[Sync] Refactor passphrase state handling

sync/internal_api/sync_encryption_handler_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sync/internal_api/sync_encryption_handler_impl.h"
 
 #include <queue>
 #include <string>
 
 #include "base/bind.h"
@@ skipping 22 matching lines @@
 // because the encryption keys don't match (per chrome instantiation).
 // We protect ourselves against nigori rollbacks, but it's possible two
 // different clients might have contrasting view of what the nigori node state
 // should be, in which case they might ping pong (see crbug.com/119207).
 static const int kNigoriOverwriteLimit = 10;
 }
 
 SyncEncryptionHandlerImpl::Vault::Vault(
     Encryptor* encryptor,
     ModelTypeSet encrypted_types)
-  : cryptographer(encryptor),
-    encrypted_types(encrypted_types) {
+    : cryptographer(encryptor),
+      encrypted_types(encrypted_types) {
 }
 
 SyncEncryptionHandlerImpl::Vault::~Vault() {
 }
 
 SyncEncryptionHandlerImpl::SyncEncryptionHandlerImpl(
     UserShare* user_share,
     Encryptor* encryptor)
     : weak_ptr_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)),
       user_share_(user_share),
       vault_unsafe_(encryptor, SensitiveTypes()),
       encrypt_everything_(false),
-      explicit_passphrase_(false),
+      passphrase_state_(IMPLICIT_PASSPHRASE),
       nigori_overwrite_count_(0) {
 }
 
 SyncEncryptionHandlerImpl::~SyncEncryptionHandlerImpl() {}
 
 void SyncEncryptionHandlerImpl::AddObserver(Observer* observer) {
   DCHECK(thread_checker_.CalledOnValidThread());
   DCHECK(!observers_.HasObserver(observer));
   observers_.AddObserver(observer);
 }
@@ skipping 315 matching lines @@
   WriteEncryptionStateToNigori(&trans);
   if (UnlockVault(trans.GetWrappedTrans()).cryptographer.is_ready())
     ReEncryptEverything(&trans);
 }
 
 bool SyncEncryptionHandlerImpl::EncryptEverythingEnabled() const {
   DCHECK(thread_checker_.CalledOnValidThread());
   return encrypt_everything_;
 }
 
-bool SyncEncryptionHandlerImpl::IsUsingExplicitPassphrase() const {
-  // TODO(zea): this is called from the UI thread, so we have to have a
-  // transaction while accessing it. Add an OnPassphraseTypeChanged observer
-  // and have the SBH cache the value on the UI thread.
-  ReadTransaction trans(FROM_HERE, user_share_);
-  return explicit_passphrase_;
+PassphraseState SyncEncryptionHandlerImpl::GetPassphraseState() const {
+  DCHECK(thread_checker_.CalledOnValidThread());
+  return passphrase_state_;
 }
 
 // Note: this is called from within a syncable transaction, so we need to post
 // tasks if we want to do any work that creates a new sync_api transaction.
 void SyncEncryptionHandlerImpl::ApplyNigoriUpdate(
     const sync_pb::NigoriSpecifics& nigori,
     syncable::BaseTransaction* const trans) {
   DCHECK(thread_checker_.CalledOnValidThread());
   DCHECK(trans);
   if (!ApplyNigoriUpdateImpl(nigori, trans)) {
@@ skipping 101 matching lines @@
 
   // NOTE: We notify from within a transaction.
   FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
                     OnEncryptionComplete());
 }
 
 bool SyncEncryptionHandlerImpl::ApplyNigoriUpdateImpl(
     const sync_pb::NigoriSpecifics& nigori,
     syncable::BaseTransaction* const trans) {
   DCHECK(thread_checker_.CalledOnValidThread());
+  DVLOG(1) << "Applying nigori node update.";
   bool nigori_types_need_update = !UpdateEncryptedTypesFromNigori(nigori,
                                                                   trans);
-  if (nigori.using_explicit_passphrase())
-    explicit_passphrase_ = true;
+  if (nigori.using_explicit_passphrase() &&
+      passphrase_state_ != CUSTOM_PASSPHRASE) {
+    passphrase_state_ = CUSTOM_PASSPHRASE;
+    FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
+                      OnPassphraseStateChanged(passphrase_state_));
+  }
 
   Cryptographer* cryptographer = &UnlockVaultMutable(trans)->cryptographer;
   bool nigori_needs_new_keys = false;
   if (!nigori.encrypted().blob().empty()) {
     if (cryptographer->CanDecrypt(nigori.encrypted())) {
       cryptographer->InstallKeys(nigori.encrypted());
       // We only update the default passphrase if this was a new explicit
       // passphrase. Else, since it was decryptable, it must not have been a new
       // key.
       if (nigori.using_explicit_passphrase())
@@ skipping 26 matching lines @@
     DVLOG(1) << "OnPassphraseRequired sent because cryptographer is not "
              << "ready";
     FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
                       OnPassphraseRequired(REASON_ENCRYPTION,
                                            sync_pb::EncryptedData()));
   }
 
   // Check if the current local encryption state is stricter/newer than the
   // nigori state. If so, we need to overwrite the nigori node with the local
   // state.
-  if (nigori.using_explicit_passphrase() != explicit_passphrase_ ||
+  bool explicit_passphrase = passphrase_state_ == CUSTOM_PASSPHRASE;
+  if (nigori.using_explicit_passphrase() != explicit_passphrase ||
       nigori.encrypt_everything() != encrypt_everything_ ||
       nigori_types_need_update ||
       nigori_needs_new_keys) {
     return false;
   }
   return true;
 }
 
 void SyncEncryptionHandlerImpl::RewriteNigori() {
   DVLOG(1) << "Overwriting stale nigori node.";
@@ skipping 95 matching lines @@
   FOR_EACH_OBSERVER(
       SyncEncryptionHandler::Observer,
       observers_,
       OnCryptographerStateChanged(
           &UnlockVaultMutable(trans->GetWrappedTrans())->cryptographer));
 
   // It's possible we need to change the bootstrap token even if we failed to
   // set the passphrase (for example if we need to preserve the new GAIA
   // passphrase).
   if (!bootstrap_token.empty()) {
-    DVLOG(1) << "Bootstrap token updated.";
+    DVLOG(1) << "Passphrase bootstrap token updated.";
     FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
                       OnBootstrapTokenUpdated(bootstrap_token));
   }
 
   const Cryptographer& cryptographer =
       UnlockVault(trans->GetWrappedTrans()).cryptographer;
   if (!success) {
     if (cryptographer.is_ready()) {
       LOG(ERROR) << "Attempt to change passphrase failed while cryptographer "
                  << "was ready.";
     } else if (cryptographer.has_pending_keys()) {
       FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
                         OnPassphraseRequired(REASON_DECRYPTION,
                                              cryptographer.GetPendingKeys()));
     } else {
       FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
                         OnPassphraseRequired(REASON_ENCRYPTION,
                                              sync_pb::EncryptedData()));
     }
     return;
   }
 
-  FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
-                    OnPassphraseAccepted());
   DCHECK(cryptographer.is_ready());
 
   sync_pb::NigoriSpecifics specifics(nigori_node->GetNigoriSpecifics());
   // Does not modify specifics.encrypted() if the original decrypted data was
   // the same.
   if (!cryptographer.GetKeys(specifics.mutable_encrypted()))
     NOTREACHED();
-  explicit_passphrase_ = is_explicit;
+  if (is_explicit && passphrase_state_ != CUSTOM_PASSPHRASE) {
+    passphrase_state_ = CUSTOM_PASSPHRASE;
+    FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
+                      OnPassphraseStateChanged(passphrase_state_));
+  }
   specifics.set_using_explicit_passphrase(is_explicit);
   nigori_node->SetNigoriSpecifics(specifics);
 
+  // Must do this after OnPassphraseStateChanged, in order to ensure the PSS
+  // checks the passphrase state after it has been set.
+  FOR_EACH_OBSERVER(SyncEncryptionHandler::Observer, observers_,
+                    OnPassphraseAccepted());
+
   // Does nothing if everything is already encrypted.
   ReEncryptEverything(trans);
 }
 
 void SyncEncryptionHandlerImpl::MergeEncryptedTypes(
     ModelTypeSet new_encrypted_types,
     syncable::BaseTransaction* const trans) {
   DCHECK(thread_checker_.CalledOnValidThread());
   ModelTypeSet* encrypted_types = &UnlockVaultMutable(trans)->encrypted_types;
   if (!encrypted_types->HasAll(new_encrypted_types)) {
@@ skipping 10 matching lines @@
   return &vault_unsafe_;
 }
 
 const SyncEncryptionHandlerImpl::Vault& SyncEncryptionHandlerImpl::UnlockVault(
     syncable::BaseTransaction* const trans) const {
   DCHECK_EQ(user_share_->directory.get(), trans->directory());
   return vault_unsafe_;
 }
 
 }  // namespace browser_sync