[Sync] Add SyncEncryptionHandler

chrome/browser/sync/glue/sync_backend_host.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "build/build_config.h"
 
 #include "chrome/browser/sync/glue/sync_backend_host.h"
 
 #include <algorithm>
 #include <map>
@@ skipping 60 matching lines @@
 
 // Helper macros to log with the syncer thread name; useful when there
 // are multiple syncers involved.
 
 #define SLOG(severity) LOG(severity) << name_ << ": "
 
 #define SDVLOG(verbose_level) DVLOG(verbose_level) << name_ << ": "
 
 class SyncBackendHost::Core
     : public base::RefCountedThreadSafe<SyncBackendHost::Core>,
+      public syncer::SyncEncryptionHandler::Observer,
       public syncer::SyncManager::Observer,
       public syncer::SyncNotifierObserver {
  public:
   Core(const std::string& name,
        const FilePath& sync_data_folder_path,
        const base::WeakPtr<SyncBackendHost>& backend);
 
   // SyncManager::Observer implementation.  The Core just acts like an air
   // traffic controller here, forwarding incoming messages to appropriate
   // landing threads.
   virtual void OnSyncCycleCompleted(
       const syncer::sessions::SyncSessionSnapshot& snapshot) OVERRIDE;
   virtual void OnInitializationComplete(
       const syncer::WeakHandle<syncer::JsBackend>& js_backend,
       bool success,
       syncer::ModelTypeSet restored_types) OVERRIDE;
   virtual void OnConnectionStatusChange(
       syncer::ConnectionStatus status) OVERRIDE;
+  virtual void OnStopSyncingPermanently() OVERRIDE;
+  virtual void OnUpdatedToken(const std::string& token) OVERRIDE;
+  virtual void OnActionableError(
+      const syncer::SyncProtocolError& sync_error) OVERRIDE;
+
+  // SyncEncryptionHandler::Observer implementation.
   virtual void OnPassphraseRequired(
       syncer::PassphraseRequiredReason reason,
       const sync_pb::EncryptedData& pending_keys) OVERRIDE;
   virtual void OnPassphraseAccepted() OVERRIDE;
   virtual void OnBootstrapTokenUpdated(
       const std::string& bootstrap_token) OVERRIDE;
-  virtual void OnStopSyncingPermanently() OVERRIDE;
-  virtual void OnUpdatedToken(const std::string& token) OVERRIDE;
   virtual void OnEncryptedTypesChanged(
       syncer::ModelTypeSet encrypted_types,
       bool encrypt_everything) OVERRIDE;
   virtual void OnEncryptionComplete() OVERRIDE;
-  virtual void OnActionableError(
-      const syncer::SyncProtocolError& sync_error) OVERRIDE;
+  virtual void OnCryptographerStateChanged(
+      syncer::Cryptographer* cryptographer) OVERRIDE;
 
   // syncer::SyncNotifierObserver implementation.
   virtual void OnNotificationsEnabled() OVERRIDE;
   virtual void OnNotificationsDisabled(
       syncer::NotificationsDisabledReason reason) OVERRIDE;
   virtual void OnIncomingNotification(
       const syncer::ObjectIdPayloadMap& id_payloads,
       syncer::IncomingNotificationSource source) OVERRIDE;
 
   // Note:
@@ skipping 23 matching lines @@
   void DoSetEncryptionPassphrase(const std::string& passphrase,
                                  bool is_explicit);
 
   // Called to decrypt the pending keys.
   void DoSetDecryptionPassphrase(const std::string& passphrase);
 
   // Called to turn on encryption of all sync data as well as
   // reencrypt everything.
   void DoEnableEncryptEverything();
 
-  // Called to refresh encryption with the most recent passphrase
-  // and set of encrypted types. Also adds device information to the nigori
-  // node. |done_callback| is called on the sync thread.
-  void DoRefreshNigori(const base::Closure& done_callback);
+  // Called to load sync encryption state and re-encrypt any types
+  // needing encryption as necessary.
+  void DoAssociateNigori(
+      const syncer::WeakHandle<syncer::JsBackend>& js_backend);
 
   // The shutdown order is a bit complicated:
   // 1) From |sync_thread_|, invoke the syncapi Shutdown call to do
   //    a final SaveChanges, and close sqlite handles.
   // 2) Then, from |frontend_loop_|, halt the sync_thread_ (which is
   //    a blocking call). This causes syncapi thread-exit handlers
   //    to run and make use of cached pointers to various components
   //    owned implicitly by us.
   // 3) Destroy this Core. That will delete syncapi components in a
   //    safe order because the thread that was using them has exited
@@ skipping 560 matching lines @@
 
 bool SyncBackendHost::IsNigoriEnabled() const {
   return registrar_.get() && registrar_->IsNigoriEnabled();
 }
 
 bool SyncBackendHost::IsUsingExplicitPassphrase() {
   // This should only be called once the nigori node has been downloaded, as
   // otherwise we have no idea what kind of passphrase we are using. This will
   // NOTREACH in sync_manager and return false if we fail to load the nigori
   // node.
+  // TODO(zea): cache this value here, then make the encryption handler
+  // NonThreadSafe and only accessible from the sync thread.
   return IsNigoriEnabled() &&
-      core_->sync_manager()->IsUsingExplicitPassphrase();
+      core_->sync_manager()->GetEncryptionHandler()->
+          IsUsingExplicitPassphrase();
 }
 
 bool SyncBackendHost::IsCryptographerReady(
     const syncer::BaseTransaction* trans) const {
   return initialized() && trans->GetCryptographer()->is_ready();
 }
 
 void SyncBackendHost::GetModelSafeRoutingInfo(
     syncer::ModelSafeRoutingInfo* out) const {
   if (initialized()) {
@@ skipping 234 matching lines @@
 void SyncBackendHost::Core::OnEncryptionComplete() {
   if (!sync_loop_)
     return;
   DCHECK_EQ(MessageLoop::current(), sync_loop_);
   // NOTE: We're in a transaction.
   host_.Call(
       FROM_HERE,
       &SyncBackendHost::NotifyEncryptionComplete);
 }
 
+void SyncBackendHost::Core::OnCryptographerStateChanged(
+    syncer::Cryptographer* cryptographer) {
+  // Do nothing.
+}
+
 void SyncBackendHost::Core::OnActionableError(
     const syncer::SyncProtocolError& sync_error) {
   if (!sync_loop_)
     return;
   DCHECK_EQ(MessageLoop::current(), sync_loop_);
   host_.Call(
       FROM_HERE,
       &SyncBackendHost::HandleActionableErrorEventOnFrontendLoop,
       sync_error);
 }
@@ skipping 109 matching lines @@
     sync_manager_->UpdateRegisteredInvalidationIds(this, ids);
   }
 }
 
 void SyncBackendHost::Core::DoStartSyncing(
     const syncer::ModelSafeRoutingInfo& routing_info) {
   DCHECK_EQ(MessageLoop::current(), sync_loop_);
   sync_manager_->StartSyncingNormally(routing_info);
 }
 
+void SyncBackendHost::Core::DoAssociateNigori(
+    const syncer::WeakHandle<syncer::JsBackend>& js_backend) {
+  DCHECK_EQ(MessageLoop::current(), sync_loop_);
+  sync_manager_->GetEncryptionHandler()->AddObserver(this);
+  sync_manager_->GetEncryptionHandler()->Init();
+  host_.Call(FROM_HERE,
+             &SyncBackendHost::HandleInitializationCompletedOnFrontendLoop,
+             js_backend,
+             true);
+}
+
 void SyncBackendHost::Core::DoSetEncryptionPassphrase(
     const std::string& passphrase,
     bool is_explicit) {
   DCHECK_EQ(MessageLoop::current(), sync_loop_);
-  sync_manager_->SetEncryptionPassphrase(passphrase, is_explicit);
+  sync_manager_->GetEncryptionHandler()->SetEncryptionPassphrase(
+      passphrase, is_explicit);
 }
 
 void SyncBackendHost::Core::DoSetDecryptionPassphrase(
     const std::string& passphrase) {
   DCHECK_EQ(MessageLoop::current(), sync_loop_);
-  sync_manager_->SetDecryptionPassphrase(passphrase);
+  sync_manager_->GetEncryptionHandler()->SetDecryptionPassphrase(
+      passphrase);
 }
 
 void SyncBackendHost::Core::DoEnableEncryptEverything() {
   DCHECK_EQ(MessageLoop::current(), sync_loop_);
-  sync_manager_->EnableEncryptEverything();
-}
-
-void SyncBackendHost::Core::DoRefreshNigori(
-    const base::Closure& done_callback) {
-  DCHECK_EQ(MessageLoop::current(), sync_loop_);
-  chrome::VersionInfo version_info;
-  sync_manager_->RefreshNigori(version_info.CreateVersionString(),
-                               done_callback);
+  sync_manager_->GetEncryptionHandler()->EnableEncryptEverything();
 }
 
 void SyncBackendHost::Core::DoStopSyncManagerForShutdown(
     const base::Closure& closure) {
   if (sync_manager_.get()) {
     sync_manager_->StopSyncingForShutdown(closure);
   } else {
     sync_loop_->PostTask(FROM_HERE, closure);
   }
 }
@@ skipping 144 matching lines @@
           WITH_NIGORI,
           // Calls back into this function.
           base::Bind(
               &SyncBackendHost::
                   HandleNigoriConfigurationCompletedOnFrontendLoop,
               weak_ptr_factory_.GetWeakPtr(), js_backend),
           base::Bind(&SyncBackendHost::OnNigoriDownloadRetry,
                      weak_ptr_factory_.GetWeakPtr()));
       break;
     case DOWNLOADING_NIGORI:
-      initialization_state_ = REFRESHING_NIGORI;
+      initialization_state_ = ASSOCIATING_NIGORI;
       // Triggers OnEncryptedTypesChanged() and OnEncryptionComplete()
       // if necessary.
-      RefreshNigori(
-          base::Bind(
-              &SyncBackendHost::
-                  HandleInitializationCompletedOnFrontendLoop,
-              weak_ptr_factory_.GetWeakPtr(), js_backend, true));
+      AssociateNigori(js_backend);

[tim (not reviewing), 2012/08/15 00:23:30]

Can we cache js_backend somewhere in this class to avoid having to thread it
through?  Now that the base::Bind is gone it looks even stranger as a param at
every function in the chain back to here...

[Nicolas Zea, 2012/08/15 01:08:29]

Done.

       break;
-    case REFRESHING_NIGORI:
+    case ASSOCIATING_NIGORI:
       initialization_state_ = INITIALIZED;
       // Now that we've downloaded the nigori node, we can see if there are any
       // experimental types to enable. This should be done before we inform
       // the frontend to ensure they're visible in the customize screen.
       AddExperimentalTypes();
       frontend_->OnBackendInitialized(js_backend, true);
       break;
     default:
       NOTREACHED();
   }
@@ skipping 73 matching lines @@
 }
 
 bool SyncBackendHost::CheckPassphraseAgainstCachedPendingKeys(
     const std::string& passphrase) const {
   DCHECK(cached_pending_keys_.has_blob());
   DCHECK(!passphrase.empty());
   syncer::Nigori nigori;
   nigori.InitByDerivation("localhost", "dummy", passphrase);
   std::string plaintext;
   bool result = nigori.Decrypt(cached_pending_keys_.blob(), &plaintext);
+  DVLOG_IF(1, result) << "Passphrase failed to decrypt pending keys.";
   return result;
 }
 
 void SyncBackendHost::NotifyPassphraseRequired(
     syncer::PassphraseRequiredReason reason,
     sync_pb::EncryptedData pending_keys) {
   if (!frontend_)
     return;
 
   DCHECK_EQ(MessageLoop::current(), frontend_loop_);
@@ skipping 62 matching lines @@
 void SyncBackendHost::HandleNigoriConfigurationCompletedOnFrontendLoop(
     const syncer::WeakHandle<syncer::JsBackend>& js_backend,
     const syncer::ModelTypeSet failed_configuration_types) {
   HandleInitializationCompletedOnFrontendLoop(
       js_backend, failed_configuration_types.Empty());
 }
 
 namespace {
 
 // Needed because MessageLoop::PostTask is overloaded.
 void PostClosure(MessageLoop* message_loop,

[tim (not reviewing), 2012/08/15 00:23:30]

This can go too, I think!

[Nicolas Zea, 2012/08/15 01:08:29]

Done.

                  const tracked_objects::Location& from_here,
                  const base::Closure& callback) {
   message_loop->PostTask(from_here, callback);
 }
 
 }  // namespace
 
-void SyncBackendHost::RefreshNigori(const base::Closure& done_callback) {
+void SyncBackendHost::AssociateNigori(
+    const syncer::WeakHandle<syncer::JsBackend>& js_backend) {
   DCHECK_EQ(MessageLoop::current(), frontend_loop_);
-  base::Closure sync_thread_done_callback =
-      base::Bind(&PostClosure,
-                 MessageLoop::current(), FROM_HERE, done_callback);
   sync_thread_.message_loop()->PostTask(
       FROM_HERE,
-      base::Bind(&SyncBackendHost::Core::DoRefreshNigori,
-                 core_.get(), sync_thread_done_callback));
+      base::Bind(&SyncBackendHost::Core::DoAssociateNigori,
+                 js_backend,
+                 core_.get()));
 }
 
 #undef SDVLOG
 
 #undef SLOG
 
 }  // namespace browser_sync