| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sync/syncable/nigori_util.h" | 5 #include "sync/syncable/nigori_util.h" |
| 6 | 6 |
| 7 #include <queue> | 7 #include <queue> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 63 return false; | 63 return false; |
| 64 } | 64 } |
| 65 return true; | 65 return true; |
| 66 } | 66 } |
| 67 | 67 |
| 68 bool EntryNeedsEncryption(ModelTypeSet encrypted_types, | 68 bool EntryNeedsEncryption(ModelTypeSet encrypted_types, |
| 69 const Entry& entry) { | 69 const Entry& entry) { |
| 70 if (!entry.Get(UNIQUE_SERVER_TAG).empty()) | 70 if (!entry.Get(UNIQUE_SERVER_TAG).empty()) |
| 71 return false; // We don't encrypt unique server nodes. | 71 return false; // We don't encrypt unique server nodes. |
| 72 ModelType type = entry.GetModelType(); | 72 ModelType type = entry.GetModelType(); |
| 73 if (type == PASSWORDS || type == NIGORI) | 73 if (type == PASSWORDS || IsControlType(type)) |
| 74 return false; | 74 return false; |
| 75 // Checking NON_UNIQUE_NAME is not necessary for the correctness of encrypting | 75 // Checking NON_UNIQUE_NAME is not necessary for the correctness of encrypting |
| 76 // the data, nor for determining if data is encrypted. We simply ensure it has | 76 // the data, nor for determining if data is encrypted. We simply ensure it has |
| 77 // been overwritten to avoid any possible leaks of sensitive data. | 77 // been overwritten to avoid any possible leaks of sensitive data. |
| 78 return SpecificsNeedsEncryption(encrypted_types, entry.Get(SPECIFICS)) || | 78 return SpecificsNeedsEncryption(encrypted_types, entry.Get(SPECIFICS)) || |
| 79 (encrypted_types.Has(type) && | 79 (encrypted_types.Has(type) && |
| 80 entry.Get(NON_UNIQUE_NAME) != kEncryptedString); | 80 entry.Get(NON_UNIQUE_NAME) != kEncryptedString); |
| 81 } | 81 } |
| 82 | 82 |
| 83 bool SpecificsNeedsEncryption(ModelTypeSet encrypted_types, | 83 bool SpecificsNeedsEncryption(ModelTypeSet encrypted_types, |
| 84 const sync_pb::EntitySpecifics& specifics) { | 84 const sync_pb::EntitySpecifics& specifics) { |
| 85 const ModelType type = GetModelTypeFromSpecifics(specifics); | 85 const ModelType type = GetModelTypeFromSpecifics(specifics); |
| 86 if (type == PASSWORDS || type == NIGORI) | 86 if (type == PASSWORDS || IsControlType(type)) |
| 87 return false; // These types have their own encryption schemes. | 87 return false; // These types have their own encryption schemes. |
| 88 if (!encrypted_types.Has(type)) | 88 if (!encrypted_types.Has(type)) |
| 89 return false; // This type does not require encryption | 89 return false; // This type does not require encryption |
| 90 return !specifics.has_encrypted(); | 90 return !specifics.has_encrypted(); |
| 91 } | 91 } |
| 92 | 92 |
| 93 // Mainly for testing. | 93 // Mainly for testing. |
| 94 bool VerifyDataTypeEncryptionForTest( | 94 bool VerifyDataTypeEncryptionForTest( |
| 95 BaseTransaction* const trans, | 95 BaseTransaction* const trans, |
| 96 ModelType type, | 96 ModelType type, |
| 97 bool is_encrypted) { | 97 bool is_encrypted) { |
| 98 Cryptographer* cryptographer = trans->directory()->GetCryptographer(trans); | 98 Cryptographer* cryptographer = trans->directory()->GetCryptographer(trans); |
| 99 if (type == PASSWORDS || type == NIGORI) { | 99 if (type == PASSWORDS || IsControlType(type)) { |
| 100 NOTREACHED(); | 100 NOTREACHED(); |
| 101 return true; | 101 return true; |
| 102 } | 102 } |
| 103 std::string type_tag = ModelTypeToRootTag(type); | 103 std::string type_tag = ModelTypeToRootTag(type); |
| 104 Entry type_root(trans, GET_BY_SERVER_TAG, type_tag); | 104 Entry type_root(trans, GET_BY_SERVER_TAG, type_tag); |
| 105 if (!type_root.good()) { | 105 if (!type_root.good()) { |
| 106 NOTREACHED(); | 106 NOTREACHED(); |
| 107 return false; | 107 return false; |
| 108 } | 108 } |
| 109 | 109 |
| (...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 308 encrypted_types.Put(APP_SETTINGS); | 308 encrypted_types.Put(APP_SETTINGS); |
| 309 if (nigori.encrypt_apps()) | 309 if (nigori.encrypt_apps()) |
| 310 encrypted_types.Put(APPS); | 310 encrypted_types.Put(APPS); |
| 311 if (nigori.encrypt_app_notifications()) | 311 if (nigori.encrypt_app_notifications()) |
| 312 encrypted_types.Put(APP_NOTIFICATIONS); | 312 encrypted_types.Put(APP_NOTIFICATIONS); |
| 313 return encrypted_types; | 313 return encrypted_types; |
| 314 } | 314 } |
| 315 | 315 |
| 316 } // namespace syncable | 316 } // namespace syncable |
| 317 } // namespace syncer | 317 } // namespace syncer |
| OLD | NEW |