Home | History | Annotate | Download | only in internal_api
      1 // Copyright 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "sync/internal_api/sync_encryption_handler_impl.h"
      6 
      7 #include <string>
      8 
      9 #include "base/base64.h"
     10 #include "base/json/json_string_value_serializer.h"
     11 #include "base/memory/scoped_ptr.h"
     12 #include "base/message_loop/message_loop.h"
     13 #include "base/tracked_objects.h"
     14 #include "sync/internal_api/public/base/model_type_test_util.h"
     15 #include "sync/internal_api/public/read_node.h"
     16 #include "sync/internal_api/public/read_transaction.h"
     17 #include "sync/internal_api/public/test/test_user_share.h"
     18 #include "sync/internal_api/public/write_node.h"
     19 #include "sync/internal_api/public/write_transaction.h"
     20 #include "sync/protocol/nigori_specifics.pb.h"
     21 #include "sync/protocol/sync.pb.h"
     22 #include "sync/syncable/entry.h"
     23 #include "sync/syncable/mutable_entry.h"
     24 #include "sync/syncable/syncable_write_transaction.h"
     25 #include "sync/test/engine/test_id_factory.h"
     26 #include "sync/test/fake_encryptor.h"
     27 #include "sync/util/cryptographer.h"
     28 #include "testing/gmock/include/gmock/gmock.h"
     29 #include "testing/gtest/include/gtest/gtest.h"
     30 
     31 namespace syncer {
     32 
     33 namespace {
     34 
     35 using ::testing::_;
     36 using ::testing::AnyNumber;
     37 using ::testing::AtLeast;
     38 using ::testing::Mock;
     39 using ::testing::SaveArg;
     40 using ::testing::StrictMock;
     41 
     42 // The raw keystore key the server sends.
     43 static const char kRawKeystoreKey[] = "keystore_key";
     44 // Base64 encoded version of |kRawKeystoreKey|.
     45 static const char kKeystoreKey[] = "a2V5c3RvcmVfa2V5";
     46 
     47 class SyncEncryptionHandlerObserverMock
     48     : public SyncEncryptionHandler::Observer {
     49  public:
     50   MOCK_METHOD2(OnPassphraseRequired,
     51                void(PassphraseRequiredReason,
     52                     const sync_pb::EncryptedData&));  // NOLINT
     53   MOCK_METHOD0(OnPassphraseAccepted, void());  // NOLINT
     54   MOCK_METHOD2(OnBootstrapTokenUpdated,
     55                void(const std::string&, BootstrapTokenType type));  // NOLINT
     56   MOCK_METHOD2(OnEncryptedTypesChanged,
     57                void(ModelTypeSet, bool));  // NOLINT
     58   MOCK_METHOD0(OnEncryptionComplete, void());  // NOLINT
     59   MOCK_METHOD1(OnCryptographerStateChanged, void(Cryptographer*));  // NOLINT
     60   MOCK_METHOD2(OnPassphraseTypeChanged, void(PassphraseType,
     61                                              base::Time));  // NOLINT
     62 };
     63 
     64 google::protobuf::RepeatedPtrField<google::protobuf::string>
     65 BuildEncryptionKeyProto(std::string encryption_key) {
     66   google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
     67   keys.Add()->assign(encryption_key);
     68   return keys;
     69 }
     70 
     71 }  // namespace
     72 
     73 class SyncEncryptionHandlerImplTest : public ::testing::Test {
     74  public:
     75   SyncEncryptionHandlerImplTest() {}
     76   virtual ~SyncEncryptionHandlerImplTest() {}
     77 
     78   virtual void SetUp() {
     79     test_user_share_.SetUp();
     80     SetUpEncryption();
     81     CreateRootForType(NIGORI);
     82   }
     83 
     84   virtual void TearDown() {
     85     PumpLoop();
     86     test_user_share_.TearDown();
     87   }
     88 
     89  protected:
     90   void SetUpEncryption() {
     91     encryption_handler_.reset(
     92         new SyncEncryptionHandlerImpl(user_share(),
     93                                       &encryptor_,
     94                                       std::string(),
     95                                       std::string() /* bootstrap tokens */));
     96     encryption_handler_->AddObserver(&observer_);
     97   }
     98 
     99   void CreateRootForType(ModelType model_type) {
    100     syncer::syncable::Directory* directory = user_share()->directory.get();
    101 
    102     std::string tag_name = ModelTypeToRootTag(model_type);
    103 
    104     syncable::WriteTransaction wtrans(FROM_HERE, syncable::UNITTEST, directory);
    105     syncable::MutableEntry node(&wtrans,
    106                                 syncable::CREATE,
    107                                 model_type,
    108                                 wtrans.root_id(),
    109                                 tag_name);
    110     node.PutUniqueServerTag(tag_name);
    111     node.PutIsDir(true);
    112     node.PutServerIsDir(false);
    113     node.PutIsUnsynced(false);
    114     node.PutIsUnappliedUpdate(false);
    115     node.PutServerVersion(20);
    116     node.PutBaseVersion(20);
    117     node.PutIsDel(false);
    118     node.PutId(ids_.MakeServer(tag_name));
    119     sync_pb::EntitySpecifics specifics;
    120     syncer::AddDefaultFieldValue(model_type, &specifics);
    121     node.PutSpecifics(specifics);
    122   }
    123 
    124   void PumpLoop() {
    125     message_loop_.RunUntilIdle();
    126   }
    127 
    128   // Getters for tests.
    129   UserShare* user_share() { return test_user_share_.user_share(); }
    130   SyncEncryptionHandlerImpl* encryption_handler() {
    131       return encryption_handler_.get();
    132   }
    133   SyncEncryptionHandlerObserverMock* observer() { return &observer_; }
    134   Cryptographer* GetCryptographer() {
    135     return encryption_handler_->GetCryptographerUnsafe();
    136   }
    137 
    138   void VerifyMigratedNigori(PassphraseType passphrase_type,
    139                             const std::string& passphrase) {
    140     VerifyMigratedNigoriWithTimestamp(0, passphrase_type, passphrase);
    141   }
    142 
    143   void VerifyMigratedNigoriWithTimestamp(
    144       int64 migration_time,
    145       PassphraseType passphrase_type,
    146       const std::string& passphrase) {
    147     ReadTransaction trans(FROM_HERE, user_share());
    148     ReadNode nigori_node(&trans);
    149     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
    150     const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics();
    151     if (migration_time > 0)
    152       EXPECT_EQ(migration_time, nigori.keystore_migration_time());
    153     else
    154       EXPECT_TRUE(nigori.has_keystore_migration_time());
    155     EXPECT_TRUE(nigori.keybag_is_frozen());
    156     if (passphrase_type == CUSTOM_PASSPHRASE ||
    157         passphrase_type == FROZEN_IMPLICIT_PASSPHRASE) {
    158       EXPECT_TRUE(nigori.encrypt_everything());
    159       EXPECT_TRUE(nigori.keystore_decryptor_token().blob().empty());
    160       if (passphrase_type == CUSTOM_PASSPHRASE) {
    161         EXPECT_EQ(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE,
    162                   nigori.passphrase_type());
    163         if (!encryption_handler()->custom_passphrase_time().is_null()) {
    164           EXPECT_EQ(nigori.custom_passphrase_time(),
    165                     TimeToProtoTime(
    166                         encryption_handler()->custom_passphrase_time()));
    167         }
    168       } else {
    169         EXPECT_EQ(sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE,
    170                   nigori.passphrase_type());
    171       }
    172     } else {
    173       EXPECT_FALSE(nigori.encrypt_everything());
    174       EXPECT_FALSE(nigori.keystore_decryptor_token().blob().empty());
    175       EXPECT_EQ(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE,
    176                 nigori.passphrase_type());
    177       Cryptographer keystore_cryptographer(&encryptor_);
    178       KeyParams params = {"localhost", "dummy", kKeystoreKey};
    179       keystore_cryptographer.AddKey(params);
    180       EXPECT_TRUE(keystore_cryptographer.CanDecryptUsingDefaultKey(
    181           nigori.keystore_decryptor_token()));
    182     }
    183 
    184     Cryptographer temp_cryptographer(&encryptor_);
    185     KeyParams params = {"localhost", "dummy", passphrase};
    186     temp_cryptographer.AddKey(params);
    187     EXPECT_TRUE(temp_cryptographer.CanDecryptUsingDefaultKey(
    188         nigori.encryption_keybag()));
    189   }
    190 
    191   sync_pb::NigoriSpecifics BuildMigratedNigori(
    192       PassphraseType passphrase_type,
    193       int64 migration_time,
    194       const std::string& default_passphrase,
    195       const std::string& keystore_key) {
    196     DCHECK_NE(passphrase_type, IMPLICIT_PASSPHRASE);
    197     Cryptographer other_cryptographer(GetCryptographer()->encryptor());
    198 
    199     std::string default_key = default_passphrase;
    200     if (default_key.empty()) {
    201       default_key = keystore_key;
    202     } else {
    203       KeyParams keystore_params = {"localhost", "dummy", keystore_key};
    204       other_cryptographer.AddKey(keystore_params);
    205     }
    206     KeyParams params = {"localhost", "dummy", default_key};
    207     other_cryptographer.AddKey(params);
    208     EXPECT_TRUE(other_cryptographer.is_ready());
    209 
    210     sync_pb::NigoriSpecifics nigori;
    211     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
    212     nigori.set_keybag_is_frozen(true);
    213     nigori.set_keystore_migration_time(migration_time);
    214 
    215     if (passphrase_type == KEYSTORE_PASSPHRASE) {
    216       sync_pb::EncryptedData keystore_decryptor_token;
    217       EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
    218           other_cryptographer,
    219           keystore_key,
    220           &keystore_decryptor_token));
    221       nigori.mutable_keystore_decryptor_token()->CopyFrom(
    222           keystore_decryptor_token);
    223       nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
    224     } else {
    225       nigori.set_encrypt_everything(true);
    226       nigori.set_passphrase_type(
    227           passphrase_type == CUSTOM_PASSPHRASE ?
    228               sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE :
    229               sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE);
    230     }
    231     return nigori;
    232   }
    233 
    234   // Build a migrated nigori node with the specified default passphrase
    235   // and keystore key and initialize the encryption handler with it.
    236   void InitKeystoreMigratedNigori(int64 migration_time,
    237                                   const std::string& default_passphrase,
    238                                   const std::string& keystore_key) {
    239     {
    240       WriteTransaction trans(FROM_HERE, user_share());
    241       WriteNode nigori_node(&trans);
    242       ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
    243       sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
    244           KEYSTORE_PASSPHRASE,
    245           migration_time,
    246           default_passphrase,
    247           keystore_key);
    248       nigori_node.SetNigoriSpecifics(nigori);
    249     }
    250 
    251     EXPECT_CALL(*observer(),
    252                 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
    253     EXPECT_CALL(*observer(),
    254                 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
    255     EXPECT_CALL(*observer(),
    256                 OnCryptographerStateChanged(_)).Times(AtLeast(1));
    257     EXPECT_CALL(*observer(),
    258                 OnEncryptedTypesChanged(_, false));
    259     EXPECT_CALL(*observer(),
    260                 OnEncryptionComplete()).Times(AtLeast(1));
    261     encryption_handler()->Init();
    262     EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
    263     EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
    264     EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
    265     Mock::VerifyAndClearExpectations(observer());
    266   }
    267 
    268   // Build a migrated nigori node with the specified default passphrase
    269   // as a custom passphrase.
    270   void InitCustomPassMigratedNigori(int64 migration_time,
    271                                     const std::string& default_passphrase) {
    272     {
    273       WriteTransaction trans(FROM_HERE, user_share());
    274       WriteNode nigori_node(&trans);
    275       ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
    276       sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
    277           CUSTOM_PASSPHRASE,
    278           migration_time,
    279           default_passphrase,
    280           kKeystoreKey);
    281       nigori_node.SetNigoriSpecifics(nigori);
    282     }
    283 
    284     EXPECT_CALL(*observer(),
    285                 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
    286     EXPECT_CALL(*observer(),
    287                 OnCryptographerStateChanged(_)).Times(AtLeast(1));
    288     EXPECT_CALL(*observer(),
    289                 OnEncryptedTypesChanged(_, true)).Times(AtLeast(1));
    290     EXPECT_CALL(*observer(),
    291                 OnEncryptionComplete()).Times(AtLeast(1));
    292     encryption_handler()->Init();
    293     EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
    294     EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
    295     EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
    296     Mock::VerifyAndClearExpectations(observer());
    297   }
    298 
    299   // Build an unmigrated nigori node with the specified passphrase and type and
    300   // initialize the encryption handler with it.
    301   void InitUnmigratedNigori(const std::string& default_passphrase,
    302                             PassphraseType passphrase_type) {
    303     DCHECK_NE(passphrase_type, FROZEN_IMPLICIT_PASSPHRASE);
    304     Cryptographer other_cryptographer(GetCryptographer()->encryptor());
    305     KeyParams default_key = {"localhost", "dummy", default_passphrase};
    306     other_cryptographer.AddKey(default_key);
    307     EXPECT_TRUE(other_cryptographer.is_ready());
    308 
    309     {
    310       WriteTransaction trans(FROM_HERE, user_share());
    311       WriteNode nigori_node(&trans);
    312       ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
    313       sync_pb::NigoriSpecifics nigori;
    314       other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
    315       nigori.set_keybag_is_frozen(passphrase_type == CUSTOM_PASSPHRASE);
    316       nigori_node.SetNigoriSpecifics(nigori);
    317     }
    318 
    319     if (passphrase_type != IMPLICIT_PASSPHRASE) {
    320       EXPECT_CALL(*observer(),
    321                   OnPassphraseTypeChanged(passphrase_type, _));
    322     }
    323     EXPECT_CALL(*observer(),
    324                 OnCryptographerStateChanged(_)).Times(AtLeast(1));
    325     EXPECT_CALL(*observer(),
    326                 OnEncryptedTypesChanged(_, false));
    327     encryption_handler()->Init();
    328     EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
    329     EXPECT_EQ(encryption_handler()->GetPassphraseType(), passphrase_type);
    330     EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
    331     Mock::VerifyAndClearExpectations(observer());
    332   }
    333 
    334  protected:
    335   TestUserShare test_user_share_;
    336   FakeEncryptor encryptor_;
    337   scoped_ptr<SyncEncryptionHandlerImpl> encryption_handler_;
    338   StrictMock<SyncEncryptionHandlerObserverMock> observer_;
    339   TestIdFactory ids_;
    340   base::MessageLoop message_loop_;
    341 };
    342 
    343 // Verify that the encrypted types are being written to and read from the
    344 // nigori node properly.
    345 TEST_F(SyncEncryptionHandlerImplTest, NigoriEncryptionTypes) {
    346   sync_pb::NigoriSpecifics nigori;
    347 
    348   StrictMock<SyncEncryptionHandlerObserverMock> observer2;
    349   SyncEncryptionHandlerImpl handler2(user_share(),
    350                                      &encryptor_,
    351                                      std::string(),
    352                                      std::string() /* bootstrap tokens */);
    353   handler2.AddObserver(&observer2);
    354 
    355   // Just set the sensitive types (shouldn't trigger any notifications).
    356   ModelTypeSet encrypted_types(SyncEncryptionHandler::SensitiveTypes());
    357   {
    358     WriteTransaction trans(FROM_HERE, user_share());
    359     encryption_handler()->MergeEncryptedTypes(
    360         encrypted_types,
    361         trans.GetWrappedTrans());
    362     encryption_handler()->UpdateNigoriFromEncryptedTypes(
    363         &nigori,
    364         trans.GetWrappedTrans());
    365     handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
    366   }
    367   EXPECT_TRUE(encrypted_types.Equals(
    368       encryption_handler()->GetEncryptedTypesUnsafe()));
    369   EXPECT_TRUE(encrypted_types.Equals(
    370       handler2.GetEncryptedTypesUnsafe()));
    371 
    372   Mock::VerifyAndClearExpectations(observer());
    373   Mock::VerifyAndClearExpectations(&observer2);
    374 
    375   ModelTypeSet encrypted_user_types = EncryptableUserTypes();
    376 
    377   EXPECT_CALL(*observer(),
    378               OnEncryptedTypesChanged(
    379                   HasModelTypes(encrypted_user_types), false));
    380   EXPECT_CALL(observer2,
    381               OnEncryptedTypesChanged(
    382                   HasModelTypes(encrypted_user_types), false));
    383 
    384   // Set all encrypted types
    385   encrypted_types = EncryptableUserTypes();
    386   {
    387     WriteTransaction trans(FROM_HERE, user_share());
    388     encryption_handler()->MergeEncryptedTypes(
    389         encrypted_types,
    390         trans.GetWrappedTrans());
    391     encryption_handler()->UpdateNigoriFromEncryptedTypes(
    392         &nigori,
    393         trans.GetWrappedTrans());
    394     handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
    395   }
    396   EXPECT_TRUE(encrypted_types.Equals(
    397       encryption_handler()->GetEncryptedTypesUnsafe()));
    398   EXPECT_TRUE(encrypted_types.Equals(handler2.GetEncryptedTypesUnsafe()));
    399 
    400   // Receiving an empty nigori should not reset any encrypted types or trigger
    401   // an observer notification.
    402   Mock::VerifyAndClearExpectations(observer());
    403   Mock::VerifyAndClearExpectations(&observer2);
    404   nigori = sync_pb::NigoriSpecifics();
    405   {
    406     WriteTransaction trans(FROM_HERE, user_share());
    407     handler2.UpdateEncryptedTypesFromNigori(nigori, trans.GetWrappedTrans());
    408   }
    409   EXPECT_TRUE(encrypted_types.Equals(
    410       encryption_handler()->GetEncryptedTypesUnsafe()));
    411 }
    412 
    413 // Verify the encryption handler processes the encrypt everything field
    414 // properly.
    415 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingExplicit) {
    416   sync_pb::NigoriSpecifics nigori;
    417   nigori.set_encrypt_everything(true);
    418 
    419   EXPECT_CALL(*observer(),
    420               OnEncryptedTypesChanged(
    421                   HasModelTypes(EncryptableUserTypes()), true));
    422 
    423   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
    424   ModelTypeSet encrypted_types =
    425       encryption_handler()->GetEncryptedTypesUnsafe();
    426   EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(PASSWORDS)));
    427 
    428   {
    429     WriteTransaction trans(FROM_HERE, user_share());
    430     encryption_handler()->UpdateEncryptedTypesFromNigori(
    431         nigori,
    432         trans.GetWrappedTrans());
    433   }
    434 
    435   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
    436   encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
    437   EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes()));
    438 
    439   // Receiving the nigori node again shouldn't trigger another notification.
    440   Mock::VerifyAndClearExpectations(observer());
    441   {
    442     WriteTransaction trans(FROM_HERE, user_share());
    443     encryption_handler()->UpdateEncryptedTypesFromNigori(
    444         nigori,
    445         trans.GetWrappedTrans());
    446   }
    447 }
    448 
    449 // Verify the encryption handler can detect an implicit encrypt everything state
    450 // (from clients that failed to write the encrypt everything field).
    451 TEST_F(SyncEncryptionHandlerImplTest, EncryptEverythingImplicit) {
    452   sync_pb::NigoriSpecifics nigori;
    453   nigori.set_encrypt_bookmarks(true);  // Non-passwords = encrypt everything
    454 
    455   EXPECT_CALL(*observer(),
    456               OnEncryptedTypesChanged(
    457                   HasModelTypes(EncryptableUserTypes()), true));
    458 
    459   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
    460   ModelTypeSet encrypted_types =
    461       encryption_handler()->GetEncryptedTypesUnsafe();
    462   EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(PASSWORDS)));
    463 
    464   {
    465     WriteTransaction trans(FROM_HERE, user_share());
    466     encryption_handler()->UpdateEncryptedTypesFromNigori(
    467         nigori,
    468         trans.GetWrappedTrans());
    469   }
    470 
    471   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
    472   encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
    473   EXPECT_TRUE(encrypted_types.HasAll(EncryptableUserTypes()));
    474 
    475   // Receiving a nigori node with encrypt everything explicitly set shouldn't
    476   // trigger another notification.
    477   Mock::VerifyAndClearExpectations(observer());
    478   nigori.set_encrypt_everything(true);
    479   {
    480     WriteTransaction trans(FROM_HERE, user_share());
    481     encryption_handler()->UpdateEncryptedTypesFromNigori(
    482         nigori,
    483         trans.GetWrappedTrans());
    484   }
    485 }
    486 
    487 // Verify the encryption handler can deal with new versions treating new types
    488 // as Sensitive, and that it does not consider this an implicit encrypt
    489 // everything case.
    490 TEST_F(SyncEncryptionHandlerImplTest, UnknownSensitiveTypes) {
    491   sync_pb::NigoriSpecifics nigori;
    492   nigori.set_encrypt_everything(false);
    493   nigori.set_encrypt_bookmarks(true);
    494 
    495   ModelTypeSet expected_encrypted_types =
    496       SyncEncryptionHandler::SensitiveTypes();
    497   expected_encrypted_types.Put(BOOKMARKS);
    498 
    499   EXPECT_CALL(*observer(),
    500               OnEncryptedTypesChanged(
    501                   HasModelTypes(expected_encrypted_types), false));
    502 
    503   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
    504   ModelTypeSet encrypted_types =
    505       encryption_handler()->GetEncryptedTypesUnsafe();
    506   EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(PASSWORDS)));
    507 
    508   {
    509     WriteTransaction trans(FROM_HERE, user_share());
    510     encryption_handler()->UpdateEncryptedTypesFromNigori(
    511         nigori,
    512         trans.GetWrappedTrans());
    513   }
    514 
    515   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
    516   encrypted_types = encryption_handler()->GetEncryptedTypesUnsafe();
    517   EXPECT_TRUE(encrypted_types.Equals(ModelTypeSet(BOOKMARKS, PASSWORDS)));
    518 }
    519 
    520 // Receive an old nigori with old encryption keys and encrypted types. We should
    521 // not revert our default key or encrypted types, and should post a task to
    522 // overwrite the existing nigori with the correct data.
    523 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldNigori) {
    524   KeyParams old_key = {"localhost", "dummy", "old"};
    525   KeyParams current_key = {"localhost", "dummy", "cur"};
    526 
    527   // Data for testing encryption/decryption.
    528   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
    529   other_cryptographer.AddKey(old_key);
    530   sync_pb::EntitySpecifics other_encrypted_specifics;
    531   other_encrypted_specifics.mutable_bookmark()->set_title("title");
    532   other_cryptographer.Encrypt(
    533       other_encrypted_specifics,
    534       other_encrypted_specifics.mutable_encrypted());
    535   sync_pb::EntitySpecifics our_encrypted_specifics;
    536   our_encrypted_specifics.mutable_bookmark()->set_title("title2");
    537   ModelTypeSet encrypted_types = EncryptableUserTypes();
    538 
    539   // Set up the current encryption state (containing both keys and encrypt
    540   // everything).
    541   sync_pb::NigoriSpecifics current_nigori_specifics;
    542   GetCryptographer()->AddKey(old_key);
    543   GetCryptographer()->AddKey(current_key);
    544   GetCryptographer()->Encrypt(
    545       our_encrypted_specifics,
    546       our_encrypted_specifics.mutable_encrypted());
    547   GetCryptographer()->GetKeys(
    548       current_nigori_specifics.mutable_encryption_keybag());
    549   current_nigori_specifics.set_encrypt_everything(true);
    550 
    551   EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
    552   EXPECT_CALL(*observer(), OnEncryptedTypesChanged(
    553       HasModelTypes(EncryptableUserTypes()), true));
    554   {
    555     // Update the encryption handler.
    556     WriteTransaction trans(FROM_HERE, user_share());
    557     encryption_handler()->ApplyNigoriUpdate(
    558         current_nigori_specifics,
    559         trans.GetWrappedTrans());
    560   }
    561   Mock::VerifyAndClearExpectations(observer());
    562 
    563   // Now set up the old nigori specifics and apply it on top.
    564   // Has an old set of keys, and no encrypted types.
    565   sync_pb::NigoriSpecifics old_nigori;
    566   other_cryptographer.GetKeys(old_nigori.mutable_encryption_keybag());
    567 
    568   EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
    569   {
    570     // Update the encryption handler.
    571     WriteTransaction trans(FROM_HERE, user_share());
    572     encryption_handler()->ApplyNigoriUpdate(
    573         old_nigori,
    574         trans.GetWrappedTrans());
    575   }
    576   EXPECT_TRUE(GetCryptographer()->is_ready());
    577   EXPECT_FALSE(GetCryptographer()->has_pending_keys());
    578 
    579   // Encryption handler should have posted a task to overwrite the old
    580   // specifics.
    581   PumpLoop();
    582 
    583   {
    584     // The cryptographer should be able to decrypt both sets of keys and still
    585     // be encrypting with the newest, and the encrypted types should be the
    586     // most recent.
    587     // In addition, the nigori node should match the current encryption state.
    588     ReadTransaction trans(FROM_HERE, user_share());
    589     ReadNode nigori_node(&trans);
    590     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
    591     const sync_pb::NigoriSpecifics& nigori = nigori_node.GetNigoriSpecifics();
    592     EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(
    593         our_encrypted_specifics.encrypted()));
    594     EXPECT_TRUE(GetCryptographer()->CanDecrypt(
    595         other_encrypted_specifics.encrypted()));
    596     EXPECT_TRUE(GetCryptographer()->CanDecrypt(nigori.encryption_keybag()));
    597     EXPECT_TRUE(nigori.encrypt_everything());
    598     EXPECT_TRUE(
    599         GetCryptographer()->CanDecryptUsingDefaultKey(
    600             nigori.encryption_keybag()));
    601   }
    602   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
    603 }
    604 
    605 // Ensure setting the keystore key works, updates the bootstrap token, and
    606 // triggers a non-backwards compatible migration. Then verify that the
    607 // bootstrap token can be correctly parsed by the encryption handler at startup
    608 // time.
    609 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreMigratesAndUpdatesBootstrap) {
    610   // Passing no keys should do nothing.
    611   EXPECT_CALL(*observer(), OnBootstrapTokenUpdated(_, _)).Times(0);
    612   {
    613     WriteTransaction trans(FROM_HERE, user_share());
    614     EXPECT_FALSE(GetCryptographer()->is_initialized());
    615     EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
    616     EXPECT_FALSE(encryption_handler()->SetKeystoreKeys(
    617         BuildEncryptionKeyProto(std::string()), trans.GetWrappedTrans()));
    618     EXPECT_TRUE(encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
    619   }
    620   Mock::VerifyAndClearExpectations(observer());
    621 
    622   // Build a set of keystore keys.
    623   const char kRawOldKeystoreKey[] = "old_keystore_key";
    624   std::string old_keystore_key;
    625   base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
    626   google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
    627   keys.Add()->assign(kRawOldKeystoreKey);
    628   keys.Add()->assign(kRawKeystoreKey);
    629 
    630   // Pass them to the encryption handler, triggering a migration and bootstrap
    631   // token update.
    632   std::string encoded_key;
    633   std::string keystore_bootstrap;
    634   EXPECT_CALL(*observer(), OnEncryptionComplete());
    635   EXPECT_CALL(*observer(), OnCryptographerStateChanged(_));
    636   EXPECT_CALL(*observer(), OnPassphraseAccepted());
    637   EXPECT_CALL(*observer(), OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
    638   EXPECT_CALL(*observer(),
    639               OnBootstrapTokenUpdated(_,
    640                                       KEYSTORE_BOOTSTRAP_TOKEN)).
    641       WillOnce(SaveArg<0>(&keystore_bootstrap));
    642   {
    643     WriteTransaction trans(FROM_HERE, user_share());
    644     EXPECT_TRUE(
    645         encryption_handler()->SetKeystoreKeys(
    646             keys,
    647             trans.GetWrappedTrans()));
    648     EXPECT_FALSE(
    649         encryption_handler()->NeedKeystoreKey(trans.GetWrappedTrans()));
    650     EXPECT_FALSE(GetCryptographer()->is_initialized());
    651   }
    652   PumpLoop();
    653   EXPECT_TRUE(GetCryptographer()->is_initialized());
    654   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
    655 
    656   // Ensure the bootstrap is encoded properly (a base64 encoded encrypted blob
    657   // of list values containing the keystore keys).
    658   std::string decoded_bootstrap;
    659   ASSERT_TRUE(base::Base64Decode(keystore_bootstrap, &decoded_bootstrap));
    660   std::string decrypted_bootstrap;
    661   ASSERT_TRUE(
    662       GetCryptographer()->encryptor()->DecryptString(decoded_bootstrap,
    663                                                      &decrypted_bootstrap));
    664   JSONStringValueSerializer json(decrypted_bootstrap);
    665   scoped_ptr<base::Value> deserialized_keystore_keys(
    666       json.Deserialize(NULL, NULL));
    667   ASSERT_TRUE(deserialized_keystore_keys.get());
    668   base::ListValue* keystore_list = NULL;
    669   deserialized_keystore_keys->GetAsList(&keystore_list);
    670   ASSERT_TRUE(keystore_list);
    671   ASSERT_EQ(2U, keystore_list->GetSize());
    672   std::string test_string;
    673   keystore_list->GetString(0, &test_string);
    674   ASSERT_EQ(old_keystore_key, test_string);
    675   keystore_list->GetString(1, &test_string);
    676   ASSERT_EQ(kKeystoreKey, test_string);
    677 
    678 
    679   // Now make sure a new encryption handler can correctly parse the bootstrap
    680   // token.
    681   SyncEncryptionHandlerImpl handler2(user_share(),
    682                                      &encryptor_,
    683                                      std::string(),  // Cryptographer bootstrap.
    684                                      keystore_bootstrap);
    685 
    686   {
    687     WriteTransaction trans(FROM_HERE, user_share());
    688     EXPECT_FALSE(handler2.NeedKeystoreKey(trans.GetWrappedTrans()));
    689   }
    690 }
    691 
    692 // Ensure GetKeystoreDecryptor only updates the keystore decryptor token if it
    693 // wasn't already set properly. Otherwise, the decryptor should remain the
    694 // same.
    695 TEST_F(SyncEncryptionHandlerImplTest, GetKeystoreDecryptor) {
    696   const char kCurKey[] = "cur";
    697   sync_pb::EncryptedData encrypted;
    698   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
    699   KeyParams cur_key = {"localhost", "dummy", kCurKey};
    700   other_cryptographer.AddKey(cur_key);
    701   EXPECT_TRUE(other_cryptographer.is_ready());
    702   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
    703       other_cryptographer,
    704       kKeystoreKey,
    705       &encrypted));
    706   std::string serialized = encrypted.SerializeAsString();
    707   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
    708       other_cryptographer,
    709       kKeystoreKey,
    710       &encrypted));
    711   EXPECT_EQ(serialized, encrypted.SerializeAsString());
    712 }
    713 
    714 // Test that we don't attempt to migrate while an implicit passphrase is pending
    715 // and that once we do decrypt pending keys we migrate the nigori. Once
    716 // migrated, we should be in keystore passphrase state.
    717 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptImplicitPass) {
    718   const char kOtherKey[] = "other";
    719   {
    720     EXPECT_CALL(*observer(),
    721                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
    722     ReadTransaction trans(FROM_HERE, user_share());
    723     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
    724                                               kRawKeystoreKey),
    725                                           trans.GetWrappedTrans());
    726     Mock::VerifyAndClearExpectations(observer());
    727   }
    728   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
    729 
    730   {
    731     WriteTransaction trans(FROM_HERE, user_share());
    732     WriteNode nigori_node(&trans);
    733     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
    734     Cryptographer other_cryptographer(GetCryptographer()->encryptor());
    735     KeyParams other_key = {"localhost", "dummy", kOtherKey};
    736     other_cryptographer.AddKey(other_key);
    737 
    738     sync_pb::NigoriSpecifics nigori;
    739     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
    740     nigori.set_keybag_is_frozen(false);
    741     nigori.set_encrypt_everything(false);
    742     EXPECT_CALL(*observer(),
    743                 OnCryptographerStateChanged(_)).Times(AnyNumber());
    744     EXPECT_CALL(*observer(),
    745                 OnPassphraseRequired(_, _));
    746     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
    747     nigori_node.SetNigoriSpecifics(nigori);
    748   }
    749   // Run any tasks posted via AppplyNigoriUpdate.
    750   PumpLoop();
    751   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
    752   Mock::VerifyAndClearExpectations(observer());
    753 
    754   EXPECT_CALL(*observer(),
    755               OnCryptographerStateChanged(_)).Times(AnyNumber());
    756   EXPECT_CALL(*observer(),
    757               OnPassphraseAccepted());
    758   EXPECT_CALL(*observer(),
    759               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
    760   EXPECT_CALL(*observer(),
    761               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
    762   EXPECT_CALL(*observer(),
    763               OnEncryptionComplete());
    764   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
    765   encryption_handler()->SetDecryptionPassphrase(kOtherKey);
    766   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
    767   EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType());
    768   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kOtherKey);
    769 }
    770 
    771 // Test that we don't attempt to migrate while a custom passphrase is pending,
    772 // and that once we do decrypt pending keys we migrate the nigori. Once
    773 // migrated, we should be in custom passphrase state with encrypt everything.
    774 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnDecryptCustomPass) {
    775   const char kOtherKey[] = "other";
    776   {
    777     EXPECT_CALL(*observer(),
    778                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
    779     ReadTransaction trans(FROM_HERE, user_share());
    780     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
    781                                               kRawKeystoreKey),
    782                                           trans.GetWrappedTrans());
    783     Mock::VerifyAndClearExpectations(observer());
    784   }
    785   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
    786 
    787   {
    788     WriteTransaction trans(FROM_HERE, user_share());
    789     WriteNode nigori_node(&trans);
    790     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
    791     Cryptographer other_cryptographer(GetCryptographer()->encryptor());
    792     KeyParams other_key = {"localhost", "dummy", kOtherKey};
    793     other_cryptographer.AddKey(other_key);
    794 
    795     sync_pb::NigoriSpecifics nigori;
    796     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
    797     nigori.set_keybag_is_frozen(true);
    798     nigori.set_encrypt_everything(false);
    799     EXPECT_CALL(*observer(),
    800                 OnCryptographerStateChanged(_)).Times(AnyNumber());
    801     EXPECT_CALL(*observer(),
    802                 OnPassphraseRequired(_, _));
    803     EXPECT_CALL(*observer(),
    804                 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
    805     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
    806     nigori_node.SetNigoriSpecifics(nigori);
    807   }
    808   // Run any tasks posted via AppplyNigoriUpdate.
    809   PumpLoop();
    810   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
    811   Mock::VerifyAndClearExpectations(observer());
    812 
    813   EXPECT_CALL(*observer(),
    814               OnCryptographerStateChanged(_)).Times(AnyNumber());
    815   EXPECT_CALL(*observer(),
    816               OnPassphraseAccepted());
    817   EXPECT_CALL(*observer(),
    818               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
    819   EXPECT_CALL(*observer(),
    820               OnEncryptedTypesChanged(_, true));
    821   EXPECT_CALL(*observer(),
    822               OnEncryptionComplete()).Times(2);
    823   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
    824   encryption_handler()->SetDecryptionPassphrase(kOtherKey);
    825   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
    826   EXPECT_EQ(CUSTOM_PASSPHRASE, encryption_handler()->GetPassphraseType());
    827   VerifyMigratedNigori(CUSTOM_PASSPHRASE, kOtherKey);
    828 }
    829 
    830 // Test that we trigger a migration when we set the keystore key, had an
    831 // implicit passphrase, and did not have encrypt everything. We should switch
    832 // to KEYSTORE_PASSPHRASE.
    833 TEST_F(SyncEncryptionHandlerImplTest, MigrateOnKeystoreKeyAvailableImplicit) {
    834   const char kCurKey[] = "cur";
    835   KeyParams current_key = {"localhost", "dummy", kCurKey};
    836   GetCryptographer()->AddKey(current_key);
    837   EXPECT_CALL(*observer(),
    838               OnCryptographerStateChanged(_)).Times(AnyNumber());
    839   EXPECT_CALL(*observer(),
    840               OnEncryptedTypesChanged(_, false));
    841   EXPECT_CALL(*observer(),
    842               OnEncryptionComplete());
    843   encryption_handler()->Init();
    844   Mock::VerifyAndClearExpectations(observer());
    845 
    846   {
    847     ReadTransaction trans(FROM_HERE, user_share());
    848     // Once we provide a keystore key, we should perform the migration.
    849     EXPECT_CALL(*observer(),
    850                 OnCryptographerStateChanged(_)).Times(AnyNumber());
    851     EXPECT_CALL(*observer(),
    852                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
    853     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
    854                                               kRawKeystoreKey),
    855                                           trans.GetWrappedTrans());
    856   }
    857   EXPECT_CALL(*observer(),
    858               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
    859   // The actual migration gets posted, so run all pending tasks.
    860   PumpLoop();
    861   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
    862   EXPECT_EQ(KEYSTORE_PASSPHRASE,
    863             encryption_handler()->GetPassphraseType());
    864   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
    865   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
    866 }
    867 
    868 // Test that we trigger a migration when we set the keystore key, had an
    869 // implicit passphrase, and encrypt everything enabled. We should switch to
    870 // FROZEN_IMPLICIT_PASSPHRASE.
    871 TEST_F(SyncEncryptionHandlerImplTest,
    872        MigrateOnKeystoreKeyAvailableFrozenImplicit) {
    873   const char kCurKey[] = "cur";
    874   KeyParams current_key = {"localhost", "dummy", kCurKey};
    875   GetCryptographer()->AddKey(current_key);
    876   EXPECT_CALL(*observer(),
    877               OnCryptographerStateChanged(_)).Times(AnyNumber());
    878   EXPECT_CALL(*observer(),
    879               OnEncryptedTypesChanged(_, false));
    880   EXPECT_CALL(*observer(),
    881               OnEncryptionComplete());
    882   encryption_handler()->Init();
    883   Mock::VerifyAndClearExpectations(observer());
    884 
    885   EXPECT_CALL(*observer(),
    886               OnEncryptedTypesChanged(_, true));
    887   EXPECT_CALL(*observer(),
    888               OnEncryptionComplete());
    889   encryption_handler()->EnableEncryptEverything();
    890 
    891   {
    892     ReadTransaction trans(FROM_HERE, user_share());
    893     // Once we provide a keystore key, we should perform the migration.
    894     EXPECT_CALL(*observer(),
    895                 OnCryptographerStateChanged(_)).Times(AnyNumber());
    896     EXPECT_CALL(*observer(),
    897                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
    898     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
    899                                               kRawKeystoreKey),
    900                                           trans.GetWrappedTrans());
    901   }
    902   EXPECT_CALL(*observer(),
    903               OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _));
    904   // The actual migration gets posted, so run all pending tasks.
    905   PumpLoop();
    906   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
    907   EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE,
    908             encryption_handler()->GetPassphraseType());
    909   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
    910   VerifyMigratedNigori(FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
    911 }
    912 
    913 // Test that we trigger a migration when we set the keystore key, had a
    914 // custom passphrase, and encrypt everything enabled. The passphrase state
    915 // should remain as CUSTOM_PASSPHRASE, and encrypt everything stay the same.
    916 TEST_F(SyncEncryptionHandlerImplTest,
    917        MigrateOnKeystoreKeyAvailableCustomWithEncryption) {
    918   const char kCurKey[] = "cur";
    919   EXPECT_CALL(*observer(),
    920               OnCryptographerStateChanged(_)).Times(AnyNumber());
    921   EXPECT_CALL(*observer(),
    922               OnPassphraseRequired(_, _));
    923   EXPECT_CALL(*observer(),
    924               OnPassphraseAccepted());
    925   EXPECT_CALL(*observer(),
    926               OnEncryptedTypesChanged(_, false));
    927   EXPECT_CALL(*observer(),
    928               OnEncryptionComplete());
    929   EXPECT_CALL(*observer(),
    930               OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
    931   EXPECT_CALL(*observer(),
    932               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
    933   encryption_handler()->Init();
    934   encryption_handler()->SetEncryptionPassphrase(kCurKey, true);
    935   EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
    936   Mock::VerifyAndClearExpectations(observer());
    937 
    938   EXPECT_CALL(*observer(),
    939               OnEncryptedTypesChanged(_, true));
    940   EXPECT_CALL(*observer(),
    941               OnEncryptionComplete());
    942   encryption_handler()->EnableEncryptEverything();
    943   Mock::VerifyAndClearExpectations(observer());
    944 
    945   {
    946     ReadTransaction trans(FROM_HERE, user_share());
    947     // Once we provide a keystore key, we should perform the migration.
    948     EXPECT_CALL(*observer(),
    949                 OnCryptographerStateChanged(_)).Times(AnyNumber());
    950     EXPECT_CALL(*observer(),
    951                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
    952     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
    953                                               kRawKeystoreKey),
    954                                           trans.GetWrappedTrans());
    955   }
    956   // The actual migration gets posted, so run all pending tasks.
    957   PumpLoop();
    958   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
    959   EXPECT_EQ(CUSTOM_PASSPHRASE,
    960             encryption_handler()->GetPassphraseType());
    961   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
    962   VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCurKey);
    963 }
    964 
    965 // Test that we trigger a migration when we set the keystore key, had a
    966 // custom passphrase, and did not have encrypt everything. The passphrase state
    967 // should remain as CUSTOM_PASSPHRASE, and encrypt everything should be enabled.
    968 TEST_F(SyncEncryptionHandlerImplTest,
    969        MigrateOnKeystoreKeyAvailableCustomNoEncryption) {
    970   const char kCurKey[] = "cur";
    971   EXPECT_CALL(*observer(),
    972               OnCryptographerStateChanged(_)).Times(AnyNumber());
    973   EXPECT_CALL(*observer(),
    974               OnPassphraseRequired(_, _));
    975   EXPECT_CALL(*observer(),
    976               OnPassphraseAccepted());
    977   EXPECT_CALL(*observer(),
    978               OnEncryptedTypesChanged(_, false));
    979   EXPECT_CALL(*observer(),
    980               OnEncryptionComplete());
    981   EXPECT_CALL(*observer(),
    982               OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
    983   EXPECT_CALL(*observer(),
    984               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
    985   encryption_handler()->Init();
    986   encryption_handler()->SetEncryptionPassphrase(kCurKey, true);
    987   EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
    988   Mock::VerifyAndClearExpectations(observer());
    989 
    990   {
    991     ReadTransaction trans(FROM_HERE, user_share());
    992     // Once we provide a keystore key, we should perform the migration.
    993     EXPECT_CALL(*observer(),
    994                 OnCryptographerStateChanged(_)).Times(AnyNumber());
    995     EXPECT_CALL(*observer(),
    996                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
    997     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
    998                                               kRawKeystoreKey),
    999                                           trans.GetWrappedTrans());
   1000   }
   1001   EXPECT_CALL(*observer(),
   1002               OnEncryptedTypesChanged(_, true));
   1003   EXPECT_CALL(*observer(),
   1004               OnEncryptionComplete());
   1005   // The actual migration gets posted, so run all pending tasks.
   1006   PumpLoop();
   1007   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1008   EXPECT_EQ(CUSTOM_PASSPHRASE,
   1009             encryption_handler()->GetPassphraseType());
   1010   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1011   VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCurKey);
   1012 }
   1013 
   1014 // Test that we can handle receiving a migrated nigori node in the
   1015 // KEYSTORE_PASS state, and use the keystore decryptor token to decrypt the
   1016 // keybag.
   1017 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriKeystorePass) {
   1018   const char kCurKey[] = "cur";
   1019   sync_pb::EncryptedData keystore_decryptor_token;
   1020   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1021   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1022   other_cryptographer.AddKey(cur_key);
   1023   EXPECT_TRUE(other_cryptographer.is_ready());
   1024   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
   1025       other_cryptographer,
   1026       kKeystoreKey,
   1027       &keystore_decryptor_token));
   1028   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   1029   EXPECT_FALSE(GetCryptographer()->is_ready());
   1030   EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1031 
   1032   // Now build a nigori node with the generated keystore decryptor token and
   1033   // initialize the encryption handler with it. The cryptographer should be
   1034   // initialized properly to decrypt both kCurKey and kKeystoreKey.
   1035   {
   1036     WriteTransaction trans(FROM_HERE, user_share());
   1037     WriteNode nigori_node(&trans);
   1038     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1039     sync_pb::NigoriSpecifics nigori;
   1040     nigori.mutable_keystore_decryptor_token()->CopyFrom(
   1041         keystore_decryptor_token);
   1042     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1043     nigori.set_keybag_is_frozen(true);
   1044     nigori.set_keystore_migration_time(1);
   1045     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1046 
   1047     EXPECT_CALL(*observer(), OnPassphraseAccepted());
   1048     EXPECT_CALL(*observer(),
   1049                 OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1050     EXPECT_CALL(*observer(),
   1051                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1052     EXPECT_CALL(*observer(),
   1053                 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   1054     EXPECT_CALL(*observer(),
   1055                 OnCryptographerStateChanged(_)).Times(AnyNumber());
   1056     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1057                                               kRawKeystoreKey),
   1058                                           trans.GetWrappedTrans());
   1059     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
   1060     nigori_node.SetNigoriSpecifics(nigori);
   1061   }
   1062   // Run any tasks posted via AppplyNigoriUpdate.
   1063   PumpLoop();
   1064   Mock::VerifyAndClearExpectations(observer());
   1065 
   1066   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1067   EXPECT_TRUE(GetCryptographer()->is_ready());
   1068   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1069   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1070   VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kCurKey);
   1071 
   1072   // Check that the cryptographer still encrypts with the current key.
   1073   sync_pb::EncryptedData current_encrypted;
   1074   other_cryptographer.EncryptString("string", &current_encrypted);
   1075   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
   1076 
   1077   // Check that the cryptographer can decrypt keystore key based encryption.
   1078   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1079   KeyParams keystore_key =  {"localhost", "dummy", kKeystoreKey};
   1080   keystore_cryptographer.AddKey(keystore_key);
   1081   sync_pb::EncryptedData keystore_encrypted;
   1082   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1083   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1084 }
   1085 
   1086 // Test that we handle receiving migrated nigori's with
   1087 // FROZEN_IMPLICIT_PASSPHRASE state. We should be in a pending key state until
   1088 // we supply the pending frozen implicit passphrase key.
   1089 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriFrozenImplicitPass) {
   1090   const char kCurKey[] = "cur";
   1091   sync_pb::EncryptedData encrypted;
   1092   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1093   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1094   other_cryptographer.AddKey(cur_key);
   1095   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   1096 
   1097   {
   1098     EXPECT_CALL(*observer(),
   1099                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1100     ReadTransaction trans(FROM_HERE, user_share());
   1101     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1102                                               kRawKeystoreKey),
   1103                                           trans.GetWrappedTrans());
   1104   }
   1105   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   1106 
   1107   {
   1108     EXPECT_CALL(*observer(),
   1109                 OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _));
   1110     EXPECT_CALL(*observer(),
   1111                 OnPassphraseRequired(_, _));
   1112     EXPECT_CALL(*observer(),
   1113                 OnCryptographerStateChanged(_)).Times(AnyNumber());
   1114     EXPECT_CALL(*observer(),
   1115                 OnEncryptedTypesChanged(_, true));
   1116     WriteTransaction trans(FROM_HERE, user_share());
   1117     WriteNode nigori_node(&trans);
   1118     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1119     sync_pb::NigoriSpecifics nigori;
   1120     nigori.set_keybag_is_frozen(true);
   1121     nigori.set_passphrase_type(
   1122         sync_pb::NigoriSpecifics::FROZEN_IMPLICIT_PASSPHRASE);
   1123     nigori.set_keystore_migration_time(1);
   1124     nigori.set_encrypt_everything(true);
   1125     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1126     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
   1127     nigori_node.SetNigoriSpecifics(nigori);
   1128   }
   1129   // Run any tasks posted via AppplyNigoriUpdate.
   1130   PumpLoop();
   1131   Mock::VerifyAndClearExpectations(observer());
   1132 
   1133   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1134   EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE,
   1135             encryption_handler()->GetPassphraseType());
   1136   EXPECT_TRUE(GetCryptographer()->has_pending_keys());
   1137   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1138 
   1139   EXPECT_CALL(*observer(),
   1140               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1141   EXPECT_CALL(*observer(),
   1142               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1143   EXPECT_CALL(*observer(),
   1144               OnEncryptionComplete());
   1145   EXPECT_CALL(*observer(),
   1146               OnPassphraseAccepted());
   1147   encryption_handler()->SetDecryptionPassphrase(kCurKey);
   1148   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1149   EXPECT_TRUE(GetCryptographer()->is_ready());
   1150   VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
   1151 
   1152   // Check that the cryptographer still encrypts with the current key.
   1153   sync_pb::EncryptedData current_encrypted;
   1154   other_cryptographer.EncryptString("string", &current_encrypted);
   1155   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
   1156 
   1157   // Check that the cryptographer can decrypt keystore key based encryption.
   1158   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1159   KeyParams keystore_key =  {"localhost", "dummy", kKeystoreKey};
   1160   keystore_cryptographer.AddKey(keystore_key);
   1161   sync_pb::EncryptedData keystore_encrypted;
   1162   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1163   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1164 }
   1165 
   1166 // Test that we handle receiving migrated nigori's with
   1167 // CUSTOM_PASSPHRASE state. We should be in a pending key state until we
   1168 // provide the custom passphrase key.
   1169 TEST_F(SyncEncryptionHandlerImplTest, ReceiveMigratedNigoriCustomPass) {
   1170   const char kCurKey[] = "cur";
   1171   sync_pb::EncryptedData encrypted;
   1172   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1173   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1174   other_cryptographer.AddKey(cur_key);
   1175   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   1176 
   1177   {
   1178     EXPECT_CALL(*observer(),
   1179                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1180     ReadTransaction trans(FROM_HERE, user_share());
   1181     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1182                                               kRawKeystoreKey),
   1183                                           trans.GetWrappedTrans());
   1184   }
   1185   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   1186 
   1187   {
   1188     EXPECT_CALL(*observer(),
   1189                 OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
   1190     EXPECT_CALL(*observer(),
   1191                 OnPassphraseRequired(_, _));
   1192     EXPECT_CALL(*observer(),
   1193                 OnCryptographerStateChanged(_)).Times(AnyNumber());
   1194     EXPECT_CALL(*observer(),
   1195                 OnEncryptedTypesChanged(_, true));
   1196     WriteTransaction trans(FROM_HERE, user_share());
   1197     WriteNode nigori_node(&trans);
   1198     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1199     sync_pb::NigoriSpecifics nigori;
   1200     nigori.set_keybag_is_frozen(true);
   1201     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
   1202     nigori.set_keystore_migration_time(1);
   1203     nigori.set_encrypt_everything(true);
   1204     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1205     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
   1206     nigori_node.SetNigoriSpecifics(nigori);
   1207   }
   1208   // Run any tasks posted via AppplyNigoriUpdate.
   1209   PumpLoop();
   1210   Mock::VerifyAndClearExpectations(observer());
   1211 
   1212   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1213   EXPECT_EQ(CUSTOM_PASSPHRASE, encryption_handler()->GetPassphraseType());
   1214   EXPECT_TRUE(GetCryptographer()->has_pending_keys());
   1215   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1216 
   1217   EXPECT_CALL(*observer(),
   1218               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1219   EXPECT_CALL(*observer(),
   1220               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1221   EXPECT_CALL(*observer(),
   1222               OnEncryptionComplete());
   1223   EXPECT_CALL(*observer(),
   1224               OnPassphraseAccepted());
   1225   encryption_handler()->SetDecryptionPassphrase(kCurKey);
   1226   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1227   EXPECT_TRUE(GetCryptographer()->is_ready());
   1228   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
   1229 
   1230   // Check that the cryptographer still encrypts with the current key.
   1231   sync_pb::EncryptedData current_encrypted;
   1232   other_cryptographer.EncryptString("string", &current_encrypted);
   1233   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
   1234 
   1235   // Check that the cryptographer can decrypt keystore key based encryption.
   1236   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1237   KeyParams keystore_key =  {"localhost", "dummy", kKeystoreKey};
   1238   keystore_cryptographer.AddKey(keystore_key);
   1239   sync_pb::EncryptedData keystore_encrypted;
   1240   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1241   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1242 }
   1243 
   1244 // Test that if we have a migrated nigori with a custom passphrase, then receive
   1245 // and old implicit passphrase nigori, we properly overwrite it with the current
   1246 // state.
   1247 TEST_F(SyncEncryptionHandlerImplTest, ReceiveUnmigratedNigoriAfterMigration) {
   1248   const char kOldKey[] = "old";
   1249   const char kCurKey[] = "cur";
   1250   sync_pb::EncryptedData encrypted;
   1251   KeyParams old_key = {"localhost", "dummy", kOldKey};
   1252   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1253   GetCryptographer()->AddKey(old_key);
   1254   GetCryptographer()->AddKey(cur_key);
   1255 
   1256   // Build a migrated nigori with full encryption.
   1257   {
   1258     WriteTransaction trans(FROM_HERE, user_share());
   1259     WriteNode nigori_node(&trans);
   1260     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1261     sync_pb::NigoriSpecifics nigori;
   1262     GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag());
   1263     nigori.set_keybag_is_frozen(true);
   1264     nigori.set_keystore_migration_time(1);
   1265     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
   1266     nigori.set_encrypt_everything(true);
   1267     nigori_node.SetNigoriSpecifics(nigori);
   1268   }
   1269 
   1270   EXPECT_CALL(*observer(),
   1271               OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
   1272   EXPECT_CALL(*observer(),
   1273               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1274   EXPECT_CALL(*observer(),
   1275               OnEncryptedTypesChanged(_, true)).Times(2);
   1276   EXPECT_CALL(*observer(),
   1277               OnEncryptionComplete());
   1278   encryption_handler()->Init();
   1279   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1280   EXPECT_TRUE(GetCryptographer()->is_ready());
   1281   EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
   1282   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1283   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
   1284 
   1285   {
   1286     EXPECT_CALL(*observer(),
   1287                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1288     ReadTransaction trans(FROM_HERE, user_share());
   1289     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1290                                               kRawKeystoreKey),
   1291                                           trans.GetWrappedTrans());
   1292   }
   1293   Mock::VerifyAndClearExpectations(observer());
   1294 
   1295   // Now build an old unmigrated nigori node with old encrypted types. We should
   1296   // properly overwrite it with the migrated + encrypt everything state.
   1297   EXPECT_CALL(*observer(),
   1298               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1299   EXPECT_CALL(*observer(), OnEncryptionComplete());
   1300   {
   1301     Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1302     other_cryptographer.AddKey(old_key);
   1303     WriteTransaction trans(FROM_HERE, user_share());
   1304     WriteNode nigori_node(&trans);
   1305     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1306     sync_pb::NigoriSpecifics nigori;
   1307     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1308     nigori.set_keybag_is_frozen(false);
   1309     nigori.set_encrypt_everything(false);
   1310     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
   1311     nigori_node.SetNigoriSpecifics(nigori);
   1312   }
   1313   PumpLoop();
   1314 
   1315   // Verify we're still migrated and have proper encryption state.
   1316   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1317   EXPECT_TRUE(GetCryptographer()->is_ready());
   1318   EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
   1319   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1320   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
   1321 }
   1322 
   1323 // Test that if we have a migrated nigori with a custom passphrase, then receive
   1324 // a migrated nigori with a keystore passphrase, we properly overwrite it with
   1325 // the current state.
   1326 TEST_F(SyncEncryptionHandlerImplTest, ReceiveOldMigratedNigori) {
   1327   const char kOldKey[] = "old";
   1328   const char kCurKey[] = "cur";
   1329   sync_pb::EncryptedData encrypted;
   1330   KeyParams old_key = {"localhost", "dummy", kOldKey};
   1331   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1332   GetCryptographer()->AddKey(old_key);
   1333   GetCryptographer()->AddKey(cur_key);
   1334 
   1335   // Build a migrated nigori with full encryption.
   1336   {
   1337     WriteTransaction trans(FROM_HERE, user_share());
   1338     WriteNode nigori_node(&trans);
   1339     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1340     sync_pb::NigoriSpecifics nigori;
   1341     GetCryptographer()->GetKeys(nigori.mutable_encryption_keybag());
   1342     nigori.set_keybag_is_frozen(true);
   1343     nigori.set_keystore_migration_time(1);
   1344     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::CUSTOM_PASSPHRASE);
   1345     nigori.set_encrypt_everything(true);
   1346     nigori_node.SetNigoriSpecifics(nigori);
   1347   }
   1348 
   1349   EXPECT_CALL(*observer(),
   1350               OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
   1351   EXPECT_CALL(*observer(),
   1352               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1353   EXPECT_CALL(*observer(),
   1354               OnEncryptedTypesChanged(_, true)).Times(2);
   1355   EXPECT_CALL(*observer(),
   1356               OnEncryptionComplete());
   1357   encryption_handler()->Init();
   1358   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1359   EXPECT_TRUE(GetCryptographer()->is_ready());
   1360   EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
   1361   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1362   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
   1363 
   1364   {
   1365     EXPECT_CALL(*observer(),
   1366                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1367     ReadTransaction trans(FROM_HERE, user_share());
   1368     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1369                                               kRawKeystoreKey),
   1370                                           trans.GetWrappedTrans());
   1371   }
   1372   Mock::VerifyAndClearExpectations(observer());
   1373 
   1374   // Now build an old keystore nigori node with old encrypted types. We should
   1375   // properly overwrite it with the migrated + encrypt everything state.
   1376   EXPECT_CALL(*observer(),
   1377               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1378   EXPECT_CALL(*observer(), OnEncryptionComplete());
   1379   {
   1380     WriteTransaction trans(FROM_HERE, user_share());
   1381     WriteNode nigori_node(&trans);
   1382     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1383     sync_pb::NigoriSpecifics nigori;
   1384     Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1385     other_cryptographer.AddKey(old_key);
   1386     encryption_handler()->GetKeystoreDecryptor(
   1387         other_cryptographer,
   1388         kKeystoreKey,
   1389         nigori.mutable_keystore_decryptor_token());
   1390     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1391     nigori.set_keybag_is_frozen(true);
   1392     nigori.set_encrypt_everything(false);
   1393     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1394     nigori.set_keystore_migration_time(1);
   1395     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
   1396     nigori_node.SetNigoriSpecifics(nigori);
   1397   }
   1398   PumpLoop();
   1399 
   1400   // Verify we're still migrated and have proper encryption state.
   1401   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1402   EXPECT_TRUE(GetCryptographer()->is_ready());
   1403   EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
   1404   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1405   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCurKey);
   1406 }
   1407 
   1408 // Test that if we receive the keystore key after receiving a migrated nigori
   1409 // node, we properly use the keystore decryptor token to decrypt the keybag.
   1410 TEST_F(SyncEncryptionHandlerImplTest, SetKeystoreAfterReceivingMigratedNigori) {
   1411   const char kCurKey[] = "cur";
   1412   sync_pb::EncryptedData keystore_decryptor_token;
   1413   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1414   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1415   other_cryptographer.AddKey(cur_key);
   1416   EXPECT_TRUE(other_cryptographer.is_ready());
   1417   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
   1418       other_cryptographer,
   1419       kKeystoreKey,
   1420       &keystore_decryptor_token));
   1421   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   1422   EXPECT_FALSE(GetCryptographer()->is_ready());
   1423   EXPECT_NE(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1424 
   1425   // Now build a nigori node with the generated keystore decryptor token and
   1426   // initialize the encryption handler with it. The cryptographer should be
   1427   // initialized properly to decrypt both kCurKey and kKeystoreKey.
   1428   {
   1429     WriteTransaction trans(FROM_HERE, user_share());
   1430     WriteNode nigori_node(&trans);
   1431     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1432     sync_pb::NigoriSpecifics nigori;
   1433     nigori.mutable_keystore_decryptor_token()->CopyFrom(
   1434         keystore_decryptor_token);
   1435     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1436     nigori.set_keybag_is_frozen(true);
   1437     nigori.set_keystore_migration_time(1);
   1438     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1439 
   1440     EXPECT_CALL(*observer(),
   1441                 OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   1442     EXPECT_CALL(*observer(),
   1443                 OnCryptographerStateChanged(_)).Times(AnyNumber());
   1444     EXPECT_CALL(*observer(),
   1445                 OnPassphraseRequired(_, _));
   1446     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
   1447     nigori_node.SetNigoriSpecifics(nigori);
   1448   }
   1449   // Run any tasks posted via AppplyNigoriUpdate.
   1450   PumpLoop();
   1451   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1452   EXPECT_TRUE(GetCryptographer()->has_pending_keys());
   1453   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1454   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1455   Mock::VerifyAndClearExpectations(observer());
   1456 
   1457   EXPECT_CALL(*observer(), OnPassphraseAccepted());
   1458   EXPECT_CALL(*observer(),
   1459               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1460   EXPECT_CALL(*observer(),
   1461               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1462   {
   1463     EXPECT_CALL(*observer(),
   1464                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1465     ReadTransaction trans(FROM_HERE, user_share());
   1466     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1467                                               kRawKeystoreKey),
   1468                                           trans.GetWrappedTrans());
   1469   }
   1470   PumpLoop();
   1471   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1472   EXPECT_TRUE(GetCryptographer()->is_ready());
   1473   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1474   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1475   VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kCurKey);
   1476 
   1477   // Check that the cryptographer still encrypts with the current key.
   1478   sync_pb::EncryptedData current_encrypted;
   1479   other_cryptographer.EncryptString("string", &current_encrypted);
   1480   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
   1481 
   1482   // Check that the cryptographer can decrypt keystore key based encryption.
   1483   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1484   KeyParams keystore_key =  {"localhost", "dummy", kKeystoreKey};
   1485   keystore_cryptographer.AddKey(keystore_key);
   1486   sync_pb::EncryptedData keystore_encrypted;
   1487   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1488   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1489 }
   1490 
   1491 // Test that after receiving a migrated nigori and decrypting it using the
   1492 // keystore key, we can then switch to a custom passphrase. The nigori should
   1493 // remain migrated and encrypt everything should be enabled.
   1494 TEST_F(SyncEncryptionHandlerImplTest, SetCustomPassAfterMigration) {
   1495   const char kOldKey[] = "old";
   1496   sync_pb::EncryptedData keystore_decryptor_token;
   1497   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1498   KeyParams cur_key = {"localhost", "dummy", kOldKey};
   1499   other_cryptographer.AddKey(cur_key);
   1500   EXPECT_TRUE(other_cryptographer.is_ready());
   1501   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
   1502       other_cryptographer,
   1503       kKeystoreKey,
   1504       &keystore_decryptor_token));
   1505 
   1506   // Build a nigori node with the generated keystore decryptor token and
   1507   // initialize the encryption handler with it. The cryptographer should be
   1508   // initialized properly to decrypt both kOldKey and kKeystoreKey.
   1509   {
   1510     WriteTransaction trans(FROM_HERE, user_share());
   1511     WriteNode nigori_node(&trans);
   1512     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1513     sync_pb::NigoriSpecifics nigori;
   1514     nigori.mutable_keystore_decryptor_token()->CopyFrom(
   1515         keystore_decryptor_token);
   1516     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1517     nigori.set_keybag_is_frozen(true);
   1518     nigori.set_keystore_migration_time(1);
   1519     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1520     nigori_node.SetNigoriSpecifics(nigori);
   1521     EXPECT_CALL(*observer(),
   1522                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1523     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1524                                               kRawKeystoreKey),
   1525                                           trans.GetWrappedTrans());
   1526   }
   1527 
   1528   EXPECT_CALL(*observer(), OnPassphraseAccepted());
   1529   EXPECT_CALL(*observer(),
   1530               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   1531   EXPECT_CALL(*observer(),
   1532               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1533   EXPECT_CALL(*observer(),
   1534               OnEncryptedTypesChanged(_, false));
   1535   EXPECT_CALL(*observer(),
   1536               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1537   EXPECT_CALL(*observer(),
   1538               OnEncryptionComplete());
   1539   encryption_handler()->Init();
   1540   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1541   EXPECT_TRUE(GetCryptographer()->is_ready());
   1542   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1543   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1544   Mock::VerifyAndClearExpectations(observer());
   1545 
   1546   const char kNewKey[] = "new_key";
   1547   EXPECT_CALL(*observer(),
   1548               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1549   EXPECT_CALL(*observer(),
   1550               OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
   1551   EXPECT_CALL(*observer(),
   1552               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1553   EXPECT_CALL(*observer(),
   1554               OnPassphraseAccepted());
   1555   EXPECT_CALL(*observer(),
   1556               OnEncryptedTypesChanged(_, true));
   1557   EXPECT_CALL(*observer(),
   1558               OnEncryptionComplete()).Times(2);
   1559   encryption_handler()->SetEncryptionPassphrase(kNewKey, true);
   1560   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1561   EXPECT_TRUE(GetCryptographer()->is_ready());
   1562   EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
   1563   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1564   EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
   1565   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kNewKey);
   1566 
   1567   // Check that the cryptographer can decrypt the old key.
   1568   sync_pb::EncryptedData old_encrypted;
   1569   other_cryptographer.EncryptString("string", &old_encrypted);
   1570   EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted));
   1571 
   1572   // Check that the cryptographer can decrypt keystore key based encryption.
   1573   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1574   KeyParams keystore_key =  {"localhost", "dummy", kKeystoreKey};
   1575   keystore_cryptographer.AddKey(keystore_key);
   1576   sync_pb::EncryptedData keystore_encrypted;
   1577   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1578   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1579 
   1580   // Check the the cryptographer is encrypting with the new key.
   1581   KeyParams new_key = {"localhost", "dummy", kNewKey};
   1582   Cryptographer new_cryptographer(GetCryptographer()->encryptor());
   1583   new_cryptographer.AddKey(new_key);
   1584   sync_pb::EncryptedData new_encrypted;
   1585   new_cryptographer.EncryptString("string", &new_encrypted);
   1586   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
   1587 }
   1588 
   1589 // Test that if a client without a keystore key (e.g. one without keystore
   1590 // encryption enabled) receives a migrated nigori and then attempts to set a
   1591 // custom passphrase, it also enables encrypt everything. The nigori node
   1592 // should remain migrated.
   1593 TEST_F(SyncEncryptionHandlerImplTest,
   1594        SetCustomPassAfterMigrationNoKeystoreKey) {
   1595   const char kOldKey[] = "old";
   1596   sync_pb::EncryptedData keystore_decryptor_token;
   1597   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1598   KeyParams cur_key = {"localhost", "dummy", kOldKey};
   1599   other_cryptographer.AddKey(cur_key);
   1600   KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
   1601   other_cryptographer.AddNonDefaultKey(keystore_key);
   1602   EXPECT_TRUE(other_cryptographer.is_ready());
   1603   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
   1604       other_cryptographer,
   1605       kKeystoreKey,
   1606       &keystore_decryptor_token));
   1607 
   1608   // Build a nigori node with the generated keystore decryptor token and
   1609   // initialize the encryption handler with it. The cryptographer will have
   1610   // pending keys until we provide the decryption passphrase.
   1611   {
   1612     WriteTransaction trans(FROM_HERE, user_share());
   1613     WriteNode nigori_node(&trans);
   1614     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1615     sync_pb::NigoriSpecifics nigori;
   1616     nigori.mutable_keystore_decryptor_token()->CopyFrom(
   1617         keystore_decryptor_token);
   1618     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1619     nigori.set_keybag_is_frozen(true);
   1620     nigori.set_keystore_migration_time(1);
   1621     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1622     nigori_node.SetNigoriSpecifics(nigori);
   1623   }
   1624 
   1625   EXPECT_CALL(*observer(),
   1626               OnPassphraseRequired(_, _));
   1627   EXPECT_CALL(*observer(),
   1628               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   1629   EXPECT_CALL(*observer(),
   1630               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1631   EXPECT_CALL(*observer(),
   1632               OnEncryptedTypesChanged(_, false));
   1633   encryption_handler()->Init();
   1634   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1635   EXPECT_TRUE(GetCryptographer()->has_pending_keys());
   1636   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1637   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1638   Mock::VerifyAndClearExpectations(observer());
   1639 
   1640   EXPECT_CALL(*observer(),
   1641               OnPassphraseAccepted());
   1642   EXPECT_CALL(*observer(),
   1643               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1644   EXPECT_CALL(*observer(),
   1645               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1646   EXPECT_CALL(*observer(),
   1647               OnEncryptionComplete());
   1648   encryption_handler()->SetDecryptionPassphrase(kOldKey);
   1649   EXPECT_TRUE(GetCryptographer()->is_ready());
   1650   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1651   Mock::VerifyAndClearExpectations(observer());
   1652 
   1653   const char kNewKey[] = "new_key";
   1654   EXPECT_CALL(*observer(),
   1655               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1656   EXPECT_CALL(*observer(),
   1657               OnPassphraseTypeChanged(CUSTOM_PASSPHRASE, _));
   1658   EXPECT_CALL(*observer(),
   1659               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1660   EXPECT_CALL(*observer(),
   1661               OnPassphraseAccepted());
   1662   EXPECT_CALL(*observer(),
   1663               OnEncryptedTypesChanged(_, true));
   1664   EXPECT_CALL(*observer(),
   1665               OnEncryptionComplete()).Times(2);
   1666   encryption_handler()->SetEncryptionPassphrase(kNewKey, true);
   1667   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1668   EXPECT_TRUE(GetCryptographer()->is_ready());
   1669   EXPECT_EQ(encryption_handler()->GetPassphraseType(), CUSTOM_PASSPHRASE);
   1670   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1671   EXPECT_FALSE(encryption_handler()->custom_passphrase_time().is_null());
   1672   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kNewKey);
   1673 
   1674   // Check that the cryptographer can decrypt the old key.
   1675   sync_pb::EncryptedData old_encrypted;
   1676   other_cryptographer.EncryptString("string", &old_encrypted);
   1677   EXPECT_TRUE(GetCryptographer()->CanDecrypt(old_encrypted));
   1678 
   1679   // Check that the cryptographer can still decrypt keystore key based
   1680   // encryption (should have been extracted from the encryption keybag).
   1681   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1682   keystore_cryptographer.AddKey(keystore_key);
   1683   sync_pb::EncryptedData keystore_encrypted;
   1684   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1685   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1686 
   1687   // Check the the cryptographer is encrypting with the new key.
   1688   KeyParams new_key = {"localhost", "dummy", kNewKey};
   1689   Cryptographer new_cryptographer(GetCryptographer()->encryptor());
   1690   new_cryptographer.AddKey(new_key);
   1691   sync_pb::EncryptedData new_encrypted;
   1692   new_cryptographer.EncryptString("string", &new_encrypted);
   1693   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
   1694 }
   1695 
   1696 // Test that if a client without a keystore key (e.g. one without keystore
   1697 // encryption enabled) receives a migrated nigori and then attempts to set a
   1698 // new implicit passphrase, we do not modify the nigori node (the implicit
   1699 // passphrase is dropped).
   1700 TEST_F(SyncEncryptionHandlerImplTest,
   1701        SetImplicitPassAfterMigrationNoKeystoreKey) {
   1702   const char kOldKey[] = "old";
   1703   sync_pb::EncryptedData keystore_decryptor_token;
   1704   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1705   KeyParams cur_key = {"localhost", "dummy", kOldKey};
   1706   other_cryptographer.AddKey(cur_key);
   1707   KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
   1708   other_cryptographer.AddNonDefaultKey(keystore_key);
   1709   EXPECT_TRUE(other_cryptographer.is_ready());
   1710   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
   1711       other_cryptographer,
   1712       kKeystoreKey,
   1713       &keystore_decryptor_token));
   1714 
   1715   // Build a nigori node with the generated keystore decryptor token and
   1716   // initialize the encryption handler with it. The cryptographer will have
   1717   // pending keys until we provide the decryption passphrase.
   1718   {
   1719     WriteTransaction trans(FROM_HERE, user_share());
   1720     WriteNode nigori_node(&trans);
   1721     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1722     sync_pb::NigoriSpecifics nigori;
   1723     nigori.mutable_keystore_decryptor_token()->CopyFrom(
   1724         keystore_decryptor_token);
   1725     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1726     nigori.set_keybag_is_frozen(true);
   1727     nigori.set_keystore_migration_time(1);
   1728     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1729     nigori_node.SetNigoriSpecifics(nigori);
   1730   }
   1731 
   1732   EXPECT_CALL(*observer(),
   1733               OnPassphraseRequired(_, _));
   1734   EXPECT_CALL(*observer(),
   1735               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   1736   EXPECT_CALL(*observer(),
   1737               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1738   EXPECT_CALL(*observer(),
   1739               OnEncryptedTypesChanged(_, false));
   1740   encryption_handler()->Init();
   1741   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1742   EXPECT_TRUE(GetCryptographer()->has_pending_keys());
   1743   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1744   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1745   Mock::VerifyAndClearExpectations(observer());
   1746 
   1747   EXPECT_CALL(*observer(),
   1748               OnPassphraseAccepted());
   1749   EXPECT_CALL(*observer(),
   1750               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1751   EXPECT_CALL(*observer(),
   1752               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1753   EXPECT_CALL(*observer(),
   1754               OnEncryptionComplete());
   1755   encryption_handler()->SetDecryptionPassphrase(kOldKey);
   1756   EXPECT_TRUE(GetCryptographer()->is_ready());
   1757   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1758   Mock::VerifyAndClearExpectations(observer());
   1759 
   1760   // Should get dropped on the floor silently.
   1761   const char kNewKey[] = "new_key";
   1762   encryption_handler()->SetEncryptionPassphrase(kNewKey, false);
   1763   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1764   EXPECT_TRUE(GetCryptographer()->is_ready());
   1765   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1766   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1767   VerifyMigratedNigoriWithTimestamp(1, KEYSTORE_PASSPHRASE, kOldKey);
   1768 
   1769   // Check that the cryptographer can decrypt the old key.
   1770   sync_pb::EncryptedData old_encrypted;
   1771   other_cryptographer.EncryptString("string", &old_encrypted);
   1772   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(old_encrypted));
   1773 
   1774   // Check that the cryptographer can still decrypt keystore key based
   1775   // encryption (due to extracting the keystore key from the encryption keybag).
   1776   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1777   keystore_cryptographer.AddKey(keystore_key);
   1778   sync_pb::EncryptedData keystore_encrypted;
   1779   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1780   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1781 
   1782   // Check the the cryptographer does not have the new key.
   1783   KeyParams new_key = {"localhost", "dummy", kNewKey};
   1784   Cryptographer new_cryptographer(GetCryptographer()->encryptor());
   1785   new_cryptographer.AddKey(new_key);
   1786   sync_pb::EncryptedData new_encrypted;
   1787   new_cryptographer.EncryptString("string", &new_encrypted);
   1788   EXPECT_FALSE(GetCryptographer()->CanDecryptUsingDefaultKey(new_encrypted));
   1789 }
   1790 
   1791 // Test that if a client without a keystore key (e.g. one without keystore
   1792 // encryption enabled) receives a migrated nigori in keystore passphrase state
   1793 // and then attempts to enable encrypt everything, we switch to a custom
   1794 // passphrase. The nigori should remain migrated.
   1795 TEST_F(SyncEncryptionHandlerImplTest,
   1796        MigrateOnEncryptEverythingKeystorePassphrase) {
   1797   const char kCurKey[] = "cur";
   1798   sync_pb::EncryptedData keystore_decryptor_token;
   1799   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1800   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1801   other_cryptographer.AddKey(cur_key);
   1802   KeyParams keystore_key = {"localhost", "dummy", kKeystoreKey};
   1803   other_cryptographer.AddNonDefaultKey(keystore_key);
   1804   EXPECT_TRUE(other_cryptographer.is_ready());
   1805   EXPECT_TRUE(encryption_handler()->GetKeystoreDecryptor(
   1806       other_cryptographer,
   1807       kKeystoreKey,
   1808       &keystore_decryptor_token));
   1809 
   1810   // Build a nigori node with the generated keystore decryptor token and
   1811   // initialize the encryption handler with it. The cryptographer will have
   1812   // pending keys until we provide the decryption passphrase.
   1813   {
   1814     WriteTransaction trans(FROM_HERE, user_share());
   1815     WriteNode nigori_node(&trans);
   1816     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1817     sync_pb::NigoriSpecifics nigori;
   1818     nigori.mutable_keystore_decryptor_token()->CopyFrom(
   1819         keystore_decryptor_token);
   1820     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1821     nigori.set_keybag_is_frozen(true);
   1822     nigori.set_keystore_migration_time(1);
   1823     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1824     nigori_node.SetNigoriSpecifics(nigori);
   1825   }
   1826   EXPECT_CALL(*observer(),
   1827               OnPassphraseRequired(_, _));
   1828   EXPECT_CALL(*observer(),
   1829               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   1830   EXPECT_CALL(*observer(),
   1831               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1832   EXPECT_CALL(*observer(),
   1833               OnEncryptedTypesChanged(_, false));
   1834   encryption_handler()->Init();
   1835   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1836   EXPECT_TRUE(GetCryptographer()->has_pending_keys());
   1837   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1838   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1839   Mock::VerifyAndClearExpectations(observer());
   1840 
   1841   EXPECT_CALL(*observer(),
   1842               OnPassphraseAccepted());
   1843   EXPECT_CALL(*observer(),
   1844               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1845   EXPECT_CALL(*observer(),
   1846               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   1847   EXPECT_CALL(*observer(),
   1848               OnEncryptionComplete());
   1849   encryption_handler()->SetDecryptionPassphrase(kCurKey);
   1850   Mock::VerifyAndClearExpectations(observer());
   1851 
   1852   EXPECT_CALL(*observer(),
   1853               OnPassphraseTypeChanged(FROZEN_IMPLICIT_PASSPHRASE, _));
   1854   EXPECT_CALL(*observer(),
   1855               OnEncryptionComplete());
   1856   EXPECT_CALL(*observer(),
   1857               OnEncryptedTypesChanged(_, true));
   1858   EXPECT_CALL(*observer(),
   1859                 OnCryptographerStateChanged(_)).Times(AnyNumber());
   1860   encryption_handler()->EnableEncryptEverything();
   1861   Mock::VerifyAndClearExpectations(observer());
   1862 
   1863   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1864   EXPECT_TRUE(GetCryptographer()->is_ready());
   1865   EXPECT_EQ(FROZEN_IMPLICIT_PASSPHRASE,
   1866             encryption_handler()->GetPassphraseType());
   1867   EXPECT_TRUE(encryption_handler()->EncryptEverythingEnabled());
   1868   VerifyMigratedNigoriWithTimestamp(1, FROZEN_IMPLICIT_PASSPHRASE, kCurKey);
   1869 
   1870   // Check that the cryptographer is encrypting using the frozen current key.
   1871   sync_pb::EncryptedData current_encrypted;
   1872   other_cryptographer.EncryptString("string", &current_encrypted);
   1873   EXPECT_TRUE(GetCryptographer()->CanDecryptUsingDefaultKey(current_encrypted));
   1874 
   1875   // Check that the cryptographer can still decrypt keystore key based
   1876   // encryption (due to extracting the keystore key from the encryption keybag).
   1877   Cryptographer keystore_cryptographer(GetCryptographer()->encryptor());
   1878   keystore_cryptographer.AddKey(keystore_key);
   1879   sync_pb::EncryptedData keystore_encrypted;
   1880   keystore_cryptographer.EncryptString("string", &keystore_encrypted);
   1881   EXPECT_TRUE(GetCryptographer()->CanDecrypt(keystore_encrypted));
   1882 }
   1883 
   1884 // If we receive a nigori migrated and with a KEYSTORE_PASSPHRASE type, but
   1885 // using an old default key (i.e. old GAIA password), we should overwrite the
   1886 // nigori, updating the keybag and keystore decryptor.
   1887 TEST_F(SyncEncryptionHandlerImplTest,
   1888        ReceiveMigratedNigoriWithOldPassphrase) {
   1889   const char kOldKey[] = "old";
   1890   const char kCurKey[] = "cur";
   1891   sync_pb::EncryptedData encrypted;
   1892   KeyParams old_key = {"localhost", "dummy", kOldKey};
   1893   KeyParams cur_key = {"localhost", "dummy", kCurKey};
   1894   GetCryptographer()->AddKey(old_key);
   1895   GetCryptographer()->AddKey(cur_key);
   1896 
   1897   Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1898   other_cryptographer.AddKey(old_key);
   1899   EXPECT_TRUE(other_cryptographer.is_ready());
   1900 
   1901   EXPECT_CALL(*observer(),
   1902               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1903   EXPECT_CALL(*observer(),
   1904               OnEncryptedTypesChanged(_, false));
   1905   EXPECT_CALL(*observer(),
   1906               OnEncryptionComplete());
   1907   encryption_handler()->Init();
   1908   EXPECT_TRUE(GetCryptographer()->is_ready());
   1909   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1910 
   1911   {
   1912     EXPECT_CALL(*observer(),
   1913                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1914     ReadTransaction trans(FROM_HERE, user_share());
   1915     encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1916                                               kRawKeystoreKey),
   1917                                           trans.GetWrappedTrans());
   1918   }
   1919   EXPECT_CALL(*observer(),
   1920               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   1921   PumpLoop();
   1922   Mock::VerifyAndClearExpectations(observer());
   1923   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1924   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1925   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
   1926 
   1927   // Now build an old keystore passphrase nigori node.
   1928   EXPECT_CALL(*observer(),
   1929               OnCryptographerStateChanged(_)).Times(AnyNumber());
   1930   EXPECT_CALL(*observer(), OnEncryptionComplete());
   1931   {
   1932     WriteTransaction trans(FROM_HERE, user_share());
   1933     WriteNode nigori_node(&trans);
   1934     ASSERT_EQ(nigori_node.InitTypeRoot(NIGORI), BaseNode::INIT_OK);
   1935     sync_pb::NigoriSpecifics nigori;
   1936     Cryptographer other_cryptographer(GetCryptographer()->encryptor());
   1937     other_cryptographer.AddKey(old_key);
   1938     encryption_handler()->GetKeystoreDecryptor(
   1939         other_cryptographer,
   1940         kKeystoreKey,
   1941         nigori.mutable_keystore_decryptor_token());
   1942     other_cryptographer.GetKeys(nigori.mutable_encryption_keybag());
   1943     nigori.set_keybag_is_frozen(true);
   1944     nigori.set_encrypt_everything(false);
   1945     nigori.set_passphrase_type(sync_pb::NigoriSpecifics::KEYSTORE_PASSPHRASE);
   1946     nigori.set_keystore_migration_time(1);
   1947     encryption_handler()->ApplyNigoriUpdate(nigori, trans.GetWrappedTrans());
   1948     nigori_node.SetNigoriSpecifics(nigori);
   1949   }
   1950   PumpLoop();
   1951 
   1952   // Verify we're still migrated and have proper encryption state.
   1953   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   1954   EXPECT_TRUE(GetCryptographer()->is_ready());
   1955   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   1956   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   1957   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kCurKey);
   1958 }
   1959 
   1960 // Trigger a key rotation upon receiving new keys if we already had a keystore
   1961 // migrated nigori with the gaia key as the default (still in backwards
   1962 // compatible mode).
   1963 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefault) {
   1964   // Destroy the existing nigori node so we init without a nigori node.
   1965   TearDown();
   1966   test_user_share_.SetUp();
   1967   SetUpEncryption();
   1968 
   1969   const char kOldGaiaKey[] = "old_gaia_key";
   1970   const char kRawOldKeystoreKey[] = "old_keystore_key";
   1971   std::string old_keystore_key;
   1972   base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
   1973   {
   1974     ReadTransaction trans(FROM_HERE, user_share());
   1975     EXPECT_CALL(*observer(),
   1976                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1977       encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   1978                                                 kRawOldKeystoreKey),
   1979                                             trans.GetWrappedTrans());
   1980   }
   1981   PumpLoop();
   1982   Mock::VerifyAndClearExpectations(observer());
   1983 
   1984   // Then init the nigori node with a backwards compatible set of keys.
   1985   CreateRootForType(NIGORI);
   1986   EXPECT_CALL(*observer(), OnPassphraseAccepted());
   1987   InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key);
   1988 
   1989   // Now set some new keystore keys.
   1990   EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
   1991   EXPECT_CALL(*observer(), OnEncryptionComplete());
   1992   {
   1993     google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
   1994     keys.Add()->assign(kRawOldKeystoreKey);
   1995     keys.Add()->assign(kRawKeystoreKey);
   1996     EXPECT_CALL(*observer(),
   1997                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   1998     ReadTransaction trans(FROM_HERE, user_share());
   1999     encryption_handler()->SetKeystoreKeys(keys,
   2000                                           trans.GetWrappedTrans());
   2001   }
   2002   // Pump for any posted tasks.
   2003   PumpLoop();
   2004   Mock::VerifyAndClearExpectations(observer());
   2005 
   2006   // Verify we're still migrated and have proper encryption state. We should
   2007   // have rotated the keybag so that it's now encrypted with the newest keystore
   2008   // key (instead of the old gaia key).
   2009   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   2010   EXPECT_TRUE(GetCryptographer()->is_ready());
   2011   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   2012   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   2013   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
   2014 }
   2015 
   2016 // Trigger a key rotation upon receiving new keys if we already had a keystore
   2017 // migrated nigori with the keystore key as the default.
   2018 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysKeystoreDefault) {
   2019   // Destroy the existing nigori node so we init without a nigori node.
   2020   TearDown();
   2021   test_user_share_.SetUp();
   2022   SetUpEncryption();
   2023 
   2024   const char kRawOldKeystoreKey[] = "old_keystore_key";
   2025   std::string old_keystore_key;
   2026   base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
   2027   {
   2028     ReadTransaction trans(FROM_HERE, user_share());
   2029     EXPECT_CALL(*observer(),
   2030                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   2031       encryption_handler()->SetKeystoreKeys(BuildEncryptionKeyProto(
   2032                                                 kRawOldKeystoreKey),
   2033                                             trans.GetWrappedTrans());
   2034   }
   2035   PumpLoop();
   2036   Mock::VerifyAndClearExpectations(observer());
   2037 
   2038   // Then init the nigori node with a non-backwards compatible set of keys.
   2039   CreateRootForType(NIGORI);
   2040   EXPECT_CALL(*observer(), OnPassphraseAccepted());
   2041   InitKeystoreMigratedNigori(1, old_keystore_key, old_keystore_key);
   2042 
   2043   // Now set some new keystore keys.
   2044   EXPECT_CALL(*observer(), OnCryptographerStateChanged(_)).Times(AnyNumber());
   2045   EXPECT_CALL(*observer(), OnEncryptionComplete());
   2046   {
   2047     google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
   2048     keys.Add()->assign(kRawOldKeystoreKey);
   2049     keys.Add()->assign(kRawKeystoreKey);
   2050     EXPECT_CALL(*observer(),
   2051                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   2052     ReadTransaction trans(FROM_HERE, user_share());
   2053     encryption_handler()->SetKeystoreKeys(keys,
   2054                                           trans.GetWrappedTrans());
   2055   }
   2056   // Pump for any posted tasks.
   2057   PumpLoop();
   2058   Mock::VerifyAndClearExpectations(observer());
   2059 
   2060   // Verify we're still migrated and have proper encryption state. We should
   2061   // have rotated the keybag so that it's now encrypted with the newest keystore
   2062   // key (instead of the old gaia key).
   2063   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   2064   EXPECT_TRUE(GetCryptographer()->is_ready());
   2065   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   2066   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   2067   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
   2068 }
   2069 
   2070 // Trigger a key rotation upon when a pending gaia passphrase is resolved.
   2071 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysAfterPendingGaiaResolved) {
   2072   const char kOldGaiaKey[] = "old_gaia_key";
   2073   const char kRawOldKeystoreKey[] = "old_keystore_key";
   2074 
   2075   EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
   2076   InitUnmigratedNigori(kOldGaiaKey, IMPLICIT_PASSPHRASE);
   2077 
   2078   {
   2079     // Pass multiple keystore keys, signaling a rotation has happened.
   2080     google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
   2081     keys.Add()->assign(kRawOldKeystoreKey);
   2082     keys.Add()->assign(kRawKeystoreKey);
   2083     ReadTransaction trans(FROM_HERE, user_share());
   2084     EXPECT_CALL(*observer(),
   2085                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   2086     encryption_handler()->SetKeystoreKeys(keys,
   2087                                           trans.GetWrappedTrans());
   2088   }
   2089   PumpLoop();
   2090   Mock::VerifyAndClearExpectations(observer());
   2091 
   2092   // Resolve the pending keys. This should trigger the key rotation.
   2093   EXPECT_CALL(*observer(),
   2094               OnCryptographerStateChanged(_)).Times(AnyNumber());
   2095   EXPECT_CALL(*observer(),
   2096               OnPassphraseAccepted());
   2097   EXPECT_CALL(*observer(),
   2098               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   2099   EXPECT_CALL(*observer(),
   2100               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   2101   EXPECT_CALL(*observer(),
   2102               OnEncryptionComplete()).Times(AtLeast(1));
   2103   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   2104   encryption_handler()->SetDecryptionPassphrase(kOldGaiaKey);
   2105   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   2106   EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType());
   2107   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
   2108 }
   2109 
   2110 // When signing in for the first time, make sure we can rotate keys if we
   2111 // already have a keystore migrated nigori.
   2112 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysGaiaDefaultOnInit) {
   2113   // Destroy the existing nigori node so we init without a nigori node.
   2114   TearDown();
   2115   test_user_share_.SetUp();
   2116   SetUpEncryption();
   2117 
   2118   const char kOldGaiaKey[] = "old_gaia_key";
   2119   const char kRawOldKeystoreKey[] = "old_keystore_key";
   2120   std::string old_keystore_key;
   2121   base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
   2122 
   2123   // Set two keys, signaling that a rotation has been performed. No nigori
   2124   // node is present yet, so we can't rotate.
   2125   {
   2126     google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
   2127     keys.Add()->assign(kRawOldKeystoreKey);
   2128     keys.Add()->assign(kRawKeystoreKey);
   2129     EXPECT_CALL(*observer(),
   2130                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   2131     ReadTransaction trans(FROM_HERE, user_share());
   2132     encryption_handler()->SetKeystoreKeys(keys,
   2133                                           trans.GetWrappedTrans());
   2134   }
   2135 
   2136   // Then init the nigori node with an old set of keys.
   2137   CreateRootForType(NIGORI);
   2138   EXPECT_CALL(*observer(), OnPassphraseAccepted());
   2139   InitKeystoreMigratedNigori(1, kOldGaiaKey, old_keystore_key);
   2140   PumpLoop();
   2141   Mock::VerifyAndClearExpectations(observer());
   2142 
   2143   // Verify we're still migrated and have proper encryption state. We should
   2144   // have rotated the keybag so that it's now encrypted with the newest keystore
   2145   // key (instead of the old gaia key).
   2146   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   2147   EXPECT_TRUE(GetCryptographer()->is_ready());
   2148   EXPECT_EQ(encryption_handler()->GetPassphraseType(), KEYSTORE_PASSPHRASE);
   2149   EXPECT_FALSE(encryption_handler()->EncryptEverythingEnabled());
   2150   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
   2151 }
   2152 
   2153 // Trigger a key rotation when a migrated nigori (with an old keystore key) is
   2154 // applied.
   2155 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysWhenMigratedNigoriArrives) {
   2156   const char kOldGaiaKey[] = "old_gaia_key";
   2157   const char kRawOldKeystoreKey[] = "old_keystore_key";
   2158   std::string old_keystore_key;
   2159   base::Base64Encode(kRawOldKeystoreKey, &old_keystore_key);
   2160 
   2161   EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
   2162   InitUnmigratedNigori(kOldGaiaKey, IMPLICIT_PASSPHRASE);
   2163 
   2164   {
   2165     // Pass multiple keystore keys, signaling a rotation has happened.
   2166     google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
   2167     keys.Add()->assign(kRawOldKeystoreKey);
   2168     keys.Add()->assign(kRawKeystoreKey);
   2169     ReadTransaction trans(FROM_HERE, user_share());
   2170     EXPECT_CALL(*observer(),
   2171                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   2172     encryption_handler()->SetKeystoreKeys(keys,
   2173                                           trans.GetWrappedTrans());
   2174   }
   2175   PumpLoop();
   2176   Mock::VerifyAndClearExpectations(observer());
   2177 
   2178   // Now simulate downloading a nigori node that was migrated before the
   2179   // keys were rotated, and hence still encrypt with the old gaia key.
   2180   EXPECT_CALL(*observer(),
   2181               OnCryptographerStateChanged(_)).Times(AnyNumber());
   2182   EXPECT_CALL(*observer(),
   2183               OnPassphraseAccepted());
   2184   EXPECT_CALL(*observer(),
   2185               OnPassphraseTypeChanged(KEYSTORE_PASSPHRASE, _));
   2186   EXPECT_CALL(*observer(),
   2187               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   2188   EXPECT_CALL(*observer(),
   2189               OnEncryptionComplete()).Times(AtLeast(1));
   2190   {
   2191     sync_pb::NigoriSpecifics nigori = BuildMigratedNigori(
   2192         KEYSTORE_PASSPHRASE,
   2193         1,
   2194         kOldGaiaKey,
   2195         old_keystore_key);
   2196     // Update the encryption handler.
   2197     WriteTransaction trans(FROM_HERE, user_share());
   2198     encryption_handler()->ApplyNigoriUpdate(
   2199         nigori,
   2200         trans.GetWrappedTrans());
   2201   }
   2202   EXPECT_FALSE(encryption_handler()->MigratedToKeystore());
   2203   PumpLoop();
   2204 
   2205   EXPECT_TRUE(encryption_handler()->MigratedToKeystore());
   2206   EXPECT_EQ(KEYSTORE_PASSPHRASE, encryption_handler()->GetPassphraseType());
   2207   VerifyMigratedNigori(KEYSTORE_PASSPHRASE, kKeystoreKey);
   2208 }
   2209 
   2210 // Verify that performing a migration while having more than one keystore key
   2211 // preserves a custom passphrase.
   2212 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysUnmigratedCustomPassphrase) {
   2213   const char kCustomPass[] = "custom_passphrase";
   2214   const char kRawOldKeystoreKey[] = "old_keystore_key";
   2215 
   2216   EXPECT_CALL(*observer(), OnPassphraseRequired(_, _));
   2217   InitUnmigratedNigori(kCustomPass, CUSTOM_PASSPHRASE);
   2218 
   2219   {
   2220     // Pass multiple keystore keys, signaling a rotation has happened.
   2221     google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
   2222     keys.Add()->assign(kRawOldKeystoreKey);
   2223     keys.Add()->assign(kRawKeystoreKey);
   2224     ReadTransaction trans(FROM_HERE, user_share());
   2225     EXPECT_CALL(*observer(),
   2226                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   2227     encryption_handler()->SetKeystoreKeys(keys,
   2228                                           trans.GetWrappedTrans());
   2229   }
   2230   PumpLoop();
   2231   Mock::VerifyAndClearExpectations(observer());
   2232 
   2233   // Pass the decryption passphrase. This will also trigger the migration,
   2234   // but should not overwrite the default key.
   2235   EXPECT_CALL(*observer(),
   2236               OnCryptographerStateChanged(_)).Times(AnyNumber());
   2237   EXPECT_CALL(*observer(),
   2238               OnPassphraseAccepted());
   2239   EXPECT_CALL(*observer(),
   2240               OnEncryptedTypesChanged(_, true));
   2241   EXPECT_CALL(*observer(),
   2242               OnEncryptionComplete()).Times(AnyNumber());
   2243   EXPECT_CALL(*observer(),
   2244               OnBootstrapTokenUpdated(_, PASSPHRASE_BOOTSTRAP_TOKEN));
   2245   encryption_handler()->SetDecryptionPassphrase(kCustomPass);
   2246   Mock::VerifyAndClearExpectations(observer());
   2247 
   2248   VerifyMigratedNigori(CUSTOM_PASSPHRASE, kCustomPass);
   2249 }
   2250 
   2251 // Verify that a key rotation done after we've migrated a custom passphrase
   2252 // nigori node preserves the custom passphrase.
   2253 TEST_F(SyncEncryptionHandlerImplTest, RotateKeysMigratedCustomPassphrase) {
   2254   const char kCustomPass[] = "custom_passphrase";
   2255   const char kRawOldKeystoreKey[] = "old_keystore_key";
   2256 
   2257   KeyParams custom_key = {"localhost", "dummy", kCustomPass};
   2258   GetCryptographer()->AddKey(custom_key);
   2259 
   2260   InitCustomPassMigratedNigori(1, kCustomPass);
   2261   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCustomPass);
   2262 
   2263   {
   2264     // Pass multiple keystore keys, signaling a rotation has happened.
   2265     google::protobuf::RepeatedPtrField<google::protobuf::string> keys;
   2266     keys.Add()->assign(kRawOldKeystoreKey);
   2267     keys.Add()->assign(kRawKeystoreKey);
   2268     ReadTransaction trans(FROM_HERE, user_share());
   2269     EXPECT_CALL(*observer(),
   2270                 OnBootstrapTokenUpdated(_, KEYSTORE_BOOTSTRAP_TOKEN));
   2271     EXPECT_CALL(*observer(),
   2272                 OnCryptographerStateChanged(_)).Times(AnyNumber());
   2273     encryption_handler()->SetKeystoreKeys(keys,
   2274                                           trans.GetWrappedTrans());
   2275   }
   2276   PumpLoop();
   2277   Mock::VerifyAndClearExpectations(observer());
   2278 
   2279   VerifyMigratedNigoriWithTimestamp(1, CUSTOM_PASSPHRASE, kCustomPass);
   2280 }
   2281 
   2282 }  // namespace syncer
   2283