encryption_handler()->Init(); 986 encryption_handler()->SetEncryptionPassphrase(kCurKey, true); 987 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null()); 988 Mock::VerifyAndClearExpectations(observer()); 989 990 { 991 ReadTransaction trans(FROM_HERE, user_share()); 992 // Once we provide a keystore key, we should perform the migration. 993 EXPECT_CALL(*observer(), 994 OnCryptographerStateChanged(_)).Times(AnyNumber()); 995 EXPECT_CALL(*observer(), 996 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 997 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 998 kRawKeystoreKey), 999 trans.GetWrappedTrans()); 1000 } 1001 EXPECT_CALL(*observer(), 1002 OnEncryptedTypesChanged(_, true)); 1003 EXPECT_CALL(*observer(), 1004 OnEncryptionComplete()); 1005 // The actual migration gets posted, so run all pending tasks. 1006 PumpLoop(); 1007 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1008 EXPECT_EQ(CUSTOM_PASSPHRASE, 1009 encryption_handler()->GetPassphraseType()); 1010 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1011 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCurKey); 1012 } 1013 1014 // Test that we can handle receiving a migrated nigori node in the 1015 // KEYSTORE_PASS state, and use the keystore decryptor token to decrypt the 1016 // keybag. 1017 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriKeystorePass) { 1018 const char kCurKey[] = "cur"; 1019 sync_pb::EncryptedData keystore_decryptor_token; 1020 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1021 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1022 other_cryptographer.AddKey(cur_key); 1023 EXPECT_TRUE(other_cryptographer.is_ready()); 1024 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 1025 other_cryptographer, 1026 kKeystoreKey, 1027 &keystore_decryptor_token)); 1028 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 1029 EXPECT_FALSE(GetCryptographer()->is_ready()); 1030 EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1031 1032 // Now build a nigori node with the generated keystore decryptor token and 1033 // initialize the encryption handler with it. The cryptographer should be 1034 // initialized properly to decrypt both kCurKey and kKeystoreKey. 1035 { 1036 WriteTransaction trans(FROM_HERE, user_share()); 1037 WriteNode nigori_node(&trans); 1038 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1039 sync_pb::NigoriSpecifics nigori; 1040 nigori.mutable_keystore_decryptor_token()->CopyFrom( 1041 keystore_decryptor_token); 1042 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1043 nigori.set_keybag_is_frozen(true); 1044 nigori.set_keystore_migration_time(1); 1045 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1046 1047 EXPECT_CALL(*observer(), OnPassphraseAccepted()); 1048 EXPECT_CALL(*observer(), 1049 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1050 EXPECT_CALL(*observer(), 1051 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1052 EXPECT_CALL(*observer(), 1053 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 1054 EXPECT_CALL(*observer(), 1055 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1056 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1057 kRawKeystoreKey), 1058 trans.GetWrappedTrans()); 1059 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 1060 nigori_node.SetNigoriSpecifics(nigori); 1061 } 1062 // Run any tasks posted via AppplyNigoriUpdate. 1063 PumpLoop(); 1064 Mock::VerifyAndClearExpectations(observer()); 1065 1066 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1067 EXPECT_TRUE(GetCryptographer()->is_ready()); 1068 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1069 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1070 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kCurKey); 1071 1072 // Check that the cryptographer still encrypts with the current key. 1073 sync_pb::EncryptedData current_encrypted; 1074 other_cryptographer.EncryptString("string", ¤t_encrypted); 1075 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted)); 1076 1077 // Check that the cryptographer can decrypt keystore key based encryption. 1078 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1079 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1080 keystore_cryptographer.AddKey(keystore_key); 1081 sync_pb::EncryptedData keystore_encrypted; 1082 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1083 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1084 } 1085 1086 // Test that we handle receiving migrated nigori's with 1087 // FROZEN_IMPLICIT_PASSPHRASE state. We should be in a pending key state until 1088 // we supply the pending frozen implicit passphrase key. 1089 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriFrozenImplicitPass) { 1090 const char kCurKey[] = "cur"; 1091 sync_pb::EncryptedData encrypted; 1092 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1093 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1094 other_cryptographer.AddKey(cur_key); 1095 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 1096 1097 { 1098 EXPECT_CALL(*observer(), 1099 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1100 ReadTransaction trans(FROM_HERE, user_share()); 1101 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1102 kRawKeystoreKey), 1103 trans.GetWrappedTrans()); 1104 } 1105 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 1106 1107 { 1108 EXPECT_CALL(*observer(), 1109 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _)); 1110 EXPECT_CALL(*observer(), 1111 OnPassphraseRequired(_, _)); 1112 EXPECT_CALL(*observer(), 1113 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1114 EXPECT_CALL(*observer(), 1115 OnEncryptedTypesChanged(_, true)); 1116 WriteTransaction trans(FROM_HERE, user_share()); 1117 WriteNode nigori_node(&trans); 1118 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1119 sync_pb::NigoriSpecifics nigori; 1120 nigori.set_keybag_is_frozen(true); 1121 nigori.set_passphrase_type( 1122 sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE); 1123 nigori.set_keystore_migration_time(1); 1124 nigori.set_encrypt_everything(true); 1125 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1126 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 1127 nigori_node.SetNigoriSpecifics(nigori); 1128 } 1129 // Run any tasks posted via AppplyNigoriUpdate. 1130 PumpLoop(); 1131 Mock::VerifyAndClearExpectations(observer()); 1132 1133 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1134 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE, 1135 encryption_handler()->GetPassphraseType()); 1136 EXPECT_TRUE(GetCryptographer()->has_pending_keys()); 1137 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1138 1139 EXPECT_CALL(*observer(), 1140 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1141 EXPECT_CALL(*observer(), 1142 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1143 EXPECT_CALL(*observer(), 1144 OnEncryptionComplete()); 1145 EXPECT_CALL(*observer(), 1146 OnPassphraseAccepted()); 1147 encryption_handler()->SetDecryptionPassphrase(kCurKey); 1148 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1149 EXPECT_TRUE(GetCryptographer()->is_ready()); 1150 VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE, kCurKey); 1151 1152 // Check that the cryptographer still encrypts with the current key. 1153 sync_pb::EncryptedData current_encrypted; 1154 other_cryptographer.EncryptString("string", ¤t_encrypted); 1155 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted)); 1156 1157 // Check that the cryptographer can decrypt keystore key based encryption. 1158 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1159 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1160 keystore_cryptographer.AddKey(keystore_key); 1161 sync_pb::EncryptedData keystore_encrypted; 1162 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1163 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1164 } 1165 1166 // Test that we handle receiving migrated nigori's with 1167 // CUSTOM_PASSPHRASE state. We should be in a pending key state until we 1168 // provide the custom passphrase key. 1169 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriCustomPass) { 1170 const char kCurKey[] = "cur"; 1171 sync_pb::EncryptedData encrypted; 1172 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1173 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1174 other_cryptographer.AddKey(cur_key); 1175 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 1176 1177 { 1178 EXPECT_CALL(*observer(), 1179 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1180 ReadTransaction trans(FROM_HERE, user_share()); 1181 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1182 kRawKeystoreKey), 1183 trans.GetWrappedTrans()); 1184 } 1185 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 1186 1187 { 1188 EXPECT_CALL(*observer(), 1189 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 1190 EXPECT_CALL(*observer(), 1191 OnPassphraseRequired(_, _)); 1192 EXPECT_CALL(*observer(), 1193 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1194 EXPECT_CALL(*observer(), 1195 OnEncryptedTypesChanged(_, true)); 1196 WriteTransaction trans(FROM_HERE, user_share()); 1197 WriteNode nigori_node(&trans); 1198 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1199 sync_pb::NigoriSpecifics nigori; 1200 nigori.set_keybag_is_frozen(true); 1201 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE); 1202 nigori.set_keystore_migration_time(1); 1203 nigori.set_encrypt_everything(true); 1204 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1205 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 1206 nigori_node.SetNigoriSpecifics(nigori); 1207 } 1208 // Run any tasks posted via AppplyNigoriUpdate. 1209 PumpLoop(); 1210 Mock::VerifyAndClearExpectations(observer()); 1211 1212 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1213 EXPECT_EQ(CUSTOM_PASSPHRASE, encryption_handler()->GetPassphraseType()); 1214 EXPECT_TRUE(GetCryptographer()->has_pending_keys()); 1215 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1216 1217 EXPECT_CALL(*observer(), 1218 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1219 EXPECT_CALL(*observer(), 1220 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1221 EXPECT_CALL(*observer(), 1222 OnEncryptionComplete()); 1223 EXPECT_CALL(*observer(), 1224 OnPassphraseAccepted()); 1225 encryption_handler()->SetDecryptionPassphrase(kCurKey); 1226 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1227 EXPECT_TRUE(GetCryptographer()->is_ready()); 1228 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey); 1229 1230 // Check that the cryptographer still encrypts with the current key. 1231 sync_pb::EncryptedData current_encrypted; 1232 other_cryptographer.EncryptString("string", ¤t_encrypted); 1233 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted)); 1234 1235 // Check that the cryptographer can decrypt keystore key based encryption. 1236 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1237 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1238 keystore_cryptographer.AddKey(keystore_key); 1239 sync_pb::EncryptedData keystore_encrypted; 1240 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1241 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1242 } 1243 1244 // Test that if we have a migrated nigori with a custom passphrase, then receive 1245 // and old implicit passphrase nigori, we properly overwrite it with the current 1246 // state. 1247 TEST_F(SyncEncryptionHandlerImplTest, ReceiveUnmigratedNigoriAfterMigration) { 1248 const char kOldKey[] = "old"; 1249 const char kCurKey[] = "cur"; 1250 sync_pb::EncryptedData encrypted; 1251 KeyParams old_key = {"localhost", "dummy", kOldKey}; 1252 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1253 GetCryptographer()->AddKey(old_key); 1254 GetCryptographer()->AddKey(cur_key); 1255 1256 // Build a migrated nigori with full encryption. 1257 { 1258 WriteTransaction trans(FROM_HERE, user_share()); 1259 WriteNode nigori_node(&trans); 1260 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1261 sync_pb::NigoriSpecifics nigori; 1262 GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag()); 1263 nigori.set_keybag_is_frozen(true); 1264 nigori.set_keystore_migration_time(1); 1265 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE); 1266 nigori.set_encrypt_everything(true); 1267 nigori_node.SetNigoriSpecifics(nigori); 1268 } 1269 1270 EXPECT_CALL(*observer(), 1271 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 1272 EXPECT_CALL(*observer(), 1273 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1274 EXPECT_CALL(*observer(), 1275 OnEncryptedTypesChanged(_, true)).Times(2); 1276 EXPECT_CALL(*observer(), 1277 OnEncryptionComplete()); 1278 encryption_handler()->Init(); 1279 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1280 EXPECT_TRUE(GetCryptographer()->is_ready()); 1281 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE); 1282 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1283 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey); 1284 1285 { 1286 EXPECT_CALL(*observer(), 1287 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1288 ReadTransaction trans(FROM_HERE, user_share()); 1289 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1290 kRawKeystoreKey), 1291 trans.GetWrappedTrans()); 1292 } 1293 Mock::VerifyAndClearExpectations(observer()); 1294 1295 // Now build an old unmigrated nigori node with old encrypted types. We should 1296 // properly overwrite it with the migrated + encrypt everything state. 1297 EXPECT_CALL(*observer(), 1298 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1299 EXPECT_CALL(*observer(), OnEncryptionComplete()); 1300 { 1301 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1302 other_cryptographer.AddKey(old_key); 1303 WriteTransaction trans(FROM_HERE, user_share()); 1304 WriteNode nigori_node(&trans); 1305 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1306 sync_pb::NigoriSpecifics nigori; 1307 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1308 nigori.set_keybag_is_frozen(false); 1309 nigori.set_encrypt_everything(false); 1310 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 1311 nigori_node.SetNigoriSpecifics(nigori); 1312 } 1313 PumpLoop(); 1314 1315 // Verify we're still migrated and have proper encryption state. 1316 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1317 EXPECT_TRUE(GetCryptographer()->is_ready()); 1318 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE); 1319 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1320 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey); 1321 } 1322 1323 // Test that if we have a migrated nigori with a custom passphrase, then receive 1324 // a migrated nigori with a keystore passphrase, we properly overwrite it with 1325 // the current state. 1326 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldMigratedNigori) { 1327 const char kOldKey[] = "old"; 1328 const char kCurKey[] = "cur"; 1329 sync_pb::EncryptedData encrypted; 1330 KeyParams old_key = {"localhost", "dummy", kOldKey}; 1331 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1332 GetCryptographer()->AddKey(old_key); 1333 GetCryptographer()->AddKey(cur_key); 1334 1335 // Build a migrated nigori with full encryption. 1336 { 1337 WriteTransaction trans(FROM_HERE, user_share()); 1338 WriteNode nigori_node(&trans); 1339 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1340 sync_pb::NigoriSpecifics nigori; 1341 GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag()); 1342 nigori.set_keybag_is_frozen(true); 1343 nigori.set_keystore_migration_time(1); 1344 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE); 1345 nigori.set_encrypt_everything(true); 1346 nigori_node.SetNigoriSpecifics(nigori); 1347 } 1348 1349 EXPECT_CALL(*observer(), 1350 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 1351 EXPECT_CALL(*observer(), 1352 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1353 EXPECT_CALL(*observer(), 1354 OnEncryptedTypesChanged(_, true)).Times(2); 1355 EXPECT_CALL(*observer(), 1356 OnEncryptionComplete()); 1357 encryption_handler()->Init(); 1358 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1359 EXPECT_TRUE(GetCryptographer()->is_ready()); 1360 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE); 1361 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1362 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey); 1363 1364 { 1365 EXPECT_CALL(*observer(), 1366 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1367 ReadTransaction trans(FROM_HERE, user_share()); 1368 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1369 kRawKeystoreKey), 1370 trans.GetWrappedTrans()); 1371 } 1372 Mock::VerifyAndClearExpectations(observer()); 1373 1374 // Now build an old keystore nigori node with old encrypted types. We should 1375 // properly overwrite it with the migrated + encrypt everything state. 1376 EXPECT_CALL(*observer(), 1377 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1378 EXPECT_CALL(*observer(), OnEncryptionComplete()); 1379 { 1380 WriteTransaction trans(FROM_HERE, user_share()); 1381 WriteNode nigori_node(&trans); 1382 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1383 sync_pb::NigoriSpecifics nigori; 1384 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1385 other_cryptographer.AddKey(old_key); 1386 encryption_handler()->GetKeystoreDecryptor( 1387 other_cryptographer, 1388 kKeystoreKey, 1389 nigori.mutable_keystore_decryptor_token()); 1390 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1391 nigori.set_keybag_is_frozen(true); 1392 nigori.set_encrypt_everything(false); 1393 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1394 nigori.set_keystore_migration_time(1); 1395 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 1396 nigori_node.SetNigoriSpecifics(nigori); 1397 } 1398 PumpLoop(); 1399 1400 // Verify we're still migrated and have proper encryption state. 1401 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1402 EXPECT_TRUE(GetCryptographer()->is_ready()); 1403 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE); 1404 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1405 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey); 1406 } 1407 1408 // Test that if we receive the keystore key after receiving a migrated nigori 1409 // node, we properly use the keystore decryptor token to decrypt the keybag. 1410 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreAfterReceivingMigratedNigori) { 1411 const char kCurKey[] = "cur"; 1412 sync_pb::EncryptedData keystore_decryptor_token; 1413 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1414 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1415 other_cryptographer.AddKey(cur_key); 1416 EXPECT_TRUE(other_cryptographer.is_ready()); 1417 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 1418 other_cryptographer, 1419 kKeystoreKey, 1420 &keystore_decryptor_token)); 1421 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 1422 EXPECT_FALSE(GetCryptographer()->is_ready()); 1423 EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1424 1425 // Now build a nigori node with the generated keystore decryptor token and 1426 // initialize the encryption handler with it. The cryptographer should be 1427 // initialized properly to decrypt both kCurKey and kKeystoreKey. 1428 { 1429 WriteTransaction trans(FROM_HERE, user_share()); 1430 WriteNode nigori_node(&trans); 1431 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1432 sync_pb::NigoriSpecifics nigori; 1433 nigori.mutable_keystore_decryptor_token()->CopyFrom( 1434 keystore_decryptor_token); 1435 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1436 nigori.set_keybag_is_frozen(true); 1437 nigori.set_keystore_migration_time(1); 1438 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1439 1440 EXPECT_CALL(*observer(), 1441 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 1442 EXPECT_CALL(*observer(), 1443 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1444 EXPECT_CALL(*observer(), 1445 OnPassphraseRequired(_, _)); 1446 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 1447 nigori_node.SetNigoriSpecifics(nigori); 1448 } 1449 // Run any tasks posted via AppplyNigoriUpdate. 1450 PumpLoop(); 1451 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1452 EXPECT_TRUE(GetCryptographer()->has_pending_keys()); 1453 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1454 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1455 Mock::VerifyAndClearExpectations(observer()); 1456 1457 EXPECT_CALL(*observer(), OnPassphraseAccepted()); 1458 EXPECT_CALL(*observer(), 1459 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1460 EXPECT_CALL(*observer(), 1461 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1462 { 1463 EXPECT_CALL(*observer(), 1464 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1465 ReadTransaction trans(FROM_HERE, user_share()); 1466 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1467 kRawKeystoreKey), 1468 trans.GetWrappedTrans()); 1469 } 1470 PumpLoop(); 1471 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1472 EXPECT_TRUE(GetCryptographer()->is_ready()); 1473 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1474 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1475 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kCurKey); 1476 1477 // Check that the cryptographer still encrypts with the current key. 1478 sync_pb::EncryptedData current_encrypted; 1479 other_cryptographer.EncryptString("string", ¤t_encrypted); 1480 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted)); 1481 1482 // Check that the cryptographer can decrypt keystore key based encryption. 1483 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1484 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1485 keystore_cryptographer.AddKey(keystore_key); 1486 sync_pb::EncryptedData keystore_encrypted; 1487 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1488 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1489 } 1490 1491 // Test that after receiving a migrated nigori and decrypting it using the 1492 // keystore key, we can then switch to a custom passphrase. The nigori should 1493 // remain migrated and encrypt everything should be enabled. 1494 TEST_F(SyncEncryptionHandlerImplTest, SetCustomPassAfterMigration) { 1495 const char kOldKey[] = "old"; 1496 sync_pb::EncryptedData keystore_decryptor_token; 1497 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1498 KeyParams cur_key = {"localhost", "dummy", kOldKey}; 1499 other_cryptographer.AddKey(cur_key); 1500 EXPECT_TRUE(other_cryptographer.is_ready()); 1501 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 1502 other_cryptographer, 1503 kKeystoreKey, 1504 &keystore_decryptor_token)); 1505 1506 // Build a nigori node with the generated keystore decryptor token and 1507 // initialize the encryption handler with it. The cryptographer should be 1508 // initialized properly to decrypt both kOldKey and kKeystoreKey. 1509 { 1510 WriteTransaction trans(FROM_HERE, user_share()); 1511 WriteNode nigori_node(&trans); 1512 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1513 sync_pb::NigoriSpecifics nigori; 1514 nigori.mutable_keystore_decryptor_token()->CopyFrom( 1515 keystore_decryptor_token); 1516 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1517 nigori.set_keybag_is_frozen(true); 1518 nigori.set_keystore_migration_time(1); 1519 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1520 nigori_node.SetNigoriSpecifics(nigori); 1521 EXPECT_CALL(*observer(), 1522 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1523 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1524 kRawKeystoreKey), 1525 trans.GetWrappedTrans()); 1526 } 1527 1528 EXPECT_CALL(*observer(), OnPassphraseAccepted()); 1529 EXPECT_CALL(*observer(), 1530 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 1531 EXPECT_CALL(*observer(), 1532 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1533 EXPECT_CALL(*observer(), 1534 OnEncryptedTypesChanged(_, false)); 1535 EXPECT_CALL(*observer(), 1536 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1537 EXPECT_CALL(*observer(), 1538 OnEncryptionComplete()); 1539 encryption_handler()->Init(); 1540 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1541 EXPECT_TRUE(GetCryptographer()->is_ready()); 1542 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1543 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1544 Mock::VerifyAndClearExpectations(observer()); 1545 1546 const char kNewKey[] = "new_key"; 1547 EXPECT_CALL(*observer(), 1548 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1549 EXPECT_CALL(*observer(), 1550 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 1551 EXPECT_CALL(*observer(), 1552 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1553 EXPECT_CALL(*observer(), 1554 OnPassphraseAccepted()); 1555 EXPECT_CALL(*observer(), 1556 OnEncryptedTypesChanged(_, true)); 1557 EXPECT_CALL(*observer(), 1558 OnEncryptionComplete()).Times(2); 1559 encryption_handler()->SetEncryptionPassphrase(kNewKey, true); 1560 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1561 EXPECT_TRUE(GetCryptographer()->is_ready()); 1562 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE); 1563 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1564 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null()); 1565 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kNewKey); 1566 1567 // Check that the cryptographer can decrypt the old key. 1568 sync_pb::EncryptedData old_encrypted; 1569 other_cryptographer.EncryptString("string", &old_encrypted); 1570 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted)); 1571 1572 // Check that the cryptographer can decrypt keystore key based encryption. 1573 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1574 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1575 keystore_cryptographer.AddKey(keystore_key); 1576 sync_pb::EncryptedData keystore_encrypted; 1577 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1578 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1579 1580 // Check the the cryptographer is encrypting with the new key. 1581 KeyParams new_key = {"localhost", "dummy", kNewKey}; 1582 Cryptographer new_cryptographer(GetCryptographer()->encryptor()); 1583 new_cryptographer.AddKey(new_key); 1584 sync_pb::EncryptedData new_encrypted; 1585 new_cryptographer.EncryptString("string", &new_encrypted); 1586 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted)); 1587 } 1588 1589 // Test that if a client without a keystore key (e.g. one without keystore 1590 // encryption enabled) receives a migrated nigori and then attempts to set a 1591 // custom passphrase, it also enables encrypt everything. The nigori node 1592 // should remain migrated. 1593 TEST_F(SyncEncryptionHandlerImplTest, 1594 SetCustomPassAfterMigrationNoKeystoreKey) { 1595 const char kOldKey[] = "old"; 1596 sync_pb::EncryptedData keystore_decryptor_token; 1597 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1598 KeyParams cur_key = {"localhost", "dummy", kOldKey}; 1599 other_cryptographer.AddKey(cur_key); 1600 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1601 other_cryptographer.AddNonDefaultKey(keystore_key); 1602 EXPECT_TRUE(other_cryptographer.is_ready()); 1603 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 1604 other_cryptographer, 1605 kKeystoreKey, 1606 &keystore_decryptor_token)); 1607 1608 // Build a nigori node with the generated keystore decryptor token and 1609 // initialize the encryption handler with it. The cryptographer will have 1610 // pending keys until we provide the decryption passphrase. 1611 { 1612 WriteTransaction trans(FROM_HERE, user_share()); 1613 WriteNode nigori_node(&trans); 1614 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1615 sync_pb::NigoriSpecifics nigori; 1616 nigori.mutable_keystore_decryptor_token()->CopyFrom( 1617 keystore_decryptor_token); 1618 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1619 nigori.set_keybag_is_frozen(true); 1620 nigori.set_keystore_migration_time(1); 1621 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1622 nigori_node.SetNigoriSpecifics(nigori); 1623 } 1624 1625 EXPECT_CALL(*observer(), 1626 OnPassphraseRequired(_, _)); 1627 EXPECT_CALL(*observer(), 1628 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 1629 EXPECT_CALL(*observer(), 1630 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1631 EXPECT_CALL(*observer(), 1632 OnEncryptedTypesChanged(_, false)); 1633 encryption_handler()->Init(); 1634 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1635 EXPECT_TRUE(GetCryptographer()->has_pending_keys()); 1636 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1637 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1638 Mock::VerifyAndClearExpectations(observer()); 1639 1640 EXPECT_CALL(*observer(), 1641 OnPassphraseAccepted()); 1642 EXPECT_CALL(*observer(), 1643 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1644 EXPECT_CALL(*observer(), 1645 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1646 EXPECT_CALL(*observer(), 1647 OnEncryptionComplete()); 1648 encryption_handler()->SetDecryptionPassphrase(kOldKey); 1649 EXPECT_TRUE(GetCryptographer()->is_ready()); 1650 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1651 Mock::VerifyAndClearExpectations(observer()); 1652 1653 const char kNewKey[] = "new_key"; 1654 EXPECT_CALL(*observer(), 1655 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1656 EXPECT_CALL(*observer(), 1657 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _)); 1658 EXPECT_CALL(*observer(), 1659 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1660 EXPECT_CALL(*observer(), 1661 OnPassphraseAccepted()); 1662 EXPECT_CALL(*observer(), 1663 OnEncryptedTypesChanged(_, true)); 1664 EXPECT_CALL(*observer(), 1665 OnEncryptionComplete()).Times(2); 1666 encryption_handler()->SetEncryptionPassphrase(kNewKey, true); 1667 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1668 EXPECT_TRUE(GetCryptographer()->is_ready()); 1669 EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE); 1670 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1671 EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null()); 1672 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kNewKey); 1673 1674 // Check that the cryptographer can decrypt the old key. 1675 sync_pb::EncryptedData old_encrypted; 1676 other_cryptographer.EncryptString("string", &old_encrypted); 1677 EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted)); 1678 1679 // Check that the cryptographer can still decrypt keystore key based 1680 // encryption (should have been extracted from the encryption keybag). 1681 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1682 keystore_cryptographer.AddKey(keystore_key); 1683 sync_pb::EncryptedData keystore_encrypted; 1684 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1685 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1686 1687 // Check the the cryptographer is encrypting with the new key. 1688 KeyParams new_key = {"localhost", "dummy", kNewKey}; 1689 Cryptographer new_cryptographer(GetCryptographer()->encryptor()); 1690 new_cryptographer.AddKey(new_key); 1691 sync_pb::EncryptedData new_encrypted; 1692 new_cryptographer.EncryptString("string", &new_encrypted); 1693 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted)); 1694 } 1695 1696 // Test that if a client without a keystore key (e.g. one without keystore 1697 // encryption enabled) receives a migrated nigori and then attempts to set a 1698 // new implicit passphrase, we do not modify the nigori node (the implicit 1699 // passphrase is dropped). 1700 TEST_F(SyncEncryptionHandlerImplTest, 1701 SetImplicitPassAfterMigrationNoKeystoreKey) { 1702 const char kOldKey[] = "old"; 1703 sync_pb::EncryptedData keystore_decryptor_token; 1704 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1705 KeyParams cur_key = {"localhost", "dummy", kOldKey}; 1706 other_cryptographer.AddKey(cur_key); 1707 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1708 other_cryptographer.AddNonDefaultKey(keystore_key); 1709 EXPECT_TRUE(other_cryptographer.is_ready()); 1710 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 1711 other_cryptographer, 1712 kKeystoreKey, 1713 &keystore_decryptor_token)); 1714 1715 // Build a nigori node with the generated keystore decryptor token and 1716 // initialize the encryption handler with it. The cryptographer will have 1717 // pending keys until we provide the decryption passphrase. 1718 { 1719 WriteTransaction trans(FROM_HERE, user_share()); 1720 WriteNode nigori_node(&trans); 1721 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1722 sync_pb::NigoriSpecifics nigori; 1723 nigori.mutable_keystore_decryptor_token()->CopyFrom( 1724 keystore_decryptor_token); 1725 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1726 nigori.set_keybag_is_frozen(true); 1727 nigori.set_keystore_migration_time(1); 1728 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1729 nigori_node.SetNigoriSpecifics(nigori); 1730 } 1731 1732 EXPECT_CALL(*observer(), 1733 OnPassphraseRequired(_, _)); 1734 EXPECT_CALL(*observer(), 1735 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 1736 EXPECT_CALL(*observer(), 1737 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1738 EXPECT_CALL(*observer(), 1739 OnEncryptedTypesChanged(_, false)); 1740 encryption_handler()->Init(); 1741 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1742 EXPECT_TRUE(GetCryptographer()->has_pending_keys()); 1743 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1744 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1745 Mock::VerifyAndClearExpectations(observer()); 1746 1747 EXPECT_CALL(*observer(), 1748 OnPassphraseAccepted()); 1749 EXPECT_CALL(*observer(), 1750 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1751 EXPECT_CALL(*observer(), 1752 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1753 EXPECT_CALL(*observer(), 1754 OnEncryptionComplete()); 1755 encryption_handler()->SetDecryptionPassphrase(kOldKey); 1756 EXPECT_TRUE(GetCryptographer()->is_ready()); 1757 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1758 Mock::VerifyAndClearExpectations(observer()); 1759 1760 // Should get dropped on the floor silently. 1761 const char kNewKey[] = "new_key"; 1762 encryption_handler()->SetEncryptionPassphrase(kNewKey, false); 1763 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1764 EXPECT_TRUE(GetCryptographer()->is_ready()); 1765 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1766 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1767 VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kOldKey); 1768 1769 // Check that the cryptographer can decrypt the old key. 1770 sync_pb::EncryptedData old_encrypted; 1771 other_cryptographer.EncryptString("string", &old_encrypted); 1772 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(old_encrypted)); 1773 1774 // Check that the cryptographer can still decrypt keystore key based 1775 // encryption (due to extracting the keystore key from the encryption keybag). 1776 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1777 keystore_cryptographer.AddKey(keystore_key); 1778 sync_pb::EncryptedData keystore_encrypted; 1779 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1780 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1781 1782 // Check the the cryptographer does not have the new key. 1783 KeyParams new_key = {"localhost", "dummy", kNewKey}; 1784 Cryptographer new_cryptographer(GetCryptographer()->encryptor()); 1785 new_cryptographer.AddKey(new_key); 1786 sync_pb::EncryptedData new_encrypted; 1787 new_cryptographer.EncryptString("string", &new_encrypted); 1788 EXPECT_FALSE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted)); 1789 } 1790 1791 // Test that if a client without a keystore key (e.g. one without keystore 1792 // encryption enabled) receives a migrated nigori in keystore passphrase state 1793 // and then attempts to enable encrypt everything, we switch to a custom 1794 // passphrase. The nigori should remain migrated. 1795 TEST_F(SyncEncryptionHandlerImplTest, 1796 MigrateOnEncryptEverythingKeystorePassphrase) { 1797 const char kCurKey[] = "cur"; 1798 sync_pb::EncryptedData keystore_decryptor_token; 1799 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1800 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1801 other_cryptographer.AddKey(cur_key); 1802 KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey}; 1803 other_cryptographer.AddNonDefaultKey(keystore_key); 1804 EXPECT_TRUE(other_cryptographer.is_ready()); 1805 EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor( 1806 other_cryptographer, 1807 kKeystoreKey, 1808 &keystore_decryptor_token)); 1809 1810 // Build a nigori node with the generated keystore decryptor token and 1811 // initialize the encryption handler with it. The cryptographer will have 1812 // pending keys until we provide the decryption passphrase. 1813 { 1814 WriteTransaction trans(FROM_HERE, user_share()); 1815 WriteNode nigori_node(&trans); 1816 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1817 sync_pb::NigoriSpecifics nigori; 1818 nigori.mutable_keystore_decryptor_token()->CopyFrom( 1819 keystore_decryptor_token); 1820 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1821 nigori.set_keybag_is_frozen(true); 1822 nigori.set_keystore_migration_time(1); 1823 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1824 nigori_node.SetNigoriSpecifics(nigori); 1825 } 1826 EXPECT_CALL(*observer(), 1827 OnPassphraseRequired(_, _)); 1828 EXPECT_CALL(*observer(), 1829 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 1830 EXPECT_CALL(*observer(), 1831 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1832 EXPECT_CALL(*observer(), 1833 OnEncryptedTypesChanged(_, false)); 1834 encryption_handler()->Init(); 1835 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1836 EXPECT_TRUE(GetCryptographer()->has_pending_keys()); 1837 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1838 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1839 Mock::VerifyAndClearExpectations(observer()); 1840 1841 EXPECT_CALL(*observer(), 1842 OnPassphraseAccepted()); 1843 EXPECT_CALL(*observer(), 1844 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1845 EXPECT_CALL(*observer(), 1846 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 1847 EXPECT_CALL(*observer(), 1848 OnEncryptionComplete()); 1849 encryption_handler()->SetDecryptionPassphrase(kCurKey); 1850 Mock::VerifyAndClearExpectations(observer()); 1851 1852 EXPECT_CALL(*observer(), 1853 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _)); 1854 EXPECT_CALL(*observer(), 1855 OnEncryptionComplete()); 1856 EXPECT_CALL(*observer(), 1857 OnEncryptedTypesChanged(_, true)); 1858 EXPECT_CALL(*observer(), 1859 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1860 encryption_handler()->EnableEncryptEverything(); 1861 Mock::VerifyAndClearExpectations(observer()); 1862 1863 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1864 EXPECT_TRUE(GetCryptographer()->is_ready()); 1865 EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE, 1866 encryption_handler()->GetPassphraseType()); 1867 EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled()); 1868 VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE, kCurKey); 1869 1870 // Check that the cryptographer is encrypting using the frozen current key. 1871 sync_pb::EncryptedData current_encrypted; 1872 other_cryptographer.EncryptString("string", ¤t_encrypted); 1873 EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted)); 1874 1875 // Check that the cryptographer can still decrypt keystore key based 1876 // encryption (due to extracting the keystore key from the encryption keybag). 1877 Cryptographer keystore_cryptographer(GetCryptographer()->encryptor()); 1878 keystore_cryptographer.AddKey(keystore_key); 1879 sync_pb::EncryptedData keystore_encrypted; 1880 keystore_cryptographer.EncryptString("string", &keystore_encrypted); 1881 EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted)); 1882 } 1883 1884 // If we receive a nigori migrated and with a KEYSTORE_PASSPHRASE type, but 1885 // using an old default key (i.e. old GAIA password), we should overwrite the 1886 // nigori, updating the keybag and keystore decryptor. 1887 TEST_F(SyncEncryptionHandlerImplTest, 1888 ReceiveMigratedNigoriWithOldPassphrase) { 1889 const char kOldKey[] = "old"; 1890 const char kCurKey[] = "cur"; 1891 sync_pb::EncryptedData encrypted; 1892 KeyParams old_key = {"localhost", "dummy", kOldKey}; 1893 KeyParams cur_key = {"localhost", "dummy", kCurKey}; 1894 GetCryptographer()->AddKey(old_key); 1895 GetCryptographer()->AddKey(cur_key); 1896 1897 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1898 other_cryptographer.AddKey(old_key); 1899 EXPECT_TRUE(other_cryptographer.is_ready()); 1900 1901 EXPECT_CALL(*observer(), 1902 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1903 EXPECT_CALL(*observer(), 1904 OnEncryptedTypesChanged(_, false)); 1905 EXPECT_CALL(*observer(), 1906 OnEncryptionComplete()); 1907 encryption_handler()->Init(); 1908 EXPECT_TRUE(GetCryptographer()->is_ready()); 1909 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1910 1911 { 1912 EXPECT_CALL(*observer(), 1913 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1914 ReadTransaction trans(FROM_HERE, user_share()); 1915 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1916 kRawKeystoreKey), 1917 trans.GetWrappedTrans()); 1918 } 1919 EXPECT_CALL(*observer(), 1920 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 1921 PumpLoop(); 1922 Mock::VerifyAndClearExpectations(observer()); 1923 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1924 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1925 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey); 1926 1927 // Now build an old keystore passphrase nigori node. 1928 EXPECT_CALL(*observer(), 1929 OnCryptographerStateChanged(_)).Times(AnyNumber()); 1930 EXPECT_CALL(*observer(), OnEncryptionComplete()); 1931 { 1932 WriteTransaction trans(FROM_HERE, user_share()); 1933 WriteNode nigori_node(&trans); 1934 ASSERT_EQ(nigori_node.InitByTagLookup(kNigoriTag), BaseNode::INIT_OK); 1935 sync_pb::NigoriSpecifics nigori; 1936 Cryptographer other_cryptographer(GetCryptographer()->encryptor()); 1937 other_cryptographer.AddKey(old_key); 1938 encryption_handler()->GetKeystoreDecryptor( 1939 other_cryptographer, 1940 kKeystoreKey, 1941 nigori.mutable_keystore_decryptor_token()); 1942 other_cryptographer.GetKeys(nigori.mutable_encryption_keybag()); 1943 nigori.set_keybag_is_frozen(true); 1944 nigori.set_encrypt_everything(false); 1945 nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE); 1946 nigori.set_keystore_migration_time(1); 1947 encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans()); 1948 nigori_node.SetNigoriSpecifics(nigori); 1949 } 1950 PumpLoop(); 1951 1952 // Verify we're still migrated and have proper encryption state. 1953 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 1954 EXPECT_TRUE(GetCryptographer()->is_ready()); 1955 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 1956 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 1957 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey); 1958 } 1959 1960 // Trigger a key rotation upon receiving new keys if we already had a keystore 1961 // migrated nigori with the gaia key as the default (still in backwards 1962 // compatible mode). 1963 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefault) { 1964 // Destroy the existing nigori node so we init without a nigori node. 1965 TearDown(); 1966 test_user_share_.SetUp(); 1967 SetUpEncryption(); 1968 1969 const char kOldGaiaKey[] = "old_gaia_key"; 1970 const char kRawOldKeystoreKey[] = "old_keystore_key"; 1971 std::string old_keystore_key; 1972 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key); 1973 { 1974 ReadTransaction trans(FROM_HERE, user_share()); 1975 EXPECT_CALL(*observer(), 1976 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1977 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 1978 kRawOldKeystoreKey), 1979 trans.GetWrappedTrans()); 1980 } 1981 PumpLoop(); 1982 Mock::VerifyAndClearExpectations(observer()); 1983 1984 // Then init the nigori node with a backwards compatible set of keys. 1985 CreateRootForType(NIGORI); 1986 EXPECT_CALL(*observer(), OnPassphraseAccepted()); 1987 InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key); 1988 1989 // Now set some new keystore keys. 1990 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber()); 1991 EXPECT_CALL(*observer(), OnEncryptionComplete()); 1992 { 1993 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 1994 keys.Add()->assign(kRawOldKeystoreKey); 1995 keys.Add()->assign(kRawKeystoreKey); 1996 EXPECT_CALL(*observer(), 1997 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 1998 ReadTransaction trans(FROM_HERE, user_share()); 1999 encryption_handler()->SetKeystoreKeys(keys, 2000 trans.GetWrappedTrans()); 2001 } 2002 // Pump for any posted tasks. 2003 PumpLoop(); 2004 Mock::VerifyAndClearExpectations(observer()); 2005 2006 // Verify we're still migrated and have proper encryption state. We should 2007 // have rotated the keybag so that it's now encrypted with the newest keystore 2008 // key (instead of the old gaia key). 2009 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 2010 EXPECT_TRUE(GetCryptographer()->is_ready()); 2011 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 2012 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 2013 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey); 2014 } 2015 2016 // Trigger a key rotation upon receiving new keys if we already had a keystore 2017 // migrated nigori with the keystore key as the default. 2018 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysKeystoreDefault) { 2019 // Destroy the existing nigori node so we init without a nigori node. 2020 TearDown(); 2021 test_user_share_.SetUp(); 2022 SetUpEncryption(); 2023 2024 const char kRawOldKeystoreKey[] = "old_keystore_key"; 2025 std::string old_keystore_key; 2026 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key); 2027 { 2028 ReadTransaction trans(FROM_HERE, user_share()); 2029 EXPECT_CALL(*observer(), 2030 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 2031 encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto( 2032 kRawOldKeystoreKey), 2033 trans.GetWrappedTrans()); 2034 } 2035 PumpLoop(); 2036 Mock::VerifyAndClearExpectations(observer()); 2037 2038 // Then init the nigori node with a non-backwards compatible set of keys. 2039 CreateRootForType(NIGORI); 2040 EXPECT_CALL(*observer(), OnPassphraseAccepted()); 2041 InitKeystoreMigratedNigori(1, old_keystore_key, old_keystore_key); 2042 2043 // Now set some new keystore keys. 2044 EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber()); 2045 EXPECT_CALL(*observer(), OnEncryptionComplete()); 2046 { 2047 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 2048 keys.Add()->assign(kRawOldKeystoreKey); 2049 keys.Add()->assign(kRawKeystoreKey); 2050 EXPECT_CALL(*observer(), 2051 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 2052 ReadTransaction trans(FROM_HERE, user_share()); 2053 encryption_handler()->SetKeystoreKeys(keys, 2054 trans.GetWrappedTrans()); 2055 } 2056 // Pump for any posted tasks. 2057 PumpLoop(); 2058 Mock::VerifyAndClearExpectations(observer()); 2059 2060 // Verify we're still migrated and have proper encryption state. We should 2061 // have rotated the keybag so that it's now encrypted with the newest keystore 2062 // key (instead of the old gaia key). 2063 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 2064 EXPECT_TRUE(GetCryptographer()->is_ready()); 2065 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 2066 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 2067 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey); 2068 } 2069 2070 // Trigger a key rotation upon when a pending gaia passphrase is resolved. 2071 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysAfterPendingGaiaResolved) { 2072 const char kOldGaiaKey[] = "old_gaia_key"; 2073 const char kRawOldKeystoreKey[] = "old_keystore_key"; 2074 2075 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _)); 2076 InitUnmigratedNigori(kOldGaiaKey, IMPLICIT_PASSPHRASE); 2077 2078 { 2079 // Pass multiple keystore keys, signaling a rotation has happened. 2080 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 2081 keys.Add()->assign(kRawOldKeystoreKey); 2082 keys.Add()->assign(kRawKeystoreKey); 2083 ReadTransaction trans(FROM_HERE, user_share()); 2084 EXPECT_CALL(*observer(), 2085 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 2086 encryption_handler()->SetKeystoreKeys(keys, 2087 trans.GetWrappedTrans()); 2088 } 2089 PumpLoop(); 2090 Mock::VerifyAndClearExpectations(observer()); 2091 2092 // Resolve the pending keys. This should trigger the key rotation. 2093 EXPECT_CALL(*observer(), 2094 OnCryptographerStateChanged(_)).Times(AnyNumber()); 2095 EXPECT_CALL(*observer(), 2096 OnPassphraseAccepted()); 2097 EXPECT_CALL(*observer(), 2098 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 2099 EXPECT_CALL(*observer(), 2100 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 2101 EXPECT_CALL(*observer(), 2102 OnEncryptionComplete()).Times(AtLeast(1)); 2103 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 2104 encryption_handler()->SetDecryptionPassphrase(kOldGaiaKey); 2105 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 2106 EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType()); 2107 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey); 2108 } 2109 2110 // When signing in for the first time, make sure we can rotate keys if we 2111 // already have a keystore migrated nigori. 2112 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefaultOnInit) { 2113 // Destroy the existing nigori node so we init without a nigori node. 2114 TearDown(); 2115 test_user_share_.SetUp(); 2116 SetUpEncryption(); 2117 2118 const char kOldGaiaKey[] = "old_gaia_key"; 2119 const char kRawOldKeystoreKey[] = "old_keystore_key"; 2120 std::string old_keystore_key; 2121 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key); 2122 2123 // Set two keys, signaling that a rotation has been performed. No nigori 2124 // node is present yet, so we can't rotate. 2125 { 2126 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 2127 keys.Add()->assign(kRawOldKeystoreKey); 2128 keys.Add()->assign(kRawKeystoreKey); 2129 EXPECT_CALL(*observer(), 2130 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 2131 ReadTransaction trans(FROM_HERE, user_share()); 2132 encryption_handler()->SetKeystoreKeys(keys, 2133 trans.GetWrappedTrans()); 2134 } 2135 2136 // Then init the nigori node with an old set of keys. 2137 CreateRootForType(NIGORI); 2138 EXPECT_CALL(*observer(), OnPassphraseAccepted()); 2139 InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key); 2140 PumpLoop(); 2141 Mock::VerifyAndClearExpectations(observer()); 2142 2143 // Verify we're still migrated and have proper encryption state. We should 2144 // have rotated the keybag so that it's now encrypted with the newest keystore 2145 // key (instead of the old gaia key). 2146 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 2147 EXPECT_TRUE(GetCryptographer()->is_ready()); 2148 EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE); 2149 EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled()); 2150 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey); 2151 } 2152 2153 // Trigger a key rotation when a migrated nigori (with an old keystore key) is 2154 // applied. 2155 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysWhenMigratedNigoriArrives) { 2156 const char kOldGaiaKey[] = "old_gaia_key"; 2157 const char kRawOldKeystoreKey[] = "old_keystore_key"; 2158 std::string old_keystore_key; 2159 base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key); 2160 2161 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _)); 2162 InitUnmigratedNigori(kOldGaiaKey, IMPLICIT_PASSPHRASE); 2163 2164 { 2165 // Pass multiple keystore keys, signaling a rotation has happened. 2166 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 2167 keys.Add()->assign(kRawOldKeystoreKey); 2168 keys.Add()->assign(kRawKeystoreKey); 2169 ReadTransaction trans(FROM_HERE, user_share()); 2170 EXPECT_CALL(*observer(), 2171 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 2172 encryption_handler()->SetKeystoreKeys(keys, 2173 trans.GetWrappedTrans()); 2174 } 2175 PumpLoop(); 2176 Mock::VerifyAndClearExpectations(observer()); 2177 2178 // Now simulate downloading a nigori node that was migrated before the 2179 // keys were rotated, and hence still encrypt with the old gaia key. 2180 EXPECT_CALL(*observer(), 2181 OnCryptographerStateChanged(_)).Times(AnyNumber()); 2182 EXPECT_CALL(*observer(), 2183 OnPassphraseAccepted()); 2184 EXPECT_CALL(*observer(), 2185 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _)); 2186 EXPECT_CALL(*observer(), 2187 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 2188 EXPECT_CALL(*observer(), 2189 OnEncryptionComplete()).Times(AtLeast(1)); 2190 { 2191 sync_pb::NigoriSpecifics nigori = BuildMigratedNigori( 2192 KEYSTORE_PASSPHRASE, 2193 1, 2194 kOldGaiaKey, 2195 old_keystore_key); 2196 // Update the encryption handler. 2197 WriteTransaction trans(FROM_HERE, user_share()); 2198 encryption_handler()->ApplyNigoriUpdate( 2199 nigori, 2200 trans.GetWrappedTrans()); 2201 } 2202 EXPECT_FALSE(encryption_handler()->MigratedToKeystore()); 2203 PumpLoop(); 2204 2205 EXPECT_TRUE(encryption_handler()->MigratedToKeystore()); 2206 EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType()); 2207 VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey); 2208 } 2209 2210 // Verify that performing a migration while having more than one keystore key 2211 // preserves a custom passphrase. 2212 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysUnmigratedCustomPassphrase) { 2213 const char kCustomPass[] = "custom_passphrase"; 2214 const char kRawOldKeystoreKey[] = "old_keystore_key"; 2215 2216 EXPECT_CALL(*observer(), OnPassphraseRequired(_, _)); 2217 InitUnmigratedNigori(kCustomPass, CUSTOM_PASSPHRASE); 2218 2219 { 2220 // Pass multiple keystore keys, signaling a rotation has happened. 2221 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 2222 keys.Add()->assign(kRawOldKeystoreKey); 2223 keys.Add()->assign(kRawKeystoreKey); 2224 ReadTransaction trans(FROM_HERE, user_share()); 2225 EXPECT_CALL(*observer(), 2226 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 2227 encryption_handler()->SetKeystoreKeys(keys, 2228 trans.GetWrappedTrans()); 2229 } 2230 PumpLoop(); 2231 Mock::VerifyAndClearExpectations(observer()); 2232 2233 // Pass the decryption passphrase. This will also trigger the migration, 2234 // but should not overwrite the default key. 2235 EXPECT_CALL(*observer(), 2236 OnCryptographerStateChanged(_)).Times(AnyNumber()); 2237 EXPECT_CALL(*observer(), 2238 OnPassphraseAccepted()); 2239 EXPECT_CALL(*observer(), 2240 OnEncryptedTypesChanged(_, true)); 2241 EXPECT_CALL(*observer(), 2242 OnEncryptionComplete()).Times(AnyNumber()); 2243 EXPECT_CALL(*observer(), 2244 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN)); 2245 encryption_handler()->SetDecryptionPassphrase(kCustomPass); 2246 Mock::VerifyAndClearExpectations(observer()); 2247 2248 VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCustomPass); 2249 } 2250 2251 // Verify that a key rotation done after we've migrated a custom passphrase 2252 // nigori node preserves the custom passphrase. 2253 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysMigratedCustomPassphrase) { 2254 const char kCustomPass[] = "custom_passphrase"; 2255 const char kRawOldKeystoreKey[] = "old_keystore_key"; 2256 2257 KeyParams custom_key = {"localhost", "dummy", kCustomPass}; 2258 GetCryptographer()->AddKey(custom_key); 2259 2260 InitCustomPassMigratedNigori(1, kCustomPass); 2261 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCustomPass); 2262 2263 { 2264 // Pass multiple keystore keys, signaling a rotation has happened. 2265 google::protobuf::RepeatedPtrField<google::protobuf::string> keys; 2266 keys.Add()->assign(kRawOldKeystoreKey); 2267 keys.Add()->assign(kRawKeystoreKey); 2268 ReadTransaction trans(FROM_HERE, user_share()); 2269 EXPECT_CALL(*observer(), 2270 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN)); 2271 EXPECT_CALL(*observer(), 2272 OnCryptographerStateChanged(_)).Times(AnyNumber()); 2273 encryption_handler()->SetKeystoreKeys(keys, 2274 trans.GetWrappedTrans()); 2275 } 2276 PumpLoop(); 2277 Mock::VerifyAndClearExpectations(observer()); 2278 2279 VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCustomPass); 2280 } 2281 2282 } // namespace syncer 2283