OLD | NEW |
1 // Copyright 2012 The Chromium Authors. All rights reserved. | 1 // Copyright 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SYNC_INTERNAL_API_PUBLIC_SYNC_ENCRYPTION_HANDLER_H_ | 5 #ifndef COMPONENTS_SYNC_CORE_SYNC_ENCRYPTION_HANDLER_H_ |
6 #define SYNC_INTERNAL_API_PUBLIC_SYNC_ENCRYPTION_HANDLER_H_ | 6 #define COMPONENTS_SYNC_CORE_SYNC_ENCRYPTION_HANDLER_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
11 #include "sync/base/sync_export.h" | 11 #include "components/sync/base/model_type.h" |
12 #include "sync/internal_api/public/base/model_type.h" | 12 #include "components/sync/base/sync_export.h" |
13 #include "sync/protocol/sync.pb.h" | 13 #include "components/sync/protocol/sync.pb.h" |
14 | 14 |
15 namespace syncer { | 15 namespace syncer { |
16 | 16 |
17 class Cryptographer; | 17 class Cryptographer; |
18 | 18 |
19 // Reasons due to which Cryptographer might require a passphrase. | 19 // Reasons due to which Cryptographer might require a passphrase. |
20 enum PassphraseRequiredReason { | 20 enum PassphraseRequiredReason { |
21 REASON_PASSPHRASE_NOT_REQUIRED = 0, // Initial value. | 21 REASON_PASSPHRASE_NOT_REQUIRED = 0, // Initial value. |
22 REASON_ENCRYPTION = 1, // The cryptographer requires a | 22 REASON_ENCRYPTION = 1, // The cryptographer requires a |
23 // passphrase for its first attempt at | 23 // passphrase for its first attempt at |
24 // encryption. Happens only during | 24 // encryption. Happens only during |
25 // migration or upgrade. | 25 // migration or upgrade. |
26 REASON_DECRYPTION = 2, // The cryptographer requires a | 26 REASON_DECRYPTION = 2, // The cryptographer requires a |
27 // passphrase for its first attempt at | 27 // passphrase for its first attempt at |
28 // decryption. | 28 // decryption. |
29 }; | 29 }; |
30 | 30 |
31 // The different states for the encryption passphrase. These control if and how | 31 // The different states for the encryption passphrase. These control if and how |
32 // the user should be prompted for a decryption passphrase. | 32 // the user should be prompted for a decryption passphrase. |
33 // Do not re-order or delete these entries; they are used in a UMA histogram. | 33 // Do not re-order or delete these entries; they are used in a UMA histogram. |
34 // Please edit SyncPassphraseType in histograms.xml if a value is added. | 34 // Please edit SyncPassphraseType in histograms.xml if a value is added. |
35 enum PassphraseType { | 35 enum PassphraseType { |
36 IMPLICIT_PASSPHRASE = 0, // GAIA-based passphrase (deprecated). | 36 IMPLICIT_PASSPHRASE = 0, // GAIA-based passphrase (deprecated). |
37 KEYSTORE_PASSPHRASE = 1, // Keystore passphrase. | 37 KEYSTORE_PASSPHRASE = 1, // Keystore passphrase. |
38 FROZEN_IMPLICIT_PASSPHRASE = 2, // Frozen GAIA passphrase. | 38 FROZEN_IMPLICIT_PASSPHRASE = 2, // Frozen GAIA passphrase. |
39 CUSTOM_PASSPHRASE = 3, // User-provided passphrase. | 39 CUSTOM_PASSPHRASE = 3, // User-provided passphrase. |
40 PASSPHRASE_TYPE_SIZE, // The size of this enum; keep last. | 40 PASSPHRASE_TYPE_SIZE, // The size of this enum; keep last. |
41 }; | 41 }; |
42 | 42 |
43 // Enum used to distinguish which bootstrap encryption token is being updated. | 43 // Enum used to distinguish which bootstrap encryption token is being updated. |
44 enum BootstrapTokenType { | 44 enum BootstrapTokenType { |
45 PASSPHRASE_BOOTSTRAP_TOKEN, | 45 PASSPHRASE_BOOTSTRAP_TOKEN, |
46 KEYSTORE_BOOTSTRAP_TOKEN | 46 KEYSTORE_BOOTSTRAP_TOKEN |
47 }; | 47 }; |
48 | 48 |
49 // Sync's encryption handler. Handles tracking encrypted types, ensuring the | 49 // Sync's encryption handler. Handles tracking encrypted types, ensuring the |
50 // cryptographer encrypts with the proper key and has the most recent keybag, | 50 // cryptographer encrypts with the proper key and has the most recent keybag, |
(...skipping 28 matching lines...) Expand all Loading... |
79 | 79 |
80 virtual void OnPassphraseAccepted() = 0; | 80 virtual void OnPassphraseAccepted() = 0; |
81 // |bootstrap_token| is an opaque base64 encoded representation of the key | 81 // |bootstrap_token| is an opaque base64 encoded representation of the key |
82 // generated by the current passphrase, and is provided to the observer for | 82 // generated by the current passphrase, and is provided to the observer for |
83 // persistence purposes and use in a future initialization of sync (e.g. | 83 // persistence purposes and use in a future initialization of sync (e.g. |
84 // after restart). The boostrap token will always be derived from the most | 84 // after restart). The boostrap token will always be derived from the most |
85 // recent GAIA password (for accounts with implicit passphrases), even if | 85 // recent GAIA password (for accounts with implicit passphrases), even if |
86 // the data is still encrypted with an older GAIA password. For accounts | 86 // the data is still encrypted with an older GAIA password. For accounts |
87 // with explicit passphrases, it will be the most recently seen custom | 87 // with explicit passphrases, it will be the most recently seen custom |
88 // passphrase. | 88 // passphrase. |
89 virtual void OnBootstrapTokenUpdated( | 89 virtual void OnBootstrapTokenUpdated(const std::string& bootstrap_token, |
90 const std::string& bootstrap_token, | 90 BootstrapTokenType type) = 0; |
91 BootstrapTokenType type) = 0; | |
92 | 91 |
93 // Called when the set of encrypted types or the encrypt | 92 // Called when the set of encrypted types or the encrypt |
94 // everything flag has been changed. Note that encryption isn't | 93 // everything flag has been changed. Note that encryption isn't |
95 // complete until the OnEncryptionComplete() notification has been | 94 // complete until the OnEncryptionComplete() notification has been |
96 // sent (see below). | 95 // sent (see below). |
97 // | 96 // |
98 // |encrypted_types| will always be a superset of | 97 // |encrypted_types| will always be a superset of |
99 // Cryptographer::SensitiveTypes(). If |encrypt_everything| is | 98 // Cryptographer::SensitiveTypes(). If |encrypt_everything| is |
100 // true, |encrypted_types| will be the set of all known types. | 99 // true, |encrypted_types| will be the set of all known types. |
101 // | 100 // |
102 // Until this function is called, observers can assume that the | 101 // Until this function is called, observers can assume that the |
103 // set of encrypted types is Cryptographer::SensitiveTypes() and | 102 // set of encrypted types is Cryptographer::SensitiveTypes() and |
104 // that the encrypt everything flag is false. | 103 // that the encrypt everything flag is false. |
105 virtual void OnEncryptedTypesChanged( | 104 virtual void OnEncryptedTypesChanged(ModelTypeSet encrypted_types, |
106 ModelTypeSet encrypted_types, | 105 bool encrypt_everything) = 0; |
107 bool encrypt_everything) = 0; | |
108 | 106 |
109 // Called after we finish encrypting the current set of encrypted | 107 // Called after we finish encrypting the current set of encrypted |
110 // types. | 108 // types. |
111 virtual void OnEncryptionComplete() = 0; | 109 virtual void OnEncryptionComplete() = 0; |
112 | 110 |
113 // The cryptographer has been updated. Listeners should check that their | 111 // The cryptographer has been updated. Listeners should check that their |
114 // own state matches the cryptographer. | 112 // own state matches the cryptographer. |
115 // Used primarily for debugging. | 113 // Used primarily for debugging. |
116 virtual void OnCryptographerStateChanged(Cryptographer* cryptographer) = 0; | 114 virtual void OnCryptographerStateChanged(Cryptographer* cryptographer) = 0; |
117 | 115 |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
183 // Returns the current state of the passphrase needed to decrypt the | 181 // Returns the current state of the passphrase needed to decrypt the |
184 // bag of encryption keys in the nigori node. | 182 // bag of encryption keys in the nigori node. |
185 virtual PassphraseType GetPassphraseType() const = 0; | 183 virtual PassphraseType GetPassphraseType() const = 0; |
186 | 184 |
187 // The set of types that are always encrypted. | 185 // The set of types that are always encrypted. |
188 static ModelTypeSet SensitiveTypes(); | 186 static ModelTypeSet SensitiveTypes(); |
189 }; | 187 }; |
190 | 188 |
191 } // namespace syncer | 189 } // namespace syncer |
192 | 190 |
193 #endif // SYNC_INTERNAL_API_PUBLIC_SYNC_ENCRYPTION_HANDLER_H_ | 191 #endif // COMPONENTS_SYNC_CORE_SYNC_ENCRYPTION_HANDLER_H_ |
OLD | NEW |