| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef SYNC_INTERNAL_API_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
| 6 #define SYNC_INTERNAL_API_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
| 7 |
| 8 #include <string> |
| 9 |
| 10 #include "base/compiler_specific.h" |
| 11 #include "base/gtest_prod_util.h" |
| 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "base/memory/weak_ptr.h" |
| 14 #include "base/observer_list.h" |
| 15 #include "sync/internal_api/public/sync_encryption_handler.h" |
| 16 #include "sync/syncable/nigori_handler.h" |
| 17 |
| 18 namespace syncer { |
| 19 |
| 20 struct UserShare; |
| 21 class WriteNode; |
| 22 class WriteTransaction; |
| 23 |
| 24 // Sync encryption handler implementation. |
| 25 // |
| 26 // This class acts as the respository of all sync encryption state, and handles |
| 27 // encryption related changes/queries coming from both the chrome side and |
| 28 // the sync side (via NigoriHandler). It is capable of modifying all sync data |
| 29 // (re-encryption), updating the encrypted types, changing the encryption keys, |
| 30 // and creating/receiving nigori node updates. |
| 31 // |
| 32 // The class should live as long as the directory itself in order to ensure |
| 33 // any data read/written is properly decrypted/encrypted. |
| 34 // |
| 35 // Note: See sync_encryption_handler.h for a description of the chrome visible |
| 36 // methods and what they do, and nigori_handler.h for a description of the |
| 37 // sync methods. |
| 38 // |
| 39 // TODO(zea): Make this class explicitly non-thread safe and ensure its only |
| 40 // accessed from the sync thread, with the possible exception of |
| 41 // GetEncryptedTypes. Need to cache explicit passphrase state on the UI thread. |
| 42 class SyncEncryptionHandlerImpl |
| 43 : public SyncEncryptionHandler, |
| 44 public syncable::NigoriHandler { |
| 45 public: |
| 46 SyncEncryptionHandlerImpl(UserShare* user_share, |
| 47 Cryptographer* cryptographer); |
| 48 virtual ~SyncEncryptionHandlerImpl(); |
| 49 |
| 50 // SyncEncryptionHandler implementation. |
| 51 virtual void AddObserver(Observer* observer) OVERRIDE; |
| 52 virtual void RemoveObserver(Observer* observer) OVERRIDE; |
| 53 virtual void Init() OVERRIDE; |
| 54 virtual void SetEncryptionPassphrase(const std::string& passphrase, |
| 55 bool is_explicit) OVERRIDE; |
| 56 virtual void SetDecryptionPassphrase(const std::string& passphrase) OVERRIDE; |
| 57 virtual void EnableEncryptEverything() OVERRIDE; |
| 58 virtual bool EncryptEverythingEnabled() const OVERRIDE; |
| 59 virtual bool IsUsingExplicitPassphrase() const OVERRIDE; |
| 60 |
| 61 // NigoriHandler implementation. |
| 62 // Note: all methods are invoked while the caller holds a transaction. |
| 63 virtual void ApplyNigoriUpdate( |
| 64 const sync_pb::NigoriSpecifics& nigori, |
| 65 syncable::BaseTransaction* const trans) OVERRIDE; |
| 66 virtual void UpdateNigoriFromEncryptedTypes( |
| 67 sync_pb::NigoriSpecifics* nigori, |
| 68 syncable::BaseTransaction* const trans) const OVERRIDE; |
| 69 virtual ModelTypeSet GetEncryptedTypes() const OVERRIDE; |
| 70 |
| 71 private: |
| 72 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| 73 NigoriEncryptionTypes); |
| 74 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| 75 EncryptEverythingExplicit); |
| 76 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| 77 EncryptEverythingImplicit); |
| 78 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
| 79 UnknownSensitiveTypes); |
| 80 |
| 81 // Iterate over all encrypted types ensuring each entry is properly encrypted. |
| 82 void ReEncryptEverything(WriteTransaction* trans); |
| 83 |
| 84 // Apply a nigori update. Updates internal and cryptographer state. |
| 85 // Returns true on success, false if |nigori| was incompatible, and the |
| 86 // nigori node must be corrected. |
| 87 // Note: must be called from within a transaction. |
| 88 bool ApplyNigoriUpdateImpl(const sync_pb::NigoriSpecifics& nigori, |
| 89 syncable::BaseTransaction* const trans); |
| 90 |
| 91 // Wrapper around WriteEncryptionStateToNigori that creates a new write |
| 92 // transaction. |
| 93 void RewriteNigori(); |
| 94 |
| 95 // Write the current encryption state into the nigori node. This includes |
| 96 // the encrypted types/encrypt everything state, as well as the keybag/ |
| 97 // explicit passphrase state (if the cryptographer is ready). |
| 98 void WriteEncryptionStateToNigori(WriteTransaction* trans); |
| 99 |
| 100 // Updates local encrypted types from |nigori|. |
| 101 // Returns true if the local set of encrypted types either matched or was |
| 102 // a subset of that in |nigori|. Returns false if the local state already |
| 103 // had stricter encryption than |nigori|, and the nigori node needs to be |
| 104 // updated with the newer encryption state. |
| 105 // Note: must be called from within a transaction. |
| 106 bool UpdateEncryptedTypesFromNigori(const sync_pb::NigoriSpecifics& nigori); |
| 107 |
| 108 // The final step of SetEncryptionPassphrase and SetDecryptionPassphrase that |
| 109 // notifies observers of the result of the set passphrase operation, updates |
| 110 // the nigori node, and does re-encryption. |
| 111 // |success|: true if the operation was successful and false otherwise. If |
| 112 // success == false, we send an OnPassphraseRequired notification. |
| 113 // |bootstrap_token|: used to inform observers if the cryptographer's |
| 114 // bootstrap token was updated. |
| 115 // |is_explicit|: used to differentiate between a custom passphrase (true) and |
| 116 // a GAIA passphrase that is implicitly used for encryption |
| 117 // (false). |
| 118 // |trans| and |nigori_node|: used to access data in the cryptographer. |
| 119 void FinishSetPassphrase(bool success, |
| 120 const std::string& bootstrap_token, |
| 121 bool is_explicit, |
| 122 WriteTransaction* trans, |
| 123 WriteNode* nigori_node); |
| 124 |
| 125 // Merges the given set of encrypted types with the existing set and emits a |
| 126 // notification if necessary. |
| 127 // Note: must be called from within a transaction. |
| 128 void MergeEncryptedTypes(ModelTypeSet encrypted_types); |
| 129 |
| 130 base::WeakPtrFactory<SyncEncryptionHandlerImpl> weak_ptr_factory_; |
| 131 |
| 132 ObserverList<SyncEncryptionHandler::Observer> observers_; |
| 133 |
| 134 // The current user share (for creating transactions). |
| 135 UserShare* user_share_; |
| 136 |
| 137 // TODO(zea): have the sync encryption handler own the cryptographer, and live |
| 138 // in the directory. |
| 139 Cryptographer* cryptographer_; |
| 140 |
| 141 // The set of types that require encryption. This is accessed on all sync |
| 142 // datatype threads when we write to a node, so we must hold a transaction |
| 143 // whenever we touch/read it. |
| 144 ModelTypeSet encrypted_types_; |
| 145 |
| 146 // Sync encryption state. These are only modified and accessed from the sync |
| 147 // thread. |
| 148 bool encrypt_everything_; |
| 149 bool explicit_passphrase_; |
| 150 |
| 151 // The number of times we've automatically (i.e. not via SetPassphrase or |
| 152 // conflict resolver) updated the nigori's encryption keys in this chrome |
| 153 // instantiation. |
| 154 int nigori_overwrite_count_; |
| 155 |
| 156 DISALLOW_COPY_AND_ASSIGN(SyncEncryptionHandlerImpl); |
| 157 }; |
| 158 |
| 159 } // namespace syncer |
| 160 |
| 161 #endif // SYNC_INTERNAL_API_PUBLIC_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10827266:
[Sync] Add SyncEncryptionHandler (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src