// Copyright 2018 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "base/base64.h" #include "base/memory/raw_ptr.h" #include "build/build_config.h" #include "chrome/browser/sync/test/integration/bookmarks_helper.h" #include "chrome/browser/sync/test/integration/encryption_helper.h" #include "chrome/browser/sync/test/integration/passwords_helper.h" #include "chrome/browser/sync/test/integration/sync_engine_stopped_checker.h" #include "chrome/browser/sync/test/integration/sync_service_impl_harness.h" #include "chrome/browser/sync/test/integration/sync_test.h" #include "components/password_manager/core/browser/password_form.h" #include "components/sync/base/passphrase_enums.h" #include "components/sync/engine/nigori/key_derivation_params.h" #include "components/sync/engine/nigori/nigori.h" #include "components/sync/nigori/cryptographer_impl.h" #include "components/sync/service/sync_service_impl.h" #include "components/sync/test/fake_server_nigori_helper.h" #include "components/sync/test/nigori_test_utils.h" #include "content/public/test/browser_test.h" #include "content/public/test/test_launcher.h" #include "testing/gmock/include/gmock/gmock.h" namespace { AddURL; BookmarksTitleChecker; CreateBookmarkServerEntity; ServerBookmarksEqualityChecker; FakeServer; GetServerNigori; SetNigoriInFakeServer; NigoriSpecifics; BuildCustomPassphraseNigoriSpecifics; Cryptographer; DataTypeSet; GetEncryptedBookmarkEntitySpecifics; InitCustomPassphraseCryptographerFromNigori; KeyParamsForTesting; LoopbackServerEntity; PassphraseType; Pbkdf2PassphraseKeyParamsForTesting; ProtoPassphraseInt32ToEnum; ScryptPassphraseKeyParamsForTesting; SyncEngineStoppedChecker; ElementsAre; // Intercepts all bookmark entity names as committed to the FakeServer. class CommittedBookmarkEntityNameObserver : public FakeServer::Observer { … }; // These tests use a gray-box testing approach to verify that the data committed // to the server is encrypted properly, and that properly-encrypted data from // the server is successfully decrypted by the client. They also verify that the // key derivation methods are set, read and handled properly. They do not, // however, directly ensure that two clients syncing through the same account // will be able to access each others' data in the presence of a custom // passphrase. For this, a separate two-client test is be used. class SingleClientCustomPassphraseSyncTest : public SyncTest { … }; IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, ShouldSetNewPassphraseAndCommitEncryptedData) { … } IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, ShouldDecryptPbkdf2KeyEncryptedData) { … } IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, ShouldEncryptDataWithPbkdf2Key) { … } IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, ShouldDecryptScryptKeyEncryptedData) { … } IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, ShouldEncryptDataWithScryptKey) { … } // PRE_* tests aren't supported on Android browser tests. #if !BUILDFLAG(IS_ANDROID) // Populates custom passphrase Nigori without keystore keys to the client. IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, PRE_CanDecryptWithKeystoreKeys) { … } // Client should be able to decrypt with keystore keys, regardless whether they // were stored in NigoriSpecifics. It's not a normal state, when the server // stores some data encrypted with keystore keys, but client is able to // reencrypt the data and recover from this state. IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, CanDecryptWithKeystoreKeys) { … } #endif // !BUILDFLAG(IS_ANDROID) IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, DoesNotLeakUnencryptedData) { … } IN_PROC_BROWSER_TEST_F(SingleClientCustomPassphraseSyncTest, ReencryptsDataWhenPassphraseIsSet) { … } // Tests that on receiving CLIENT_DATA_OBSOLETE passphrase is silently restored, // e.g. user input is not needed. IN_PROC_BROWSER_TEST_F( SingleClientCustomPassphraseSyncTest, ShouldRestorePassphraseOnClientDataObsoleteResponseWhenPassphraseSetByDecryption) { … } // Similar to the above, but passphrase is obtained by // SetEncryptionPassphrase(). Regression test for crbug.com/1298062. IN_PROC_BROWSER_TEST_F( SingleClientCustomPassphraseSyncTest, ShouldRestorePassphraseOnClientDataObsoleteResponseWhenPassphraseSetByEncryption) { … } } // namespace
Codebase Browser
chromium