Chromium Code Reviews Chromium Code Reviews
Issue 8468023:
Move encryption related files from util folder to encryption folder. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/sync/engine/nigori_util.h" | 5 #include "chrome/browser/sync/encryption/nigori_util.h" |
| 6 | 6 |
| 7 #include <queue> | 7 #include <queue> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "chrome/browser/sync/engine/syncer_util.h" | 11 #include "chrome/browser/sync/engine/syncer_util.h" |
| 12 #include "chrome/browser/sync/internal_api/write_node.h" | 12 #include "chrome/browser/sync/internal_api/write_node.h" |
| 13 #include "chrome/browser/sync/syncable/syncable.h" | 13 #include "chrome/browser/sync/syncable/syncable.h" |
| 14 #include "chrome/browser/sync/util/cryptographer.h" | 14 #include "chrome/browser/sync/encryption/cryptographer.h" |
| 15 | 15 |
| 16 namespace syncable { | 16 using syncable::BaseTransaction; |
| 17 using syncable::Entry; | |
| 18 using syncable::Id; | |
| 19 using syncable::ModelType; | |
| 20 using syncable::ModelTypeSet; | |
| 21 using syncable::MutableEntry; | |
| 22 using syncable::WriteTransaction; | |
| 23 | |
| 24 namespace browser_sync { | |
| 25 namespace encryption { | |
| 17 | 26 |
| 18 bool ProcessUnsyncedChangesForEncryption( | 27 bool ProcessUnsyncedChangesForEncryption( |
| 19 WriteTransaction* const trans, | 28 WriteTransaction* const trans, |
| 20 browser_sync::Cryptographer* cryptographer) { | 29 browser_sync::Cryptographer* cryptographer) { |
| 21 DCHECK(cryptographer->is_ready()); | 30 DCHECK(cryptographer->is_ready()); |
| 22 syncable::ModelTypeSet encrypted_types = cryptographer->GetEncryptedTypes(); | 31 syncable::ModelTypeSet encrypted_types = cryptographer->GetEncryptedTypes(); |
| 23 | 32 |
| 24 // Get list of all datatypes with unsynced changes. It's possible that our | 33 // Get list of all datatypes with unsynced changes. It's possible that our |
| 25 // local changes need to be encrypted if encryption for that datatype was | 34 // local changes need to be encrypted if encryption for that datatype was |
| 26 // just turned on (and vice versa). This should never affect passwords. | 35 // just turned on (and vice versa). This should never affect passwords. |
| 27 std::vector<int64> handles; | 36 std::vector<int64> handles; |
| 28 browser_sync::SyncerUtil::GetUnsyncedEntries(trans, &handles); | 37 browser_sync::SyncerUtil::GetUnsyncedEntries(trans, &handles); |
| 29 for (size_t i = 0; i < handles.size(); ++i) { | 38 for (size_t i = 0; i < handles.size(); ++i) { |
| 30 MutableEntry entry(trans, GET_BY_HANDLE, handles[i]); | 39 MutableEntry entry(trans, syncable::GET_BY_HANDLE, handles[i]); |
| 31 if (!sync_api::WriteNode::UpdateEntryWithEncryption(cryptographer, | 40 if (!sync_api::WriteNode::UpdateEntryWithEncryption(cryptographer, |
| 32 entry.Get(SPECIFICS), | 41 entry.Get(syncable::SPECIFICS), |
|
Nicolas Zea
2011/11/17 21:04:30
indent by one more space.
| |
| 33 &entry)) { | 42 &entry)) { |
| 34 NOTREACHED(); | 43 NOTREACHED(); |
| 35 return false; | 44 return false; |
| 36 } | 45 } |
| 37 } | 46 } |
| 38 return true; | 47 return true; |
| 39 } | 48 } |
| 40 | 49 |
| 41 bool VerifyUnsyncedChangesAreEncrypted( | 50 bool VerifyUnsyncedChangesAreEncrypted( |
| 42 BaseTransaction* const trans, | 51 BaseTransaction* const trans, |
| 43 const ModelTypeSet& encrypted_types) { | 52 const ModelTypeSet& encrypted_types) { |
| 44 std::vector<int64> handles; | 53 std::vector<int64> handles; |
| 45 browser_sync::SyncerUtil::GetUnsyncedEntries(trans, &handles); | 54 browser_sync::SyncerUtil::GetUnsyncedEntries(trans, &handles); |
| 46 for (size_t i = 0; i < handles.size(); ++i) { | 55 for (size_t i = 0; i < handles.size(); ++i) { |
| 47 Entry entry(trans, GET_BY_HANDLE, handles[i]); | 56 Entry entry(trans, syncable::GET_BY_HANDLE, handles[i]); |
| 48 if (!entry.good()) { | 57 if (!entry.good()) { |
| 49 NOTREACHED(); | 58 NOTREACHED(); |
| 50 return false; | 59 return false; |
| 51 } | 60 } |
| 52 if (EntryNeedsEncryption(encrypted_types, entry)) | 61 if (EntryNeedsEncryption(encrypted_types, entry)) |
| 53 return false; | 62 return false; |
| 54 } | 63 } |
| 55 return true; | 64 return true; |
| 56 } | 65 } |
| 57 | 66 |
| 58 bool EntryNeedsEncryption(const ModelTypeSet& encrypted_types, | 67 bool EntryNeedsEncryption(const ModelTypeSet& encrypted_types, |
| 59 const Entry& entry) { | 68 const Entry& entry) { |
| 60 if (!entry.Get(UNIQUE_SERVER_TAG).empty()) | 69 if (!entry.Get(syncable::UNIQUE_SERVER_TAG).empty()) |
| 61 return false; // We don't encrypt unique server nodes. | 70 return false; // We don't encrypt unique server nodes. |
| 62 syncable::ModelType type = entry.GetModelType(); | 71 syncable::ModelType type = entry.GetModelType(); |
| 63 if (type == PASSWORDS || type == NIGORI) | 72 if (type == syncable::PASSWORDS || type == syncable::NIGORI) |
| 64 return false; | 73 return false; |
| 65 // Checking NON_UNIQUE_NAME is not necessary for the correctness of encrypting | 74 // Checking NON_UNIQUE_NAME is not necessary for the correctness of encrypting |
| 66 // the data, nor for determining if data is encrypted. We simply ensure it has | 75 // the data, nor for determining if data is encrypted. We simply ensure it has |
| 67 // been overwritten to avoid any possible leaks of sensitive data. | 76 // been overwritten to avoid any possible leaks of sensitive data. |
| 68 return SpecificsNeedsEncryption(encrypted_types, entry.Get(SPECIFICS)) || | 77 return SpecificsNeedsEncryption(encrypted_types, entry.Get( |
| 78 syncable::SPECIFICS)) || | |
| 69 (encrypted_types.count(type) > 0 && | 79 (encrypted_types.count(type) > 0 && |
| 70 entry.Get(NON_UNIQUE_NAME) != kEncryptedString); | 80 entry.Get(syncable::NON_UNIQUE_NAME) != kEncryptedString); |
|
Nicolas Zea
2011/11/17 21:04:30
rewrite as:
return SpecificsNeedsEncryption(
| |
| 71 } | 81 } |
| 72 | 82 |
| 73 bool SpecificsNeedsEncryption(const ModelTypeSet& encrypted_types, | 83 bool SpecificsNeedsEncryption(const ModelTypeSet& encrypted_types, |
| 74 const sync_pb::EntitySpecifics& specifics) { | 84 const sync_pb::EntitySpecifics& specifics) { |
| 75 ModelType type = GetModelTypeFromSpecifics(specifics); | 85 ModelType type = syncable::GetModelTypeFromSpecifics(specifics); |
| 76 if (type == PASSWORDS || type == NIGORI) | 86 if (type == syncable::PASSWORDS || type == syncable::NIGORI) |
| 77 return false; // These types have their own encryption schemes. | 87 return false; // These types have their own encryption schemes. |
| 78 if (encrypted_types.count(type) == 0) | 88 if (encrypted_types.count(type) == 0) |
| 79 return false; // This type does not require encryption | 89 return false; // This type does not require encryption |
| 80 return !specifics.has_encrypted(); | 90 return !specifics.has_encrypted(); |
| 81 } | 91 } |
| 82 | 92 |
| 83 // Mainly for testing. | 93 // Mainly for testing. |
| 84 bool VerifyDataTypeEncryptionForTest( | 94 bool VerifyDataTypeEncryptionForTest( |
| 85 BaseTransaction* const trans, | 95 BaseTransaction* const trans, |
| 86 browser_sync::Cryptographer* cryptographer, | 96 browser_sync::Cryptographer* cryptographer, |
| 87 ModelType type, | 97 ModelType type, |
| 88 bool is_encrypted) { | 98 bool is_encrypted) { |
| 89 if (type == PASSWORDS || type == NIGORI) { | 99 if (type == syncable::PASSWORDS || type == syncable::NIGORI) { |
|
Nicolas Zea
2011/11/17 21:04:30
unindent this line
| |
| 90 NOTREACHED(); | 100 NOTREACHED(); |
| 91 return true; | 101 return true; |
| 92 } | 102 } |
| 93 std::string type_tag = ModelTypeToRootTag(type); | 103 std::string type_tag = ModelTypeToRootTag(type); |
| 94 Entry type_root(trans, GET_BY_SERVER_TAG, type_tag); | 104 Entry type_root(trans, syncable::GET_BY_SERVER_TAG, type_tag); |
| 95 if (!type_root.good()) { | 105 if (!type_root.good()) { |
| 96 NOTREACHED(); | 106 NOTREACHED(); |
| 97 return false; | 107 return false; |
| 98 } | 108 } |
| 99 | 109 |
| 100 std::queue<Id> to_visit; | 110 std::queue<Id> to_visit; |
| 101 Id id_string; | 111 Id id_string; |
| 102 if (!trans->directory()->GetFirstChildId( | 112 if (!trans->directory()->GetFirstChildId( |
| 103 trans, type_root.Get(ID), &id_string)) { | 113 trans, type_root.Get(syncable::ID), &id_string)) { |
| 104 NOTREACHED(); | 114 NOTREACHED(); |
| 105 return false; | 115 return false; |
| 106 } | 116 } |
| 107 to_visit.push(id_string); | 117 to_visit.push(id_string); |
| 108 while (!to_visit.empty()) { | 118 while (!to_visit.empty()) { |
| 109 id_string = to_visit.front(); | 119 id_string = to_visit.front(); |
| 110 to_visit.pop(); | 120 to_visit.pop(); |
| 111 if (id_string.IsRoot()) | 121 if (id_string.IsRoot()) |
| 112 continue; | 122 continue; |
| 113 | 123 |
| 114 Entry child(trans, GET_BY_ID, id_string); | 124 Entry child(trans, syncable::GET_BY_ID, id_string); |
| 115 if (!child.good()) { | 125 if (!child.good()) { |
| 116 NOTREACHED(); | 126 NOTREACHED(); |
| 117 return false; | 127 return false; |
| 118 } | 128 } |
| 119 if (child.Get(IS_DIR)) { | 129 if (child.Get(syncable::IS_DIR)) { |
| 120 Id child_id_string; | 130 Id child_id_string; |
| 121 if (!trans->directory()->GetFirstChildId( | 131 if (!trans->directory()->GetFirstChildId( |
| 122 trans, child.Get(ID), &child_id_string)) { | 132 trans, child.Get(syncable::ID), &child_id_string)) { |
| 123 NOTREACHED(); | 133 NOTREACHED(); |
| 124 return false; | 134 return false; |
| 125 } | 135 } |
| 126 // Traverse the children. | 136 // Traverse the children. |
| 127 to_visit.push(child_id_string); | 137 to_visit.push(child_id_string); |
| 128 } | 138 } |
| 129 const sync_pb::EntitySpecifics& specifics = child.Get(SPECIFICS); | 139 const sync_pb::EntitySpecifics& specifics = child.Get(syncable::SPECIFICS); |
| 130 DCHECK_EQ(type, child.GetModelType()); | 140 DCHECK_EQ(type, child.GetModelType()); |
| 131 DCHECK_EQ(type, GetModelTypeFromSpecifics(specifics)); | 141 DCHECK_EQ(type, syncable::GetModelTypeFromSpecifics(specifics)); |
| 132 // We don't encrypt the server's permanent items. | 142 // We don't encrypt the server's permanent items. |
| 133 if (child.Get(UNIQUE_SERVER_TAG).empty()) { | 143 if (child.Get(syncable::UNIQUE_SERVER_TAG).empty()) { |
| 134 if (specifics.has_encrypted() != is_encrypted) | 144 if (specifics.has_encrypted() != is_encrypted) |
| 135 return false; | 145 return false; |
| 136 if (specifics.has_encrypted()) { | 146 if (specifics.has_encrypted()) { |
| 137 if (child.Get(NON_UNIQUE_NAME) != kEncryptedString) | 147 if (child.Get(syncable::NON_UNIQUE_NAME) != kEncryptedString) |
| 138 return false; | 148 return false; |
| 139 if (!cryptographer->CanDecryptUsingDefaultKey(specifics.encrypted())) | 149 if (!cryptographer->CanDecryptUsingDefaultKey(specifics.encrypted())) |
| 140 return false; | 150 return false; |
| 141 } | 151 } |
| 142 } | 152 } |
| 143 // Push the successor. | 153 // Push the successor. |
| 144 to_visit.push(child.Get(NEXT_ID)); | 154 to_visit.push(child.Get(syncable::NEXT_ID)); |
| 145 } | 155 } |
| 146 return true; | 156 return true; |
| 147 } | 157 } |
| 148 | 158 |
| 149 } // namespace syncable | 159 } // namespace encryption |
| 160 } // namespace browser_sync | |
| OLD | NEW |
