Take 2: sync changes to support encryption

chrome/browser/sync/engine/syncer_util.cc

 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/sync/engine/syncer_util.h"
 
 #include <set>
 #include <string>
 #include <vector>
 
 #include "chrome/browser/sync/engine/conflict_resolver.h"
 #include "chrome/browser/sync/engine/syncer_proto_util.h"
 #include "chrome/browser/sync/engine/syncer_types.h"
 #include "chrome/browser/sync/engine/syncproto.h"
 #include "chrome/browser/sync/protocol/bookmark_specifics.pb.h"
+#include "chrome/browser/sync/protocol/nigori_specifics.pb.h"
+#include "chrome/browser/sync/protocol/sync.pb.h"
 #include "chrome/browser/sync/syncable/directory_manager.h"
 #include "chrome/browser/sync/syncable/model_type.h"
 #include "chrome/browser/sync/syncable/syncable.h"
 #include "chrome/browser/sync/syncable/syncable_changes_version.h"
 #include "chrome/browser/sync/util/sync_types.h"
 
 using syncable::BASE_VERSION;
 using syncable::Blob;
 using syncable::CHANGES_VERSION;
 using syncable::CREATE;
@@ skipping 214 matching lines @@
     // !local_entry.Good() means we don't have a left behind entry for this
     // ID. We successfully committed before. In the future we should get rid
     // of this system and just have client side generated IDs as a whole.
   }
 }
 
 // static
 UpdateAttemptResponse SyncerUtil::AttemptToUpdateEntry(
     syncable::WriteTransaction* const trans,
     syncable::MutableEntry* const entry,
-    ConflictResolver* resolver) {
+    ConflictResolver* resolver,
+    Cryptographer* cryptographer) {
 
   CHECK(entry->good());
   if (!entry->Get(IS_UNAPPLIED_UPDATE))
     return SUCCESS;  // No work to do.
   syncable::Id id = entry->Get(ID);
 
   if (entry->Get(IS_UNSYNCED)) {
     LOG(INFO) << "Skipping update, returning conflict for: " << id
               << " ; it's unsynced.";
     return CONFLICT;
@@ skipping 21 matching lines @@
     Directory::ChildHandles handles;
     trans->directory()->GetChildHandles(trans, id, &handles);
     if (!handles.empty()) {
       // If we have still-existing children, then we need to deal with
       // them before we can process this change.
       LOG(INFO) << "Not deleting directory; it's not empty " << *entry;
       return CONFLICT;
     }
   }
 
+  // We intercept updates to the Nigori node and update the Cryptographer here
+  // because there is no Nigori ChangeProcessor.
+  const sync_pb::EntitySpecifics& specifics = entry->Get(SERVER_SPECIFICS);
+  if (specifics.HasExtension(sync_pb::nigori)) {
+    const sync_pb::NigoriSpecifics& nigori =
+        specifics.GetExtension(sync_pb::nigori);
+    if (!nigori.encrypted().blob().empty()) {
+      if (cryptographer->CanDecrypt(nigori.encrypted())) {
+        cryptographer->SetKeys(nigori.encrypted());
+      } else {
+        cryptographer->SetPendingKeys(nigori.encrypted());
+      }
+    }
+  }
+
+  // Only apply updates that we can decrypt. Updates that can't be decrypted yet
+  // will stay in conflict until the user provides a passphrase that lets the
+  // Cryptographer decrypt them.
+  if (!entry->Get(SERVER_IS_DIR) && specifics.HasExtension(sync_pb::password)) {
+    const sync_pb::PasswordSpecifics& password =
+        specifics.GetExtension(sync_pb::password);
+    if (!cryptographer->CanDecrypt(password.encrypted())) {
+      // We can't decrypt this node yet.
+      return CONFLICT;
+    }
+  }
+
   SyncerUtil::UpdateLocalDataFromServerData(trans, entry);
 
   return SUCCESS;
 }
 
 namespace {
 // Helper to synthesize a new-style sync_pb::EntitySpecifics for use locally,
 // when the server speaks only the old sync_pb::SyncEntity_BookmarkData-based
 // protocol.
 void UpdateBookmarkSpecifics(const string& singleton_tag,
@@ skipping 396 matching lines @@
 
   if (same_id->Get(SERVER_VERSION) > 0) {
     // Then we've had an update for this entry before.
     if (is_directory != same_id->Get(SERVER_IS_DIR) ||
         model_type != same_id->GetServerModelType()) {
       if (same_id->Get(IS_DEL)) {  // If we've deleted the item, we don't care.
         return VERIFY_SKIP;
       } else {
         LOG(ERROR) << "Server update doesn't agree with previous updates. ";
         LOG(ERROR) << " Entry: " << *same_id;
-        LOG(ERROR) << " Update: " << SyncerProtoUtil::SyncEntityDebugString(entry);
+        LOG(ERROR) << " Update: "
+                   << SyncerProtoUtil::SyncEntityDebugString(entry);
         return VERIFY_FAIL;
       }
     }
 
     if (!deleted &&
         (same_id->Get(SERVER_IS_DEL) ||
          (!same_id->Get(IS_UNSYNCED) && same_id->Get(IS_DEL) &&
           same_id->Get(BASE_VERSION) > 0))) {
       // An undelete. The latter case in the above condition is for
       // when the server does not give us an update following the
       // commit of a delete, before undeleting.  Undeletion is possible
       // in the server's storage backend, so it's possible on the client,
       // though not expected to be something that is commonly possible.
       VerifyResult result =
           SyncerUtil::VerifyUndelete(trans, entry, same_id);
       if (VERIFY_UNDECIDED != result)
         return result;
     }
   }
   if (same_id->Get(BASE_VERSION) > 0) {
     // We've committed this entry in the past.
     if (is_directory != same_id->Get(IS_DIR) ||
         model_type != same_id->GetModelType()) {
       LOG(ERROR) << "Server update doesn't agree with committed item. ";
       LOG(ERROR) << " Entry: " << *same_id;
-      LOG(ERROR) << " Update: " << SyncerProtoUtil::SyncEntityDebugString(entry);
+      LOG(ERROR) << " Update: "
+                 << SyncerProtoUtil::SyncEntityDebugString(entry);
       return VERIFY_FAIL;
     }
     if (same_id->Get(BASE_VERSION) == entry.version() &&
         !same_id->Get(IS_UNSYNCED) &&
         !SyncerProtoUtil::Compare(*same_id, entry)) {
       // TODO(sync): This constraint needs to be relaxed. For now it's OK to
       // fail the verification and deal with it when we ApplyUpdates.
       LOG(ERROR) << "Server update doesn't match local data with same "
           "version. A bug should be filed. Entry: " << *same_id <<
           "Update: " << SyncerProtoUtil::SyncEntityDebugString(entry);
       return VERIFY_FAIL;
     }
     if (same_id->Get(SERVER_VERSION) > entry.version()) {
       LOG(WARNING) << "We've already seen a more recent update from the server";
       LOG(WARNING) << " Entry: " << *same_id;
-      LOG(WARNING) << " Update: " << SyncerProtoUtil::SyncEntityDebugString(entry);
+      LOG(WARNING) << " Update: "
+                   << SyncerProtoUtil::SyncEntityDebugString(entry);
       return VERIFY_SKIP;
     }
   }
   return VERIFY_SUCCESS;
 }
 
 // Assumes we have an existing entry; verify an update that seems to be
 // expressing an 'undelete'
 // static
 VerifyResult SyncerUtil::VerifyUndelete(syncable::WriteTransaction* trans,
@@ skipping 71 matching lines @@
 
     // |update_entry| is considered to be somewhere after |candidate|, so store
     // it as the upper bound.
     closest_sibling = candidate.Get(ID);
   }
 
   return closest_sibling;
 }
 
 }  // namespace browser_sync