Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / sync / syncable / nigori_util.h
blob7f57a722b279396b382cc839a18b0f4bbb37859f
1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // Various utility methods for nigori-based multi-type encryption.
7 #ifndef SYNC_SYNCABLE_NIGORI_UTIL_H_
8 #define SYNC_SYNCABLE_NIGORI_UTIL_H_
10 #include "base/compiler_specific.h"
11 #include "sync/base/sync_export.h"
12 #include "sync/internal_api/public/base/model_type.h"
13 #include "sync/protocol/nigori_specifics.pb.h"
15 namespace sync_pb {
16 class EntitySpecifics;
19 namespace syncer {
20 class Cryptographer;
22 namespace syncable {
24 const char kEncryptedString[] = "encrypted";
26 class BaseTransaction;
27 class Entry;
28 class MutableEntry;
29 class WriteTransaction;
31 // Check if our unsyced changes are encrypted if they need to be based on
32 // |encrypted_types|.
33 // Returns: true if all unsynced data that should be encrypted is.
34 // false if some unsynced changes need to be encrypted.
35 // This method is similar to ProcessUnsyncedChangesForEncryption but does not
36 // modify the data and does not care if data is unnecessarily encrypted.
37 SYNC_EXPORT_PRIVATE bool VerifyUnsyncedChangesAreEncrypted(
38 BaseTransaction* const trans,
39 ModelTypeSet encrypted_types);
41 // Processes all unsynced changes and ensures they are appropriately encrypted
42 // or unencrypted, based on |encrypted_types|.
43 bool ProcessUnsyncedChangesForEncryption(
44 WriteTransaction* const trans);
46 // Returns true if the entry requires encryption but is not encrypted, false
47 // otherwise. Note: this does not check that already encrypted entries are
48 // encrypted with the proper key.
49 bool EntryNeedsEncryption(ModelTypeSet encrypted_types,
50 const Entry& entry);
52 // Same as EntryNeedsEncryption, but looks at specifics.
53 SYNC_EXPORT_PRIVATE bool SpecificsNeedsEncryption(
54 ModelTypeSet encrypted_types,
55 const sync_pb::EntitySpecifics& specifics);
57 // Verifies all data of type |type| is encrypted appropriately.
58 SYNC_EXPORT_PRIVATE bool VerifyDataTypeEncryptionForTest(
59 BaseTransaction* const trans,
60 ModelType type,
61 bool is_encrypted) WARN_UNUSED_RESULT;
63 // Stores |new_specifics| into |entry|, encrypting if necessary.
64 // Returns false if an error encrypting occurred (does not modify |entry|).
65 // Note: gracefully handles new_specifics aliasing with entry->GetSpecifics().
66 bool UpdateEntryWithEncryption(
67 BaseTransaction* const trans,
68 const sync_pb::EntitySpecifics& new_specifics,
69 MutableEntry* entry);
71 // Updates |nigori| to match the encryption state specified by |encrypted_types|
72 // and |encrypt_everything|.
73 SYNC_EXPORT_PRIVATE void UpdateNigoriFromEncryptedTypes(
74 ModelTypeSet encrypted_types,
75 bool encrypt_everything,
76 sync_pb::NigoriSpecifics* nigori);
78 // Extracts the set of encrypted types from a nigori node.
79 ModelTypeSet GetEncryptedTypesFromNigori(
80 const sync_pb::NigoriSpecifics& nigori);
82 } // namespace syncable
83 } // namespace syncer
85 #endif // SYNC_SYNCABLE_NIGORI_UTIL_H_