Take 2: sync changes to support encryption

chrome/browser/sync/engine/syncapi.h

 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // This file defines the "sync API", an interface to the syncer
 // backend that exposes (1) the core functionality of maintaining a consistent
 // local snapshot of a hierarchical object set; (2) a means to transactionally
 // access and modify those objects; (3) a means to control client/server
 // synchronization tasks, namely: pushing local object modifications to a
 // server, pulling nonlocal object modifications from a server to this client,
@@ skipping 31 matching lines @@
 #include <vector>
 
 #include "base/basictypes.h"
 #include "base/file_path.h"
 #include "base/gtest_prod_util.h"
 #include "base/scoped_ptr.h"
 #include "build/build_config.h"
 #include "chrome/browser/google_service_auth_error.h"
 #include "chrome/browser/sync/notification_method.h"
 #include "chrome/browser/sync/syncable/model_type.h"
+#include "chrome/browser/sync/util/cryptographer.h"
 #include "googleurl/src/gurl.h"
 
 namespace browser_sync {
 class ModelSafeWorkerRegistrar;
 
 namespace sessions {
 struct SyncSessionSnapshot;
 }
 }
 
@@ skipping 118 matching lines @@
   // Getter specific to the AUTOFILL datatype.  Returns protobuf
   // data.  Can only be called if GetModelType() == AUTOFILL.
   const sync_pb::AutofillSpecifics& GetAutofillSpecifics() const;
 
   // Getter specific to the NIGORI datatype.  Returns protobuf
   // data.  Can only be called if GetModelType() == NIGORI.
   const sync_pb::NigoriSpecifics& GetNigoriSpecifics() const;
 
   // Getter specific to the PASSWORD datatype.  Returns protobuf
   // data.  Can only be called if GetModelType() == PASSWORD.
-  bool GetPasswordSpecifics(sync_pb::PasswordSpecificsData*) const;
+  const sync_pb::PasswordSpecificsData& GetPasswordSpecifics() const;
 
   // Getter specific to the PREFERENCE datatype.  Returns protobuf
   // data.  Can only be called if GetModelType() == PREFERENCE.
   const sync_pb::PreferenceSpecifics& GetPreferenceSpecifics() const;
 
   // Getter specific to the THEME datatype.  Returns protobuf
   // data.  Can only be called if GetModelType() == THEME.
   const sync_pb::ThemeSpecifics& GetThemeSpecifics() const;
 
   // Getter specific to the TYPED_URLS datatype.  Returns protobuf
@@ skipping 24 matching lines @@
   virtual const BaseTransaction* GetTransaction() const = 0;
 
  protected:
   BaseNode();
   virtual ~BaseNode();
   // The server has a size limit on client tags, so we generate a fixed length
   // hash locally. This also ensures that ModelTypes have unique namespaces.
   static std::string GenerateSyncableHash(syncable::ModelType model_type,
       const std::string& client_tag);
 
+  // Determines whether part of the entry is encrypted, and if so attempts to
+  // decrypt it. Unless decryption is necessary and fails, this will always
+  // return |true|.
+  bool DecryptIfNecessary(syncable::Entry* entry);
+
  private:
   // Node is meant for stack use only.
   void* operator new(size_t size);
 
+  // If this node represents a password, this field will hold the actual
+  // decrypted password data.
+  scoped_ptr<sync_pb::PasswordSpecificsData> password_data_;
+
   friend class SyncApiTest;
   FRIEND_TEST_ALL_PREFIXES(SyncApiTest, GenerateSyncableHash);
 
   DISALLOW_COPY_AND_ASSIGN(BaseNode);
 };
 
 // WriteNode extends BaseNode to add mutation, and wraps
 // syncable::MutableEntry. A WriteTransaction is needed to create a WriteNode.
 class WriteNode : public BaseNode {
  public:
@@ skipping 186 matching lines @@
 // operations are performed by creating ReadNode and WriteNode instances using
 // the transaction. These transaction classes wrap identically named classes in
 // syncable, and are used in a similar way. Unlike syncable::BaseTransaction,
 // whose construction requires an explicit syncable::ScopedDirLookup, a sync
 // API BaseTransaction creates its own ScopedDirLookup implicitly.
 class BaseTransaction {
  public:
   // Provide access to the underlying syncable.h objects from BaseNode.
   virtual syncable::BaseTransaction* GetWrappedTrans() const = 0;
   const syncable::ScopedDirLookup& GetLookup() const { return *lookup_; }
+  browser_sync::Cryptographer* GetCryptographer() const {
+    return cryptographer_;
+  }
 
  protected:
   // The ScopedDirLookup is created in the constructor and destroyed
   // in the destructor.  Creation of the ScopedDirLookup is not expected
   // to fail.
   explicit BaseTransaction(UserShare* share);
   virtual ~BaseTransaction();
 
  private:
   // A syncable ScopedDirLookup, which is the parent of syncable transactions.
   syncable::ScopedDirLookup* lookup_;
 
+  browser_sync::Cryptographer* cryptographer_;
+
   DISALLOW_COPY_AND_ASSIGN(BaseTransaction);
 };
 
 // Sync API's ReadTransaction is a read-only BaseTransaction.  It wraps
 // a syncable::ReadTransaction.
 class ReadTransaction : public BaseTransaction {
  public:
   // Start a new read-only transaction on the specified repository.
   explicit ReadTransaction(UserShare* share);
   virtual ~ReadTransaction();
@@ skipping 182 matching lines @@
                                   int change_count) = 0;
 
     // A round-trip sync-cycle took place and the syncer has resolved any
     // conflicts that may have arisen.
     virtual void OnSyncCycleCompleted(
         const browser_sync::sessions::SyncSessionSnapshot* snapshot) = 0;
 
     // Called when user interaction may be required due to an auth problem.
     virtual void OnAuthError(const GoogleServiceAuthError& auth_error) = 0;
 
+    // Called when user interaction is required to obtain a valid passphrase.
+    virtual void OnPassphraseRequired() = 0;
+
+    // Called when the passphrase provided by the user has been accepted and is
+    // now used to encrypt sync data.
+    virtual void OnPassphraseAccepted() = 0;
+
     // Called when initialization is complete to the point that SyncManager can
     // process changes. This does not necessarily mean authentication succeeded
     // or that the SyncManager is online.
     // IMPORTANT: Creating any type of transaction before receiving this
     // notification is illegal!
     // WARNING: Calling methods on the SyncManager before receiving this
     // message, unless otherwise specified, produces undefined behavior.
     virtual void OnInitializationComplete() = 0;
 
     // The syncer thread has been paused.
@@ skipping 76 matching lines @@
   // The Observer may, in turn, decide to try again with new
   // credentials. Calling this method again is the appropriate course of action
   // to "retry".
   // |username|, |password|, and |captcha| are owned by the caller.
   void Authenticate(const char* username, const char* password,
                     const char* captcha);
 
   // Start the SyncerThread.
   void StartSyncing();
 
+  // Attempt to set the passphrase. If the passphrase is valid,
+  // OnPassphraseAccepted will be fired to notify the ProfileSyncService and the
+  // syncer will be nudged so that any update that was waiting for this
+  // passphrase gets applied as soon as possible.
+  // If the passphrase in invalid, OnPassphraseRequired will be fired.
+  // Calling this metdod again is the appropriate course of action to "retry"
+  // with a new passphrase.
+  void SetPassphrase(const std::string& passphrase);
+
   // Requests the syncer thread to pause.  The observer's OnPause
   // method will be called when the syncer thread is paused.  Returns
   // false if the syncer thread can not be paused (e.g. if it is not
   // started).
   bool RequestPause();
 
   // Requests the syncer thread to resume.  The observer's OnResume
   // method will be called when the syncer thread is resumed.  Returns
   // false if the syncer thread can not be resumed (e.g. if it is not
   // paused).
@@ skipping 114 matching lines @@
   // This allows actual HttpPostProvider subclass implementations to be
   // reference counted, which is useful if a particular implementation uses
   // multiple threads to serve network requests.
   virtual void Destroy(HttpPostProviderInterface* http) = 0;
   virtual ~HttpPostProviderFactory() { }
 };
 
 }  // namespace sync_api
 
 #endif  // CHROME_BROWSER_SYNC_ENGINE_SYNCAPI_H_