Increase timeout to retrieve encryption key

Bug: 1001036
Change-Id: I44338b1fae6cdb85631b8178d3cfd2a5eb465193
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1787737Reviewed-by: Tien Mai <tienmai@chromium.org>
Commit-Queue: Yusuf Sengul <yusufsn@google.com>
Cr-Commit-Position: refs/heads/master@{#693741}

chrome/credential_provider/gaiacp/password_recovery_manager.cc

@@ -40,7 +40,11 @@
 namespace credential_provider {
 
 const base::TimeDelta
-    PasswordRecoveryManager::kDefaultEscrowServiceRequestTimeout =
+    PasswordRecoveryManager::kDefaultEscrowServiceEncryptionKeyRequestTimeout =
+        base::TimeDelta::FromMilliseconds(12000);
+
+const base::TimeDelta
+    PasswordRecoveryManager::kDefaultEscrowServiceDecryptionKeyRequestTimeout =
         base::TimeDelta::FromMilliseconds(3000);
 
 namespace {
@@ -629,15 +633,19 @@ PasswordRecoveryManager* PasswordRecoveryManager::Get() {
 
 // static
 PasswordRecoveryManager** PasswordRecoveryManager::GetInstanceStorage() {
-  static PasswordRecoveryManager instance(kDefaultEscrowServiceRequestTimeout);
+  static PasswordRecoveryManager instance(
+      kDefaultEscrowServiceEncryptionKeyRequestTimeout,
+      kDefaultEscrowServiceDecryptionKeyRequestTimeout);
   static PasswordRecoveryManager* instance_storage = &instance;
 
   return &instance_storage;
 }
 
 PasswordRecoveryManager::PasswordRecoveryManager(
-    base::TimeDelta request_timeout)
-    : request_timeout_(request_timeout) {}
+    base::TimeDelta encryption_key_timeout,
+    base::TimeDelta decryption_key_timeout)
+    : encryption_key_request_timeout_(encryption_key_timeout),
+      decryption_key_request_timeout_(decryption_key_timeout) {}
 
 PasswordRecoveryManager::~PasswordRecoveryManager() = default;
 
@@ -688,7 +696,8 @@ HRESULT PasswordRecoveryManager::StoreWindowsPasswordIfNeeded(
 
   base::Optional<base::Value> encrypted_dict;
   hr = EncryptUserPasswordUsingEscrowService(access_token, device_id, password,
-                                             request_timeout_, &encrypted_dict);
+                                             encryption_key_request_timeout_,
+                                             &encrypted_dict);
   if (SUCCEEDED(hr)) {
     std::string lsa_value;
     if (base::JSONWriter::Write(encrypted_dict.value(), &lsa_value)) {
@@ -748,8 +757,9 @@ HRESULT PasswordRecoveryManager::RecoverWindowsPasswordIfPossible(
   SecurelyClearBuffer(password_lsa_data, sizeof(password_lsa_data));
 
   base::string16 decrypted_password;
-  hr = DecryptUserPasswordUsingEscrowService(
-      access_token, encrypted_dict, request_timeout_, &decrypted_password);
+  hr = DecryptUserPasswordUsingEscrowService(access_token, encrypted_dict,
+                                             decryption_key_request_timeout_,
+                                             &decrypted_password);
 
   if (encrypted_dict) {
     SecurelyClearDictionaryValueWithKey(

chrome/credential_provider/gaiacp/password_recovery_manager.h

@@ -18,8 +18,13 @@ namespace credential_provider {
 // a given user and to retrieve this encrypted password.
 class PasswordRecoveryManager {
  public:
-  // Default timeout when trying to make requests to the EMM escrow service.
-  static const base::TimeDelta kDefaultEscrowServiceRequestTimeout;
+  // Default timeout when trying to make requests to the EMM escrow service to
+  // retrieve encryption key.
+  static const base::TimeDelta kDefaultEscrowServiceEncryptionKeyRequestTimeout;
+
+  // Default timeout when trying to make requests to the EMM escrow service to
+  // retrieve decryption key.
+  static const base::TimeDelta kDefaultEscrowServiceDecryptionKeyRequestTimeout;
 
   static PasswordRecoveryManager* Get();
 
@@ -47,11 +52,14 @@ class PasswordRecoveryManager {
   // Returns the storage used for the instance pointer.
   static PasswordRecoveryManager** GetInstanceStorage();
 
-  explicit PasswordRecoveryManager(base::TimeDelta request_timeout);
+  explicit PasswordRecoveryManager(
+      base::TimeDelta encryption_key_request_timeout,
+      base::TimeDelta decryption_key_request_timeout);
   virtual ~PasswordRecoveryManager();
 
   void SetRequestTimeoutForTesting(base::TimeDelta request_timeout) {
-    request_timeout_ = request_timeout;
+    encryption_key_request_timeout_ = request_timeout;
+    decryption_key_request_timeout_ = request_timeout;
   }
   std::string MakeGenerateKeyPairResponseForTesting(
       const std::string& public_key,
@@ -60,8 +68,8 @@ class PasswordRecoveryManager {
       const std::string& private_key);
 
  private:
-
-  base::TimeDelta request_timeout_;
+  base::TimeDelta encryption_key_request_timeout_;
+  base::TimeDelta decryption_key_request_timeout_;
 };
 
 }  // namespace credential_provider

chrome/credential_provider/test/gcp_fakes.cc

@@ -694,11 +694,16 @@ void FakeInternetAvailabilityChecker::SetHasInternetConnection(
 
 FakePasswordRecoveryManager::FakePasswordRecoveryManager()
     : FakePasswordRecoveryManager(
-          PasswordRecoveryManager::kDefaultEscrowServiceRequestTimeout) {}
+          PasswordRecoveryManager::
+              kDefaultEscrowServiceEncryptionKeyRequestTimeout,
+          PasswordRecoveryManager::
+              kDefaultEscrowServiceDecryptionKeyRequestTimeout) {}
 
 FakePasswordRecoveryManager::FakePasswordRecoveryManager(
-    base::TimeDelta request_timeout)
-    : PasswordRecoveryManager(request_timeout),
+    base::TimeDelta encryption_key_request_timeout,
+    base::TimeDelta decryption_key_request_timeout)
+    : PasswordRecoveryManager(encryption_key_request_timeout,
+                              decryption_key_request_timeout),
       original_validator_(*GetInstanceStorage()) {
   *GetInstanceStorage() = this;
 }

chrome/credential_provider/test/gcp_fakes.h

@@ -376,7 +376,9 @@ class FakeInternetAvailabilityChecker : public InternetAvailabilityChecker {
 class FakePasswordRecoveryManager : public PasswordRecoveryManager {
  public:
   FakePasswordRecoveryManager();
-  explicit FakePasswordRecoveryManager(base::TimeDelta request_timeout);
+  explicit FakePasswordRecoveryManager(
+      base::TimeDelta encryption_key_request_timeout,
+      base::TimeDelta decryption_key_request_timeout);
   ~FakePasswordRecoveryManager() override;
 
   using PasswordRecoveryManager::MakeGenerateKeyPairResponseForTesting;