[Sync] Initial support for encrypting any datatype (no UI hookup yet).

chrome/browser/sync/profile_sync_service.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SYNC_PROFILE_SYNC_SERVICE_H_
 #define CHROME_BROWSER_SYNC_PROFILE_SYNC_SERVICE_H_
 #pragma once
 
 #include <string>
 
@@ skipping 167 matching lines @@
   // SyncFrontend implementation.
   virtual void OnBackendInitialized();
   virtual void OnSyncCycleCompleted();
   virtual void OnAuthError();
   virtual void OnStopSyncingPermanently();
   virtual void OnClearServerDataFailed();
   virtual void OnClearServerDataTimeout();
   virtual void OnClearServerDataSucceeded();
   virtual void OnPassphraseRequired(bool for_decryption);
   virtual void OnPassphraseAccepted();
+  virtual void OnEncryptionComplete(
+      const syncable::ModelTypeSet& encrypted_types);
 
   // Called when a user enters credentials through UI.
   virtual void OnUserSubmittedAuth(const std::string& username,
                                    const std::string& password,
                                    const std::string& captcha,
                                    const std::string& access_code);
 
   // Update the last auth error and notify observers of error state.
   void UpdateAuthErrorState(const GoogleServiceAuthError& error);
 
@@ skipping 219 matching lines @@
   // setting a passphrase as opposed to implicitly (from the users' perspective)
   // using their Google Account password.  An implicit SetPassphrase will *not*
   // *not* override an explicit passphrase set previously.
   // |is_creation| is true if the call is in response to the user setting
   // up a new passphrase, and false if it's being set in response to a prompt
   // for an existing passphrase.
   virtual void SetPassphrase(const std::string& passphrase,
                              bool is_explicit,
                              bool is_creation);
 
+  // Changes the set of datatypes that require encryption. This affects all
+  // machines synced to this account and all data belonging to the specified
+  // types. |encrypted_types| must be a subset of the active datatypes.
+  // Note that this is an asynchronous operation (the encryption of data is
+  // performed on SyncBackendHost's core thread) and may not have an immediate
+  // effect.
+  virtual void EncryptDataTypes(
+      const syncable::ModelTypeSet& encrypted_types);
+
+  // Get the currently encrypted data types.
+  virtual void GetEncryptedDataTypes(
+      syncable::ModelTypeSet* encrypted_types) const;
+
   // Returns whether processing changes is allowed.  Check this before doing
   // any model-modifying operations.
   bool ShouldPushChanges();
 
   const GURL& sync_service_url() const { return sync_service_url_; }
   SigninManager* signin() { return signin_.get(); }
   const std::string& cros_user() const { return cros_user_; }
 
  protected:
   // Used by ProfileSyncServiceMock only.
@@ skipping 184 matching lines @@
   // Keep track of where we are in a server clear operation
   ClearServerDataState clear_server_data_state_;
 
   // Timeout for the clear data command.  This timeout is a temporary hack
   // and is necessary because the nudge sync framework can drop nudges for
   // a wide variety of sync-related conditions (throttling, connections issues,
   // syncer paused, etc.).  It can only be removed correctly when the framework
   // is reworked to allow one-shot commands like clearing server data.
   base::OneShotTimer<ProfileSyncService> clear_server_data_timer_;
 
+  // The set of encrypted types. This is updated whenever datatypes are
+  // encrypted through the OnEncryptionComplete callback of SyncFrontend.
+  syncable::ModelTypeSet encrypted_types_;
+
   DISALLOW_COPY_AND_ASSIGN(ProfileSyncService);
 };
 
 #endif  // CHROME_BROWSER_SYNC_PROFILE_SYNC_SERVICE_H_