[Sync] Add SyncEncryptionHandler

sync/util/cryptographer.h

Index: sync/util/cryptographer.h
diff --git a/sync/util/cryptographer.h b/sync/util/cryptographer.h
index b9c00013fa0f35a73ac4cee5f847b94d362190a4..a412ff04857ddb7335e0f3f6208d324f0715af23 100644
--- a/sync/util/cryptographer.h
+++ b/sync/util/cryptographer.h
@@ -11,15 +11,19 @@
 #include "base/gtest_prod_util.h"
 #include "base/memory/linked_ptr.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/observer_list.h"
 #include "sync/internal_api/public/base/model_type.h"
 #include "sync/protocol/encryption.pb.h"
-#include "sync/protocol/nigori_specifics.pb.h"
 #include "sync/util/nigori.h"
 
+namespace sync_pb {
+class NigoriKeyBag;
+class NigoriSpecifics;
+}
+
 namespace syncer {
 
 class Encryptor;
+class SyncEncryptionHandler;
 
 extern const char kNigoriTag[];
 
@@ -46,46 +50,18 @@ struct KeyParams {
 // delayed until after it can be decrypted.
 class Cryptographer {
  public:
-  // All Observer methods are done synchronously, so they're called
-  // under a transaction (since all Cryptographer operations are done
-  // under a transaction).
-  class Observer {
-   public:
-    // Called when the set of encrypted types or the encrypt
-    // everything flag has been changed.  Note that this doesn't
-    // necessarily mean that encryption has completed for the given
-    // types.
-    //
-    // |encrypted_types| will always be a superset of
-    // SensitiveTypes().  If |encrypt_everything| is true,
-    // |encrypted_types| will be the set of all known types.
-    //
-    // Until this function is called, observers can assume that the
-    // set of encrypted types is SensitiveTypes() and that the encrypt
-    // everything flag is false.
-    virtual void OnEncryptedTypesChanged(
-        ModelTypeSet encrypted_types,
-        bool encrypt_everything) = 0;
-
-   protected:
-    virtual ~Observer();
-  };
-
   // Does not take ownership of |encryptor|.
   explicit Cryptographer(Encryptor* encryptor);
   ~Cryptographer();
 
-  // When update on cryptographer is called this enum tells if the
-  // cryptographer was succesfully able to update using the nigori node or if
-  // it needs a key to decrypt the nigori node.
-  enum UpdateResult {
-    SUCCESS,
-    NEEDS_PASSPHRASE
-  };
+  // TODO(zea): refactor so that Cryptographer doesn't need any connection
+  // to the SyncEncryptionHandler.
+  void SetSyncEncryptionHandlerDelegate(SyncEncryptionHandler* delegate);

[tim (not reviewing), 2012/08/13 20:01:00]

As discussed offline, it looks like the set of things the Cryptographer needs on
SyncEncryptionHandler are mutually exclusive with the set of things that the
chrome/glue code needs.  I think we can simplify responsibilities by having a
separate interface for each of those two sets (though they can still be
implemented in the same place / SyncEncryptionHandlerImpl). 

[Nicolas Zea, 2012/08/13 22:56:38]

Done.

 
-  // Manage observers.
-  void AddObserver(Observer* observer);
-  void RemoveObserver(Observer* observer);
+  // SyncEncryptionProvider delegator methods (passes through to delegate).
+  void UpdateFromNigori(const sync_pb::NigoriSpecifics& nigori) ;
+  ModelTypeSet GetEncryptedTypes() const;
+  void UpdateNigoriFromEncryptedTypes(sync_pb::NigoriSpecifics* nigori) const;
 
   // |restored_bootstrap_token| can be provided via this method to bootstrap
   // Cryptographer instance into the ready state (is_ready will be true).
@@ -142,6 +118,13 @@ class Cryptographer {
   // with a cryptographer that has already been initialized.
   bool AddKeyFromBootstrapToken(const std::string restored_bootstrap_token);
 
+  // Decrypts |encrypted| and uses its contents to initialize Nigori instances.
+  // Returns true unless decryption of |encrypted| fails. The caller is
+  // responsible for checking that CanDecrypt(encrypted) == true.
+  // Does not update the default nigori.
+  void InstallKeys(const sync_pb::EncryptedData& encrypted);
+
+
   // Makes a local copy of |encrypted| to later be decrypted by
   // DecryptPendingKeys. This should only be used if CanDecrypt(encrypted) ==
   // false.
@@ -159,6 +142,10 @@ class Cryptographer {
   // is updated.
   bool DecryptPendingKeys(const KeyParams& params);
 
+  // Sets the default key to the nigori with name |key_name|. |key_name| must
+  // correspond to a nigori that has already been installed into the keybag.
+  void SetDefaultKey(std::string key_name);
+
   bool is_initialized() const { return !nigoris_.empty() && default_nigori_; }
 
   // Returns whether this Cryptographer is ready to encrypt and decrypt data.
@@ -176,16 +163,6 @@ class Cryptographer {
   // Obtain the bootstrap token based on the keystore encryption key.
   bool GetKeystoreKeyBootstrapToken(std::string* token) const;
 
-  // Update the cryptographer based on the contents of the nigori specifics.
-  // This updates both the encryption keys and the set of encrypted types.
-  // Returns NEEDS_PASSPHRASE if was unable to decrypt the pending keys,
-  // SUCCESS otherwise.
-  // Note: will not change the default key. If the nigori's keybag
-  // is decryptable, all keys are added to the local keybag and the current
-  // default is preserved. If the nigori's keybag is not decryptable, it is
-  // stored in the |pending_keys_|.
-  UpdateResult Update(const sync_pb::NigoriSpecifics& nigori);
-
   // Set the keystore-derived nigori from the provided key.
   // Returns true if we succesfully create the keystore derived nigori from the
   // provided key, false otherwise.
@@ -195,44 +172,12 @@ class Cryptographer {
   // otherwise.
   bool HasKeystoreKey() const;
 
-  // The set of types that are always encrypted.
-  static ModelTypeSet SensitiveTypes();
-
-  // Reset our set of encrypted types based on the contents of the nigori
-  // specifics.
-  void UpdateEncryptedTypesFromNigori(const sync_pb::NigoriSpecifics& nigori);
-
-  // Update the nigori to reflect the current set of encrypted types.
-  void UpdateNigoriFromEncryptedTypes(sync_pb::NigoriSpecifics* nigori) const;
-
-  // Setter/getter for whether all current and future datatypes should
-  // be encrypted. Once set you cannot unset without reading from a
-  // new nigori node.  set_encrypt_everything() emits a notification
-  // the first time it's called.
-  void set_encrypt_everything();
-  bool encrypt_everything() const;
-
-  // Return the set of encrypted types.
-  ModelTypeSet GetEncryptedTypes() const;
-
-  // Forwards to MergeEncryptedTypes.
-  void MergeEncryptedTypesForTest(ModelTypeSet encrypted_types);
+  Encryptor* encryptor() const { return encryptor_; }
 
  private:
   FRIEND_TEST_ALL_PREFIXES(SyncCryptographerTest, PackUnpack);
-  typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap;
-
-  // Merges the given set of encrypted types with the existing set and emits a
-  // notification if necessary.
-  void MergeEncryptedTypes(ModelTypeSet encrypted_types);
-
-  void EmitEncryptedTypesChangedNotification();
 
-  // Decrypts |encrypted| and uses its contents to initialize Nigori instances.
-  // Returns true unless decryption of |encrypted| fails. The caller is
-  // responsible for checking that CanDecrypt(encrypted) == true.
-  // Does not update the default nigori.
-  void InstallKeys(const sync_pb::EncryptedData& encrypted);
+  typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap;
 
   // Helper method to instantiate Nigori instances for each set of key
   // parameters in |bag|.
@@ -250,16 +195,15 @@ class Cryptographer {
 
   Encryptor* const encryptor_;
 
-  ObserverList<Observer> observers_;
-
   NigoriMap nigoris_;  // The Nigoris we know about, mapped by key name.
   NigoriMap::value_type* default_nigori_;  // The Nigori used for encryption.
   NigoriMap::value_type* keystore_nigori_; // Nigori generated from keystore.
 
   scoped_ptr<sync_pb::EncryptedData> pending_keys_;
 
-  ModelTypeSet encrypted_types_;
-  bool encrypt_everything_;
+  // The sync encryption provider. Necessary until we decouple the encrypted
+  // types from the cryptographer.
+  SyncEncryptionHandler* sync_encryption_delegate_;
 
   DISALLOW_COPY_AND_ASSIGN(Cryptographer);
 };