Let the Nigori client import and export raw encryption keys.

chrome/browser/sync/util/nigori.h

Index: chrome/browser/sync/util/nigori.h
diff --git a/chrome/browser/sync/util/nigori.h b/chrome/browser/sync/util/nigori.h
index 4b9b2fa99fb0925b322c062c30b6a311bd4f55db..3a4cb04c97d49bf5230cda54a317a94d8d425bb8 100644
--- a/chrome/browser/sync/util/nigori.h
+++ b/chrome/browser/sync/util/nigori.h
@@ -28,13 +28,19 @@ class Nigori {
     Password = 1,
   };
 
-  // Creates a Nigori client for communicating with |hostname|. Note that
-  // |hostname| is used to derive the keys used to encrypt and decrypt data.
-  explicit Nigori(const std::string& hostname);
+  Nigori();
   virtual ~Nigori();
 
-  // Initialize the client with the supplied |username| and |password|.
-  bool Init(const std::string& username, const std::string& password);
+  // Initialize the client with the given |hostname|, |username| and |password|.
+  bool InitByDerivation(const std::string& hostname,
+                        const std::string& username,
+                        const std::string& password);
+
+  // Initialize the client by importing the given keys instead of deriving new
+  // ones.
+  bool InitByImport(const std::string& user_key,
+                    const std::string& encryption_key,
+                    const std::string& mac_key);
 
   // Derives a secure lookup name from |type| and |name|. If |hostname|,
   // |username| and |password| are kept constant, a given |type| and |name| pair
@@ -50,6 +56,11 @@ class Nigori {
   // encoded.
   bool Decrypt(const std::string& value, std::string* decrypted) const;
 
+  // Exports the raw derived keys.
+  bool ExportKeys(std::string* user_key,
+                  std::string* encryption_key,
+                  std::string* mac_key) const;
+
   // The next three getters return the parameters used to initialize the keys.
   // Given the hostname, username and password, another Nigori object capable of
   // encrypting and decrypting the same data as this one could be initialized.