Add one test for Cryptographer::InstallKeys

Add a test which covers the case of exporting all the keys and installing them back to fully bootstrap another cryptographer. Review URL: https://codereview.chromium.org/896313002 Cr-Commit-Position: refs/heads/master@{#317008}

Add one test for Cryptographer::InstallKeys
Add a test which covers the case of exporting all the keys and installing them back to fully bootstrap another cryptographer. Review URL: https://codereview.chromium.org/896313002 Cr-Commit-Position: refs/heads/master@{#317008}
a17a62ab · malets · Commit bot · 4725bfa6 · a17a62ab
Commit a17a62ab authored Feb 19, 2015 by malets Committed by Commit bot Feb 19, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 46 additions and 0 deletions

sync/util/cryptographer_unittest.cc sync/util/cryptographer_unittest.cc +46 -0

No files found.
--- a/sync/util/cryptographer_unittest.cc
+++ b/sync/util/cryptographer_unittest.cc
@@ -258,4 +258,50 @@ TEST_F(CryptographerTest, CopyConstructor) {
  EXPECT_EQ(encrypted_c.key_name(), encrypted_k2.key_name());
 }
+// Test verifies that GetBootstrapToken/Bootstrap only transfers default
+// key. Additional call to GetKeys/InstallKeys is needed to transfer keybag
+// to decrypt messages encrypted with old keys.
+TEST_F(CryptographerTest, GetKeysThenInstall) {
+  sync_pb::PasswordSpecificsData original;
+  original.set_origin("http://example.com");
+  original.set_username_value("luser");
+  original.set_password_value("p4ssw0rd");
+  // First, encrypt the same value using two different keys.
+  KeyParams params1 = {"localhost", "dummy", "dummy"};
+  EXPECT_TRUE(cryptographer_.AddKey(params1));
+  EXPECT_TRUE(cryptographer_.is_ready());
+  sync_pb::EncryptedData encrypted_k1;
+  EXPECT_TRUE(cryptographer_.Encrypt(original, &encrypted_k1));
+  KeyParams params2 = {"localhost", "dummy2", "dummy2"};
+  EXPECT_TRUE(cryptographer_.AddKey(params2));
+  EXPECT_TRUE(cryptographer_.is_ready());
+  sync_pb::EncryptedData encrypted_k2;
+  EXPECT_TRUE(cryptographer_.Encrypt(original, &encrypted_k2));
+  // Then construct second cryptographer and bootstrap it from the first one.
+  Cryptographer another_cryptographer(cryptographer_.encryptor());
+  std::string bootstrap_token;
+  EXPECT_TRUE(cryptographer_.GetBootstrapToken(&bootstrap_token));
+  another_cryptographer.Bootstrap(bootstrap_token);
+  // Before key installation, the second cryptographer should only be able
+  // to decrypt using the last key.
+  EXPECT_FALSE(another_cryptographer.CanDecrypt(encrypted_k1));
+  EXPECT_TRUE(another_cryptographer.CanDecrypt(encrypted_k2));
+  sync_pb::EncryptedData keys;
+  EXPECT_TRUE(cryptographer_.GetKeys(&keys));
+  ASSERT_TRUE(another_cryptographer.CanDecrypt(keys));
+  another_cryptographer.InstallKeys(keys);
+  // Verify that bootstrapped cryptographer decrypts succesfully using
+  // all the keys after key installation.
+  EXPECT_TRUE(another_cryptographer.CanDecrypt(encrypted_k1));
+  EXPECT_TRUE(another_cryptographer.CanDecrypt(encrypted_k2));
+}
 }  // namespace syncer