michael@0: /* Any copyright is dedicated to the Public Domain. michael@0: http://creativecommons.org/publicdomain/zero/1.0/ */ michael@0: michael@0: Cu.import("resource://gre/modules/PlacesUtils.jsm"); michael@0: Cu.import("resource://gre/modules/Log.jsm"); michael@0: Cu.import("resource://services-sync/constants.js"); michael@0: Cu.import("resource://services-sync/engines.js"); michael@0: Cu.import("resource://services-sync/engines/tabs.js"); michael@0: Cu.import("resource://services-sync/engines/history.js"); michael@0: Cu.import("resource://services-sync/record.js"); michael@0: Cu.import("resource://services-sync/service.js"); michael@0: Cu.import("resource://services-sync/status.js"); michael@0: Cu.import("resource://services-sync/util.js"); michael@0: Cu.import("resource://testing-common/services/sync/utils.js"); michael@0: Cu.import("resource://gre/modules/Promise.jsm"); michael@0: michael@0: add_task(function test_locally_changed_keys() { michael@0: let passphrase = "abcdeabcdeabcdeabcdeabcdea"; michael@0: michael@0: let hmacErrorCount = 0; michael@0: function counting(f) { michael@0: return function() { michael@0: hmacErrorCount++; michael@0: return f.call(this); michael@0: }; michael@0: } michael@0: michael@0: Service.handleHMACEvent = counting(Service.handleHMACEvent); michael@0: michael@0: let server = new SyncServer(); michael@0: let johndoe = server.registerUser("johndoe", "password"); michael@0: johndoe.createContents({ michael@0: meta: {}, michael@0: crypto: {}, michael@0: clients: {} michael@0: }); michael@0: server.start(); michael@0: michael@0: try { michael@0: Svc.Prefs.set("registerEngines", "Tab"); michael@0: _("Set up some tabs."); michael@0: let myTabs = michael@0: {windows: [{tabs: [{index: 1, michael@0: entries: [{ michael@0: url: "http://foo.com/", michael@0: title: "Title" michael@0: }], michael@0: attributes: { michael@0: image: "image" michael@0: } michael@0: }]}]}; michael@0: delete Svc.Session; michael@0: Svc.Session = { michael@0: getBrowserState: function () JSON.stringify(myTabs) michael@0: }; michael@0: michael@0: setBasicCredentials("johndoe", "password", passphrase); michael@0: Service.serverURL = server.baseURI; michael@0: Service.clusterURL = server.baseURI; michael@0: michael@0: Service.engineManager.register(HistoryEngine); michael@0: michael@0: function corrupt_local_keys() { michael@0: Service.collectionKeys._default.keyPair = [Svc.Crypto.generateRandomKey(), michael@0: Svc.Crypto.generateRandomKey()]; michael@0: } michael@0: michael@0: _("Setting meta."); michael@0: michael@0: // Bump version on the server. michael@0: let m = new WBORecord("meta", "global"); michael@0: m.payload = {"syncID": "foooooooooooooooooooooooooo", michael@0: "storageVersion": STORAGE_VERSION}; michael@0: m.upload(Service.resource(Service.metaURL)); michael@0: michael@0: _("New meta/global: " + JSON.stringify(johndoe.collection("meta").wbo("global"))); michael@0: michael@0: // Upload keys. michael@0: generateNewKeys(Service.collectionKeys); michael@0: let serverKeys = Service.collectionKeys.asWBO("crypto", "keys"); michael@0: serverKeys.encrypt(Service.identity.syncKeyBundle); michael@0: do_check_true(serverKeys.upload(Service.resource(Service.cryptoKeysURL)).success); michael@0: michael@0: // Check that login works. michael@0: do_check_true(Service.login("johndoe", "ilovejane", passphrase)); michael@0: do_check_true(Service.isLoggedIn); michael@0: michael@0: // Sync should upload records. michael@0: Service.sync(); michael@0: michael@0: // Tabs exist. michael@0: _("Tabs modified: " + johndoe.modified("tabs")); michael@0: do_check_true(johndoe.modified("tabs") > 0); michael@0: michael@0: let coll_modified = Service.collectionKeys.lastModified; michael@0: michael@0: // Let's create some server side history records. michael@0: let liveKeys = Service.collectionKeys.keyForCollection("history"); michael@0: _("Keys now: " + liveKeys.keyPair); michael@0: let visitType = Ci.nsINavHistoryService.TRANSITION_LINK; michael@0: let history = johndoe.createCollection("history"); michael@0: for (let i = 0; i < 5; i++) { michael@0: let id = 'record-no--' + i; michael@0: let modified = Date.now()/1000 - 60*(i+10); michael@0: michael@0: let w = new CryptoWrapper("history", "id"); michael@0: w.cleartext = { michael@0: id: id, michael@0: histUri: "http://foo/bar?" + id, michael@0: title: id, michael@0: sortindex: i, michael@0: visits: [{date: (modified - 5) * 1000000, type: visitType}], michael@0: deleted: false}; michael@0: w.encrypt(liveKeys); michael@0: michael@0: let payload = {ciphertext: w.ciphertext, michael@0: IV: w.IV, michael@0: hmac: w.hmac}; michael@0: history.insert(id, payload, modified); michael@0: } michael@0: michael@0: history.timestamp = Date.now() / 1000; michael@0: let old_key_time = johndoe.modified("crypto"); michael@0: _("Old key time: " + old_key_time); michael@0: michael@0: // Check that we can decrypt one. michael@0: let rec = new CryptoWrapper("history", "record-no--0"); michael@0: rec.fetch(Service.resource(Service.storageURL + "history/record-no--0")); michael@0: _(JSON.stringify(rec)); michael@0: do_check_true(!!rec.decrypt(liveKeys)); michael@0: michael@0: do_check_eq(hmacErrorCount, 0); michael@0: michael@0: // Fill local key cache with bad data. michael@0: corrupt_local_keys(); michael@0: _("Keys now: " + Service.collectionKeys.keyForCollection("history").keyPair); michael@0: michael@0: do_check_eq(hmacErrorCount, 0); michael@0: michael@0: _("HMAC error count: " + hmacErrorCount); michael@0: // Now syncing should succeed, after one HMAC error. michael@0: Service.sync(); michael@0: do_check_eq(hmacErrorCount, 1); michael@0: _("Keys now: " + Service.collectionKeys.keyForCollection("history").keyPair); michael@0: michael@0: // And look! We downloaded history! michael@0: let store = Service.engineManager.get("history")._store; michael@0: do_check_true(yield promiseIsURIVisited("http://foo/bar?record-no--0")); michael@0: do_check_true(yield promiseIsURIVisited("http://foo/bar?record-no--1")); michael@0: do_check_true(yield promiseIsURIVisited("http://foo/bar?record-no--2")); michael@0: do_check_true(yield promiseIsURIVisited("http://foo/bar?record-no--3")); michael@0: do_check_true(yield promiseIsURIVisited("http://foo/bar?record-no--4")); michael@0: do_check_eq(hmacErrorCount, 1); michael@0: michael@0: _("Busting some new server values."); michael@0: // Now what happens if we corrupt the HMAC on the server? michael@0: for (let i = 5; i < 10; i++) { michael@0: let id = 'record-no--' + i; michael@0: let modified = 1 + (Date.now() / 1000); michael@0: michael@0: let w = new CryptoWrapper("history", "id"); michael@0: w.cleartext = { michael@0: id: id, michael@0: histUri: "http://foo/bar?" + id, michael@0: title: id, michael@0: sortindex: i, michael@0: visits: [{date: (modified - 5 ) * 1000000, type: visitType}], michael@0: deleted: false}; michael@0: w.encrypt(Service.collectionKeys.keyForCollection("history")); michael@0: w.hmac = w.hmac.toUpperCase(); michael@0: michael@0: let payload = {ciphertext: w.ciphertext, michael@0: IV: w.IV, michael@0: hmac: w.hmac}; michael@0: history.insert(id, payload, modified); michael@0: } michael@0: history.timestamp = Date.now() / 1000; michael@0: michael@0: _("Server key time hasn't changed."); michael@0: do_check_eq(johndoe.modified("crypto"), old_key_time); michael@0: michael@0: _("Resetting HMAC error timer."); michael@0: Service.lastHMACEvent = 0; michael@0: michael@0: _("Syncing..."); michael@0: Service.sync(); michael@0: _("Keys now: " + Service.collectionKeys.keyForCollection("history").keyPair); michael@0: _("Server keys have been updated, and we skipped over 5 more HMAC errors without adjusting history."); michael@0: do_check_true(johndoe.modified("crypto") > old_key_time); michael@0: do_check_eq(hmacErrorCount, 6); michael@0: do_check_false(yield promiseIsURIVisited("http://foo/bar?record-no--5")); michael@0: do_check_false(yield promiseIsURIVisited("http://foo/bar?record-no--6")); michael@0: do_check_false(yield promiseIsURIVisited("http://foo/bar?record-no--7")); michael@0: do_check_false(yield promiseIsURIVisited("http://foo/bar?record-no--8")); michael@0: do_check_false(yield promiseIsURIVisited("http://foo/bar?record-no--9")); michael@0: } finally { michael@0: Svc.Prefs.resetBranch(""); michael@0: let deferred = Promise.defer(); michael@0: server.stop(deferred.resolve); michael@0: yield deferred.promise; michael@0: } michael@0: }); michael@0: michael@0: function run_test() { michael@0: let logger = Log.repository.rootLogger; michael@0: Log.repository.rootLogger.addAppender(new Log.DumpAppender()); michael@0: michael@0: ensureLegacyIdentityManager(); michael@0: michael@0: run_next_test(); michael@0: } michael@0: michael@0: /** michael@0: * Asynchronously check a url is visited. michael@0: * @param url the url michael@0: * @return {Promise} michael@0: * @resolves When the check has been added successfully. michael@0: * @rejects JavaScript exception. michael@0: */ michael@0: function promiseIsURIVisited(url) { michael@0: let deferred = Promise.defer(); michael@0: PlacesUtils.asyncHistory.isURIVisited(Utils.makeURI(url), function(aURI, aIsVisited) { michael@0: deferred.resolve(aIsVisited); michael@0: }); michael@0: michael@0: return deferred.promise; michael@0: }