OLD | NEW |
1 // Copyright 2012 The Chromium Authors. All rights reserved. | 1 // Copyright 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SYNC_INTERNAL_API_SYNC_ENCRYPTION_HANDLER_IMPL_H_ | 5 #ifndef COMPONENTS_SYNC_CORE_IMPL_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
6 #define SYNC_INTERNAL_API_SYNC_ENCRYPTION_HANDLER_IMPL_H_ | 6 #define COMPONENTS_SYNC_CORE_IMPL_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/compiler_specific.h" | 11 #include "base/compiler_specific.h" |
12 #include "base/gtest_prod_util.h" | 12 #include "base/gtest_prod_util.h" |
13 #include "base/macros.h" | 13 #include "base/macros.h" |
14 #include "base/memory/weak_ptr.h" | 14 #include "base/memory/weak_ptr.h" |
15 #include "base/observer_list.h" | 15 #include "base/observer_list.h" |
16 #include "base/threading/thread_checker.h" | 16 #include "base/threading/thread_checker.h" |
17 #include "base/time/time.h" | 17 #include "base/time/time.h" |
18 #include "sync/base/sync_export.h" | 18 #include "components/sync/base/cryptographer.h" |
19 #include "sync/internal_api/public/sync_encryption_handler.h" | 19 #include "components/sync/base/sync_export.h" |
20 #include "sync/syncable/nigori_handler.h" | 20 #include "components/sync/core/sync_encryption_handler.h" |
21 #include "sync/util/cryptographer.h" | 21 #include "components/sync/syncable/nigori_handler.h" |
22 | 22 |
23 namespace syncer { | 23 namespace syncer { |
24 | 24 |
25 class Encryptor; | 25 class Encryptor; |
26 struct UserShare; | 26 struct UserShare; |
27 class WriteNode; | 27 class WriteNode; |
28 class WriteTransaction; | 28 class WriteTransaction; |
29 | 29 |
30 // Sync encryption handler implementation. | 30 // Sync encryption handler implementation. |
31 // | 31 // |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
96 private: | 96 private: |
97 friend class SyncEncryptionHandlerImplTest; | 97 friend class SyncEncryptionHandlerImplTest; |
98 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 98 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
99 NigoriEncryptionTypes); | 99 NigoriEncryptionTypes); |
100 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 100 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
101 EncryptEverythingExplicit); | 101 EncryptEverythingExplicit); |
102 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 102 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
103 EncryptEverythingImplicit); | 103 EncryptEverythingImplicit); |
104 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 104 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
105 UnknownSensitiveTypes); | 105 UnknownSensitiveTypes); |
106 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 106 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, GetKeystoreDecryptor); |
107 GetKeystoreDecryptor); | |
108 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 107 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
109 ReceiveMigratedNigoriKeystorePass); | 108 ReceiveMigratedNigoriKeystorePass); |
110 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 109 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
111 ReceiveUmigratedNigoriAfterMigration); | 110 ReceiveUmigratedNigoriAfterMigration); |
112 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 111 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
113 ReceiveOldMigratedNigori); | 112 ReceiveOldMigratedNigori); |
114 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 113 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
115 SetKeystoreAfterReceivingMigratedNigori); | 114 SetKeystoreAfterReceivingMigratedNigori); |
116 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, | 115 FRIEND_TEST_ALL_PREFIXES(SyncEncryptionHandlerImplTest, |
117 SetCustomPassAfterMigration); | 116 SetCustomPassAfterMigration); |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
162 // the encrypted types/encrypt everything state, as well as the keybag/ | 161 // the encrypted types/encrypt everything state, as well as the keybag/ |
163 // explicit passphrase state (if the cryptographer is ready). | 162 // explicit passphrase state (if the cryptographer is ready). |
164 void WriteEncryptionStateToNigori(WriteTransaction* trans); | 163 void WriteEncryptionStateToNigori(WriteTransaction* trans); |
165 | 164 |
166 // Updates local encrypted types from |nigori|. | 165 // Updates local encrypted types from |nigori|. |
167 // Returns true if the local set of encrypted types either matched or was | 166 // Returns true if the local set of encrypted types either matched or was |
168 // a subset of that in |nigori|. Returns false if the local state already | 167 // a subset of that in |nigori|. Returns false if the local state already |
169 // had stricter encryption than |nigori|, and the nigori node needs to be | 168 // had stricter encryption than |nigori|, and the nigori node needs to be |
170 // updated with the newer encryption state. | 169 // updated with the newer encryption state. |
171 // Note: must be called from within a transaction. | 170 // Note: must be called from within a transaction. |
172 bool UpdateEncryptedTypesFromNigori( | 171 bool UpdateEncryptedTypesFromNigori(const sync_pb::NigoriSpecifics& nigori, |
173 const sync_pb::NigoriSpecifics& nigori, | 172 syncable::BaseTransaction* const trans); |
174 syncable::BaseTransaction* const trans); | |
175 | 173 |
176 // TODO(zea): make these public and have them replace SetEncryptionPassphrase | 174 // TODO(zea): make these public and have them replace SetEncryptionPassphrase |
177 // and SetDecryptionPassphrase. | 175 // and SetDecryptionPassphrase. |
178 // Helper methods for handling passphrases once keystore migration has taken | 176 // Helper methods for handling passphrases once keystore migration has taken |
179 // place. | 177 // place. |
180 // | 178 // |
181 // Sets a new custom passphrase. Should only be called if a custom passphrase | 179 // Sets a new custom passphrase. Should only be called if a custom passphrase |
182 // is not already set. | 180 // is not already set. |
183 // Triggers OnPassphraseAccepted on success, OnPassphraseRequired if a custom | 181 // Triggers OnPassphraseAccepted on success, OnPassphraseRequired if a custom |
184 // passphrase already existed. | 182 // passphrase already existed. |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
233 | 231 |
234 // Performs the actual migration of the |nigori_node| to support keystore | 232 // Performs the actual migration of the |nigori_node| to support keystore |
235 // encryption iff ShouldTriggerMigration(..) returns true. | 233 // encryption iff ShouldTriggerMigration(..) returns true. |
236 bool AttemptToMigrateNigoriToKeystore(WriteTransaction* trans, | 234 bool AttemptToMigrateNigoriToKeystore(WriteTransaction* trans, |
237 WriteNode* nigori_node); | 235 WriteNode* nigori_node); |
238 | 236 |
239 // Fill |encrypted_blob| with the keystore decryptor token if | 237 // Fill |encrypted_blob| with the keystore decryptor token if |
240 // |encrypted_blob|'s contents didn't already contain the key. | 238 // |encrypted_blob|'s contents didn't already contain the key. |
241 // The keystore decryptor token is the serialized current default encryption | 239 // The keystore decryptor token is the serialized current default encryption |
242 // key, encrypted with the keystore key. | 240 // key, encrypted with the keystore key. |
243 bool GetKeystoreDecryptor( | 241 bool GetKeystoreDecryptor(const Cryptographer& cryptographer, |
244 const Cryptographer& cryptographer, | 242 const std::string& keystore_key, |
245 const std::string& keystore_key, | 243 sync_pb::EncryptedData* encrypted_blob); |
246 sync_pb::EncryptedData* encrypted_blob); | |
247 | 244 |
248 // Helper method for installing the keys encrypted in |encryption_keybag| | 245 // Helper method for installing the keys encrypted in |encryption_keybag| |
249 // into |cryptographer|. | 246 // into |cryptographer|. |
250 // Returns true on success, false if we were unable to install the keybag. | 247 // Returns true on success, false if we were unable to install the keybag. |
251 // Will not update the default key. | 248 // Will not update the default key. |
252 bool AttemptToInstallKeybag(const sync_pb::EncryptedData& keybag, | 249 bool AttemptToInstallKeybag(const sync_pb::EncryptedData& keybag, |
253 bool update_default, | 250 bool update_default, |
254 Cryptographer* cryptographer); | 251 Cryptographer* cryptographer); |
255 | 252 |
256 // Helper method for decrypting pending keys with the keystore bootstrap. | 253 // Helper method for decrypting pending keys with the keystore bootstrap. |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
314 // before support for this field was added. | 311 // before support for this field was added. |
315 base::Time custom_passphrase_time_; | 312 base::Time custom_passphrase_time_; |
316 | 313 |
317 base::WeakPtrFactory<SyncEncryptionHandlerImpl> weak_ptr_factory_; | 314 base::WeakPtrFactory<SyncEncryptionHandlerImpl> weak_ptr_factory_; |
318 | 315 |
319 DISALLOW_COPY_AND_ASSIGN(SyncEncryptionHandlerImpl); | 316 DISALLOW_COPY_AND_ASSIGN(SyncEncryptionHandlerImpl); |
320 }; | 317 }; |
321 | 318 |
322 } // namespace syncer | 319 } // namespace syncer |
323 | 320 |
324 #endif // SYNC_INTERNAL_API_SYNC_ENCRYPTION_HANDLER_IMPL_H_ | 321 #endif // COMPONENTS_SYNC_CORE_IMPL_SYNC_ENCRYPTION_HANDLER_IMPL_H_ |
OLD | NEW |