Add a boolean details to the PASSPHRASE_REQUIRED message that indicates

whether it came from a need to decrypt or just a need to setup the
cryptographer for encryption.

BUG=none
TEST=none

Review URL: http://codereview.chromium.org/4849005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@66788 0039d316-1c4b-4281-b951-d872f2087c98

9 files changed, 86 insertions, 29 deletions

diff --git a/chrome/browser/sync/engine/syncapi.cc b/chrome/browser/sync/engine/syncapi.cc
index bdd7be9..5a71eb8 100644
--- a/chrome/browser/sync/engine/syncapi.cc
+++ b/chrome/browser/sync/engine/syncapi.cc
@@ -1432,7 +1432,7 @@ void SyncManager::SyncInternal::BootstrapEncryption(
       cryptographer->SetKeys(nigori.encrypted());
     } else {
       cryptographer->SetPendingKeys(nigori.encrypted());
-      observer_->OnPassphraseRequired();
+      observer_->OnPassphraseRequired(true);
     }
   }
 }
@@ -1608,7 +1608,7 @@ void SyncManager::SyncInternal::SetPassphrase(
   KeyParams params = {"localhost", "dummy", passphrase};
   if (cryptographer->has_pending_keys()) {
     if (!cryptographer->DecryptPendingKeys(params)) {
-      observer_->OnPassphraseRequired();
+      observer_->OnPassphraseRequired(true);
       return;
     }
 
@@ -2052,8 +2052,10 @@ void SyncManager::SyncInternal::OnSyncEngineEvent(
 
       // If we've completed a sync cycle and the cryptographer isn't ready yet,
       // prompt the user for a passphrase.
-      if (!cryptographer->is_ready() || cryptographer->has_pending_keys()) {
-        observer_->OnPassphraseRequired();
+      if (cryptographer->has_pending_keys()) {
+        observer_->OnPassphraseRequired(true);
+      } else if (!cryptographer->is_ready()) {
+        observer_->OnPassphraseRequired(false);
       }
     }
 
diff --git a/chrome/browser/sync/engine/syncapi.h b/chrome/browser/sync/engine/syncapi.h
index 6ea7b63..95facaf 100644
--- a/chrome/browser/sync/engine/syncapi.h
+++ b/chrome/browser/sync/engine/syncapi.h
@@ -721,7 +721,11 @@ class SyncManager {
     virtual void OnUpdatedToken(const std::string& token) = 0;
 
     // Called when user interaction is required to obtain a valid passphrase.
-    virtual void OnPassphraseRequired() = 0;
+    // If the passphrase is required to decrypt something that has
+    // already been encrypted (and thus has to match the existing key),
+    // |for_decryption| will be true.  If the passphrase is needed for
+    // encryption, |for_decryption| will be false.
+    virtual void OnPassphraseRequired(bool for_decryption) = 0;
 
     // Called when the passphrase provided by the user has been accepted and is
     // now used to encrypt sync data.  |bootstrap_token| is an opaque base64
diff --git a/chrome/browser/sync/glue/sync_backend_host.cc b/chrome/browser/sync/glue/sync_backend_host.cc
index 342e989..068d7b2 100644
--- a/chrome/browser/sync/glue/sync_backend_host.cc
+++ b/chrome/browser/sync/glue/sync_backend_host.cc
@@ -383,11 +383,11 @@ void SyncBackendHost::Core::NotifyResumed() {
                                          NotificationService::NoDetails());
 }
 
-void SyncBackendHost::Core::NotifyPassphraseRequired() {
+void SyncBackendHost::Core::NotifyPassphraseRequired(bool for_decryption) {
   NotificationService::current()->Notify(
       NotificationType::SYNC_PASSPHRASE_REQUIRED,
       Source<SyncBackendHost>(host_),
-      NotificationService::NoDetails());
+      Details<bool>(&for_decryption));
 }
 
 void SyncBackendHost::Core::NotifyPassphraseAccepted(
@@ -718,9 +718,9 @@ void SyncBackendHost::Core::OnAuthError(const AuthError& auth_error) {
       auth_error));
 }
 
-void SyncBackendHost::Core::OnPassphraseRequired() {
+void SyncBackendHost::Core::OnPassphraseRequired(bool for_decryption) {
   host_->frontend_loop_->PostTask(FROM_HERE,
-      NewRunnableMethod(this, &Core::NotifyPassphraseRequired));
+      NewRunnableMethod(this, &Core::NotifyPassphraseRequired, for_decryption));
 }
 
 void SyncBackendHost::Core::OnPassphraseAccepted(
diff --git a/chrome/browser/sync/glue/sync_backend_host.h b/chrome/browser/sync/glue/sync_backend_host.h
index 0b8f94e..3edd648 100644
--- a/chrome/browser/sync/glue/sync_backend_host.h
+++ b/chrome/browser/sync/glue/sync_backend_host.h
@@ -226,7 +226,7 @@ class SyncBackendHost : public browser_sync::ModelSafeWorkerRegistrar {
         const sessions::SyncSessionSnapshot* snapshot);
     virtual void OnInitializationComplete();
     virtual void OnAuthError(const GoogleServiceAuthError& auth_error);
-    virtual void OnPassphraseRequired();
+    virtual void OnPassphraseRequired(bool for_decryption);
     virtual void OnPassphraseAccepted(const std::string& bootstrap_token);
     virtual void OnPaused();
     virtual void OnResumed();
@@ -368,8 +368,10 @@ class SyncBackendHost : public browser_sync::ModelSafeWorkerRegistrar {
     void HandleAuthErrorEventOnFrontendLoop(
         const GoogleServiceAuthError& new_auth_error);
 
-    // Invoked when a passphrase is required to decrypt a set of Nigori keys.
-    void NotifyPassphraseRequired();
+    // Invoked when a passphrase is required to decrypt a set of Nigori keys,
+    // or for encrypting.  If the reason is decryption, |for_decryption| will
+    // be true.
+    void NotifyPassphraseRequired(bool for_decryption);
 
     // Invoked when the passphrase provided by the user has been accepted.
     void NotifyPassphraseAccepted(const std::string& bootstrap_token);
diff --git a/chrome/browser/sync/profile_sync_service.cc b/chrome/browser/sync/profile_sync_service.cc
index 7457d4f..b8d98c8 100644
--- a/chrome/browser/sync/profile_sync_service.cc
+++ b/chrome/browser/sync/profile_sync_service.cc
@@ -65,6 +65,7 @@ ProfileSyncService::ProfileSyncService(ProfileSyncFactory* factory,
                                        const std::string& cros_user)
     : last_auth_error_(AuthError::None()),
       observed_passphrase_required_(false),
+      passphrase_required_for_decryption_(false),
       factory_(factory),
       profile_(profile),
       cros_user_(cros_user),
@@ -1021,6 +1022,7 @@ void ProfileSyncService::Observe(NotificationType type,
       DCHECK(backend_.get());
       DCHECK(backend_->IsNigoriEnabled());
       observed_passphrase_required_ = true;
+      passphrase_required_for_decryption_ = *(Details<bool>(details).ptr());
 
       if (!cached_passphrase_.value.empty()) {
         SetPassphrase(cached_passphrase_.value,
diff --git a/chrome/browser/sync/profile_sync_service.h b/chrome/browser/sync/profile_sync_service.h
index 02ad336..c4d8efd 100644
--- a/chrome/browser/sync/profile_sync_service.h
+++ b/chrome/browser/sync/profile_sync_service.h
@@ -252,6 +252,10 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
     return observed_passphrase_required_;
   }
 
+  bool passphrase_required_for_decryption() const {
+    return passphrase_required_for_decryption_;
+  }
+
   // A timestamp marking the last time the service observed a transition from
   // the SYNCING state to the READY state. Note that this does not reflect the
   // last time we polled the server to see if there were any changes; the
@@ -405,6 +409,10 @@ class ProfileSyncService : public browser_sync::SyncFrontend,
   // backend, telling us that it is safe to send a passphrase down ASAP.
   bool observed_passphrase_required_;
 
+  // Was the last SYNC_PASSPHRASE_REQUIRED notification sent because it
+  // was required for decryption?
+  bool passphrase_required_for_decryption_;
+
  private:
   friend class ProfileSyncServiceTest;
   friend class ProfileSyncServicePasswordTest;
diff --git a/chrome/browser/sync/profile_sync_service_harness.cc b/chrome/browser/sync/profile_sync_service_harness.cc
index c759e5d..4ac3915 100644
--- a/chrome/browser/sync/profile_sync_service_harness.cc
+++ b/chrome/browser/sync/profile_sync_service_harness.cc
@@ -134,12 +134,14 @@ bool ProfileSyncServiceHarness::SetupSync() {
   return SetupSync(synced_datatypes);
 }
 
-void ProfileSyncServiceHarness::StartObservingPassphraseAcceptance() {
+void ProfileSyncServiceHarness::StartObservingPassphraseEvents() {
   // Prime the counter to account for the implicit set passphrase due to
   // gaia login.
   passphrase_acceptance_counter_--;
   registrar_.Add(this, NotificationType::SYNC_PASSPHRASE_ACCEPTED,
       Source<browser_sync::SyncBackendHost>(service_->backend()));
+  registrar_.Add(this, NotificationType::SYNC_PASSPHRASE_REQUIRED,
+      Source<browser_sync::SyncBackendHost>(service_->backend()));
 }
 
 bool ProfileSyncServiceHarness::SetupSync(
@@ -174,8 +176,32 @@ bool ProfileSyncServiceHarness::SetupSync(
       (syncable::MODEL_TYPE_COUNT - syncable::FIRST_REAL_MODEL_TYPE));
   service()->OnUserChoseDatatypes(sync_everything, synced_datatypes);
 
-  // Wait for initial sync cycle to complete.
+  // Wait for a passphrase to be required.
+  DCHECK_EQ(wait_state_, WAITING_FOR_PASSPHRASE_REQUIRED);
+  if (!AwaitStatusChangeWithTimeout(kLiveSyncOperationTimeoutMs,
+      "Waiting for Passphrase required.")) {
+    LOG(ERROR) << "Passphrase required not seen after "
+               << kLiveSyncOperationTimeoutMs / 1000
+               << " seconds.";
+    return false;
+  }
+
+  DCHECK(service()->observed_passphrase_required());
+  if (id_ == 0)
+    DCHECK(!service()->passphrase_required_for_decryption());
+
+  // Wait for initial gaia passphrase to be accepted.
+  DCHECK_EQ(wait_state_, WAITING_FOR_PASSPHRASE_ACCEPTED);
+  if (!AwaitStatusChangeWithTimeout(kLiveSyncOperationTimeoutMs,
+      "Waiting for Passphrase accept.")) {
+    LOG(ERROR) << "Passphrase accept not seen after "
+               << kLiveSyncOperationTimeoutMs / 1000
+               << " seconds.";
+    return false;
+  }
+
   DCHECK_EQ(wait_state_, WAITING_FOR_INITIAL_SYNC);
+  // Wait for initial sync cycle to be completed.
   if (!AwaitStatusChangeWithTimeout(kLiveSyncOperationTimeoutMs,
       "Waiting for initial sync cycle to complete.")) {
     LOG(ERROR) << "Initial sync cycle did not complete after "
@@ -206,10 +232,9 @@ bool ProfileSyncServiceHarness::RunStateChangeMachine() {
     case WAITING_FOR_ON_BACKEND_INITIALIZED: {
       LogClientInfo("WAITING_FOR_ON_BACKEND_INITIALIZED");
       if (service()->sync_initialized()) {
-        // The sync backend is initialized. Start waiting for the first sync
-        // cycle to complete.
-        StartObservingPassphraseAcceptance();
-        SignalStateCompleteWithNextState(WAITING_FOR_INITIAL_SYNC);
+        // The sync backend is initialized.  Watch for passphrase events.
+        StartObservingPassphraseEvents();
+        SignalStateCompleteWithNextState(WAITING_FOR_PASSPHRASE_REQUIRED);
       }
       break;
     }
@@ -260,10 +285,16 @@ bool ProfileSyncServiceHarness::RunStateChangeMachine() {
       LogClientInfo("FULLY_SYNCED");
       break;
     }
+    case WAITING_FOR_PASSPHRASE_REQUIRED: {
+      LogClientInfo("WAITING_FOR_PASSPHRASE_REQUIRED");
+      if (service_->observed_passphrase_required())
+        SignalStateCompleteWithNextState(WAITING_FOR_PASSPHRASE_ACCEPTED);
+      break;
+    }
     case WAITING_FOR_PASSPHRASE_ACCEPTED: {
       LogClientInfo("WAITING_FOR_PASSPHRASE_ACCEPTED");
       if (passphrase_acceptance_counter_ >= 0)
-        SignalStateCompleteWithNextState(FULLY_SYNCED);
+        SignalStateCompleteWithNextState(WAITING_FOR_INITIAL_SYNC);
       break;
     }
     case SYNC_DISABLED: {
@@ -298,10 +329,14 @@ bool ProfileSyncServiceHarness::AwaitPassphraseAccepted() {
 }
 
 void ProfileSyncServiceHarness::Observe(NotificationType type,
-    const NotificationSource& source, const NotificationDetails& details) {
-  DCHECK_EQ(NotificationType::SYNC_PASSPHRASE_ACCEPTED, type.value);
-  passphrase_acceptance_counter_++;
-  RunStateChangeMachine();
+                                        const NotificationSource& source,
+                                        const NotificationDetails& details) {
+  if (NotificationType::SYNC_PASSPHRASE_ACCEPTED == type.value) {
+    passphrase_acceptance_counter_++;
+    RunStateChangeMachine();
+  } else if (NotificationType::SYNC_PASSPHRASE_REQUIRED == type.value) {
+    RunStateChangeMachine();
+  }
 }
 
 bool ProfileSyncServiceHarness::AwaitSyncCycleCompletion(
diff --git a/chrome/browser/sync/profile_sync_service_harness.h b/chrome/browser/sync/profile_sync_service_harness.h
index 383c786..1eb7dec 100644
--- a/chrome/browser/sync/profile_sync_service_harness.h
+++ b/chrome/browser/sync/profile_sync_service_harness.h
@@ -132,6 +132,12 @@ class ProfileSyncServiceHarness : public ProfileSyncServiceObserver,
     // The sync client awaits the OnBackendInitialized() callback.
     WAITING_FOR_ON_BACKEND_INITIALIZED,
 
+    // Waiting for a passphrase to be required.
+    WAITING_FOR_PASSPHRASE_REQUIRED,
+
+    // Waiting for a set passphrase to be accepted by the cryptographer.
+    WAITING_FOR_PASSPHRASE_ACCEPTED,
+
     // The sync client is waiting for the first sync cycle to complete.
     WAITING_FOR_INITIAL_SYNC,
 
@@ -147,9 +153,6 @@ class ProfileSyncServiceHarness : public ProfileSyncServiceObserver,
     // The sync client is fully synced and there are no pending updates.
     FULLY_SYNCED,
 
-    // Waiting for a set passphrase to be accepted by the cryptographer.
-    WAITING_FOR_PASSPHRASE_ACCEPTED,
-
     // Syncing is disabled for the client.
     SYNC_DISABLED,
 
@@ -180,7 +183,7 @@ class ProfileSyncServiceHarness : public ProfileSyncServiceObserver,
   // Returns the new value of |last_timestamp_|.
   int64 GetUpdatedTimestamp();
 
-  void StartObservingPassphraseAcceptance();
+  void StartObservingPassphraseEvents();
 
   WaitState wait_state_;
 
diff --git a/chrome/common/notification_type.h b/chrome/common/notification_type.h
index 8655aa9..8fa72a2 100644
--- a/chrome/common/notification_type.h
+++ b/chrome/common/notification_type.h
@@ -1123,8 +1123,9 @@ class NotificationType {
     // The syncer requires a passphrase to decrypt sensitive updates. This
     // notification is sent when the first sensitive data type is setup by the
     // user as well as anytime any the passphrase is changed in another synced
-    // client.  The source is the SyncBackendHost wanting a passphrase.  No
-    // details.
+    // client.  The source is the SyncBackendHost wanting a passphrase.  The
+    // details are a boolean: true if the passphrase is required for decryption,
+    // false if only required for encryption.
     SYNC_PASSPHRASE_REQUIRED,
 
     // Sent when the passphrase provided by the user is accepted. After this