| Index: sync/internal_api/public/sync_manager.h
|
| diff --git a/sync/internal_api/public/sync_manager.h b/sync/internal_api/public/sync_manager.h
|
| index 0cb6a4c26dd3c1645f07b94262b5cd607ce0e92c..3364610e4d5f64b5c2fbb7c33cc79b2756d5236e 100644
|
| --- a/sync/internal_api/public/sync_manager.h
|
| +++ b/sync/internal_api/public/sync_manager.h
|
| @@ -20,6 +20,7 @@
|
| #include "sync/internal_api/public/configure_reason.h"
|
| #include "sync/internal_api/public/engine/model_safe_worker.h"
|
| #include "sync/internal_api/public/engine/sync_status.h"
|
| +#include "sync/internal_api/public/sync_encryption_handler.h"
|
| #include "sync/internal_api/public/util/report_unrecoverable_error_function.h"
|
| #include "sync/internal_api/public/util/weak_handle.h"
|
| #include "sync/notifier/invalidation_util.h"
|
| @@ -39,6 +40,7 @@ class HttpPostProviderFactory;
|
| class InternalComponentsFactory;
|
| class JsBackend;
|
| class JsEventHandler;
|
| +class SyncEncryptionHandler;
|
| class SyncNotifier;
|
| class SyncNotifierObserver;
|
| class SyncScheduler;
|
| @@ -56,19 +58,6 @@ enum ConnectionStatus {
|
| CONNECTION_SERVER_ERROR
|
| };
|
|
|
| -// Reasons due to which Cryptographer might require a passphrase.
|
| -enum PassphraseRequiredReason {
|
| - REASON_PASSPHRASE_NOT_REQUIRED = 0, // Initial value.
|
| - REASON_ENCRYPTION = 1, // The cryptographer requires a
|
| - // passphrase for its first attempt at
|
| - // encryption. Happens only during
|
| - // migration or upgrade.
|
| - REASON_DECRYPTION = 2, // The cryptographer requires a
|
| - // passphrase for its first attempt at
|
| - // decryption.
|
| -};
|
| -
|
| -
|
| // Contains everything needed to talk to and identify a user account.
|
| struct SyncCredentials {
|
| std::string email;
|
| @@ -187,35 +176,6 @@ class SyncManager {
|
| // Called when a new auth token is provided by the sync server.
|
| virtual void OnUpdatedToken(const std::string& token) = 0;
|
|
|
| - // Called when user interaction is required to obtain a valid passphrase.
|
| - // - If the passphrase is required for encryption, |reason| will be
|
| - // REASON_ENCRYPTION.
|
| - // - If the passphrase is required for the decryption of data that has
|
| - // already been encrypted, |reason| will be REASON_DECRYPTION.
|
| - // - If the passphrase is required because decryption failed, and a new
|
| - // passphrase is required, |reason| will be REASON_SET_PASSPHRASE_FAILED.
|
| - //
|
| - // |pending_keys| is a copy of the cryptographer's pending keys, that may be
|
| - // cached by the frontend for subsequent use by the UI.
|
| - virtual void OnPassphraseRequired(
|
| - PassphraseRequiredReason reason,
|
| - const sync_pb::EncryptedData& pending_keys) = 0;
|
| -
|
| - // Called when the passphrase provided by the user has been accepted and is
|
| - // now used to encrypt sync data.
|
| - virtual void OnPassphraseAccepted() = 0;
|
| -
|
| - // |bootstrap_token| is an opaque base64 encoded representation of the key
|
| - // generated by the current passphrase, and is provided to the observer for
|
| - // persistence purposes and use in a future initialization of sync (e.g.
|
| - // after restart). The boostrap token will always be derived from the most
|
| - // recent GAIA password (for accounts with implicit passphrases), even if
|
| - // the data is still encrypted with an older GAIA password. For accounts
|
| - // with explicit passphrases, it will be the most recently seen custom
|
| - // passphrase.
|
| - virtual void OnBootstrapTokenUpdated(
|
| - const std::string& bootstrap_token) = 0;
|
| -
|
| // Called when initialization is complete to the point that SyncManager can
|
| // process changes. This does not necessarily mean authentication succeeded
|
| // or that the SyncManager is online.
|
| @@ -304,30 +264,6 @@ class SyncManager {
|
| // global stop syncing operation has wiped the store.
|
| virtual void OnStopSyncingPermanently() = 0;
|
|
|
| - // Called when the set of encrypted types or the encrypt
|
| - // everything flag has been changed. Note that encryption isn't
|
| - // complete until the OnEncryptionComplete() notification has been
|
| - // sent (see below).
|
| - //
|
| - // |encrypted_types| will always be a superset of
|
| - // Cryptographer::SensitiveTypes(). If |encrypt_everything| is
|
| - // true, |encrypted_types| will be the set of all known types.
|
| - //
|
| - // Until this function is called, observers can assume that the
|
| - // set of encrypted types is Cryptographer::SensitiveTypes() and
|
| - // that the encrypt everything flag is false.
|
| - //
|
| - // Called from within a transaction.
|
| - virtual void OnEncryptedTypesChanged(
|
| - ModelTypeSet encrypted_types,
|
| - bool encrypt_everything) = 0;
|
| -
|
| - // Called after we finish encrypting the current set of encrypted
|
| - // types.
|
| - //
|
| - // Called from within a transaction.
|
| - virtual void OnEncryptionComplete() = 0;
|
| -
|
| virtual void OnActionableError(
|
| const SyncProtocolError& sync_protocol_error) = 0;
|
|
|
| @@ -417,24 +353,6 @@ class SyncManager {
|
| virtual void StartSyncingNormally(
|
| const ModelSafeRoutingInfo& routing_info) = 0;
|
|
|
| - // Attempts to re-encrypt encrypted data types using the passphrase provided.
|
| - // Notifies observers of the result of the operation via OnPassphraseAccepted
|
| - // or OnPassphraseRequired, updates the nigori node, and does re-encryption as
|
| - // appropriate. If an explicit password has been set previously, we drop
|
| - // subsequent requests to set a passphrase. If the cryptographer has pending
|
| - // keys, and a new implicit passphrase is provided, we try decrypting the
|
| - // pending keys with it, and if that fails, we cache the passphrase for
|
| - // re-encryption once the pending keys are decrypted.
|
| - virtual void SetEncryptionPassphrase(const std::string& passphrase,
|
| - bool is_explicit) = 0;
|
| -
|
| - // Provides a passphrase for decrypting the user's existing sync data.
|
| - // Notifies observers of the result of the operation via OnPassphraseAccepted
|
| - // or OnPassphraseRequired, updates the nigori node, and does re-encryption as
|
| - // appropriate if there is a previously cached encryption passphrase. It is an
|
| - // error to call this when we don't have pending keys.
|
| - virtual void SetDecryptionPassphrase(const std::string& passphrase) = 0;
|
| -
|
| // Switches the mode of operation to CONFIGURATION_MODE and performs
|
| // any configuration tasks needed as determined by the params. Once complete,
|
| // syncer will remain in CONFIGURATION_MODE until StartSyncingNormally is
|
| @@ -463,10 +381,6 @@ class SyncManager {
|
| // Status-related getter. May be called on any thread.
|
| virtual SyncStatus GetDetailedStatus() const = 0;
|
|
|
| - // Whether or not the Nigori node is encrypted using an explicit passphrase.
|
| - // May be called on any thread.
|
| - virtual bool IsUsingExplicitPassphrase() = 0;
|
| -
|
| // Extracts the keystore encryption bootstrap token if a keystore key existed.
|
| // Returns true if bootstrap token successfully extracted, false otherwise.
|
| virtual bool GetKeystoreKeyBootstrapToken(std::string* token) = 0;
|
| @@ -492,30 +406,6 @@ class SyncManager {
|
| // May be called from any thread.
|
| virtual UserShare* GetUserShare() = 0;
|
|
|
| - // Inform the cryptographer of the most recent passphrase and set of
|
| - // encrypted types (from nigori node), then ensure all data that
|
| - // needs encryption is encrypted with the appropriate passphrase.
|
| - //
|
| - // May trigger OnPassphraseRequired(). Otherwise, it will trigger
|
| - // OnEncryptedTypesChanged() if necessary (see comments for
|
| - // OnEncryptedTypesChanged()), and then OnEncryptionComplete().
|
| - //
|
| - // Also updates or adds device information to the nigori node.
|
| - //
|
| - // Note: opens a transaction, so must only be called after syncapi
|
| - // has been initialized.
|
| - virtual void RefreshNigori(const std::string& chrome_version,
|
| - const base::Closure& done_callback) = 0;
|
| -
|
| - // Enable encryption of all sync data. Once enabled, it can never be
|
| - // disabled without clearing the server data.
|
| - //
|
| - // This will trigger OnEncryptedTypesChanged() if necessary (see
|
| - // comments for OnEncryptedTypesChanged()). It then may trigger
|
| - // OnPassphraseRequired(), but otherwise it will trigger
|
| - // OnEncryptionComplete().
|
| - virtual void EnableEncryptEverything() = 0;
|
| -
|
| // Reads the nigori node to determine if any experimental features should
|
| // be enabled.
|
| // Note: opens a transaction. May be called on any thread.
|
| @@ -524,6 +414,9 @@ class SyncManager {
|
| // Uses a read-only transaction to determine if the directory being synced has
|
| // any remaining unsynced items. May be called on any thread.
|
| virtual bool HasUnsyncedItems() = 0;
|
| +
|
| + // Returns the SyncManager's encryption handler.
|
| + virtual SyncEncryptionHandler* GetEncryptionHandler() = 0;
|
| };
|
|
|
| } // namespace syncer
|
|
|
Chromium Code Reviews
Issue 10827266:
[Sync] Add SyncEncryptionHandler (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src