bin/ledger/encryption/public/encryption_service.h - peridot - Git at Google

 // Copyright 2017 The Fuchsia Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef PERIDOT_BIN_LEDGER_ENCRYPTION_PUBLIC_ENCRYPTION_SERVICE_H_
 #define PERIDOT_BIN_LEDGER_ENCRYPTION_PUBLIC_ENCRYPTION_SERVICE_H_

 #include <functional>
 #include <string>

 #include <lib/fit/function.h>
 #include <lib/fxl/macros.h>

 #include "peridot/bin/ledger/storage/public/object.h"
 #include "peridot/bin/ledger/storage/public/types.h"
 #include "peridot/lib/convert/convert.h"

 namespace encryption {

 // Status of encryption operations.
 enum class Status {
   OK,
   AUTH_ERROR,
   NETWORK_ERROR,
   INVALID_ARGUMENT,
   IO_ERROR,
   INTERNAL_ERROR,
 };

 // Returns whether the given |status| is a permanent error.
 bool IsPermanentError(Status status);

 // Handles all encryption for a page of the Ledger.
 class EncryptionService {
  public:
   EncryptionService() {}
   virtual ~EncryptionService() {}

   // Construct the object identifier for the given digest, using the latest key
   // index and a default |deletion_scope_id|.
   // TODO(qsr): The user should have some control on the |deletion_scope_id| to
   // decide on the scope of deletion for objects.
   virtual storage::ObjectIdentifier MakeObjectIdentifier(
       storage::ObjectDigest digest) = 0;

   // Encrypts the given commit storage bytes for storing in the cloud.
   virtual void EncryptCommit(
       std::string commit_storage,
       fit::function<void(Status, std::string)> callback) = 0;

   // Decrypts the given encrypted commit storage bytes from the cloud.
   virtual void DecryptCommit(
       convert::ExtendedStringView storage_bytes,
       fit::function<void(Status, std::string)> callback) = 0;

   // Returns the obfuscated object name for the given identifier.
   //
   // This method is used to translate a local object identifier to the name that
   // is used to refer the object in the cloud provider.
   virtual void GetObjectName(
       storage::ObjectIdentifier object_identifier,
       fit::function<void(Status, std::string)> callback) = 0;

   // Encrypts the given object.
   virtual void EncryptObject(
       storage::ObjectIdentifier object_identifier, fsl::SizedVmo content,
       fit::function<void(Status, std::string)> callback) = 0;

   // Decrypts the given object.
   virtual void DecryptObject(
       storage::ObjectIdentifier object_identifier, std::string encrypted_data,
       fit::function<void(Status, std::string)> callback) = 0;

  private:
   FXL_DISALLOW_COPY_AND_ASSIGN(EncryptionService);
 };

 }  // namespace encryption

 #endif  // PERIDOT_BIN_LEDGER_ENCRYPTION_PUBLIC_ENCRYPTION_SERVICE_H_
	// Copyright 2017 The Fuchsia Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef PERIDOT_BIN_LEDGER_ENCRYPTION_PUBLIC_ENCRYPTION_SERVICE_H_
	#define PERIDOT_BIN_LEDGER_ENCRYPTION_PUBLIC_ENCRYPTION_SERVICE_H_

	#include <functional>
	#include <string>

	#include <lib/fit/function.h>
	#include <lib/fxl/macros.h>

	#include "peridot/bin/ledger/storage/public/object.h"
	#include "peridot/bin/ledger/storage/public/types.h"
	#include "peridot/lib/convert/convert.h"

	namespace encryption {

	// Status of encryption operations.
	enum class Status {
	OK,
	AUTH_ERROR,
	NETWORK_ERROR,
	INVALID_ARGUMENT,
	IO_ERROR,
	INTERNAL_ERROR,
	};

	// Returns whether the given \|status\| is a permanent error.
	bool IsPermanentError(Status status);

	// Handles all encryption for a page of the Ledger.
	class EncryptionService {
	public:
	EncryptionService() {}
	virtual ~EncryptionService() {}

	// Construct the object identifier for the given digest, using the latest key
	// index and a default \|deletion_scope_id\|.
	// TODO(qsr): The user should have some control on the \|deletion_scope_id\| to
	// decide on the scope of deletion for objects.
	virtual storage::ObjectIdentifier MakeObjectIdentifier(
	storage::ObjectDigest digest) = 0;

	// Encrypts the given commit storage bytes for storing in the cloud.
	virtual void EncryptCommit(
	std::string commit_storage,
	fit::function<void(Status, std::string)> callback) = 0;

	// Decrypts the given encrypted commit storage bytes from the cloud.
	virtual void DecryptCommit(
	convert::ExtendedStringView storage_bytes,
	fit::function<void(Status, std::string)> callback) = 0;

	// Returns the obfuscated object name for the given identifier.
	//
	// This method is used to translate a local object identifier to the name that
	// is used to refer the object in the cloud provider.
	virtual void GetObjectName(
	storage::ObjectIdentifier object_identifier,
	fit::function<void(Status, std::string)> callback) = 0;

	// Encrypts the given object.
	virtual void EncryptObject(
	storage::ObjectIdentifier object_identifier, fsl::SizedVmo content,
	fit::function<void(Status, std::string)> callback) = 0;

	// Decrypts the given object.
	virtual void DecryptObject(
	storage::ObjectIdentifier object_identifier, std::string encrypted_data,
	fit::function<void(Status, std::string)> callback) = 0;

	private:
	FXL_DISALLOW_COPY_AND_ASSIGN(EncryptionService);
	};

	} // namespace encryption

	#endif // PERIDOT_BIN_LEDGER_ENCRYPTION_PUBLIC_ENCRYPTION_SERVICE_H_