Chromium Code Reviews Chromium Code Reviews
Issue 10827266:
[Sync] Add SyncEncryptionHandler (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: sync/internal_api/sync_encryption_handler_impl.h |
| diff --git a/sync/internal_api/sync_encryption_handler_impl.h b/sync/internal_api/sync_encryption_handler_impl.h |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..f879c1dcda86cf97ce6a0d1f3a470caaaced9222 |
| --- /dev/null |
| +++ b/sync/internal_api/sync_encryption_handler_impl.h |
| @@ -0,0 +1,143 @@ |
| +// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#ifndef SYNC_INTERNAL_API_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
| +#define SYNC_INTERNAL_API_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
| + |
| +#include <string> |
| + |
| +#include "base/compiler_specific.h" |
| +#include "base/gtest_prod_util.h" |
| +#include "base/memory/scoped_ptr.h" |
| +#include "base/memory/weak_ptr.h" |
| +#include "base/observer_list.h" |
| +#include "sync/internal_api/public/sync_encryption_handler.h" |
| +#include "sync/syncable/nigori_handler.h" |
| + |
| +namespace syncer { |
| + |
| +struct UserShare; |
| +class WriteNode; |
| +class WriteTransaction; |
| + |
| +// TODO(zea): Make this class explicitly non-thread safe and ensure its only |
| +// accessed from the sync thread, with the possible exception of |
| +// GetEncryptedTypes. Need to cache explicit passphrase state on the UI thread. |
|
tim (not reviewing)
2012/08/14 02:32:20
I think it would be useful to have a class comment
Nicolas Zea
2012/08/14 23:24:51
Done.
|
| +class SyncEncryptionHandlerImpl |
| + : public SyncEncryptionHandler, |
| + public syncable::NigoriHandler { |
| + public: |
| + SyncEncryptionHandlerImpl(UserShare* user_share, |
| + Cryptographer* cryptographer); |
| + virtual ~SyncEncryptionHandlerImpl(); |
| + |
| + // SyncEncryptionHandler implementation. |
| + virtual void AddObserver(Observer* observer) OVERRIDE; |
| + virtual void RemoveObserver(Observer* observer) OVERRIDE; |
| + virtual void ReloadNigori() OVERRIDE; |
| + virtual void SetEncryptionPassphrase(const std::string& passphrase, |
| + bool is_explicit) OVERRIDE; |
| + virtual void SetDecryptionPassphrase(const std::string& passphrase) OVERRIDE; |
| + virtual void EnableEncryptEverything() OVERRIDE; |
| + virtual bool EncryptEverythingEnabled() const OVERRIDE; |
| + virtual bool IsUsingExplicitPassphrase() const OVERRIDE; |
| + |
| + // NigoriHandler implementation. |
| + // Note: all methods are invoked while the caller holds a transaction. |
| + virtual void UpdateFromNigori( |
| + const sync_pb::NigoriSpecifics& nigori) OVERRIDE; |
| + virtual void UpdateNigoriFromEncryptedTypes( |
| + sync_pb::NigoriSpecifics* nigori) const OVERRIDE; |
| + virtual ModelTypeSet GetEncryptedTypes() const OVERRIDE; |
| + |
| + private: |
| + DISALLOW_COPY_AND_ASSIGN(SyncEncryptionHandlerImpl); |
|
tim (not reviewing)
2012/08/14 02:32:20
nit - put this at the bottom.
Nicolas Zea
2012/08/14 23:24:51
Done.
|
| + FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| + NigoriEncryptionTypes); |
| + FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| + EncryptEverythingExplicit); |
| + FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| + EncryptEverythingImplicit); |
| + FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| + UnknownSensitiveTypes); |
| + |
| + // Iterate over all encrypted types ensuring each entry is properly encrypted. |
| + void ReEncryptEverything(WriteTransaction* trans); |
| + |
| + // Apply a nigori update. Updates internal and cryptographer state. |
| + // Returns true on success, false if |nigori| was incompatible, and the |
| + // nigori node must be corrected. |
| + // Note: must be called from within a transaction. |
| + bool ApplyNigoriUpdate(const sync_pb::NigoriSpecifics& nigori, |
| + Cryptographer* cryptographer); |
| + |
| + // Wrapper around WriteEncryptionStateToNigori that creates a new write |
| + // transaction. |
| + void RewriteNigori(); |
| + |
| + // Write the current encryption state into the nigori node. This includes |
| + // the encrypted types/encrypt everything state, as well as the keybag/ |
| + // explicit passphrase state (if the cryptographer is ready). |
| + void WriteEncryptionStateToNigori(WriteTransaction* trans); |
| + |
| + // Updates local encrypted types from |nigori|. |
| + // Returns true if the local set of encrypted types either matched or was |
| + // a subset of that in |nigori|. Returns false if the local state already |
| + // had stricter encryption than |nigori|, and the nigori node needs to be |
| + // updated with the newer encryption state. |
| + // Note: must be called from within a transaction. |
| + bool UpdateEncryptedTypesFromNigori(const sync_pb::NigoriSpecifics& nigori); |
| + |
| + // The final step of SetEncryptionPassphrase and SetDecryptionPassphrase that |
| + // notifies observers of the result of the set passphrase operation, updates |
| + // the nigori node, and does re-encryption. |
| + // |success|: true if the operation was successful and false otherwise. If |
| + // success == false, we send an OnPassphraseRequired notification. |
| + // |bootstrap_token|: used to inform observers if the cryptographer's |
| + // bootstrap token was updated. |
| + // |is_explicit|: used to differentiate between a custom passphrase (true) and |
| + // a GAIA passphrase that is implicitly used for encryption |
| + // (false). |
| + // |trans| and |nigori_node|: used to access data in the cryptographer. |
| + void FinishSetPassphrase(bool success, |
| + const std::string& bootstrap_token, |
| + bool is_explicit, |
| + WriteTransaction* trans, |
| + WriteNode* nigori_node); |
| + |
| + // Merges the given set of encrypted types with the existing set and emits a |
| + // notification if necessary. |
| + // Note: must be called from within a transaction. |
| + void MergeEncryptedTypes(ModelTypeSet encrypted_types); |
| + |
| + base::WeakPtrFactory<SyncEncryptionHandlerImpl> weak_ptr_factory_; |
| + |
| + ObserverList<SyncEncryptionHandler::Observer> observers_; |
| + |
| + // The current user share (for creating transactions). |
| + UserShare* user_share_; |
| + |
| + // TODO(zea): have the sync encryption handler own the cryptographer, and live |
| + // in the directory. |
| + Cryptographer* cryptographer_; |
| + |
| + // The set of types that require encryption. This is accessed on all sync |
| + // datatype threads when we write to a node, so we must hold a transaction |
| + // whenever we touch/read it. |
| + ModelTypeSet encrypted_types_; |
| + |
| + // Sync encryption state. These are only modified and accessed from the sync |
| + // thread. |
| + bool encrypt_everything_; |
| + bool explicit_passphrase_; |
| + |
| + // The number of times we've automatically (i.e. not via SetPassphrase or |
| + // conflict resolver) updated the nigori's encryption keys in this chrome |
| + // instantiation. |
| + int nigori_overwrite_count_; |
| +}; |
| + |
| +} // namespace syncer |
| + |
| +#endif // SYNC_INTERNAL_API_PUBLIC_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
