[Sync] Cache encrypted types info in ProfileSyncService

chrome/browser/sync/util/cryptographer.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_
 #define CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_
 #pragma once
 
 #include <map>
 #include <string>
 
 #include "base/gtest_prod_util.h"
 #include "base/memory/linked_ptr.h"
 #include "base/memory/scoped_ptr.h"
+#include "base/observer_list.h"
 #include "chrome/browser/sync/protocol/nigori_specifics.pb.h"
 #include "chrome/browser/sync/syncable/model_type.h"
 #include "chrome/browser/sync/util/nigori.h"
 
 namespace browser_sync {
 
 extern const char kNigoriTag[];
 
 // The parameters used to initialize a Nigori instance.
 struct KeyParams {
@@ skipping 11 matching lines @@
 // Most likely, an updated Nigori node means that a new passphrase has been set
 // and that future node updates won't be decryptable. To remedy this, the user
 // should be prompted for the new passphrase and DecryptPendingKeys be called.
 //
 // Whenever a update to an encrypted node is received from the server,
 // CanDecrypt should be used to verify whether the Cryptographer can decrypt
 // that node. If it cannot, then the application of that update should be
 // delayed until after it can be decrypted.
 class Cryptographer {
  public:
-  Cryptographer();
+  // All Observer methods are done synchronously, so they're called
+  // under a transaction (since all Cryptographer operations are done
+  // under a transaction).
+  class Observer {
+   public:
+    virtual void OnEncryptedTypesChanged(
+        const syncable::ModelTypeSet& encrypted_types,
+        bool encrypt_everything) = 0;
+
+    // Send when all encrypted types have finished encryption.
+    // Guaranteed to be called immeduately after a call of

[Nicolas Zea, 2011/10/21 14:29:07]

immediately

[akalin, 2011/10/22 03:28:38]

Rendered moot

+    // OnEncryptedTypesChanged().
+    virtual void OnEncryptionComplete() = 0;
+
+   protected:
+    virtual ~Observer();
+  };
+
+  explicit Cryptographer();
   ~Cryptographer();
 
   // When update on cryptographer is called this enum tells if the
   // cryptographer was succesfully able to update using the nigori node or if
   // it needs a key to decrypt the nigori node.
   enum UpdateResult {
     SUCCESS,
     NEEDS_PASSPHRASE
   };
 
+  // Manage observers.
+  void AddObserver(Observer* observer);
+  void RemoveObserver(Observer* observer);
+
   // |restored_bootstrap_token| can be provided via this method to bootstrap
   // Cryptographer instance into the ready state (is_ready will be true).
   // It must be a string that was previously built by the
   // GetSerializedBootstrapToken function.  It is possible that the token is no
   // longer valid (due to server key change), in which case the normal
   // decryption code paths will fail and the user will need to provide a new
   // passphrase.
   // It is an error to call this if is_ready() == true, though it is fair to
   // never call Bootstrap at all.
   void Bootstrap(const std::string& restored_bootstrap_token);
@@ skipping 77 matching lines @@
 
   // Setter/getter for whether all current and future datatypes should be
   // encrypted. Once set you cannot unset without reading from a new nigori
   // node.
   void set_encrypt_everything();
   bool encrypt_everything() const;
 
   // Set all types in |new_types| as requiring encryption (in addition to the
   // currently encrypted types). Note: once a type requires encryption it can
   // never stop requiring encryption without clearing the server data.
   void SetEncryptedTypes(syncable::ModelTypeSet new_types);

[Nicolas Zea, 2011/10/21 14:29:07]

This isn't really used any more (outside of tests), although it does get called
unnecessarily from SyncInternal::EncryptDataTypes (which only ever gets called
with an empty set now as a way of forcing an update of the nigori and triggering
reencryption). Cleaning that up is probably outside the scope of this patch
though, so perhaps just add a todo there and assign it to me.

[akalin, 2011/10/22 03:28:38]

Actually, I ended up needing to clean it up, so I did.

 
   // Return the set of encrypted types.
   syncable::ModelTypeSet GetEncryptedTypes() const;
 
+  // Triggers an OnEncryptedTypesChanged and an OnEncryptionComplete
+  // notifiation.

[Nicolas Zea, 2011/10/21 14:29:07]

Is it necessary to always trigger the OnEncryptedTypesChanged as well (I suppose
this is why the unit tests are based on receiving it 3 times)? If they had
changed, we would have triggered it organically. If they hadn't, why force the
notification?

In the case of locally turning on encryption, we're guaranteed to have triggered
an OnEncryptedTypesChanged (assuming they did actually change) before sending
the OnEncryptionComplete. If they hadn't changed, then the PSS must already have
the current encryption info (by way of RefreshEncryption). Either way, the PSS
will have the set of encrypted types/encrypt everything that matches the one
OnEncryptionComplete used, so the setup flow can proceed accordingly.

Similarly, when we change the passphrase, we trigger a reencryption, but the
encrypted types aren't changing. I'm not sure there's any benefit to forcing the
notification in that case.

[akalin, 2011/10/22 03:28:38]

Yeah, fixed.  It should only trigger when it actually changes.

+  void MarkEncryptionComplete();
+
  private:
   FRIEND_TEST_ALL_PREFIXES(CryptographerTest, PackUnpack);
   typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap;
 
+  // Calls OnEncryptedTypesChanged() on all observers.
+  void EmitEncryptedTypesChangeNotification();

[Nicolas Zea, 2011/10/21 14:29:07]

EncryptedTypesChange... -> EncryptedTypesChanged...

[akalin, 2011/10/22 03:28:38]

Done.

+
   // Helper method to instantiate Nigori instances for each set of key
   // parameters in |bag| and setting the default encryption key to
   // |default_key_name|.
   void InstallKeys(const std::string& default_key_name,
                    const sync_pb::NigoriKeyBag& bag);
 
   bool AddKeyImpl(Nigori* nigori);
 
   // Functions to serialize + encrypt a Nigori object in an opaque format for
   // persistence by sync infrastructure.
   bool PackBootstrapToken(const Nigori* nigori, std::string* pack_into) const;
   Nigori* UnpackBootstrapToken(const std::string& token) const;
 
+  ObserverList<Observer> observers_;
+
   NigoriMap nigoris_;  // The Nigoris we know about, mapped by key name.
   NigoriMap::value_type* default_nigori_;  // The Nigori used for encryption.
 
   scoped_ptr<sync_pb::EncryptedData> pending_keys_;
 
   syncable::ModelTypeSet encrypted_types_;
   bool encrypt_everything_;
 
   DISALLOW_COPY_AND_ASSIGN(Cryptographer);
 };
 
 }  // namespace browser_sync
 
 #endif  // CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_