mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-12 04:45:45 +00:00
Bug 569968 - Migration requires client to remove absolute URLs in crypto records
Tests and test fixes
This commit is contained in:
parent
981f479bc7
commit
8ced4676ca
@ -45,7 +45,7 @@ function run_test() {
|
||||
check([]);
|
||||
|
||||
function $B(name, parent, pred) {
|
||||
let bookmark = new Bookmark();
|
||||
let bookmark = new Bookmark("http://weave.server/my-bookmark");
|
||||
bookmark.id = name;
|
||||
bookmark.title = name;
|
||||
bookmark.bmkUri = "http://uri/";
|
||||
@ -56,7 +56,7 @@ function run_test() {
|
||||
}
|
||||
|
||||
function $F(name, parent, pred) {
|
||||
let folder = new BookmarkFolder();
|
||||
let folder = new BookmarkFolder("http://weave.server/my-bookmark-folder");
|
||||
folder.id = name;
|
||||
folder.title = name;
|
||||
folder.parentid = parent || "unfiled";
|
||||
|
@ -3,6 +3,8 @@ Cu.import("resource://services-sync/engines/bookmarks.js");
|
||||
Cu.import("resource://services-sync/util.js");
|
||||
|
||||
function run_test() {
|
||||
let baseuri = "http://fake/uri/";
|
||||
|
||||
_("Starting with a clean slate of no bookmarks");
|
||||
let store = new (new BookmarksEngine())._storeObj();
|
||||
store.wipe();
|
||||
@ -21,11 +23,11 @@ function run_test() {
|
||||
let second = insert(10);
|
||||
|
||||
_("Making sure the record created for the first has no predecessor");
|
||||
let pos5 = store.createRecord("pos5");
|
||||
let pos5 = store.createRecord("pos5", baseuri + "pos5");
|
||||
do_check_eq(pos5.predecessorid, undefined);
|
||||
|
||||
_("Making sure the second record has the first as its predecessor");
|
||||
let pos10 = store.createRecord("pos10");
|
||||
let pos10 = store.createRecord("pos10", baseuri + "pos10");
|
||||
do_check_eq(pos10.predecessorid, "pos5");
|
||||
|
||||
_("Make sure the index of item gets fixed");
|
||||
@ -35,6 +37,8 @@ function run_test() {
|
||||
_("Make sure things that are in unsorted don't set the predecessor");
|
||||
insert(0, Svc.Bookmark.unfiledBookmarksFolder);
|
||||
insert(1, Svc.Bookmark.unfiledBookmarksFolder);
|
||||
do_check_eq(store.createRecord("pos0").predecessorid, undefined);
|
||||
do_check_eq(store.createRecord("pos1").predecessorid, undefined);
|
||||
do_check_eq(store.createRecord("pos0", baseuri + "pos0").predecessorid,
|
||||
undefined);
|
||||
do_check_eq(store.createRecord("pos1", baseuri + "pos1").predecessorid,
|
||||
undefined);
|
||||
}
|
||||
|
@ -35,7 +35,7 @@ function run_test() {
|
||||
do_check_eq(Svc.Bookmark.getKeywordForBookmark(id), fxrecord.keyword);
|
||||
|
||||
_("Have the store create a new record object. Verify that it has the same data.");
|
||||
let newrecord = store.createRecord(fxrecord.id);
|
||||
let newrecord = store.createRecord(fxrecord.id, "http://fake/uri");
|
||||
for each (let property in ["type", "bmkUri", "title", "keyword",
|
||||
"parentName", "parentid"])
|
||||
do_check_eq(newrecord[property], fxrecord[property]);
|
||||
|
@ -1,29 +1,33 @@
|
||||
Cu.import("resource://services-sync/base_records/crypto.js");
|
||||
Cu.import("resource://services-sync/base_records/keys.js");
|
||||
Cu.import("resource://services-sync/engines/clients.js");
|
||||
Cu.import("resource://services-sync/identity.js");
|
||||
Cu.import("resource://services-sync/util.js");
|
||||
Cu.import("resource://services-sync/identity.js");
|
||||
|
||||
function run_test() {
|
||||
let baseUri = "http://fakebase/";
|
||||
let pubUri = baseUri + "pubkey";
|
||||
let privUri = baseUri + "privkey";
|
||||
let cryptoUri = baseUri + "crypto";
|
||||
_("Set up test fixtures.");
|
||||
ID.set('WeaveID', new Identity('Some Identity', 'foo'));
|
||||
Svc.Prefs.set("clusterURL", "http://fakebase/");
|
||||
let baseUri = "http://fakebase/1.0/foo/storage/";
|
||||
let pubUri = baseUri + "keys/pubkey";
|
||||
let privUri = baseUri + "keys/privkey";
|
||||
|
||||
let passphrase = ID.set("WeaveCryptoID", new Identity());
|
||||
passphrase.password = "passphrase";
|
||||
|
||||
_("Setting up fake pub/priv keypair and symkey for encrypt/decrypt");
|
||||
PubKeys.defaultKeyUri = baseUri + "pubkey";
|
||||
PubKeys.defaultKeyUri = baseUri + "keys/pubkey";
|
||||
let {pubkey, privkey} = PubKeys.createKeypair(passphrase, pubUri, privUri);
|
||||
PubKeys.set(pubUri, pubkey);
|
||||
PrivKeys.set(privUri, privkey);
|
||||
let cryptoMeta = new CryptoMeta(cryptoUri);
|
||||
cryptoMeta.addUnwrappedKey(pubkey, Svc.Crypto.generateRandomKey());
|
||||
CryptoMetas.set(cryptoUri, cryptoMeta);
|
||||
|
||||
let cryptoMeta = new CryptoMeta(Clients.cryptoMetaURL);
|
||||
cryptoMeta.addUnwrappedKey(pubkey, Svc.Crypto.generateRandomKey());
|
||||
CryptoMetas.set(Clients.cryptoMetaURL, cryptoMeta);
|
||||
|
||||
try {
|
||||
_("Test that serializing client records results in uploadable ascii");
|
||||
Clients.__defineGetter__("cryptoMetaURL", function() cryptoUri);
|
||||
Clients.localID = "ascii";
|
||||
Clients.localName = "wéävê";
|
||||
|
||||
@ -32,7 +36,7 @@ function run_test() {
|
||||
do_check_eq(record.id, "ascii");
|
||||
do_check_eq(record.name, "wéävê");
|
||||
|
||||
record.encrypt(passphrase)
|
||||
record.encrypt(passphrase);
|
||||
let serialized = JSON.stringify(record);
|
||||
let checkCount = 0;
|
||||
_("Checking for all ASCII:", serialized);
|
||||
@ -47,7 +51,7 @@ function run_test() {
|
||||
do_check_eq(checkCount, serialized.length);
|
||||
|
||||
_("Making sure the record still looks like it did before");
|
||||
record.decrypt(passphrase)
|
||||
record.decrypt(passphrase);
|
||||
do_check_eq(record.id, "ascii");
|
||||
do_check_eq(record.name, "wéävê");
|
||||
|
||||
@ -55,4 +59,7 @@ function run_test() {
|
||||
record = Clients._createRecord("ascii");
|
||||
do_check_eq(record.id, "ascii");
|
||||
do_check_eq(record.name, "wéävê");
|
||||
} finally {
|
||||
Svc.Prefs.resetBranch("");
|
||||
}
|
||||
}
|
||||
|
@ -3,17 +3,19 @@ Cu.import("resource://services-sync/base_records/collection.js");
|
||||
Cu.import("resource://services-sync/base_records/wbo.js");
|
||||
|
||||
function run_test() {
|
||||
let coll = new Collection("", WBORecord);
|
||||
let coll = new Collection("http://fake/uri", WBORecord);
|
||||
let stream = { _data: "" };
|
||||
let called, recCount, sum;
|
||||
|
||||
_("Not-JSON, string payloads are strings");
|
||||
called = false;
|
||||
stream._data = '{"payload":"hello"}\n';
|
||||
stream._data = '{"id":"hello","payload":"world"}\n';
|
||||
coll.recordHandler = function(rec) {
|
||||
called = true;
|
||||
_("Got record:", JSON.stringify(rec));
|
||||
do_check_eq(rec.payload, "hello");
|
||||
do_check_eq(rec.id, "hello");
|
||||
do_check_eq(rec.uri.spec, "http://fake/uri/hello");
|
||||
do_check_eq(rec.payload, "world");
|
||||
};
|
||||
coll._onProgress.call(stream);
|
||||
do_check_eq(stream._data, '');
|
||||
@ -39,7 +41,7 @@ function run_test() {
|
||||
called = false;
|
||||
recCount = 0;
|
||||
sum = 0;
|
||||
stream._data = '{"payload":"{\\"value\\":100}"}\n{"payload":"{\\"value\\":10}"}\n{"payload":"{\\"value\\":1}"}\n';
|
||||
stream._data = '{"id":"hundred","payload":"{\\"value\\":100}"}\n{"id":"ten","payload":"{\\"value\\":10}"}\n{"id":"one","payload":"{\\"value\\":1}"}\n';
|
||||
coll.recordHandler = function(rec) {
|
||||
called = true;
|
||||
_("Got record:", JSON.stringify(rec));
|
||||
@ -48,14 +50,20 @@ function run_test() {
|
||||
_("Incremental status: count", recCount, "sum", sum);
|
||||
switch (recCount) {
|
||||
case 1:
|
||||
do_check_eq(rec.id, "hundred");
|
||||
do_check_eq(rec.uri.spec, "http://fake/uri/hundred");
|
||||
do_check_eq(rec.payload.value, 100);
|
||||
do_check_eq(sum, 100);
|
||||
break;
|
||||
case 2:
|
||||
do_check_eq(rec.id, "ten");
|
||||
do_check_eq(rec.uri.spec, "http://fake/uri/ten");
|
||||
do_check_eq(rec.payload.value, 10);
|
||||
do_check_eq(sum, 110);
|
||||
break;
|
||||
case 3:
|
||||
do_check_eq(rec.id, "one");
|
||||
do_check_eq(rec.uri.spec, "http://fake/uri/one");
|
||||
do_check_eq(rec.payload.value, 1);
|
||||
do_check_eq(sum, 111);
|
||||
break;
|
||||
|
@ -3,6 +3,7 @@ Cu.import("resource://services-sync/engines/forms.js");
|
||||
Cu.import("resource://services-sync/type_records/forms.js");
|
||||
|
||||
function run_test() {
|
||||
let baseuri = "http://fake/uri/";
|
||||
let store = new FormEngine()._store;
|
||||
|
||||
_("Remove any existing entries");
|
||||
@ -27,13 +28,13 @@ function run_test() {
|
||||
}
|
||||
do_check_true(store.itemExists(id));
|
||||
|
||||
let rec = store.createRecord(id);
|
||||
let rec = store.createRecord(id, baseuri + id);
|
||||
_("Got record for id", id, rec);
|
||||
do_check_eq(rec.name, "name!!");
|
||||
do_check_eq(rec.value, "value??");
|
||||
|
||||
_("Create a non-existant id for delete");
|
||||
do_check_true(store.createRecord("deleted!!").deleted);
|
||||
_("Create a non-existent id for delete");
|
||||
do_check_true(store.createRecord("deleted!!", baseuri + "deleted!!").deleted);
|
||||
|
||||
_("Try updating.. doesn't do anything yet");
|
||||
store.update({});
|
||||
|
@ -71,11 +71,11 @@ function run_test() {
|
||||
do_check_true(store.itemExists(fxguid));
|
||||
|
||||
_("If we query a non-existent record, it's marked as deleted.");
|
||||
let record = store.createRecord("non-existent");
|
||||
let record = store.createRecord("non-existent", "http://fake/uri");
|
||||
do_check_true(record.deleted);
|
||||
|
||||
_("Verify createRecord() returns a complete record.");
|
||||
record = store.createRecord(fxguid);
|
||||
record = store.createRecord(fxguid, "http://fake/urk");
|
||||
do_check_eq(record.histUri, fxuri.spec);
|
||||
do_check_eq(record.title, "Get Firefox!");
|
||||
do_check_eq(record.visits.length, 1);
|
||||
|
@ -8,28 +8,28 @@ Cu.import("resource://services-sync/util.js");
|
||||
let keys, cryptoMeta, cryptoWrap;
|
||||
|
||||
function pubkey_handler(metadata, response) {
|
||||
let obj = {id: "ignore-me",
|
||||
let obj = {id: "pubkey",
|
||||
modified: keys.pubkey.modified,
|
||||
payload: JSON.stringify(keys.pubkey.payload)};
|
||||
return httpd_basic_auth_handler(JSON.stringify(obj), metadata, response);
|
||||
}
|
||||
|
||||
function privkey_handler(metadata, response) {
|
||||
let obj = {id: "ignore-me-2",
|
||||
let obj = {id: "privkey",
|
||||
modified: keys.privkey.modified,
|
||||
payload: JSON.stringify(keys.privkey.payload)};
|
||||
return httpd_basic_auth_handler(JSON.stringify(obj), metadata, response);
|
||||
}
|
||||
|
||||
function crypted_resource_handler(metadata, response) {
|
||||
let obj = {id: "ignore-me-3",
|
||||
let obj = {id: "resource",
|
||||
modified: cryptoWrap.modified,
|
||||
payload: JSON.stringify(cryptoWrap.payload)};
|
||||
return httpd_basic_auth_handler(JSON.stringify(obj), metadata, response);
|
||||
}
|
||||
|
||||
function crypto_meta_handler(metadata, response) {
|
||||
let obj = {id: "ignore-me-4",
|
||||
let obj = {id: "steam",
|
||||
modified: cryptoMeta.modified,
|
||||
payload: JSON.stringify(cryptoMeta.payload)};
|
||||
return httpd_basic_auth_handler(JSON.stringify(obj), metadata, response);
|
||||
@ -48,34 +48,39 @@ function run_test() {
|
||||
|
||||
log.info("Setting up server and authenticator");
|
||||
|
||||
server = httpd_setup({"/pubkey": pubkey_handler,
|
||||
"/privkey": privkey_handler,
|
||||
"/crypted-resource": crypted_resource_handler,
|
||||
"/crypto-meta": crypto_meta_handler});
|
||||
server = httpd_setup({"/keys/pubkey": pubkey_handler,
|
||||
"/keys/privkey": privkey_handler,
|
||||
"/steam/resource": crypted_resource_handler,
|
||||
"/crypto/steam": crypto_meta_handler});
|
||||
|
||||
let auth = new BasicAuthenticator(new Identity("secret", "guest", "guest"));
|
||||
Auth.defaultAuthenticator = auth;
|
||||
|
||||
log.info("Generating keypair + symmetric key");
|
||||
|
||||
PubKeys.defaultKeyUri = "http://localhost:8080/pubkey";
|
||||
PubKeys.defaultKeyUri = "http://localhost:8080/keys/pubkey";
|
||||
keys = PubKeys.createKeypair(passphrase,
|
||||
"http://localhost:8080/pubkey",
|
||||
"http://localhost:8080/privkey");
|
||||
"http://localhost:8080/keys/pubkey",
|
||||
"http://localhost:8080/keys/privkey");
|
||||
let crypto = Svc.Crypto;
|
||||
keys.symkey = crypto.generateRandomKey();
|
||||
keys.wrappedkey = crypto.wrapSymmetricKey(keys.symkey, keys.pubkey.keyData);
|
||||
|
||||
log.info("Setting up keyring");
|
||||
|
||||
cryptoMeta = new CryptoMeta("http://localhost:8080/crypto-meta", auth);
|
||||
cryptoMeta = new CryptoMeta("http://localhost:8080/crypto/steam", auth);
|
||||
cryptoMeta.addUnwrappedKey(keys.pubkey, keys.symkey);
|
||||
CryptoMetas.set(cryptoMeta.uri, cryptoMeta);
|
||||
|
||||
log.info("Creating and encrypting a record");
|
||||
log.info("Creating a record");
|
||||
|
||||
cryptoWrap = new CryptoWrapper("http://localhost:8080/steam/resource");
|
||||
cryptoWrap.encryption = "http://localhost:8080/crypto/steam";
|
||||
do_check_eq(cryptoWrap.encryption, "http://localhost:8080/crypto/steam");
|
||||
do_check_eq(cryptoWrap.payload.encryption, "../crypto/steam");
|
||||
|
||||
log.info("Encrypting a record");
|
||||
|
||||
cryptoWrap = new CryptoWrapper("http://localhost:8080/crypted-resource", auth);
|
||||
cryptoWrap.encryption = "http://localhost:8080/crypto-meta";
|
||||
cryptoWrap.cleartext.stuff = "my payload here";
|
||||
cryptoWrap.encrypt(passphrase);
|
||||
let firstIV = cryptoWrap.IV;
|
||||
@ -107,7 +112,7 @@ function run_test() {
|
||||
catch(ex) {
|
||||
error = ex;
|
||||
}
|
||||
do_check_eq(error, "Record id mismatch: crypted-resource,other");
|
||||
do_check_eq(error, "Record id mismatch: resource,other");
|
||||
|
||||
log.info("Make sure wrong hmacs cause failures");
|
||||
cryptoWrap.encrypt(passphrase);
|
||||
|
@ -30,8 +30,9 @@ function run_test() {
|
||||
crypto.addUnwrappedKey(pubkey, symkey);
|
||||
|
||||
_("Changing the HMAC to force a mismatch");
|
||||
let goodHMAC = crypto.keyring[pubkey.uri.spec].hmac;
|
||||
crypto.keyring[pubkey.uri.spec].hmac = "failme!";
|
||||
let relUri = crypto.uri.getRelativeSpec(pubkey.uri);
|
||||
let goodHMAC = crypto.keyring[relUri].hmac;
|
||||
crypto.keyring[relUri].hmac = "failme!";
|
||||
let error = "";
|
||||
try {
|
||||
crypto.getKey(privkey, passphrase);
|
||||
@ -42,6 +43,6 @@ function run_test() {
|
||||
do_check_eq(error, "Key SHA256 HMAC mismatch: failme!");
|
||||
|
||||
_("Switching back to the correct HMAC and trying again");
|
||||
crypto.keyring[pubkey.uri.spec].hmac = goodHMAC;
|
||||
crypto.keyring[relUri].hmac = goodHMAC;
|
||||
crypto.getKey(privkey, passphrase);
|
||||
}
|
||||
|
@ -52,8 +52,25 @@ function test_createKeypair() {
|
||||
let id = ID.set('foo', new Identity('foo', 'luser'));
|
||||
id.password = passphrase;
|
||||
|
||||
_("Key pair requires URIs for both keys.");
|
||||
let error;
|
||||
try {
|
||||
let result = PubKeys.createKeypair(id);
|
||||
} catch(ex) {
|
||||
error = ex;
|
||||
}
|
||||
do_check_eq(error, "Missing or null parameter 'pubkeyUri'.");
|
||||
|
||||
error = undefined;
|
||||
try {
|
||||
let result = PubKeys.createKeypair(id, "http://host/pub/key");
|
||||
} catch(ex) {
|
||||
error = ex;
|
||||
}
|
||||
do_check_eq(error, "Missing or null parameter 'privkeyUri'.");
|
||||
|
||||
_("Generate a key pair.");
|
||||
let result = PubKeys.createKeypair(id, "http://pub/key", "http://priv/key");
|
||||
let result = PubKeys.createKeypair(id, "http://host/pub/key", "http://host/priv/key");
|
||||
|
||||
_("Check that salt and IV are of correct length.");
|
||||
// 16 bytes = 24 base64 encoded characters
|
||||
@ -61,10 +78,13 @@ function test_createKeypair() {
|
||||
do_check_eq(result.privkey.iv.length, 24);
|
||||
|
||||
_("URIs are set.");
|
||||
do_check_eq(result.pubkey.uri.spec, "http://pub/key");
|
||||
do_check_eq(result.pubkey.privateKeyUri.spec, "http://priv/key");
|
||||
do_check_eq(result.privkey.uri.spec, "http://priv/key");
|
||||
do_check_eq(result.privkey.publicKeyUri.spec, "http://pub/key");
|
||||
do_check_eq(result.pubkey.uri.spec, "http://host/pub/key");
|
||||
do_check_eq(result.pubkey.privateKeyUri.spec, "http://host/priv/key");
|
||||
do_check_eq(result.pubkey.payload.privateKeyUri, "../priv/key");
|
||||
|
||||
do_check_eq(result.privkey.uri.spec, "http://host/priv/key");
|
||||
do_check_eq(result.privkey.publicKeyUri.spec, "http://host/pub/key");
|
||||
do_check_eq(result.privkey.payload.publicKeyUri, "../pub/key");
|
||||
|
||||
_("UTF8 encoded passphrase was used.");
|
||||
do_check_true(Svc.Crypto.verifyPassphrase(result.privkey.keyData,
|
||||
|
@ -51,7 +51,7 @@ function run_test() {
|
||||
let res = new Resource("http://localhost:8080/record");
|
||||
let resp = res.get();
|
||||
|
||||
let rec = new WBORecord();
|
||||
let rec = new WBORecord("http://localhost:8080/record");
|
||||
rec.deserialize(res.data);
|
||||
do_check_eq(rec.id, "asdf-1234-asdf-1234"); // NOT "record"!
|
||||
|
||||
|
@ -46,8 +46,8 @@ SteamStore.prototype = {
|
||||
return (id in this.items);
|
||||
},
|
||||
|
||||
createRecord: function(id) {
|
||||
var record = new SteamRecord();
|
||||
createRecord: function(id, uri) {
|
||||
var record = new SteamRecord(uri);
|
||||
record.id = id;
|
||||
record.denomination = this.items[id] || "Data for new record: " + id;
|
||||
return record;
|
||||
@ -257,7 +257,7 @@ function test_syncStartup_metaGet404() {
|
||||
do_check_eq(collection.wbos.scotsman.payload, undefined);
|
||||
|
||||
_("New bulk key was uploaded");
|
||||
let key = crypto_steam.data.keyring["http://localhost:8080/1.0/foo/storage/keys/pubkey"];
|
||||
let key = crypto_steam.data.keyring["../keys/pubkey"];
|
||||
do_check_eq(key.wrapped, "fake-symmetric-key-0");
|
||||
do_check_eq(key.hmac, "fake-symmetric-key-0 ");
|
||||
|
||||
@ -439,7 +439,7 @@ function test_syncStartup_badKeyWipesServerData() {
|
||||
do_check_eq(collection.wbos.scotsman.payload, undefined);
|
||||
|
||||
// New bulk key was uploaded
|
||||
key = crypto_steam.data.keyring["http://localhost:8080/1.0/foo/storage/keys/pubkey"];
|
||||
key = crypto_steam.data.keyring["../keys/pubkey"];
|
||||
do_check_eq(key.wrapped, "fake-symmetric-key-1");
|
||||
do_check_eq(key.hmac, "fake-symmetric-key-1 ");
|
||||
|
||||
|
@ -101,13 +101,13 @@ function test_createRecord() {
|
||||
|
||||
_("create a record");
|
||||
fakeSessionSvc("http://foo.com");
|
||||
record = store.createRecord();
|
||||
record = store.createRecord("fake-guid", "http://fake.uri/");
|
||||
do_check_true(record instanceof TabSetRecord);
|
||||
do_check_eq(record.tabs.length, 1);
|
||||
|
||||
_("create a big record");
|
||||
fakeSessionSvc("http://foo.com", numtabs);
|
||||
record = store.createRecord();
|
||||
record = store.createRecord("fake-guid", "http://fake.uri/");
|
||||
do_check_true(record instanceof TabSetRecord);
|
||||
do_check_eq(record.tabs.length, 256);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user