[Sync] Ensure cryptographer ready before encrypting.

chrome/browser/sync/engine/syncapi.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/sync/engine/syncapi.h"
 
 #include <algorithm>
 #include <bitset>
 #include <iomanip>
 #include <list>
@@ skipping 184 matching lines @@
   }
 }
 
 UserShare::UserShare() {}
 
 UserShare::~UserShare() {}
 
 ////////////////////////////////////
 // BaseNode member definitions.
 
-BaseNode::BaseNode() {}
+BaseNode::BaseNode() : password_data_(new sync_pb::PasswordSpecificsData) {}
 
 BaseNode::~BaseNode() {}
 
 std::string BaseNode::GenerateSyncableHash(
     syncable::ModelType model_type, const std::string& client_tag) {
   // blank PB with just the extension in it has termination symbol,
   // handy for delimiter
   sync_pb::EntitySpecifics serialized_type;
   syncable::AddDefaultExtensionValue(model_type, &serialized_type);
   std::string hash_input;
@@ skipping 22 matching lines @@
 }
 
 bool BaseNode::DecryptIfNecessary() {
   if (GetIsFolder()) return true;  // Ignore the top-level datatype folder.
   const sync_pb::EntitySpecifics& specifics =
       GetEntry()->Get(syncable::SPECIFICS);
   if (specifics.HasExtension(sync_pb::password)) {
     // Passwords have their own legacy encryption structure.
     scoped_ptr<sync_pb::PasswordSpecificsData> data(DecryptPasswordSpecifics(
         specifics, GetTransaction()->GetCryptographer()));
-    if (!data.get())
+    if (!data.get()) {
+      LOG(ERROR) << "Failed to decrypt password specifics.";
       return false;
+    }
     password_data_.swap(data);
     return true;
   }
 
   // We assume any node with the encrypted field set has encrypted data.
   if (!specifics.has_encrypted())
     return true;
 
   const sync_pb::EncryptedData& encrypted =
       specifics.encrypted();
   std::string plaintext_data = GetTransaction()->GetCryptographer()->
       DecryptToString(encrypted);
-  if (plaintext_data.length() == 0)
-    return false;
-  if (!unencrypted_data_.ParseFromString(plaintext_data)) {
+  if (plaintext_data.length() == 0 ||
+      !unencrypted_data_.ParseFromString(plaintext_data)) {
     LOG(ERROR) << "Failed to decrypt encrypted node of type " <<
       syncable::ModelTypeToString(GetModelType()) << ".";
     return false;
   }
   return true;
 }
 
 const sync_pb::EntitySpecifics& BaseNode::GetUnencryptedSpecifics(
     const syncable::Entry* entry) const {
   const sync_pb::EntitySpecifics& specifics = entry->Get(SPECIFICS);
@@ skipping 122 matching lines @@
   return GetEntitySpecifics().GetExtension(sync_pb::bookmark);
 }
 
 const sync_pb::NigoriSpecifics& BaseNode::GetNigoriSpecifics() const {
   DCHECK_EQ(syncable::NIGORI, GetModelType());
   return GetEntitySpecifics().GetExtension(sync_pb::nigori);
 }
 
 const sync_pb::PasswordSpecificsData& BaseNode::GetPasswordSpecifics() const {
   DCHECK_EQ(syncable::PASSWORDS, GetModelType());
-  DCHECK(password_data_.get());
   return *password_data_;
 }
 
 const sync_pb::ThemeSpecifics& BaseNode::GetThemeSpecifics() const {
   DCHECK_EQ(syncable::THEMES, GetModelType());
   return GetEntitySpecifics().GetExtension(sync_pb::theme);
 }
 
 const sync_pb::TypedUrlSpecifics& BaseNode::GetTypedUrlSpecifics() const {
   DCHECK_EQ(syncable::TYPED_URLS, GetModelType());
@@ skipping 146 matching lines @@
   scoped_ptr<sync_pb::PasswordSpecificsData> old_plaintext(
       DecryptPasswordSpecifics(GetEntry()->Get(SPECIFICS), cryptographer));
   if (old_plaintext.get() &&
       old_plaintext->SerializeAsString() == data.SerializeAsString() &&
       cryptographer->CanDecryptUsingDefaultKey(old_ciphertext)) {
     return;
   }
 
   sync_pb::PasswordSpecifics new_value;
   if (!cryptographer->Encrypt(data, new_value.mutable_encrypted())) {
-    NOTREACHED();
+    LOG(ERROR) << "Failed to encrypt password, possibly due to sync node "
+               << "corruption";
+    return;
   }
 
   sync_pb::EntitySpecifics entity_specifics;
   entity_specifics.MutableExtension(sync_pb::password)->CopyFrom(new_value);
   SetEntitySpecifics(entity_specifics);
 }
 
 void WriteNode::SetThemeSpecifics(
     const sync_pb::ThemeSpecifics& new_value) {
   sync_pb::EntitySpecifics entity_specifics;
@@ skipping 1237 matching lines @@
       return;
     }
 
     nigori.CopyFrom(node.GetNigoriSpecifics());
     Cryptographer::UpdateResult result = cryptographer->Update(nigori);
     if (result == Cryptographer::NEEDS_PASSPHRASE) {
       ObserverList<SyncManager::Observer> temp_obs_list;
       CopyObservers(&temp_obs_list);
       FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
                         OnPassphraseRequired(sync_api::REASON_DECRYPTION));
+      return;
+    }
+
+    if (!cryptographer->is_ready()) {
+      NOTREACHED() << "Cryptographer failed to initialize.";
+      return;
     }
 
     // Refresh list of encrypted datatypes.
     encrypted_types = GetEncryptedTypes(&trans);
   }
 
-
-
   // Ensure any datatypes that need encryption are encrypted.
   EncryptDataTypes(encrypted_types);
 }
 
 void SyncManager::SyncInternal::StartSyncingNormally() {
   // Start the syncer thread. This won't actually
   // result in any syncing until at least the
   // DirectoryManager broadcasts the OPENED event,
   // and a valid server connection is detected.
   if (syncer_thread())  // NULL during certain unittests.
@@ skipping 228 matching lines @@
 }
 
 void SyncManager::SyncInternal::EncryptDataTypes(
     const syncable::ModelTypeSet& encrypted_types) {
   VLOG(1) << "Attempting to encrypt datatypes "
           << syncable::ModelTypeSetToString(encrypted_types);
 
   WriteTransaction trans(GetUserShare());
   WriteNode node(&trans);
   if (!node.InitByTagLookup(kNigoriTag)) {
-    LOG(ERROR) << "Unable to set encrypted datatypes because Nigori node not "
-               << "found.";
-    NOTREACHED();
+    NOTREACHED() << "Unable to set encrypted datatypes because Nigori node not "
+                 << "found.";
     return;
   }
 
   Cryptographer* cryptographer = trans.GetCryptographer();
 
+  if (!cryptographer->is_ready()) {
+    NOTREACHED() << "Attempting to encrypt datatypes when cryptographer not "
+                 << "ready.";
+    return;
+  }
+
   // Update the Nigori node set of encrypted datatypes so other machines notice.
   // Note, we merge the current encrypted types with those requested. Once a
   // datatypes is marked as needing encryption, it is never unmarked.
   sync_pb::NigoriSpecifics nigori;
   nigori.CopyFrom(node.GetNigoriSpecifics());
   syncable::ModelTypeSet current_encrypted_types = GetEncryptedTypes(&trans);
   syncable::ModelTypeSet newly_encrypted_types;
   std::set_union(current_encrypted_types.begin(), current_encrypted_types.end(),
                  encrypted_types.begin(), encrypted_types.end(),
                  std::inserter(newly_encrypted_types,
@@ skipping 921 matching lines @@
 void SyncManager::TriggerOnIncomingNotificationForTest(
     const syncable::ModelTypeBitSet& model_types) {
   syncable::ModelTypePayloadMap model_types_with_payloads =
       syncable::ModelTypePayloadMapFromBitSet(model_types,
           std::string());
 
   data_->OnIncomingNotification(model_types_with_payloads);
 }
 
 }  // namespace sync_api