| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_ | 5 #ifndef CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_ |
| 6 #define CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_ | 6 #define CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <map> | 9 #include <map> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 96 void Bootstrap(const std::string& restored_bootstrap_token); | 96 void Bootstrap(const std::string& restored_bootstrap_token); |
| 97 | 97 |
| 98 // Returns whether we can decrypt |encrypted| using the keys we currently know | 98 // Returns whether we can decrypt |encrypted| using the keys we currently know |
| 99 // about. | 99 // about. |
| 100 bool CanDecrypt(const sync_pb::EncryptedData& encrypted) const; | 100 bool CanDecrypt(const sync_pb::EncryptedData& encrypted) const; |
| 101 | 101 |
| 102 // Returns whether |encrypted| can be decrypted using the default encryption | 102 // Returns whether |encrypted| can be decrypted using the default encryption |
| 103 // key. | 103 // key. |
| 104 bool CanDecryptUsingDefaultKey(const sync_pb::EncryptedData& encrypted) const; | 104 bool CanDecryptUsingDefaultKey(const sync_pb::EncryptedData& encrypted) const; |
| 105 | 105 |
| 106 // Encrypts |message| into |encrypted|. Returns true unless encryption fails. | 106 // Encrypts |message| into |encrypted|. Does not overwrite |encrypted| if |
| 107 // Note that encryption will fail if |message| isn't valid (eg. a required | 107 // |message| already matches the decrypted data within |encrypted| and |
| 108 // field isn't set). | 108 // |encrypted| was encrypted with the current default key. This avoids |
| 109 // unnecessarily modifying |encrypted| if the change had no practical effect. |
| 110 // Returns true unless encryption fails or |message| isn't valid (e.g. a |
| 111 // required field isn't set). |
| 109 bool Encrypt(const ::google::protobuf::MessageLite& message, | 112 bool Encrypt(const ::google::protobuf::MessageLite& message, |
| 110 sync_pb::EncryptedData* encrypted) const; | 113 sync_pb::EncryptedData* encrypted) const; |
| 111 | 114 |
| 112 // Decrypts |encrypted| into |message|. Returns true unless decryption fails, | 115 // Decrypts |encrypted| into |message|. Returns true unless decryption fails, |
| 113 // or |message| fails to parse the decrypted data. | 116 // or |message| fails to parse the decrypted data. |
| 114 bool Decrypt(const sync_pb::EncryptedData& encrypted, | 117 bool Decrypt(const sync_pb::EncryptedData& encrypted, |
| 115 ::google::protobuf::MessageLite* message) const; | 118 ::google::protobuf::MessageLite* message) const; |
| 116 | 119 |
| 117 // Decrypts |encrypted| and returns plaintext decrypted data. If decryption | 120 // Decrypts |encrypted| and returns plaintext decrypted data. If decryption |
| 118 // fails, returns empty string. | 121 // fails, returns empty string. |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 183 syncable::ModelTypeSet GetEncryptedTypes() const; | 186 syncable::ModelTypeSet GetEncryptedTypes() const; |
| 184 | 187 |
| 185 // Forwards to MergeEncryptedTypes. | 188 // Forwards to MergeEncryptedTypes. |
| 186 void MergeEncryptedTypesForTest( | 189 void MergeEncryptedTypesForTest( |
| 187 const syncable::ModelTypeSet& encrypted_types); | 190 const syncable::ModelTypeSet& encrypted_types); |
| 188 | 191 |
| 189 private: | 192 private: |
| 190 FRIEND_TEST_ALL_PREFIXES(CryptographerTest, PackUnpack); | 193 FRIEND_TEST_ALL_PREFIXES(CryptographerTest, PackUnpack); |
| 191 typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap; | 194 typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap; |
| 192 | 195 |
| 196 bool EncryptImpl(const std::string& serialized, |
| 197 const NigoriMap::value_type* nigori, |
| 198 sync_pb::EncryptedData* encrypted) const; |
| 199 |
| 193 // Merges the given set of encrypted types with the existing set and emits a | 200 // Merges the given set of encrypted types with the existing set and emits a |
| 194 // notification if necessary. | 201 // notification if necessary. |
| 195 void MergeEncryptedTypes(const syncable::ModelTypeSet& encrypted_types); | 202 void MergeEncryptedTypes(const syncable::ModelTypeSet& encrypted_types); |
| 196 | 203 |
| 197 void EmitEncryptedTypesChangedNotification(); | 204 void EmitEncryptedTypesChangedNotification(); |
| 198 | 205 |
| 199 // Helper method to instantiate Nigori instances for each set of key | 206 // Helper method to instantiate Nigori instances for each set of key |
| 200 // parameters in |bag| and setting the default encryption key to | 207 // parameters in |bag| and setting the default encryption key to |
| 201 // |default_key_name|. | 208 // |default_key_name|. |
| 202 void InstallKeys(const std::string& default_key_name, | 209 void InstallKeys(const std::string& default_key_name, |
| (...skipping 15 matching lines...) Expand all Loading... |
| 218 | 225 |
| 219 syncable::ModelTypeSet encrypted_types_; | 226 syncable::ModelTypeSet encrypted_types_; |
| 220 bool encrypt_everything_; | 227 bool encrypt_everything_; |
| 221 | 228 |
| 222 DISALLOW_COPY_AND_ASSIGN(Cryptographer); | 229 DISALLOW_COPY_AND_ASSIGN(Cryptographer); |
| 223 }; | 230 }; |
| 224 | 231 |
| 225 } // namespace browser_sync | 232 } // namespace browser_sync |
| 226 | 233 |
| 227 #endif // CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_ | 234 #endif // CHROME_BROWSER_SYNC_UTIL_CRYPTOGRAPHER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8759019:
[Sync] Add intelligent re-encryption support. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src