Implement second FetchKeys() pass for sync trusted vault keys

This addresses a TODO in SyncServiceCrypto about honoring the result of MarkKeysAsStale(), which is called when a previous call to FetchKeys() returns keys that are insufficient to resolve the encryption issue. If MarkKeysAsStale() reports true, it suggests another FetchKeys() attempt is worth (usually meaning some local cache was invalidated). This means another FetchKeys() call should be issued, as a second and last attempt to resolve the encryption issue. Bug: 1012659 Change-Id: Idd766233d0cacd2fb1030ca107e51efd667ad414 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2003132 Commit-Queue: Mikel Astiz <mastiz@chromium.org> Reviewed-by: Marc Treib <treib@chromium.org> Cr-Commit-Position: refs/heads/master@{#734143}

Implement second FetchKeys() pass for sync trusted vault keys
This addresses a TODO in SyncServiceCrypto about honoring the result of MarkKeysAsStale(), which is called when a previous call to FetchKeys() returns keys that are insufficient to resolve the encryption issue. If MarkKeysAsStale() reports true, it suggests another FetchKeys() attempt is worth (usually meaning some local cache was invalidated). This means another FetchKeys() call should be issued, as a second and last attempt to resolve the encryption issue. Bug: 1012659 Change-Id: Idd766233d0cacd2fb1030ca107e51efd667ad414 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2003132 Commit-Queue: Mikel Astiz <mastiz@chromium.org> Reviewed-by: Marc Treib <treib@chromium.org> Cr-Commit-Position: refs/heads/master@{#734143}
95dc5cee · Mikel Astiz · Commit Bot · 7af6a9e2 · 95dc5cee · 95dc5cee
Commit 95dc5cee authored Jan 22, 2020 by Mikel Astiz Committed by Commit Bot Jan 22, 2020
3 changed files
--- a/components/sync/driver/sync_service_crypto.cc
+++ b/components/sync/driver/sync_service_crypto.cc
@@ -585,10 +585,12 @@ void SyncServiceCrypto::FetchTrustedVaultKeys() {
  trusted_vault_client_->FetchKeys(
      state_.account_info,
      base::BindOnce(&SyncServiceCrypto::TrustedVaultKeysFetchedFromClient,
-                     weak_factory_.GetWeakPtr()));
+                     weak_factory_.GetWeakPtr(),
+                     /*is_second_fetch_attempt=*/false));
 }
 void SyncServiceCrypto::TrustedVaultKeysFetchedFromClient(
+    bool is_second_fetch_attempt,
    const std::vector<std::vector<uint8_t>>& keys) {
  if (state_.required_user_action !=
          RequiredUserAction::kFetchingTrustedVaultKeys &&
@@ -608,11 +610,12 @@ void SyncServiceCrypto::TrustedVaultKeysFetchedFromClient(
  }
  state_.engine->AddTrustedVaultDecryptionKeys(
-      keys, base::BindOnce(&SyncServiceCrypto::TrustedVaultKeysAdded,
+      keys,
-                           weak_factory_.GetWeakPtr()));
+      base::BindOnce(&SyncServiceCrypto::TrustedVaultKeysAdded,
+                     weak_factory_.GetWeakPtr(), is_second_fetch_attempt));
 }
-void SyncServiceCrypto::TrustedVaultKeysAdded() {
+void SyncServiceCrypto::TrustedVaultKeysAdded(bool is_second_fetch_attempt) {
  if (state_.required_user_action !=
          RequiredUserAction::kFetchingTrustedVaultKeys &&
      state_.required_user_action !=
@@ -626,10 +629,12 @@ void SyncServiceCrypto::TrustedVaultKeysAdded() {
  trusted_vault_client_->MarkKeysAsStale(
      state_.account_info,
      base::BindOnce(&SyncServiceCrypto::TrustedVaultKeysMarkedAsStale,
-                     weak_factory_.GetWeakPtr()));
+                     weak_factory_.GetWeakPtr(), is_second_fetch_attempt));
 }
-void SyncServiceCrypto::TrustedVaultKeysMarkedAsStale(bool result) {
+void SyncServiceCrypto::TrustedVaultKeysMarkedAsStale(
+    bool is_second_fetch_attempt,
+    bool result) {
  if (state_.required_user_action !=
          RequiredUserAction::kFetchingTrustedVaultKeys &&
      state_.required_user_action !=
@@ -637,10 +642,19 @@ void SyncServiceCrypto::TrustedVaultKeysMarkedAsStale(bool result) {
    return;
  }
-  // TODO(crbug.com/1012659): Based on |result|, start a second FetchKeys()
+  // If nothing has changed (determined by |!result| since false negatives are
-  // pass.
+  // disallowed by the API) or this is already a second attempt, the fetching
+  // procedure can be considered completed.
+  if (!result || is_second_fetch_attempt) {
+    FetchTrustedVaultKeysCompletedButInsufficient();
+    return;
+  }
-  FetchTrustedVaultKeysCompletedButInsufficient();
+  trusted_vault_client_->FetchKeys(
+      state_.account_info,
+      base::BindOnce(&SyncServiceCrypto::TrustedVaultKeysFetchedFromClient,
+                     weak_factory_.GetWeakPtr(),
+                     /*is_second_fetch_attempt=*/true));
 }
 void SyncServiceCrypto::FetchTrustedVaultKeysCompletedButInsufficient() {

--- a/components/sync/driver/sync_service_crypto.h
+++ b/components/sync/driver/sync_service_crypto.h
@@ -109,11 +109,14 @@ class SyncServiceCrypto : public SyncEncryptionHandler::Observer,
  void FetchTrustedVaultKeys();
  // Called at various stages of asynchronously fetching and processing trusted
-  // vault encryption keys.
+  // vault encryption keys. |is_second_fetch_attempt| is useful for the case
+  // where multiple passes (up to two) are needed to fetch the keys from the
+  // client.
  void TrustedVaultKeysFetchedFromClient(
+      bool is_second_fetch_attempt,
      const std::vector<std::vector<uint8_t>>& keys);
-  void TrustedVaultKeysAdded();
+  void TrustedVaultKeysAdded(bool is_second_fetch_attempt);
-  void TrustedVaultKeysMarkedAsStale(bool result);
+  void TrustedVaultKeysMarkedAsStale(bool is_second_fetch_attempt, bool result);
  void FetchTrustedVaultKeysCompletedButInsufficient();
  // Calls SyncServiceBase::NotifyObservers(). Never null.

--- a/components/sync/driver/sync_service_crypto_unittest.cc
+++ b/components/sync/driver/sync_service_crypto_unittest.cc