[Sync] Add SyncEncryptionHandler

sync/internal_api/public/sync_manager.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef SYNC_INTERNAL_API_PUBLIC_SYNC_MANAGER_H_
 #define SYNC_INTERNAL_API_PUBLIC_SYNC_MANAGER_H_
 
 #include <string>
 #include <vector>
 
 #include "base/basictypes.h"
 #include "base/callback_forward.h"
 #include "base/file_path.h"
 #include "base/memory/ref_counted.h"
 #include "base/task_runner.h"
 #include "base/threading/thread_checker.h"
 #include "base/time.h"
 #include "sync/internal_api/public/base/model_type.h"
 #include "sync/internal_api/public/change_record.h"
 #include "sync/internal_api/public/configure_reason.h"
 #include "sync/internal_api/public/engine/model_safe_worker.h"
 #include "sync/internal_api/public/engine/sync_status.h"
+#include "sync/internal_api/public/sync_encryption_handler.h"
 #include "sync/internal_api/public/util/report_unrecoverable_error_function.h"
 #include "sync/internal_api/public/util/weak_handle.h"
 #include "sync/notifier/invalidation_util.h"
 #include "sync/protocol/sync_protocol_error.h"
 
 namespace sync_pb {
 class EncryptedData;
 }  // namespace sync_pb
 
 namespace syncer {
 
 class BaseTransaction;
 class Encryptor;
 struct Experiments;
 class ExtensionsActivityMonitor;
 class HttpPostProviderFactory;
 class InternalComponentsFactory;
 class JsBackend;
 class JsEventHandler;
+class SyncEncryptionHandler;
 class SyncNotifier;
 class SyncNotifierObserver;
 class SyncScheduler;
 class UnrecoverableErrorHandler;
 struct UserShare;
 
 namespace sessions {
 class SyncSessionSnapshot;
 }  // namespace sessions
 
 // Used by SyncManager::OnConnectionStatusChange().
 enum ConnectionStatus {
   CONNECTION_OK,
   CONNECTION_AUTH_ERROR,
   CONNECTION_SERVER_ERROR
 };
 
-// Reasons due to which Cryptographer might require a passphrase.
-enum PassphraseRequiredReason {
-  REASON_PASSPHRASE_NOT_REQUIRED = 0,  // Initial value.
-  REASON_ENCRYPTION = 1,               // The cryptographer requires a
-                                       // passphrase for its first attempt at
-                                       // encryption. Happens only during
-                                       // migration or upgrade.
-  REASON_DECRYPTION = 2,               // The cryptographer requires a
-                                       // passphrase for its first attempt at
-                                       // decryption.
-};
-
-
 // Contains everything needed to talk to and identify a user account.
 struct SyncCredentials {
   std::string email;
   std::string sync_token;
 };
 
 // SyncManager encapsulates syncable::Directory and serves as the parent of all
 // other objects in the sync API.  If multiple threads interact with the same
 // local sync repository (i.e. the same sqlite database), they should share a
 // single SyncManager instance.  The caller should typically create one
@@ skipping 98 matching lines @@
     virtual void OnSyncCycleCompleted(
         const sessions::SyncSessionSnapshot& snapshot) = 0;
 
     // Called when the status of the connection to the sync server has
     // changed.
     virtual void OnConnectionStatusChange(ConnectionStatus status) = 0;
 
     // Called when a new auth token is provided by the sync server.
     virtual void OnUpdatedToken(const std::string& token) = 0;
 
-    // Called when user interaction is required to obtain a valid passphrase.
-    // - If the passphrase is required for encryption, |reason| will be
-    //   REASON_ENCRYPTION.
-    // - If the passphrase is required for the decryption of data that has
-    //   already been encrypted, |reason| will be REASON_DECRYPTION.
-    // - If the passphrase is required because decryption failed, and a new
-    //   passphrase is required, |reason| will be REASON_SET_PASSPHRASE_FAILED.
-    //
-    // |pending_keys| is a copy of the cryptographer's pending keys, that may be
-    // cached by the frontend for subsequent use by the UI.
-    virtual void OnPassphraseRequired(
-        PassphraseRequiredReason reason,
-        const sync_pb::EncryptedData& pending_keys) = 0;
-
-    // Called when the passphrase provided by the user has been accepted and is
-    // now used to encrypt sync data.
-    virtual void OnPassphraseAccepted() = 0;
-
-    // |bootstrap_token| is an opaque base64 encoded representation of the key
-    // generated by the current passphrase, and is provided to the observer for
-    // persistence purposes and use in a future initialization of sync (e.g.
-    // after restart). The boostrap token will always be derived from the most
-    // recent GAIA password (for accounts with implicit passphrases), even if
-    // the data is still encrypted with an older GAIA password. For accounts
-    // with explicit passphrases, it will be the most recently seen custom
-    // passphrase.
-    virtual void OnBootstrapTokenUpdated(
-        const std::string& bootstrap_token) = 0;
-
     // Called when initialization is complete to the point that SyncManager can
     // process changes. This does not necessarily mean authentication succeeded
     // or that the SyncManager is online.
     // IMPORTANT: Creating any type of transaction before receiving this
     // notification is illegal!
     // WARNING: Calling methods on the SyncManager before receiving this
     // message, unless otherwise specified, produces undefined behavior.
     //
     // |js_backend| is what about:sync interacts with.  It can emit
     // the following events:
@@ skipping 68 matching lines @@
         const WeakHandle<syncer::JsBackend>& js_backend,
         bool success,
         syncer::ModelTypeSet restored_types) = 0;
 
     // We are no longer permitted to communicate with the server. Sync should
     // be disabled and state cleaned up at once.  This can happen for a number
     // of reasons, e.g. swapping from a test instance to production, or a
     // global stop syncing operation has wiped the store.
     virtual void OnStopSyncingPermanently() = 0;
 
-    // Called when the set of encrypted types or the encrypt
-    // everything flag has been changed.  Note that encryption isn't
-    // complete until the OnEncryptionComplete() notification has been
-    // sent (see below).
-    //
-    // |encrypted_types| will always be a superset of
-    // Cryptographer::SensitiveTypes().  If |encrypt_everything| is
-    // true, |encrypted_types| will be the set of all known types.
-    //
-    // Until this function is called, observers can assume that the
-    // set of encrypted types is Cryptographer::SensitiveTypes() and
-    // that the encrypt everything flag is false.
-    //
-    // Called from within a transaction.
-    virtual void OnEncryptedTypesChanged(
-        ModelTypeSet encrypted_types,
-        bool encrypt_everything) = 0;
-
-    // Called after we finish encrypting the current set of encrypted
-    // types.
-    //
-    // Called from within a transaction.
-    virtual void OnEncryptionComplete() = 0;
-
     virtual void OnActionableError(
         const SyncProtocolError& sync_protocol_error) = 0;
 
    protected:
     virtual ~Observer();
   };
 
   SyncManager();
   virtual ~SyncManager();
 
@@ skipping 75 matching lines @@
       const ObjectIdSet& ids) = 0;
 
   // Forwards to the underlying notifier (see comments in sync_notifier.h).
   virtual void UnregisterInvalidationHandler(
       SyncNotifierObserver* handler) = 0;
 
   // Put the syncer in normal mode ready to perform nudges and polls.
   virtual void StartSyncingNormally(
       const ModelSafeRoutingInfo& routing_info) = 0;
 
-  // Attempts to re-encrypt encrypted data types using the passphrase provided.
-  // Notifies observers of the result of the operation via OnPassphraseAccepted
-  // or OnPassphraseRequired, updates the nigori node, and does re-encryption as
-  // appropriate. If an explicit password has been set previously, we drop
-  // subsequent requests to set a passphrase. If the cryptographer has pending
-  // keys, and a new implicit passphrase is provided, we try decrypting the
-  // pending keys with it, and if that fails, we cache the passphrase for
-  // re-encryption once the pending keys are decrypted.
-  virtual void SetEncryptionPassphrase(const std::string& passphrase,
-                                       bool is_explicit) = 0;
-
-  // Provides a passphrase for decrypting the user's existing sync data.
-  // Notifies observers of the result of the operation via OnPassphraseAccepted
-  // or OnPassphraseRequired, updates the nigori node, and does re-encryption as
-  // appropriate if there is a previously cached encryption passphrase. It is an
-  // error to call this when we don't have pending keys.
-  virtual void SetDecryptionPassphrase(const std::string& passphrase) = 0;
-
   // Switches the mode of operation to CONFIGURATION_MODE and performs
   // any configuration tasks needed as determined by the params. Once complete,
   // syncer will remain in CONFIGURATION_MODE until StartSyncingNormally is
   // called.
   // |ready_task| is invoked when the configuration completes.
   // |retry_task| is invoked if the configuration job could not immediately
   //              execute. |ready_task| will still be called when it eventually
   //              does finish.
   virtual void ConfigureSyncer(
       ConfigureReason reason,
       const ModelTypeSet& types_to_config,
       const ModelSafeRoutingInfo& new_routing_info,
       const base::Closure& ready_task,
       const base::Closure& retry_task) = 0;
 
   // Adds a listener to be notified of sync events.
   // NOTE: It is OK (in fact, it's probably a good idea) to call this before
   // having received OnInitializationCompleted.
   virtual void AddObserver(Observer* observer) = 0;
 
   // Remove the given observer.  Make sure to call this if the
   // Observer is being destroyed so the SyncManager doesn't
   // potentially dereference garbage.
   virtual void RemoveObserver(Observer* observer) = 0;
 
   // Status-related getter.  May be called on any thread.
   virtual SyncStatus GetDetailedStatus() const = 0;
 
-  // Whether or not the Nigori node is encrypted using an explicit passphrase.
-  // May be called on any thread.
-  virtual bool IsUsingExplicitPassphrase() = 0;
-
   // Extracts the keystore encryption bootstrap token if a keystore key existed.
   // Returns true if bootstrap token successfully extracted, false otherwise.
   virtual bool GetKeystoreKeyBootstrapToken(std::string* token) = 0;
 
   // Call periodically from a database-safe thread to persist recent changes
   // to the syncapi model.
   virtual void SaveChanges() = 0;
 
   // Initiates shutdown of various components in the sync engine.  Must be
   // called from the main thread to allow preempting ongoing tasks on the sync
   // loop (that may be blocked on I/O).  The semantics of |callback| are the
   // same as with StartConfigurationMode. If provided and a scheduler / sync
   // loop exists, it will be invoked from the sync loop by the scheduler to
   // notify that all work has been flushed + cancelled, and it is idle.
   // If no scheduler exists, the callback is run immediately (from the loop
   // this was created on, which is the sync loop), as sync is effectively
   // stopped.
   virtual void StopSyncingForShutdown(const base::Closure& callback) = 0;
 
   // Issue a final SaveChanges, and close sqlite handles.
   virtual void ShutdownOnSyncThread() = 0;
 
   // May be called from any thread.
   virtual UserShare* GetUserShare() = 0;
 
-  // Inform the cryptographer of the most recent passphrase and set of
-  // encrypted types (from nigori node), then ensure all data that
-  // needs encryption is encrypted with the appropriate passphrase.
-  //
-  // May trigger OnPassphraseRequired().  Otherwise, it will trigger
-  // OnEncryptedTypesChanged() if necessary (see comments for
-  // OnEncryptedTypesChanged()), and then OnEncryptionComplete().
-  //
-  // Also updates or adds device information to the nigori node.
-  //
-  // Note: opens a transaction, so must only be called after syncapi
-  // has been initialized.
-  virtual void RefreshNigori(const std::string& chrome_version,
-                             const base::Closure& done_callback) = 0;
-
-  // Enable encryption of all sync data. Once enabled, it can never be
-  // disabled without clearing the server data.
-  //
-  // This will trigger OnEncryptedTypesChanged() if necessary (see
-  // comments for OnEncryptedTypesChanged()).  It then may trigger
-  // OnPassphraseRequired(), but otherwise it will trigger
-  // OnEncryptionComplete().
-  virtual void EnableEncryptEverything() = 0;
-
   // Reads the nigori node to determine if any experimental features should
   // be enabled.
   // Note: opens a transaction.  May be called on any thread.
   virtual bool ReceivedExperiment(Experiments* experiments) = 0;
 
   // Uses a read-only transaction to determine if the directory being synced has
   // any remaining unsynced items.  May be called on any thread.
   virtual bool HasUnsyncedItems() = 0;
+
+  // Returns the SyncManager's encryption handler.
+  virtual SyncEncryptionHandler* GetEncryptionHandler() = 0;
 };
 
 }  // namespace syncer
 
 #endif  // SYNC_INTERNAL_API_PUBLIC_SYNC_MANAGER_H_