Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sync/internal_api/sync_encryption_handler_impl.h" | 5 #include "sync/internal_api/sync_encryption_handler_impl.h" |
| 6 | 6 |
| 7 #include <queue> | 7 #include <queue> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 45 | 45 |
| 46 template <typename T> | 46 template <typename T> |
| 47 T* TransactionalHolder<T>::GetMutable( | 47 T* TransactionalHolder<T>::GetMutable( |
| 48 syncable::BaseTransaction* const trans) { | 48 syncable::BaseTransaction* const trans) { |
| 49 DCHECK_EQ(user_share_->directory.get(), trans->directory()); | 49 DCHECK_EQ(user_share_->directory.get(), trans->directory()); |
| 50 return obj_; | 50 return obj_; |
| 51 } | 51 } |
| 52 | 52 |
| 53 SyncEncryptionHandlerImpl::SyncEncryptionHandlerImpl( | 53 SyncEncryptionHandlerImpl::SyncEncryptionHandlerImpl( |
| 54 UserShare* user_share, | 54 UserShare* user_share, |
| 55 Encryptor* encryptor) | 55 Encryptor* encryptor, |
| 56 const std::string& restored_key_for_bootstrapping, | |
| 57 const std::string& restored_keystore_key_for_bootstrapping) | |
| 56 : weak_ptr_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)), | 58 : weak_ptr_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)), |
| 57 user_share_(user_share), | 59 user_share_(user_share), |
| 58 cryptographer_unsafe_(encryptor), | 60 cryptographer_unsafe_(encryptor), |
| 59 encrypted_types_unsafe_(SensitiveTypes()), | 61 encrypted_types_unsafe_(SensitiveTypes()), |
| 60 cryptographer_holder_(user_share_, &cryptographer_unsafe_), | 62 cryptographer_holder_(user_share_, &cryptographer_unsafe_), |
| 61 encrypted_types_holder_(user_share_, &encrypted_types_unsafe_), | 63 encrypted_types_holder_(user_share_, &encrypted_types_unsafe_), |
| 62 encrypt_everything_(false), | 64 encrypt_everything_(false), |
| 63 passphrase_state_(IMPLICIT_PASSPHRASE), | 65 passphrase_state_(IMPLICIT_PASSPHRASE), |
| 66 keystore_key_(restored_keystore_key_for_bootstrapping), | |
| 64 nigori_overwrite_count_(0) { | 67 nigori_overwrite_count_(0) { |
| 68 // We only bootstrap the user provided passphrase. The keystore key is handled | |
| 69 // at Init time once we're sure the nigori is downloaded. | |
| 70 cryptographer_unsafe_.Bootstrap(restored_key_for_bootstrapping); | |
| 65 } | 71 } |
| 66 | 72 |
| 67 SyncEncryptionHandlerImpl::~SyncEncryptionHandlerImpl() {} | 73 SyncEncryptionHandlerImpl::~SyncEncryptionHandlerImpl() {} |
| 68 | 74 |
| 69 void SyncEncryptionHandlerImpl::AddObserver(Observer* observer) { | 75 void SyncEncryptionHandlerImpl::AddObserver(Observer* observer) { |
| 70 DCHECK(thread_checker_.CalledOnValidThread()); | 76 DCHECK(thread_checker_.CalledOnValidThread()); |
| 71 DCHECK(!observers_.HasObserver(observer)); | 77 DCHECK(!observers_.HasObserver(observer)); |
| 72 observers_.AddObserver(observer); | 78 observers_.AddObserver(observer); |
| 73 } | 79 } |
| 74 | 80 |
| (...skipping 341 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 416 } | 422 } |
| 417 | 423 |
| 418 void SyncEncryptionHandlerImpl::UpdateNigoriFromEncryptedTypes( | 424 void SyncEncryptionHandlerImpl::UpdateNigoriFromEncryptedTypes( |
| 419 sync_pb::NigoriSpecifics* nigori, | 425 sync_pb::NigoriSpecifics* nigori, |
| 420 syncable::BaseTransaction* const trans) const { | 426 syncable::BaseTransaction* const trans) const { |
| 421 syncable::UpdateNigoriFromEncryptedTypes(encrypted_types_holder_.Get(trans), | 427 syncable::UpdateNigoriFromEncryptedTypes(encrypted_types_holder_.Get(trans), |
| 422 encrypt_everything_, | 428 encrypt_everything_, |
| 423 nigori); | 429 nigori); |
| 424 } | 430 } |
| 425 | 431 |
| 432 bool SyncEncryptionHandlerImpl::NeedKeystoreKey( | |
| 433 syncable::BaseTransaction* const trans) const { | |
| 434 return keystore_key_.empty(); | |
| 435 } | |
| 436 | |
| 437 bool SyncEncryptionHandlerImpl::SetKeystoreKey( | |
| 438 const std::string& key, | |
| 439 syncable::BaseTransaction* const trans) { | |
| 440 if (!keystore_key_.empty() || key.empty()) | |
| 441 return false; | |
| 442 keystore_key_ = key; | |
| 443 | |
| 444 // TODO(zea): trigger migration if necessary. | |
| 445 | |
| 446 DVLOG(1) << "Keystore bootstrap token updated."; | |
|
akalin
2012/08/22 22:09:33
usually no periods on log statements
Nicolas Zea
2012/08/22 22:48:59
Done.
| |
| 447 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, | |
| 448 OnBootstrapTokenUpdated(key, | |
| 449 KEYSTORE_BOOTSTRAP_TOKEN)); | |
| 450 return true; | |
| 451 } | |
| 452 | |
| 426 ModelTypeSet SyncEncryptionHandlerImpl::GetEncryptedTypes( | 453 ModelTypeSet SyncEncryptionHandlerImpl::GetEncryptedTypes( |
| 427 syncable::BaseTransaction* const trans) const { | 454 syncable::BaseTransaction* const trans) const { |
| 428 return encrypted_types_holder_.Get(trans); | 455 return encrypted_types_holder_.Get(trans); |
| 429 } | 456 } |
| 430 | 457 |
| 431 // This function iterates over all encrypted types. There are many scenarios in | 458 // This function iterates over all encrypted types. There are many scenarios in |
| 432 // which data for some or all types is not currently available. In that case, | 459 // which data for some or all types is not currently available. In that case, |
| 433 // the lookup of the root node will fail and we will skip encryption for that | 460 // the lookup of the root node will fail and we will skip encryption for that |
| 434 // type. | 461 // type. |
| 435 void SyncEncryptionHandlerImpl::ReEncryptEverything( | 462 void SyncEncryptionHandlerImpl::ReEncryptEverything( |
| (...skipping 234 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 670 observers_, | 697 observers_, |
| 671 OnCryptographerStateChanged( | 698 OnCryptographerStateChanged( |
| 672 cryptographer_holder_.GetMutable(trans->GetWrappedTrans()))); | 699 cryptographer_holder_.GetMutable(trans->GetWrappedTrans()))); |
| 673 | 700 |
| 674 // It's possible we need to change the bootstrap token even if we failed to | 701 // It's possible we need to change the bootstrap token even if we failed to |
| 675 // set the passphrase (for example if we need to preserve the new GAIA | 702 // set the passphrase (for example if we need to preserve the new GAIA |
| 676 // passphrase). | 703 // passphrase). |
| 677 if (!bootstrap_token.empty()) { | 704 if (!bootstrap_token.empty()) { |
| 678 DVLOG(1) << "Bootstrap token updated."; | 705 DVLOG(1) << "Bootstrap token updated."; |
| 679 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, | 706 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, |
| 680 OnBootstrapTokenUpdated(bootstrap_token)); | 707 OnBootstrapTokenUpdated(bootstrap_token, |
| 708 PASSPHRASE_BOOTSTRAP_TOKEN)); | |
| 681 } | 709 } |
| 682 | 710 |
| 683 const Cryptographer& cryptographer = | 711 const Cryptographer& cryptographer = |
| 684 cryptographer_holder_.Get(trans->GetWrappedTrans()); | 712 cryptographer_holder_.Get(trans->GetWrappedTrans()); |
| 685 if (!success) { | 713 if (!success) { |
| 686 if (cryptographer.is_ready()) { | 714 if (cryptographer.is_ready()) { |
| 687 LOG(ERROR) << "Attempt to change passphrase failed while cryptographer " | 715 LOG(ERROR) << "Attempt to change passphrase failed while cryptographer " |
| 688 << "was ready."; | 716 << "was ready."; |
| 689 } else if (cryptographer.has_pending_keys()) { | 717 } else if (cryptographer.has_pending_keys()) { |
| 690 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, | 718 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, |
| 691 OnPassphraseRequired(REASON_DECRYPTION, | 719 OnPassphraseRequired(REASON_DECRYPTION, |
| 692 cryptographer.GetPendingKeys())); | 720 cryptographer.GetPendingKeys())); |
| 693 } else { | 721 } else { |
| 694 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, | 722 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, |
| 695 OnPassphraseRequired(REASON_ENCRYPTION, | 723 OnPassphraseRequired(REASON_ENCRYPTION, |
| 696 sync_pb::EncryptedData())); | 724 sync_pb::EncryptedData())); |
| 697 } | 725 } |
| 698 return; | 726 return; |
| 699 } | 727 } |
| 700 | 728 |
| 701 DCHECK(cryptographer.is_ready()); | 729 DCHECK(cryptographer.is_ready()); |
| 702 | 730 |
| 731 // TODO(zea): trigger migration if necessary. | |
| 732 | |
| 703 sync_pb::NigoriSpecifics specifics(nigori_node->GetNigoriSpecifics()); | 733 sync_pb::NigoriSpecifics specifics(nigori_node->GetNigoriSpecifics()); |
| 704 // Does not modify specifics.encrypted() if the original decrypted data was | 734 // Does not modify specifics.encrypted() if the original decrypted data was |
| 705 // the same. | 735 // the same. |
| 706 if (!cryptographer.GetKeys(specifics.mutable_encrypted())) | 736 if (!cryptographer.GetKeys(specifics.mutable_encrypted())) |
| 707 NOTREACHED(); | 737 NOTREACHED(); |
| 708 if (is_explicit && passphrase_state_ != CUSTOM_PASSPHRASE) { | 738 if (is_explicit && passphrase_state_ != CUSTOM_PASSPHRASE) { |
| 709 passphrase_state_ = CUSTOM_PASSPHRASE; | 739 passphrase_state_ = CUSTOM_PASSPHRASE; |
| 710 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, | 740 FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_, |
| 711 OnPassphraseStateChanged(passphrase_state_)); | 741 OnPassphraseStateChanged(passphrase_state_)); |
| 712 } | 742 } |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 729 ModelTypeSet* encrypted_types = encrypted_types_holder_.GetMutable(trans); | 759 ModelTypeSet* encrypted_types = encrypted_types_holder_.GetMutable(trans); |
| 730 if (!encrypted_types->HasAll(new_encrypted_types)) { | 760 if (!encrypted_types->HasAll(new_encrypted_types)) { |
| 731 *encrypted_types = new_encrypted_types; | 761 *encrypted_types = new_encrypted_types; |
| 732 FOR_EACH_OBSERVER( | 762 FOR_EACH_OBSERVER( |
| 733 Observer, observers_, | 763 Observer, observers_, |
| 734 OnEncryptedTypesChanged(*encrypted_types, encrypt_everything_)); | 764 OnEncryptedTypesChanged(*encrypted_types, encrypt_everything_)); |
| 735 } | 765 } |
| 736 } | 766 } |
| 737 | 767 |
| 738 } // namespace browser_sync | 768 } // namespace browser_sync |
| OLD | NEW |