Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(540)

Side by Side Diff: sync/util/cryptographer.h

Issue 10916036: [Sync] Implement keystore migration support. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sync/test/fake_sync_encryption_handler.cc ('k') | sync/util/cryptographer.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SYNC_UTIL_CRYPTOGRAPHER_H_ 5 #ifndef SYNC_UTIL_CRYPTOGRAPHER_H_
6 #define SYNC_UTIL_CRYPTOGRAPHER_H_ 6 #define SYNC_UTIL_CRYPTOGRAPHER_H_
7 7
8 #include <map> 8 #include <map>
9 #include <string> 9 #include <string>
10 10
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
73 73
74 // Encrypts |message| into |encrypted|. Does not overwrite |encrypted| if 74 // Encrypts |message| into |encrypted|. Does not overwrite |encrypted| if
75 // |message| already matches the decrypted data within |encrypted| and 75 // |message| already matches the decrypted data within |encrypted| and
76 // |encrypted| was encrypted with the current default key. This avoids 76 // |encrypted| was encrypted with the current default key. This avoids
77 // unnecessarily modifying |encrypted| if the change had no practical effect. 77 // unnecessarily modifying |encrypted| if the change had no practical effect.
78 // Returns true unless encryption fails or |message| isn't valid (e.g. a 78 // Returns true unless encryption fails or |message| isn't valid (e.g. a
79 // required field isn't set). 79 // required field isn't set).
80 bool Encrypt(const ::google::protobuf::MessageLite& message, 80 bool Encrypt(const ::google::protobuf::MessageLite& message,
81 sync_pb::EncryptedData* encrypted) const; 81 sync_pb::EncryptedData* encrypted) const;
82 82
83 // Encrypted |serialized| into |encrypted|. Does not overwrite |encrypted| if
84 // |message| already matches the decrypted data within |encrypted| and
85 // |encrypted| was encrypted with the current default key. This avoids
86 // unnecessarily modifying |encrypted| if the change had no practical effect.
87 // Returns true unless encryption fails or |message| isn't valid (e.g. a
88 // required field isn't set).
89 bool EncryptString(const std::string& serialized,
90 sync_pb::EncryptedData* encrypted) const;
91
83 // Decrypts |encrypted| into |message|. Returns true unless decryption fails, 92 // Decrypts |encrypted| into |message|. Returns true unless decryption fails,
84 // or |message| fails to parse the decrypted data. 93 // or |message| fails to parse the decrypted data.
85 bool Decrypt(const sync_pb::EncryptedData& encrypted, 94 bool Decrypt(const sync_pb::EncryptedData& encrypted,
86 ::google::protobuf::MessageLite* message) const; 95 ::google::protobuf::MessageLite* message) const;
87 96
88 // Decrypts |encrypted| and returns plaintext decrypted data. If decryption 97 // Decrypts |encrypted| and returns plaintext decrypted data. If decryption
89 // fails, returns empty string. 98 // fails, returns empty string.
90 std::string DecryptToString(const sync_pb::EncryptedData& encrypted) const; 99 std::string DecryptToString(const sync_pb::EncryptedData& encrypted) const;
91 100
92 // Encrypts the set of currently known keys into |encrypted|. Returns true if 101 // Encrypts the set of currently known keys into |encrypted|. Returns true if
93 // successful. 102 // successful.
94 bool GetKeys(sync_pb::EncryptedData* encrypted) const; 103 bool GetKeys(sync_pb::EncryptedData* encrypted) const;
95 104
96 // Creates a new Nigori instance using |params|. If successful, |params| will 105 // Creates a new Nigori instance using |params|. If successful, |params| will
97 // become the default encryption key and be used for all future calls to 106 // become the default encryption key and be used for all future calls to
98 // Encrypt. 107 // Encrypt.
108 // Will decrypt the pending keys and install them if possible (pending key
109 // will not overwrite default).
99 bool AddKey(const KeyParams& params); 110 bool AddKey(const KeyParams& params);
100 111
101 // Same as AddKey(..), but builds the new Nigori from a previously persisted 112 // Same as AddKey(..), but builds the new Nigori from a previously persisted
102 // bootstrap token. This can be useful when consuming a bootstrap token 113 // bootstrap token. This can be useful when consuming a bootstrap token
103 // with a cryptographer that has already been initialized. 114 // with a cryptographer that has already been initialized.
115 // Updates the default key.
116 // Will decrypt the pending keys and install them if possible (pending key
117 // will not overwrite default).
104 bool AddKeyFromBootstrapToken(const std::string restored_bootstrap_token); 118 bool AddKeyFromBootstrapToken(const std::string restored_bootstrap_token);
105 119
120 // Creates a new Nigori instance using |params|. If successful, |params|
121 // will be added to the nigori keybag, but will not be the default encryption
122 // key (default_nigori_ will remain the same).
123 // Prereq: is_initialized() must be true.
124 // Will decrypt the pending keys and install them if possible (pending key
125 // will become the new default).
126 bool AddNonDefaultKey(const KeyParams& params);
127
106 // Decrypts |encrypted| and uses its contents to initialize Nigori instances. 128 // Decrypts |encrypted| and uses its contents to initialize Nigori instances.
107 // Returns true unless decryption of |encrypted| fails. The caller is 129 // Returns true unless decryption of |encrypted| fails. The caller is
108 // responsible for checking that CanDecrypt(encrypted) == true. 130 // responsible for checking that CanDecrypt(encrypted) == true.
109 // Does not update the default nigori. 131 // Does not modify the default key.
110 void InstallKeys(const sync_pb::EncryptedData& encrypted); 132 void InstallKeys(const sync_pb::EncryptedData& encrypted);
111 133
112
113 // Makes a local copy of |encrypted| to later be decrypted by 134 // Makes a local copy of |encrypted| to later be decrypted by
114 // DecryptPendingKeys. This should only be used if CanDecrypt(encrypted) == 135 // DecryptPendingKeys. This should only be used if CanDecrypt(encrypted) ==
115 // false. 136 // false.
116 void SetPendingKeys(const sync_pb::EncryptedData& encrypted); 137 void SetPendingKeys(const sync_pb::EncryptedData& encrypted);
117 138
118 // Makes |pending_keys_| available to callers that may want to cache its 139 // Makes |pending_keys_| available to callers that may want to cache its
119 // value for later use on the UI thread. It is illegal to call this if the 140 // value for later use on the UI thread. It is illegal to call this if the
120 // cryptographer has no pending keys. Like other calls that access the 141 // cryptographer has no pending keys. Like other calls that access the
121 // cryptographer, this method must be called from within a transaction. 142 // cryptographer, this method must be called from within a transaction.
122 const sync_pb::EncryptedData& GetPendingKeys() const; 143 const sync_pb::EncryptedData& GetPendingKeys() const;
(...skipping 20 matching lines...) Expand all
143 // Returns whether there is a pending set of keys that needs to be decrypted. 164 // Returns whether there is a pending set of keys that needs to be decrypted.
144 bool has_pending_keys() const { return NULL != pending_keys_.get(); } 165 bool has_pending_keys() const { return NULL != pending_keys_.get(); }
145 166
146 // Obtain a token that can be provided on construction to a future 167 // Obtain a token that can be provided on construction to a future
147 // Cryptographer instance to bootstrap itself. Returns false if such a token 168 // Cryptographer instance to bootstrap itself. Returns false if such a token
148 // can't be created (i.e. if this Cryptograhper doesn't have valid keys). 169 // can't be created (i.e. if this Cryptograhper doesn't have valid keys).
149 bool GetBootstrapToken(std::string* token) const; 170 bool GetBootstrapToken(std::string* token) const;
150 171
151 Encryptor* encryptor() const { return encryptor_; } 172 Encryptor* encryptor() const { return encryptor_; }
152 173
174 // Returns true if |keybag| is decryptable and either is a subset of nigoris_
175 // and/or has a different default key.
176 bool KeybagIsStale(const sync_pb::EncryptedData& keybag) const;
177
178 // Returns a serialized sync_pb::NigoriKey version of current default
179 // encryption key.
180 std::string GetDefaultNigoriKey() const;
181
182 // Generates a new Nigori from |serialized_nigori_key|, and if successful
183 // installs the new nigori as the default key.
184 bool ImportNigoriKey(const std::string serialized_nigori_key);
185
153 private: 186 private:
154 FRIEND_TEST_ALL_PREFIXES(SyncCryptographerTest, PackUnpack);
155
156 typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap; 187 typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap;
157 188
158 // Helper method to instantiate Nigori instances for each set of key 189 // Helper method to instantiate Nigori instances for each set of key
159 // parameters in |bag|. 190 // parameters in |bag|.
160 // Does not update the default nigori. 191 // Does not update the default nigori.
161 void InstallKeyBag(const sync_pb::NigoriKeyBag& bag); 192 void InstallKeyBag(const sync_pb::NigoriKeyBag& bag);
162 193
163 // Helper method to add a nigori as the default key. 194 // Helper method to add a nigori to the keybag, optionally making it the
164 bool AddKeyImpl(scoped_ptr<Nigori> nigori); 195 // default as well.
196 bool AddKeyImpl(scoped_ptr<Nigori> nigori, bool set_as_default);
165 197
166 // Functions to serialize + encrypt a Nigori object in an opaque format for 198 // Helper to unencrypt a bootstrap token into a serialized sync_pb::NigoriKey.
167 // persistence by sync infrastructure. 199 std::string UnpackBootstrapToken(const std::string& token) const;
168 bool PackBootstrapToken(const Nigori* nigori, std::string* pack_into) const;
169 Nigori* UnpackBootstrapToken(const std::string& token) const;
170 200
171 Encryptor* const encryptor_; 201 Encryptor* const encryptor_;
172 202
173 // The Nigoris we know about, mapped by key name. 203 // The Nigoris we know about, mapped by key name.
174 NigoriMap nigoris_; 204 NigoriMap nigoris_;
175 // The key name associated with the default nigori. If non-empty, must 205 // The key name associated with the default nigori. If non-empty, must
176 // correspond to a nigori within |nigoris_|. 206 // correspond to a nigori within |nigoris_|.
177 std::string default_nigori_name_; 207 std::string default_nigori_name_;
178 208
179 scoped_ptr<sync_pb::EncryptedData> pending_keys_; 209 scoped_ptr<sync_pb::EncryptedData> pending_keys_;
180 210
181 DISALLOW_COPY_AND_ASSIGN(Cryptographer); 211 DISALLOW_COPY_AND_ASSIGN(Cryptographer);
182 }; 212 };
183 213
184 } // namespace syncer 214 } // namespace syncer
185 215
186 #endif // SYNC_UTIL_CRYPTOGRAPHER_H_ 216 #endif // SYNC_UTIL_CRYPTOGRAPHER_H_
OLDNEW
« no previous file with comments | « sync/test/fake_sync_encryption_handler.cc ('k') | sync/util/cryptographer.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698