summaryrefslogtreecommitdiffstats
path: root/sync/util/cryptographer.cc
diff options
context:
space:
mode:
Diffstat (limited to 'sync/util/cryptographer.cc')
-rw-r--r--sync/util/cryptographer.cc178
1 files changed, 25 insertions, 153 deletions
diff --git a/sync/util/cryptographer.cc b/sync/util/cryptographer.cc
index c512ab6..0cdb389 100644
--- a/sync/util/cryptographer.cc
+++ b/sync/util/cryptographer.cc
@@ -8,6 +8,8 @@
#include "base/base64.h"
#include "base/logging.h"
+#include "sync/protocol/nigori_specifics.pb.h"
+#include "sync/syncable/nigori_handler.h"
#include "sync/util/encryptor.h"
namespace syncer {
@@ -20,27 +22,37 @@ const char kNigoriTag[] = "google_chrome_nigori";
// assign the same name to a particular triplet.
const char kNigoriKeyName[] = "nigori-key";
-Cryptographer::Observer::~Observer() {}
-
Cryptographer::Cryptographer(Encryptor* encryptor)
: encryptor_(encryptor),
default_nigori_(NULL),
keystore_nigori_(NULL),
- encrypted_types_(SensitiveTypes()),
- encrypt_everything_(false) {
+ nigori_node_handler_(NULL) {
DCHECK(encryptor);
}
Cryptographer::~Cryptographer() {}
-void Cryptographer::AddObserver(Observer* observer) {
- observers_.AddObserver(observer);
+void Cryptographer::SetNigoriHandler(syncable::NigoriHandler* delegate) {
+ nigori_node_handler_ = delegate;
+}
+
+void Cryptographer::ApplyNigoriUpdate(
+ const sync_pb::NigoriSpecifics& nigori,
+ syncable::BaseTransaction* const trans) {
+ nigori_node_handler_->ApplyNigoriUpdate(nigori, trans);
+}
+
+ModelTypeSet Cryptographer::GetEncryptedTypes() const {
+ return nigori_node_handler_->GetEncryptedTypes();
}
-void Cryptographer::RemoveObserver(Observer* observer) {
- observers_.RemoveObserver(observer);
+void Cryptographer::UpdateNigoriFromEncryptedTypes(
+ sync_pb::NigoriSpecifics* nigori,
+ syncable::BaseTransaction* const trans) const {
+ nigori_node_handler_->UpdateNigoriFromEncryptedTypes(nigori, trans);
}
+
void Cryptographer::Bootstrap(const std::string& restored_bootstrap_token) {
if (is_initialized()) {
NOTREACHED();
@@ -194,6 +206,11 @@ void Cryptographer::InstallKeys(const sync_pb::EncryptedData& encrypted) {
InstallKeyBag(bag);
}
+void Cryptographer::SetDefaultKey(const std::string& key_name) {
+ DCHECK(nigoris_.end() != nigoris_.find(key_name));
+ default_nigori_ = &*nigoris_.find(key_name);
+}
+
void Cryptographer::SetPendingKeys(const sync_pb::EncryptedData& encrypted) {
DCHECK(!CanDecrypt(encrypted));
pending_keys_.reset(new sync_pb::EncryptedData(encrypted));
@@ -311,29 +328,6 @@ Nigori* Cryptographer::UnpackBootstrapToken(const std::string& token) const {
return nigori.release();
}
-Cryptographer::UpdateResult Cryptographer::Update(
- const sync_pb::NigoriSpecifics& nigori) {
- UpdateEncryptedTypesFromNigori(nigori);
- if (!nigori.encrypted().blob().empty()) {
- if (CanDecrypt(nigori.encrypted())) {
- InstallKeys(nigori.encrypted());
- // We only update the default passphrase if this was a new explicit
- // passphrase. Else, since it was decryptable, it must not have been a new
- // key.
- if (nigori.using_explicit_passphrase()) {
- std::string new_default_key_name = nigori.encrypted().key_name();
- DCHECK(nigoris_.end() != nigoris_.find(new_default_key_name));
- default_nigori_ = &*nigoris_.find(new_default_key_name);
- }
- return Cryptographer::SUCCESS;
- } else {
- SetPendingKeys(nigori.encrypted());
- return Cryptographer::NEEDS_PASSPHRASE;
- }
- }
- return Cryptographer::SUCCESS;
-}
-
bool Cryptographer::SetKeystoreKey(const std::string& keystore_key) {
if (keystore_key.empty())
return false;
@@ -355,128 +349,6 @@ bool Cryptographer::HasKeystoreKey() const {
return keystore_nigori_ != NULL;
}
-// Static
-ModelTypeSet Cryptographer::SensitiveTypes() {
- // Both of these have their own encryption schemes, but we include them
- // anyways.
- ModelTypeSet types;
- types.Put(PASSWORDS);
- types.Put(NIGORI);
- return types;
-}
-
-void Cryptographer::UpdateEncryptedTypesFromNigori(
- const sync_pb::NigoriSpecifics& nigori) {
- if (nigori.encrypt_everything()) {
- set_encrypt_everything();
- return;
- }
-
- ModelTypeSet encrypted_types(SensitiveTypes());
- if (nigori.encrypt_bookmarks())
- encrypted_types.Put(BOOKMARKS);
- if (nigori.encrypt_preferences())
- encrypted_types.Put(PREFERENCES);
- if (nigori.encrypt_autofill_profile())
- encrypted_types.Put(AUTOFILL_PROFILE);
- if (nigori.encrypt_autofill())
- encrypted_types.Put(AUTOFILL);
- if (nigori.encrypt_themes())
- encrypted_types.Put(THEMES);
- if (nigori.encrypt_typed_urls())
- encrypted_types.Put(TYPED_URLS);
- if (nigori.encrypt_extension_settings())
- encrypted_types.Put(EXTENSION_SETTINGS);
- if (nigori.encrypt_extensions())
- encrypted_types.Put(EXTENSIONS);
- if (nigori.encrypt_search_engines())
- encrypted_types.Put(SEARCH_ENGINES);
- if (nigori.encrypt_sessions())
- encrypted_types.Put(SESSIONS);
- if (nigori.encrypt_app_settings())
- encrypted_types.Put(APP_SETTINGS);
- if (nigori.encrypt_apps())
- encrypted_types.Put(APPS);
- if (nigori.encrypt_app_notifications())
- encrypted_types.Put(APP_NOTIFICATIONS);
-
- // Note: the initial version with encryption did not support the
- // encrypt_everything field. If anything more than the sensitive types were
- // encrypted, it meant we were encrypting everything.
- if (!nigori.has_encrypt_everything() &&
- !Difference(encrypted_types, SensitiveTypes()).Empty()) {
- set_encrypt_everything();
- return;
- }
-
- MergeEncryptedTypes(encrypted_types);
-}
-
-void Cryptographer::UpdateNigoriFromEncryptedTypes(
- sync_pb::NigoriSpecifics* nigori) const {
- nigori->set_encrypt_everything(encrypt_everything_);
- nigori->set_encrypt_bookmarks(
- encrypted_types_.Has(BOOKMARKS));
- nigori->set_encrypt_preferences(
- encrypted_types_.Has(PREFERENCES));
- nigori->set_encrypt_autofill_profile(
- encrypted_types_.Has(AUTOFILL_PROFILE));
- nigori->set_encrypt_autofill(encrypted_types_.Has(AUTOFILL));
- nigori->set_encrypt_themes(encrypted_types_.Has(THEMES));
- nigori->set_encrypt_typed_urls(
- encrypted_types_.Has(TYPED_URLS));
- nigori->set_encrypt_extension_settings(
- encrypted_types_.Has(EXTENSION_SETTINGS));
- nigori->set_encrypt_extensions(
- encrypted_types_.Has(EXTENSIONS));
- nigori->set_encrypt_search_engines(
- encrypted_types_.Has(SEARCH_ENGINES));
- nigori->set_encrypt_sessions(encrypted_types_.Has(SESSIONS));
- nigori->set_encrypt_app_settings(
- encrypted_types_.Has(APP_SETTINGS));
- nigori->set_encrypt_apps(encrypted_types_.Has(APPS));
- nigori->set_encrypt_app_notifications(
- encrypted_types_.Has(APP_NOTIFICATIONS));
-}
-
-void Cryptographer::set_encrypt_everything() {
- if (encrypt_everything_) {
- DCHECK(encrypted_types_.Equals(ModelTypeSet::All()));
- return;
- }
- encrypt_everything_ = true;
- // Change |encrypted_types_| directly to avoid sending more than one
- // notification.
- encrypted_types_ = ModelTypeSet::All();
- EmitEncryptedTypesChangedNotification();
-}
-
-bool Cryptographer::encrypt_everything() const {
- return encrypt_everything_;
-}
-
-ModelTypeSet Cryptographer::GetEncryptedTypes() const {
- return encrypted_types_;
-}
-
-void Cryptographer::MergeEncryptedTypesForTest(ModelTypeSet encrypted_types) {
- MergeEncryptedTypes(encrypted_types);
-}
-
-void Cryptographer::MergeEncryptedTypes(ModelTypeSet encrypted_types) {
- if (encrypted_types_.HasAll(encrypted_types)) {
- return;
- }
- encrypted_types_ = encrypted_types;
- EmitEncryptedTypesChangedNotification();
-}
-
-void Cryptographer::EmitEncryptedTypesChangedNotification() {
- FOR_EACH_OBSERVER(
- Observer, observers_,
- OnEncryptedTypesChanged(encrypted_types_, encrypt_everything_));
-}
-
void Cryptographer::InstallKeyBag(const sync_pb::NigoriKeyBag& bag) {
int key_size = bag.key_size();
for (int i = 0; i < key_size; ++i) {
generated by cgit v1.1 at 2024-09-20 11:25:02 +0000