Bug 1368568 - Remove legacy SyncKeyBundle. r?eoger
MozReview-Commit-ID: JYiTeQnduto
* * *
Bug 1368568 - Remove legacy SyncKeyBundle. r?eoger
--- a/services/sync/modules/keys.js
+++ b/services/sync/modules/keys.js
@@ -1,17 +1,16 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */
"use strict";
this.EXPORTED_SYMBOLS = [
"BulkKeyBundle",
- "SyncKeyBundle"
];
var {classes: Cc, interfaces: Ci, utils: Cu, results: Cr} = Components;
Cu.import("resource://services-sync/constants.js");
Cu.import("resource://gre/modules/Log.jsm");
Cu.import("resource://services-sync/main.js");
Cu.import("resource://services-sync/util.js");
@@ -162,54 +161,8 @@ BulkKeyBundle.prototype = {
throw new Error("BulkKeyBundle.keyPairB64 value must be an array of 2 " +
"keys.");
}
this.encryptionKey = Utils.safeAtoB(value[0]);
this.hmacKey = Utils.safeAtoB(value[1]);
},
};
-
-/**
- * Represents a key pair derived from a Sync Key via HKDF.
- *
- * Instances of this type should be considered immutable. You create an
- * instance by specifying the username and 26 character "friendly" Base32
- * encoded Sync Key. The Sync Key is derived at instance creation time.
- *
- * If the username or Sync Key is invalid, an Error will be thrown.
- */
-this.SyncKeyBundle = function SyncKeyBundle(username, syncKey) {
- let log = Log.repository.getLogger("Sync.SyncKeyBundle");
- log.info("SyncKeyBundle being created.");
- KeyBundle.call(this);
-
- this.generateFromKey(username, syncKey);
-}
-SyncKeyBundle.prototype = {
- __proto__: KeyBundle.prototype,
-
- /*
- * If we've got a string, hash it into keys and store them.
- */
- generateFromKey: function generateFromKey(username, syncKey) {
- if (!username || (typeof username != "string")) {
- throw new Error("Sync Key cannot be generated from non-string username.");
- }
-
- if (!syncKey || (typeof syncKey != "string")) {
- throw new Error("Sync Key cannot be generated from non-string key.");
- }
-
- if (!Utils.isPassphrase(syncKey)) {
- throw new Error("Provided key is not a passphrase, cannot derive Sync " +
- "Key Bundle.");
- }
-
- // Expand the base32 Sync Key to an AES 256 and 256 bit HMAC key.
- let prk = Utils.decodeKeyBase32(syncKey);
- let info = HMAC_INPUT + username;
- let okm = Utils.hkdfExpand(prk, info, 32 * 2);
- this.encryptionKey = okm.slice(0, 32);
- this.hmacKey = okm.slice(32, 64);
- },
-};
-
--- a/services/sync/tests/unit/head_errorhandler_common.js
+++ b/services/sync/tests/unit/head_errorhandler_common.js
@@ -92,17 +92,18 @@ const EHTestsCommon = {
return CatapultEngine;
}()),
generateCredentialsChangedFailure() {
// Make sync fail due to changed credentials. We simply re-encrypt
// the keys with a different Sync Key, without changing the local one.
- let newSyncKeyBundle = new SyncKeyBundle("johndoe", "23456234562345623456234562");
+ let newSyncKeyBundle = new BulkKeyBundle("crypto");
+ newSyncKeyBundle.generateRandom();
let keys = Service.collectionKeys.asWBO();
keys.encrypt(newSyncKeyBundle);
return keys.upload(Service.resource(Service.cryptoKeysURL));
},
async setUp(server) {
await configureIdentity({ username: "johndoe" }, server);
return EHTestsCommon.generateAndUploadKeys()
--- a/services/sync/tests/unit/test_keys.js
+++ b/services/sync/tests/unit/test_keys.js
@@ -112,64 +112,16 @@ add_test(function test_repeated_hmac() {
let k = Utils.makeHMACKey("foo");
let one = sha256HMAC(Utils.decodeKeyBase32(testKey), k);
let two = sha256HMAC(Utils.decodeKeyBase32(testKey), k);
do_check_eq(one, two);
run_next_test();
});
-add_test(function test_sync_key_bundle_derivation() {
- _("Ensure derivation from known values works.");
-
- // The known values in this test were originally verified against Firefox
- // Home.
- let bundle = new SyncKeyBundle("st3fan", "q7ynpwq7vsc9m34hankbyi3s3i");
-
- // These should be compared to the results from Home, as they once were.
- let e = "14b8c09fa84e92729ee695160af6e0385f8f6215a25d14906e1747bdaa2de426";
- let h = "370e3566245d79fe602a3adb5137e42439cd2a571235197e0469d7d541b07875";
-
- let realE = Utils.bytesAsHex(bundle.encryptionKey);
- let realH = Utils.bytesAsHex(bundle.hmacKey);
-
- _("Real E: " + realE);
- _("Real H: " + realH);
- do_check_eq(realH, h);
- do_check_eq(realE, e);
-
- run_next_test();
-});
-
-add_test(function test_keymanager() {
- let testKey = "ababcdefabcdefabcdefabcdef";
- let username = "john@example.com";
-
- // Decode the key here to mirror what generateEntry will do,
- // but pass it encoded into the KeyBundle call below.
-
- let sha256inputE = "" + HMAC_INPUT + username + "\x01";
- let key = Utils.makeHMACKey(Utils.decodeKeyBase32(testKey));
- let encryptKey = sha256HMAC(sha256inputE, key);
-
- let sha256inputH = encryptKey + HMAC_INPUT + username + "\x02";
- let hmacKey = sha256HMAC(sha256inputH, key);
-
- // Encryption key is stored in base64 for WeaveCrypto convenience.
- do_check_eq(encryptKey, new SyncKeyBundle(username, testKey).encryptionKey);
- do_check_eq(hmacKey, new SyncKeyBundle(username, testKey).hmacKey);
-
- // Test with the same KeyBundle for both.
- let obj = new SyncKeyBundle(username, testKey);
- do_check_eq(hmacKey, obj.hmacKey);
- do_check_eq(encryptKey, obj.encryptionKey);
-
- run_next_test();
-});
-
add_task(async function test_ensureLoggedIn() {
let log = Log.repository.getLogger("Test");
Log.repository.rootLogger.addAppender(new Log.DumpAppender());
let identityConfig = makeIdentityConfig();
let browseridManager = new BrowserIDManager();
configureFxAccountIdentity(browseridManager, identityConfig);
await browseridManager.ensureLoggedIn();
--- a/services/sync/tests/unit/test_service_detect_upgrade.js
+++ b/services/sync/tests/unit/test_service_detect_upgrade.js
@@ -215,17 +215,18 @@ add_task(async function v5_upgrade() {
let m = new WBORecord("meta", "global");
m.payload = {"syncID": "foooooooooooooooooooooooooo",
"storageVersion": STORAGE_VERSION + 1};
await m.upload(Service.resource(Service.metaURL));
_("New meta/global: " + JSON.stringify(meta_global));
// Fill the keys with bad data.
- let badKeys = new SyncKeyBundle("foobar", "aaaaaaaaaaaaaaaaaaaaaaaaaa");
+ let badKeys = new BulkKeyBundle("crypto");
+ badKeys.generateRandom();
await update_server_keys(badKeys, "keys", "crypto/keys"); // v4
await update_server_keys(badKeys, "bulk", "crypto/bulk"); // v5
_("Generating new keys.");
generateNewKeys(Service.collectionKeys);
// Now sync and see what happens. It should be a version fail, not a crypto
// fail.