components/sync/driver/trusted_vault_client.h - chromium/src - Git at Google

 // Copyright 2019 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef COMPONENTS_SYNC_DRIVER_TRUSTED_VAULT_CLIENT_H_
 #define COMPONENTS_SYNC_DRIVER_TRUSTED_VAULT_CLIENT_H_

 #include <memory>
 #include <string>
 #include <vector>

 #include "base/callback_forward.h"
 #include "base/macros.h"
 #include "base/observer_list_types.h"

 struct CoreAccountInfo;

 namespace syncer {

 // Interface that allows platform-specific logic related to accessing locally
 // available trusted vault encryption keys.
 class TrustedVaultClient {
  public:
   class Observer : public base::CheckedObserver {
    public:
     Observer() = default;
     Observer(const Observer&) = delete;
     Observer& operator=(const Observer&) = delete;
     ~Observer() override = default;

     // Invoked when the keys inside the vault have changed.
     virtual void OnTrustedVaultKeysChanged() = 0;

     // Invoked when the recoverability of the keys has changed.
     virtual void OnTrustedVaultRecoverabilityChanged() = 0;
   };

   TrustedVaultClient() = default;
   virtual ~TrustedVaultClient() = default;

   // Adds/removes an observer.
   virtual void AddObserver(Observer* observer) = 0;
   virtual void RemoveObserver(Observer* observer) = 0;

   // Attempts to fetch decryption keys, required by sync to resume.
   // Implementations are expected to NOT prompt the user for actions. |cb| is
   // called on completion with known keys or an empty list if none known.
   virtual void FetchKeys(
       const CoreAccountInfo& account_info,
       base::OnceCallback<void(const std::vector<std::vector<uint8_t>>&)>
           cb) = 0;

   // Invoked when the result of FetchKeys() contains keys that cannot decrypt
   // the pending cryptographer (Nigori) keys, which should only be possible if
   // the provided keys are not up-to-date. |cb| is run upon completion and
   // returns false if the call did not make any difference (e.g. the operation
   // is unsupported) or true if some change may have occurred (which indicates a
   // second FetchKeys() attempt is worth). During the execution, before |cb| is
   // invoked, the behavior is unspecified if FetchKeys() is invoked, that is,
   // FetchKeys() may or may not treat existing keys as stale (only guaranteed
   // upon completion of MarkKeysAsStale()).
   virtual void MarkKeysAsStale(const CoreAccountInfo& account_info,
                                base::OnceCallback<void(bool)> cb) = 0;

   // Allows implementations to store encryption keys fetched by other means such
   // as Web interactions. Implementations are free to completely ignore these
   // keys, so callers may not assume that later calls to FetchKeys() would
   // necessarily return the keys passed here.
   virtual void StoreKeys(const std::string& gaia_id,
                          const std::vector<std::vector<uint8_t>>& keys,
                          int last_key_version) = 0;

   // Returns whether recoverability of the keys is degraded and user action is
   // required to add a new method. This may be called frequently and
   // implementations are responsible for implementing caching and possibly
   // throttling.
   virtual void GetIsRecoverabilityDegraded(
       const CoreAccountInfo& account_info,
       base::OnceCallback<void(bool)> cb) = 0;

   // Registers a new trusted recovery method that can be used to retrieve keys,
   // usually for the purpose of resolving a recoverability-degraded case
   // surfaced by GetIsRecoverabilityDegraded(). |method_type_hint| is an opaque
   // value provided server-side that may be used for related future
   // interactions with the server.
   virtual void AddTrustedRecoveryMethod(const std::string& gaia_id,
                                         const std::vector<uint8_t>& public_key,
                                         int method_type_hint,
                                         base::OnceClosure cb) = 0;

  private:
   DISALLOW_COPY_AND_ASSIGN(TrustedVaultClient);
 };

 }  // namespace syncer

 #endif  // COMPONENTS_SYNC_DRIVER_TRUSTED_VAULT_CLIENT_H_
	// Copyright 2019 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef COMPONENTS_SYNC_DRIVER_TRUSTED_VAULT_CLIENT_H_
	#define COMPONENTS_SYNC_DRIVER_TRUSTED_VAULT_CLIENT_H_

	#include <memory>
	#include <string>
	#include <vector>

	#include "base/callback_forward.h"
	#include "base/macros.h"
	#include "base/observer_list_types.h"

	struct CoreAccountInfo;

	namespace syncer {

	// Interface that allows platform-specific logic related to accessing locally
	// available trusted vault encryption keys.
	class TrustedVaultClient {
	public:
	class Observer : public base::CheckedObserver {
	public:
	Observer() = default;
	Observer(const Observer&) = delete;
	Observer& operator=(const Observer&) = delete;
	~Observer() override = default;

	// Invoked when the keys inside the vault have changed.
	virtual void OnTrustedVaultKeysChanged() = 0;

	// Invoked when the recoverability of the keys has changed.
	virtual void OnTrustedVaultRecoverabilityChanged() = 0;
	};

	TrustedVaultClient() = default;
	virtual ~TrustedVaultClient() = default;

	// Adds/removes an observer.
	virtual void AddObserver(Observer* observer) = 0;
	virtual void RemoveObserver(Observer* observer) = 0;

	// Attempts to fetch decryption keys, required by sync to resume.
	// Implementations are expected to NOT prompt the user for actions. \|cb\| is
	// called on completion with known keys or an empty list if none known.
	virtual void FetchKeys(
	const CoreAccountInfo& account_info,
	base::OnceCallback<void(const std::vector<std::vector<uint8_t>>&)>
	cb) = 0;

	// Invoked when the result of FetchKeys() contains keys that cannot decrypt
	// the pending cryptographer (Nigori) keys, which should only be possible if
	// the provided keys are not up-to-date. \|cb\| is run upon completion and
	// returns false if the call did not make any difference (e.g. the operation
	// is unsupported) or true if some change may have occurred (which indicates a
	// second FetchKeys() attempt is worth). During the execution, before \|cb\| is
	// invoked, the behavior is unspecified if FetchKeys() is invoked, that is,
	// FetchKeys() may or may not treat existing keys as stale (only guaranteed
	// upon completion of MarkKeysAsStale()).
	virtual void MarkKeysAsStale(const CoreAccountInfo& account_info,
	base::OnceCallback<void(bool)> cb) = 0;

	// Allows implementations to store encryption keys fetched by other means such
	// as Web interactions. Implementations are free to completely ignore these
	// keys, so callers may not assume that later calls to FetchKeys() would
	// necessarily return the keys passed here.
	virtual void StoreKeys(const std::string& gaia_id,
	const std::vector<std::vector<uint8_t>>& keys,
	int last_key_version) = 0;

	// Returns whether recoverability of the keys is degraded and user action is
	// required to add a new method. This may be called frequently and
	// implementations are responsible for implementing caching and possibly
	// throttling.
	virtual void GetIsRecoverabilityDegraded(
	const CoreAccountInfo& account_info,
	base::OnceCallback<void(bool)> cb) = 0;

	// Registers a new trusted recovery method that can be used to retrieve keys,
	// usually for the purpose of resolving a recoverability-degraded case
	// surfaced by GetIsRecoverabilityDegraded(). \|method_type_hint\| is an opaque
	// value provided server-side that may be used for related future
	// interactions with the server.
	virtual void AddTrustedRecoveryMethod(const std::string& gaia_id,
	const std::vector<uint8_t>& public_key,
	int method_type_hint,
	base::OnceClosure cb) = 0;

	private:
	DISALLOW_COPY_AND_ASSIGN(TrustedVaultClient);
	};

	} // namespace syncer

	#endif // COMPONENTS_SYNC_DRIVER_TRUSTED_VAULT_CLIENT_H_