1// Copyright 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5// Various utility methods for nigori-based multi-type encryption. 6 7#ifndef SYNC_SYNCABLE_NIGORI_UTIL_H_ 8#define SYNC_SYNCABLE_NIGORI_UTIL_H_ 9 10#include "base/compiler_specific.h" 11#include "sync/base/sync_export.h" 12#include "sync/internal_api/public/base/model_type.h" 13#include "sync/protocol/nigori_specifics.pb.h" 14 15namespace sync_pb { 16class EntitySpecifics; 17} 18 19namespace syncer { 20class Cryptographer; 21 22namespace syncable { 23 24const char kEncryptedString[] = "encrypted"; 25 26class BaseTransaction; 27class Entry; 28class MutableEntry; 29class WriteTransaction; 30 31// Check if our unsyced changes are encrypted if they need to be based on 32// |encrypted_types|. 33// Returns: true if all unsynced data that should be encrypted is. 34// false if some unsynced changes need to be encrypted. 35// This method is similar to ProcessUnsyncedChangesForEncryption but does not 36// modify the data and does not care if data is unnecessarily encrypted. 37SYNC_EXPORT_PRIVATE bool VerifyUnsyncedChangesAreEncrypted( 38 BaseTransaction* const trans, 39 ModelTypeSet encrypted_types); 40 41// Processes all unsynced changes and ensures they are appropriately encrypted 42// or unencrypted, based on |encrypted_types|. 43bool ProcessUnsyncedChangesForEncryption( 44 WriteTransaction* const trans); 45 46// Returns true if the entry requires encryption but is not encrypted, false 47// otherwise. Note: this does not check that already encrypted entries are 48// encrypted with the proper key. 49bool EntryNeedsEncryption(ModelTypeSet encrypted_types, 50 const Entry& entry); 51 52// Same as EntryNeedsEncryption, but looks at specifics. 53SYNC_EXPORT_PRIVATE bool SpecificsNeedsEncryption( 54 ModelTypeSet encrypted_types, 55 const sync_pb::EntitySpecifics& specifics); 56 57// Verifies all data of type |type| is encrypted appropriately. 58SYNC_EXPORT_PRIVATE bool VerifyDataTypeEncryptionForTest( 59 BaseTransaction* const trans, 60 ModelType type, 61 bool is_encrypted) WARN_UNUSED_RESULT; 62 63// Stores |new_specifics| into |entry|, encrypting if necessary. 64// Returns false if an error encrypting occurred (does not modify |entry|). 65// Note: gracefully handles new_specifics aliasing with entry->GetSpecifics(). 66bool UpdateEntryWithEncryption( 67 BaseTransaction* const trans, 68 const sync_pb::EntitySpecifics& new_specifics, 69 MutableEntry* entry); 70 71// Updates |nigori| to match the encryption state specified by |encrypted_types| 72// and |encrypt_everything|. 73SYNC_EXPORT_PRIVATE void UpdateNigoriFromEncryptedTypes( 74 ModelTypeSet encrypted_types, 75 bool encrypt_everything, 76 sync_pb::NigoriSpecifics* nigori); 77 78// Extracts the set of encrypted types from a nigori node. 79ModelTypeSet GetEncryptedTypesFromNigori( 80 const sync_pb::NigoriSpecifics& nigori); 81 82} // namespace syncable 83} // namespace syncer 84 85#endif // SYNC_SYNCABLE_NIGORI_UTIL_H_ 86