[Sync] Initial support for encrypting any datatype (no UI hookup yet).

chrome/browser/sync/glue/sync_backend_host.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SYNC_GLUE_SYNC_BACKEND_HOST_H_
 #define CHROME_BROWSER_SYNC_GLUE_SYNC_BACKEND_HOST_H_
 #pragma once
 
 #include <map>
 #include <string>
@@ skipping 66 matching lines @@
   // changed in another synced client.  if
   // |passphrase_required_for_decryption| is false, the passphrase is
   // required only for encryption.
   virtual void OnPassphraseRequired(bool for_decryption) = 0;
 
   // Called when the passphrase provided by the user is
   // accepted. After this is called, updates to sensitive nodes are
   // encrypted using the accepted passphrase.
   virtual void OnPassphraseAccepted() = 0;
 
+  virtual void OnEncryptionComplete(
+      const syncable::ModelTypeSet& encrypted_types) = 0;
+
  protected:
   // Don't delete through SyncFrontend interface.
   virtual ~SyncFrontend() {
   }
  private:
   DISALLOW_COPY_AND_ASSIGN(SyncFrontend);
 };
 
 // A UI-thread safe API into the sync backend that "hosts" the top-level
 // syncapi element, the SyncManager, on its own thread. This class handles
@@ skipping 50 matching lines @@
 
   // Changes the set of data types that are currently being synced.
   // The ready_task will be run when all of the requested data types
   // are up-to-date and ready for activation.  The task will cancelled
   // upon shutdown.  The method takes ownership of the task pointer.
   virtual void ConfigureDataTypes(
       const DataTypeController::TypeMap& data_type_controllers,
       const syncable::ModelTypeSet& types,
       CancelableTask* ready_task);
 
+  // Encrypts the specified datatypes and marks them as needing encryption on
+  // other machines. This affects all machines synced to this account and all
+  // data belonging to the specified types. |encrypted_types| must be a subset
+  // of the enabled datatypes.
+  // Note: actual work is done on core_thread_'s message loop.
+  virtual void EncryptDataTypes(
+      const syncable::ModelTypeSet& encrypted_types);
+
   syncable::AutofillMigrationState
       GetAutofillMigrationState();
 
   void SetAutofillMigrationState(
       syncable::AutofillMigrationState state);
 
   syncable::AutofillMigrationDebugInfo
       GetAutofillMigrationDebugInfo();
 
   void SetAutofillMigrationDebugInfo(
@@ skipping 85 matching lines @@
     virtual void OnInitializationComplete();
     virtual void OnAuthError(const GoogleServiceAuthError& auth_error);
     virtual void OnPassphraseRequired(bool for_decryption);
     virtual void OnPassphraseAccepted(const std::string& bootstrap_token);
     virtual void OnPaused();
     virtual void OnResumed();
     virtual void OnStopSyncingPermanently();
     virtual void OnUpdatedToken(const std::string& token);
     virtual void OnClearServerDataFailed();
     virtual void OnClearServerDataSucceeded();
+    virtual void OnEncryptionComplete(
+        const syncable::ModelTypeSet& encrypted_types);
 
     struct DoInitializeOptions {
       DoInitializeOptions(
           const GURL& service_url,
           sync_api::HttpPostProviderFactory* http_bridge_factory,
           const sync_api::SyncCredentials& credentials,
           bool delete_sync_data_folder,
           const notifier::NotifierOptions& notifier_options,
           std::string restored_key_for_bootstrapping,
           bool setup_for_test_mode);
@@ skipping 31 matching lines @@
     // syncer.
     void DoRequestNudge();
     void DoRequestPause();
     void DoRequestResume();
     void DoRequestClearServerData();
 
     // Called on our SyncBackendHost's |core_thread_| to set the passphrase
     // on behalf of SyncBackendHost::SupplyPassphrase.
     void DoSetPassphrase(const std::string& passphrase, bool is_explicit);
 
+    // Called on SyncBackendHost's |core_thread_| to set the datatypes we need
+    // to encrypt as well as encrypt all local data of that type.
+    void DoEncryptDataTypes(const syncable::ModelTypeSet& encrypted_types);
+
     // The shutdown order is a bit complicated:
     // 1) From |core_thread_|, invoke the syncapi Shutdown call to do a final
     //    SaveChanges, close sqlite handles, and halt the syncer thread (which
     //    could potentially block for 1 minute).
     // 2) Then, from |frontend_loop_|, halt the core_thread_. This causes
     //    syncapi thread-exit handlers to run and make use of cached pointers to
     //    various components owned implicitly by us.
     // 3) Destroy this Core. That will delete syncapi components in a safe order
     //    because the thread that was using them has exited (in step 2).
     void DoShutdown(bool stopping_sync);
@@ skipping 68 matching lines @@
     // or for encrypting.  If the reason is decryption, |for_decryption| will
     // be true.
     void NotifyPassphraseRequired(bool for_decryption);
 
     // Invoked when the passphrase provided by the user has been accepted.
     void NotifyPassphraseAccepted(const std::string& bootstrap_token);
 
     // Invoked when an updated token is available from the sync server.
     void NotifyUpdatedToken(const std::string& token);
 
+    // Invoked when sync finishes encrypting new datatypes or has become aware
+    // of new datatypes requiring encryption.
+    void NotifyEncryptionComplete(const syncable::ModelTypeSet&
+                                      encrypted_types);
+
     // Called from Core::OnSyncCycleCompleted to handle updating frontend
     // thread components.
     void HandleSyncCycleCompletedOnFrontendLoop(
         sessions::SyncSessionSnapshot* snapshot);
 
     void HandleStopSyncingPermanentlyOnFrontendLoop();
 
     // Called to handle success/failure of clearing server data
     void HandleClearServerDataSucceededOnFrontendLoop();
     void HandleClearServerDataFailedOnFrontendLoop();
@@ skipping 43 matching lines @@
   // across browser restart to avoid requiring the user to re-enter their
   // passphrase.  |token| must be valid UTF-8 as we use the PrefService for
   // storage.
   void PersistEncryptionBootstrapToken(const std::string& token);
   std::string RestoreEncryptionBootstrapToken();
 
   // Our core, which communicates directly to the syncapi.
   scoped_refptr<Core> core_;
 
  private:
-
   UIModelWorker* ui_worker();
 
   void ConfigureAutofillMigration();
 
   // A thread we dedicate for use by our Core to perform initialization,
   // authentication, handle messages from the syncapi, and periodically tell
   // the syncapi to persist itself.
   base::Thread core_thread_;
 
   // A reference to the MessageLoop used to construct |this|, so we know how
@@ skipping 53 matching lines @@
 
   // Whether we've processed the initialization complete callback.
   bool syncapi_initialized_;
 
   DISALLOW_COPY_AND_ASSIGN(SyncBackendHost);
 };
 
 }  // namespace browser_sync
 
 #endif  // CHROME_BROWSER_SYNC_GLUE_SYNC_BACKEND_HOST_H_