| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef SYNC_UTIL_CRYPTOGRAPHER_H_ | 5 #ifndef SYNC_UTIL_CRYPTOGRAPHER_H_ |
| 6 #define SYNC_UTIL_CRYPTOGRAPHER_H_ | 6 #define SYNC_UTIL_CRYPTOGRAPHER_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 73 | 73 |
| 74 // Encrypts |message| into |encrypted|. Does not overwrite |encrypted| if | 74 // Encrypts |message| into |encrypted|. Does not overwrite |encrypted| if |
| 75 // |message| already matches the decrypted data within |encrypted| and | 75 // |message| already matches the decrypted data within |encrypted| and |
| 76 // |encrypted| was encrypted with the current default key. This avoids | 76 // |encrypted| was encrypted with the current default key. This avoids |
| 77 // unnecessarily modifying |encrypted| if the change had no practical effect. | 77 // unnecessarily modifying |encrypted| if the change had no practical effect. |
| 78 // Returns true unless encryption fails or |message| isn't valid (e.g. a | 78 // Returns true unless encryption fails or |message| isn't valid (e.g. a |
| 79 // required field isn't set). | 79 // required field isn't set). |
| 80 bool Encrypt(const ::google::protobuf::MessageLite& message, | 80 bool Encrypt(const ::google::protobuf::MessageLite& message, |
| 81 sync_pb::EncryptedData* encrypted) const; | 81 sync_pb::EncryptedData* encrypted) const; |
| 82 | 82 |
| 83 // Encrypted |serialized| into |encrypted|. Does not overwrite |encrypted| if |
| 84 // |message| already matches the decrypted data within |encrypted| and |
| 85 // |encrypted| was encrypted with the current default key. This avoids |
| 86 // unnecessarily modifying |encrypted| if the change had no practical effect. |
| 87 // Returns true unless encryption fails or |message| isn't valid (e.g. a |
| 88 // required field isn't set). |
| 89 bool EncryptString(const std::string& serialized, |
| 90 sync_pb::EncryptedData* encrypted) const; |
| 91 |
| 83 // Decrypts |encrypted| into |message|. Returns true unless decryption fails, | 92 // Decrypts |encrypted| into |message|. Returns true unless decryption fails, |
| 84 // or |message| fails to parse the decrypted data. | 93 // or |message| fails to parse the decrypted data. |
| 85 bool Decrypt(const sync_pb::EncryptedData& encrypted, | 94 bool Decrypt(const sync_pb::EncryptedData& encrypted, |
| 86 ::google::protobuf::MessageLite* message) const; | 95 ::google::protobuf::MessageLite* message) const; |
| 87 | 96 |
| 88 // Decrypts |encrypted| and returns plaintext decrypted data. If decryption | 97 // Decrypts |encrypted| and returns plaintext decrypted data. If decryption |
| 89 // fails, returns empty string. | 98 // fails, returns empty string. |
| 90 std::string DecryptToString(const sync_pb::EncryptedData& encrypted) const; | 99 std::string DecryptToString(const sync_pb::EncryptedData& encrypted) const; |
| 91 | 100 |
| 92 // Encrypts the set of currently known keys into |encrypted|. Returns true if | 101 // Encrypts the set of currently known keys into |encrypted|. Returns true if |
| 93 // successful. | 102 // successful. |
| 94 bool GetKeys(sync_pb::EncryptedData* encrypted) const; | 103 bool GetKeys(sync_pb::EncryptedData* encrypted) const; |
| 95 | 104 |
| 96 // Creates a new Nigori instance using |params|. If successful, |params| will | 105 // Creates a new Nigori instance using |params|. If successful, |params| will |
| 97 // become the default encryption key and be used for all future calls to | 106 // become the default encryption key and be used for all future calls to |
| 98 // Encrypt. | 107 // Encrypt. |
| 108 // Will decrypt the pending keys and install them if possible (pending key |
| 109 // will not overwrite default). |
| 99 bool AddKey(const KeyParams& params); | 110 bool AddKey(const KeyParams& params); |
| 100 | 111 |
| 101 // Same as AddKey(..), but builds the new Nigori from a previously persisted | 112 // Same as AddKey(..), but builds the new Nigori from a previously persisted |
| 102 // bootstrap token. This can be useful when consuming a bootstrap token | 113 // bootstrap token. This can be useful when consuming a bootstrap token |
| 103 // with a cryptographer that has already been initialized. | 114 // with a cryptographer that has already been initialized. |
| 115 // Updates the default key. |
| 116 // Will decrypt the pending keys and install them if possible (pending key |
| 117 // will not overwrite default). |
| 104 bool AddKeyFromBootstrapToken(const std::string restored_bootstrap_token); | 118 bool AddKeyFromBootstrapToken(const std::string restored_bootstrap_token); |
| 105 | 119 |
| 120 // Creates a new Nigori instance using |params|. If successful, |params| |
| 121 // will be added to the nigori keybag, but will not be the default encryption |
| 122 // key (default_nigori_ will remain the same). |
| 123 // Prereq: is_initialized() must be true. |
| 124 // Will decrypt the pending keys and install them if possible (pending key |
| 125 // will become the new default). |
| 126 bool AddNonDefaultKey(const KeyParams& params); |
| 127 |
| 106 // Decrypts |encrypted| and uses its contents to initialize Nigori instances. | 128 // Decrypts |encrypted| and uses its contents to initialize Nigori instances. |
| 107 // Returns true unless decryption of |encrypted| fails. The caller is | 129 // Returns true unless decryption of |encrypted| fails. The caller is |
| 108 // responsible for checking that CanDecrypt(encrypted) == true. | 130 // responsible for checking that CanDecrypt(encrypted) == true. |
| 109 // Does not update the default nigori. | 131 // Does not modify the default key. |
| 110 void InstallKeys(const sync_pb::EncryptedData& encrypted); | 132 void InstallKeys(const sync_pb::EncryptedData& encrypted); |
| 111 | 133 |
| 112 | |
| 113 // Makes a local copy of |encrypted| to later be decrypted by | 134 // Makes a local copy of |encrypted| to later be decrypted by |
| 114 // DecryptPendingKeys. This should only be used if CanDecrypt(encrypted) == | 135 // DecryptPendingKeys. This should only be used if CanDecrypt(encrypted) == |
| 115 // false. | 136 // false. |
| 116 void SetPendingKeys(const sync_pb::EncryptedData& encrypted); | 137 void SetPendingKeys(const sync_pb::EncryptedData& encrypted); |
| 117 | 138 |
| 118 // Makes |pending_keys_| available to callers that may want to cache its | 139 // Makes |pending_keys_| available to callers that may want to cache its |
| 119 // value for later use on the UI thread. It is illegal to call this if the | 140 // value for later use on the UI thread. It is illegal to call this if the |
| 120 // cryptographer has no pending keys. Like other calls that access the | 141 // cryptographer has no pending keys. Like other calls that access the |
| 121 // cryptographer, this method must be called from within a transaction. | 142 // cryptographer, this method must be called from within a transaction. |
| 122 const sync_pb::EncryptedData& GetPendingKeys() const; | 143 const sync_pb::EncryptedData& GetPendingKeys() const; |
| (...skipping 20 matching lines...) Expand all Loading... |
| 143 // Returns whether there is a pending set of keys that needs to be decrypted. | 164 // Returns whether there is a pending set of keys that needs to be decrypted. |
| 144 bool has_pending_keys() const { return NULL != pending_keys_.get(); } | 165 bool has_pending_keys() const { return NULL != pending_keys_.get(); } |
| 145 | 166 |
| 146 // Obtain a token that can be provided on construction to a future | 167 // Obtain a token that can be provided on construction to a future |
| 147 // Cryptographer instance to bootstrap itself. Returns false if such a token | 168 // Cryptographer instance to bootstrap itself. Returns false if such a token |
| 148 // can't be created (i.e. if this Cryptograhper doesn't have valid keys). | 169 // can't be created (i.e. if this Cryptograhper doesn't have valid keys). |
| 149 bool GetBootstrapToken(std::string* token) const; | 170 bool GetBootstrapToken(std::string* token) const; |
| 150 | 171 |
| 151 Encryptor* encryptor() const { return encryptor_; } | 172 Encryptor* encryptor() const { return encryptor_; } |
| 152 | 173 |
| 174 // Returns true if |keybag| is decryptable and either is a subset of nigoris_ |
| 175 // and/or has a different default key. |
| 176 bool KeybagIsStale(const sync_pb::EncryptedData& keybag) const; |
| 177 |
| 178 // Returns a serialized sync_pb::NigoriKey version of current default |
| 179 // encryption key. |
| 180 std::string GetDefaultNigoriKey() const; |
| 181 |
| 182 // Generates a new Nigori from |serialized_nigori_key|, and if successful |
| 183 // installs the new nigori as the default key. |
| 184 bool ImportNigoriKey(const std::string serialized_nigori_key); |
| 185 |
| 153 private: | 186 private: |
| 154 FRIEND_TEST_ALL_PREFIXES(SyncCryptographerTest, PackUnpack); | |
| 155 | |
| 156 typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap; | 187 typedef std::map<std::string, linked_ptr<const Nigori> > NigoriMap; |
| 157 | 188 |
| 158 // Helper method to instantiate Nigori instances for each set of key | 189 // Helper method to instantiate Nigori instances for each set of key |
| 159 // parameters in |bag|. | 190 // parameters in |bag|. |
| 160 // Does not update the default nigori. | 191 // Does not update the default nigori. |
| 161 void InstallKeyBag(const sync_pb::NigoriKeyBag& bag); | 192 void InstallKeyBag(const sync_pb::NigoriKeyBag& bag); |
| 162 | 193 |
| 163 // Helper method to add a nigori as the default key. | 194 // Helper method to add a nigori to the keybag, optionally making it the |
| 164 bool AddKeyImpl(scoped_ptr<Nigori> nigori); | 195 // default as well. |
| 196 bool AddKeyImpl(scoped_ptr<Nigori> nigori, bool set_as_default); |
| 165 | 197 |
| 166 // Functions to serialize + encrypt a Nigori object in an opaque format for | 198 // Helper to unencrypt a bootstrap token into a serialized sync_pb::NigoriKey. |
| 167 // persistence by sync infrastructure. | 199 std::string UnpackBootstrapToken(const std::string& token) const; |
| 168 bool PackBootstrapToken(const Nigori* nigori, std::string* pack_into) const; | |
| 169 Nigori* UnpackBootstrapToken(const std::string& token) const; | |
| 170 | 200 |
| 171 Encryptor* const encryptor_; | 201 Encryptor* const encryptor_; |
| 172 | 202 |
| 173 // The Nigoris we know about, mapped by key name. | 203 // The Nigoris we know about, mapped by key name. |
| 174 NigoriMap nigoris_; | 204 NigoriMap nigoris_; |
| 175 // The key name associated with the default nigori. If non-empty, must | 205 // The key name associated with the default nigori. If non-empty, must |
| 176 // correspond to a nigori within |nigoris_|. | 206 // correspond to a nigori within |nigoris_|. |
| 177 std::string default_nigori_name_; | 207 std::string default_nigori_name_; |
| 178 | 208 |
| 179 scoped_ptr<sync_pb::EncryptedData> pending_keys_; | 209 scoped_ptr<sync_pb::EncryptedData> pending_keys_; |
| 180 | 210 |
| 181 DISALLOW_COPY_AND_ASSIGN(Cryptographer); | 211 DISALLOW_COPY_AND_ASSIGN(Cryptographer); |
| 182 }; | 212 }; |
| 183 | 213 |
| 184 } // namespace syncer | 214 } // namespace syncer |
| 185 | 215 |
| 186 #endif // SYNC_UTIL_CRYPTOGRAPHER_H_ | 216 #endif // SYNC_UTIL_CRYPTOGRAPHER_H_ |
| OLD | NEW |