[Sync] Implement keystore migration support.

We'll now trigger migration if the keystore key is available, the cryptographer
is ready, and the nigori node isn't already properly migrated. Note that this
means we won't trigger migration without at least the implicit gaia password
already available to the cryptographer, in order to support backwards
compatibility with older clients. Eventually that will change.

In addition, once a nigori node has been migrated, any client that supports
keystore encryption will follow the new encryption constraints, whether
or not the --sync-keystore-encryption flag is passed. This means that if
the user sets a custom passphrase, encrypt everything will also be enabled
(and vice versa).

Migration-aware conflict resolution is not implemented yet.

BUG=129665


Review URL: https://chromiumcodereview.appspot.com/10916036

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156646 0039d316-1c4b-4281-b951-d872f2087c98

5 files changed, 54 insertions, 9 deletions

diff --git a/sync/protocol/client_debug_info.proto b/sync/protocol/client_debug_info.proto
index 9792aaa..94635b7 100644
--- a/sync/protocol/client_debug_info.proto
+++ b/sync/protocol/client_debug_info.proto
@@ -62,7 +62,7 @@ message DebugEventInfo {
     ACTIONABLE_ERROR = 8; // Client received an actionable error.
     BOOTSTRAP_TOKEN_UPDATED = 9;  // A new cryptographer bootstrap token was
                                   // generated.
-    PASSPHRASE_STATE_CHANGED = 10;  // The encryption passphrase state changed.
+    PASSPHRASE_TYPE_CHANGED = 10;  // The encryption passphrase state changed.
     KEYSTORE_TOKEN_UPDATED = 11;  // A new keystore encryption token was
                                   // persisted.
   }
diff --git a/sync/protocol/nigori_specifics.proto b/sync/protocol/nigori_specifics.proto
index 4f63ff4..e757f7a5 100644
--- a/sync/protocol/nigori_specifics.proto
+++ b/sync/protocol/nigori_specifics.proto
@@ -47,10 +47,12 @@ message DeviceInformation {
 
 // Properties of nigori sync object.
 message NigoriSpecifics {
-  optional EncryptedData encrypted = 1;
-  // True if |encrypted| is encrypted using a passphrase
-  // explicitly set by the user.
-  optional bool using_explicit_passphrase = 2;
+  optional EncryptedData encryption_keybag = 1;
+  // Once keystore migration is performed, we have to freeze the keybag so that
+  // older clients (that don't support keystore encryption) do not attempt to
+  // update the keybag.
+  // Previously |using_explicit_passphrase|.
+  optional bool keybag_is_frozen = 2;
 
   // Obsolete encryption fields. These were deprecated due to legacy versions
   // that understand their usage but did not perform encryption properly.
@@ -91,8 +93,32 @@ message NigoriSpecifics {
   // User device information. Contains information about each device that has a
   // sync-enabled Chrome browser connected to the user account.
   repeated DeviceInformation device_information = 28;
-  
+
   // Enable syncing favicons as part of tab sync.
   optional bool sync_tab_favicons = 29;
+
+  // The state of the passphrase required to decrypt |encryption_keybag|.
+  enum PassphraseType {
+    // Gaia-based encryption passphrase. Deprecated.
+    IMPLICIT_PASSPHRASE = 1;
+    // Keystore key encryption passphrase. Uses |keystore_bootstrap| to
+    // decrypt |encryption_keybag|.
+    KEYSTORE_PASSPHRASE = 2;
+    // Previous Gaia-based passphrase frozen and treated as a custom passphrase.
+    FROZEN_IMPLICIT_PASSPHRASE  = 3;
+    // User provided custom passphrase.
+    CUSTOM_PASSPHRASE = 4;
+  }
+  optional PassphraseType passphrase_type = 30
+      [default = IMPLICIT_PASSPHRASE];
+
+  // The keystore decryptor token blob. Encrypted with the keystore key, and
+  // contains the encryption key used to decrypt |encryption_keybag|.
+  // Only set if passphrase_state == KEYSTORE_PASSPHRASE.
+  optional EncryptedData keystore_decryptor_token = 31;
+
+  // The time (in epoch milliseconds) at which the keystore migration was
+  // performed.
+  optional int64 keystore_migration_time = 32;
 }
 
diff --git a/sync/protocol/proto_enum_conversions.cc b/sync/protocol/proto_enum_conversions.cc
index 42d8ab5..2287b83 100644
--- a/sync/protocol/proto_enum_conversions.cc
+++ b/sync/protocol/proto_enum_conversions.cc
@@ -167,6 +167,20 @@ const char* GetFaviconTypeString(
   return "";
 }
 
+const char* PassphraseTypeString(
+    sync_pb::NigoriSpecifics::PassphraseType type) {
+  ASSERT_ENUM_BOUNDS(sync_pb::NigoriSpecifics, PassphraseType,
+                     IMPLICIT_PASSPHRASE, CUSTOM_PASSPHRASE);
+  switch (type) {
+    ENUM_CASE(sync_pb::NigoriSpecifics, IMPLICIT_PASSPHRASE);
+    ENUM_CASE(sync_pb::NigoriSpecifics, KEYSTORE_PASSPHRASE);
+    ENUM_CASE(sync_pb::NigoriSpecifics, FROZEN_IMPLICIT_PASSPHRASE);
+    ENUM_CASE(sync_pb::NigoriSpecifics, CUSTOM_PASSPHRASE);
+  }
+  NOTREACHED();
+  return "";
+}
+
 #undef ASSERT_ENUM_BOUNDS
 #undef ENUM_CASE
 
diff --git a/sync/protocol/proto_enum_conversions.h b/sync/protocol/proto_enum_conversions.h
index d2b4189..cabe91b 100644
--- a/sync/protocol/proto_enum_conversions.h
+++ b/sync/protocol/proto_enum_conversions.h
@@ -44,6 +44,9 @@ const char* GetDeviceTypeString(
 const char* GetFaviconTypeString(
     sync_pb::SessionTab::FaviconType favicon_type);
 
+const char* PassphraseTypeString(
+    sync_pb::NigoriSpecifics::PassphraseType type);
+
 }  // namespace syncer
 
 #endif  // SYNC_PROTOCOL_PROTO_ENUM_CONVERSIONS_H_
diff --git a/sync/protocol/proto_value_conversions.cc b/sync/protocol/proto_value_conversions.cc
index cee2139..22de2bd 100644
--- a/sync/protocol/proto_value_conversions.cc
+++ b/sync/protocol/proto_value_conversions.cc
@@ -293,8 +293,8 @@ DictionaryValue* ExtensionSpecificsToValue(
 DictionaryValue* NigoriSpecificsToValue(
     const sync_pb::NigoriSpecifics& proto) {
   DictionaryValue* value = new DictionaryValue();
-  SET(encrypted, EncryptedDataToValue);
-  SET_BOOL(using_explicit_passphrase);
+  SET(encryption_keybag, EncryptedDataToValue);
+  SET_BOOL(keybag_is_frozen);
   SET_BOOL(encrypt_bookmarks);
   SET_BOOL(encrypt_preferences);
   SET_BOOL(encrypt_autofill_profile);
@@ -310,6 +310,9 @@ DictionaryValue* NigoriSpecificsToValue(
   SET_BOOL(encrypt_everything);
   SET_REP(device_information, DeviceInformationToValue);
   SET_BOOL(sync_tab_favicons);
+  SET_ENUM(passphrase_type, PassphraseTypeString);
+  SET(keystore_decryptor_token, EncryptedDataToValue);
+  SET_INT64(keystore_migration_time);
   return value;
 }
 
@@ -579,7 +582,6 @@ DictionaryValue* ClientToServerMessageToValue(
   return value;
 }
 
-
 #undef SET
 #undef SET_REP