[Sync] Add intelligent re-encryption support.

chrome/browser/sync/util/cryptographer.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_
 #define CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_
 #pragma once
 
 #include <map>
 #include <string>
@@ skipping 85 matching lines @@
   void Bootstrap(const std::string& restored_bootstrap_token);
 
   // Returns whether we can decrypt |encrypted| using the keys we currently know
   // about.
   bool CanDecrypt(const sync_pb::EncryptedData& encrypted) const;
 
   // Returns whether |encrypted| can be decrypted using the default encryption
   // key.
   bool CanDecryptUsingDefaultKey(const sync_pb::EncryptedData& encrypted) const;
 
-  // Encrypts |message| into |encrypted|. Returns true unless encryption fails.
+  // Same as Encrypt(..), except exits early and returns true if |message|
+  // matches the decrypted data within |encrypted| and |encrypted| was encrypted
+  // with the current default key. This avoids unnecessarily modifying
+  // |encrypted| if the change had no practical effect.
+  bool EncryptIfDifferent(const ::google::protobuf::MessageLite& message,
+                          sync_pb::EncryptedData* encrypted) const;
+
+  // Encrypts |message| into |encrypted|, irregardless of what was previously

[akalin, 2011/12/09 23:52:42]

irregardless -> regardless

( see http://en.wikipedia.org/wiki/Irregardless )

[Nicolas Zea, 2011/12/12 20:12:26]

Done.

+  // in |encrypted| (as opposed to EncryptIfDifferent). Returns true unless
+  // encryption fails.
   // Note that encryption will fail if |message| isn't valid (eg. a required
   // field isn't set).
   bool Encrypt(const ::google::protobuf::MessageLite& message,
                sync_pb::EncryptedData* encrypted) const;
 
   // Decrypts |encrypted| into |message|. Returns true unless decryption fails,
   // or |message| fails to parse the decrypted data.
   bool Decrypt(const sync_pb::EncryptedData& encrypted,
                ::google::protobuf::MessageLite* message) const;
 
@@ skipping 66 matching lines @@
   syncable::ModelTypeSet GetEncryptedTypes() const;
 
   // Forwards to MergeEncryptedTypes.
   void MergeEncryptedTypesForTest(
       const syncable::ModelTypeSet& encrypted_types);
 
  private:
   FRIEND_TEST_ALL_PREFIXES(CryptographerTest, PackUnpack);
   typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap;
 
+  bool EncryptImpl(const std::string& serialized,
+                   const NigoriMap::value_type* nigori,
+                   sync_pb::EncryptedData* encrypted) const;
+
   // Merges the given set of encrypted types with the existing set and emits a
   // notification if necessary.
   void MergeEncryptedTypes(const syncable::ModelTypeSet& encrypted_types);
 
   void EmitEncryptedTypesChangedNotification();
 
   // Helper method to instantiate Nigori instances for each set of key
   // parameters in |bag| and setting the default encryption key to
   // |default_key_name|.
   void InstallKeys(const std::string& default_key_name,
@@ skipping 15 matching lines @@
 
   syncable::ModelTypeSet encrypted_types_;
   bool encrypt_everything_;
 
   DISALLOW_COPY_AND_ASSIGN(Cryptographer);
 };
 
 }  // namespace browser_sync
 
 #endif  // CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_