[Sync] Add SyncEncryptionHandler

sync/util/cryptographer.cc

Index: sync/util/cryptographer.cc
diff --git a/sync/util/cryptographer.cc b/sync/util/cryptographer.cc
index c512ab6bf24c7c10a80b166c9b96ec8367b675da..0cdb389d0041b36ff525a0d25c34ff774650819c 100644
--- a/sync/util/cryptographer.cc
+++ b/sync/util/cryptographer.cc
@@ -8,6 +8,8 @@
 
 #include "base/base64.h"
 #include "base/logging.h"
+#include "sync/protocol/nigori_specifics.pb.h"
+#include "sync/syncable/nigori_handler.h"
 #include "sync/util/encryptor.h"
 
 namespace syncer {
@@ -20,27 +22,37 @@ const char kNigoriTag[] = "google_chrome_nigori";
 // assign the same name to a particular triplet.
 const char kNigoriKeyName[] = "nigori-key";
 
-Cryptographer::Observer::~Observer() {}
-
 Cryptographer::Cryptographer(Encryptor* encryptor)
     : encryptor_(encryptor),
       default_nigori_(NULL),
       keystore_nigori_(NULL),
-      encrypted_types_(SensitiveTypes()),
-      encrypt_everything_(false) {
+      nigori_node_handler_(NULL) {
   DCHECK(encryptor);
 }
 
 Cryptographer::~Cryptographer() {}
 
-void Cryptographer::AddObserver(Observer* observer) {
-  observers_.AddObserver(observer);
+void Cryptographer::SetNigoriHandler(syncable::NigoriHandler* delegate) {
+  nigori_node_handler_ = delegate;
+}
+
+void Cryptographer::ApplyNigoriUpdate(
+    const sync_pb::NigoriSpecifics& nigori,
+    syncable::BaseTransaction* const trans) {
+  nigori_node_handler_->ApplyNigoriUpdate(nigori, trans);
+}
+
+ModelTypeSet Cryptographer::GetEncryptedTypes() const {
+  return nigori_node_handler_->GetEncryptedTypes();
 }
 
-void Cryptographer::RemoveObserver(Observer* observer) {
-  observers_.RemoveObserver(observer);
+void Cryptographer::UpdateNigoriFromEncryptedTypes(
+    sync_pb::NigoriSpecifics* nigori,
+    syncable::BaseTransaction* const trans) const {
+  nigori_node_handler_->UpdateNigoriFromEncryptedTypes(nigori, trans);
 }
 
+
 void Cryptographer::Bootstrap(const std::string& restored_bootstrap_token) {
   if (is_initialized()) {
     NOTREACHED();
@@ -194,6 +206,11 @@ void Cryptographer::InstallKeys(const sync_pb::EncryptedData& encrypted) {
   InstallKeyBag(bag);
 }
 
+void Cryptographer::SetDefaultKey(const std::string& key_name) {
+  DCHECK(nigoris_.end() != nigoris_.find(key_name));
+  default_nigori_ = &*nigoris_.find(key_name);
+}
+
 void Cryptographer::SetPendingKeys(const sync_pb::EncryptedData& encrypted) {
   DCHECK(!CanDecrypt(encrypted));
   pending_keys_.reset(new sync_pb::EncryptedData(encrypted));
@@ -311,29 +328,6 @@ Nigori* Cryptographer::UnpackBootstrapToken(const std::string& token) const {
   return nigori.release();
 }
 
-Cryptographer::UpdateResult Cryptographer::Update(
-    const sync_pb::NigoriSpecifics& nigori) {
-  UpdateEncryptedTypesFromNigori(nigori);
-  if (!nigori.encrypted().blob().empty()) {
-    if (CanDecrypt(nigori.encrypted())) {
-      InstallKeys(nigori.encrypted());
-      // We only update the default passphrase if this was a new explicit
-      // passphrase. Else, since it was decryptable, it must not have been a new
-      // key.
-      if (nigori.using_explicit_passphrase()) {
-        std::string new_default_key_name = nigori.encrypted().key_name();
-        DCHECK(nigoris_.end() != nigoris_.find(new_default_key_name));
-        default_nigori_ = &*nigoris_.find(new_default_key_name);
-      }
-      return Cryptographer::SUCCESS;
-    } else {
-      SetPendingKeys(nigori.encrypted());
-      return Cryptographer::NEEDS_PASSPHRASE;
-    }
-  }
-  return Cryptographer::SUCCESS;
-}
-
 bool Cryptographer::SetKeystoreKey(const std::string& keystore_key) {
   if (keystore_key.empty())
     return false;
@@ -355,128 +349,6 @@ bool Cryptographer::HasKeystoreKey() const {
   return keystore_nigori_ != NULL;
 }
 
-// Static
-ModelTypeSet Cryptographer::SensitiveTypes() {
-  // Both of these have their own encryption schemes, but we include them
-  // anyways.
-  ModelTypeSet types;
-  types.Put(PASSWORDS);
-  types.Put(NIGORI);
-  return types;
-}
-
-void Cryptographer::UpdateEncryptedTypesFromNigori(
-    const sync_pb::NigoriSpecifics& nigori) {
-  if (nigori.encrypt_everything()) {
-    set_encrypt_everything();
-    return;
-  }
-
-  ModelTypeSet encrypted_types(SensitiveTypes());
-  if (nigori.encrypt_bookmarks())
-    encrypted_types.Put(BOOKMARKS);
-  if (nigori.encrypt_preferences())
-    encrypted_types.Put(PREFERENCES);
-  if (nigori.encrypt_autofill_profile())
-    encrypted_types.Put(AUTOFILL_PROFILE);
-  if (nigori.encrypt_autofill())
-    encrypted_types.Put(AUTOFILL);
-  if (nigori.encrypt_themes())
-    encrypted_types.Put(THEMES);
-  if (nigori.encrypt_typed_urls())
-    encrypted_types.Put(TYPED_URLS);
-  if (nigori.encrypt_extension_settings())
-    encrypted_types.Put(EXTENSION_SETTINGS);
-  if (nigori.encrypt_extensions())
-    encrypted_types.Put(EXTENSIONS);
-  if (nigori.encrypt_search_engines())
-    encrypted_types.Put(SEARCH_ENGINES);
-  if (nigori.encrypt_sessions())
-    encrypted_types.Put(SESSIONS);
-  if (nigori.encrypt_app_settings())
-    encrypted_types.Put(APP_SETTINGS);
-  if (nigori.encrypt_apps())
-    encrypted_types.Put(APPS);
-  if (nigori.encrypt_app_notifications())
-    encrypted_types.Put(APP_NOTIFICATIONS);
-
-  // Note: the initial version with encryption did not support the
-  // encrypt_everything field. If anything more than the sensitive types were
-  // encrypted, it meant we were encrypting everything.
-  if (!nigori.has_encrypt_everything() &&
-      !Difference(encrypted_types, SensitiveTypes()).Empty()) {
-    set_encrypt_everything();
-    return;
-  }
-
-  MergeEncryptedTypes(encrypted_types);
-}
-
-void Cryptographer::UpdateNigoriFromEncryptedTypes(
-    sync_pb::NigoriSpecifics* nigori) const {
-  nigori->set_encrypt_everything(encrypt_everything_);
-  nigori->set_encrypt_bookmarks(
-      encrypted_types_.Has(BOOKMARKS));
-  nigori->set_encrypt_preferences(
-      encrypted_types_.Has(PREFERENCES));
-  nigori->set_encrypt_autofill_profile(
-      encrypted_types_.Has(AUTOFILL_PROFILE));
-  nigori->set_encrypt_autofill(encrypted_types_.Has(AUTOFILL));
-  nigori->set_encrypt_themes(encrypted_types_.Has(THEMES));
-  nigori->set_encrypt_typed_urls(
-      encrypted_types_.Has(TYPED_URLS));
-  nigori->set_encrypt_extension_settings(
-      encrypted_types_.Has(EXTENSION_SETTINGS));
-  nigori->set_encrypt_extensions(
-      encrypted_types_.Has(EXTENSIONS));
-  nigori->set_encrypt_search_engines(
-      encrypted_types_.Has(SEARCH_ENGINES));
-  nigori->set_encrypt_sessions(encrypted_types_.Has(SESSIONS));
-  nigori->set_encrypt_app_settings(
-      encrypted_types_.Has(APP_SETTINGS));
-  nigori->set_encrypt_apps(encrypted_types_.Has(APPS));
-  nigori->set_encrypt_app_notifications(
-      encrypted_types_.Has(APP_NOTIFICATIONS));
-}
-
-void Cryptographer::set_encrypt_everything() {
-  if (encrypt_everything_) {
-    DCHECK(encrypted_types_.Equals(ModelTypeSet::All()));
-    return;
-  }
-  encrypt_everything_ = true;
-  // Change |encrypted_types_| directly to avoid sending more than one
-  // notification.
-  encrypted_types_ = ModelTypeSet::All();
-  EmitEncryptedTypesChangedNotification();
-}
-
-bool Cryptographer::encrypt_everything() const {
-  return encrypt_everything_;
-}
-
-ModelTypeSet Cryptographer::GetEncryptedTypes() const {
-  return encrypted_types_;
-}
-
-void Cryptographer::MergeEncryptedTypesForTest(ModelTypeSet encrypted_types) {
-  MergeEncryptedTypes(encrypted_types);
-}
-
-void Cryptographer::MergeEncryptedTypes(ModelTypeSet encrypted_types) {
-  if (encrypted_types_.HasAll(encrypted_types)) {
-    return;
-  }
-  encrypted_types_ = encrypted_types;
-  EmitEncryptedTypesChangedNotification();
-}
-
-void Cryptographer::EmitEncryptedTypesChangedNotification() {
-  FOR_EACH_OBSERVER(
-      Observer, observers_,
-      OnEncryptedTypesChanged(encrypted_types_, encrypt_everything_));
-}
-
 void Cryptographer::InstallKeyBag(const sync_pb::NigoriKeyBag& bag) {
   int key_size = bag.key_size();
   for (int i = 0; i < key_size; ++i) {