All: Security: Added way to upgrade master key encryption and sync target encryption

ReactNativeClient/lib/models/BaseItem.js

@@ -538,22 +538,27 @@ class BaseItem extends BaseModel {
 			extraWhere = extraWhere.length ? `AND ${extraWhere.join(' AND ')}` : '';
 
 			// First get all the items that have never been synced under this sync target
+			//
+			// We order them by date descending so that latest modified notes go first.
+			// In most case it doesn't make a big difference, but when re-syncing the whole
+			// data set it does. In that case it means the recent notes, those that are likely
+			// to be modified again, will be synced first, thus avoiding potential conflicts.
 
-			let sql = sprintf(
-				`
+			let sql = sprintf(`
 				SELECT %s
 				FROM %s items
 				WHERE id NOT IN (
 					SELECT item_id FROM sync_items WHERE sync_target = %d
 				)
 				%s
+				ORDER BY items.updated_time DESC
 				LIMIT %d
 			`,
-				this.db().escapeFields(fieldNames),
-				this.db().escapeField(ItemClass.tableName()),
-				Number(syncTarget),
-				extraWhere,
-				limit
+			this.db().escapeFields(fieldNames),
+			this.db().escapeField(ItemClass.tableName()),
+			Number(syncTarget),
+			extraWhere,
+			limit
 			);
 
 			let neverSyncedItem = await ItemClass.modelSelectAll(sql);
@@ -575,6 +580,7 @@ class BaseItem extends BaseModel {
 					AND (s.sync_time < items.updated_time OR force_sync = 1)
 					AND s.sync_disabled = 0
 					%s
+					ORDER BY items.updated_time DESC
 					LIMIT %d
 				`,
 					this.db().escapeFields(fieldNames),

ReactNativeClient/lib/models/MasterKey.js

@@ -18,6 +18,10 @@ class MasterKey extends BaseItem {
 		return this.modelSelectOne('SELECT * FROM master_keys WHERE created_time >= (SELECT max(created_time) FROM master_keys)');
 	}
 
+	static allWithoutEncryptionMethod(masterKeys, method) {
+		return masterKeys.filter(m => m.encryption_method !== method);
+	}
+
 	static async save(o, options = null) {
 		return super.save(o, options).then(item => {
 			this.dispatch({

ReactNativeClient/lib/models/Setting.js

@@ -392,6 +392,11 @@ class Setting extends BaseModel {
 			'encryption.enabled': { value: false, type: Setting.TYPE_BOOL, public: false },
 			'encryption.activeMasterKeyId': { value: '', type: Setting.TYPE_STRING, public: false },
 			'encryption.passwordCache': { value: {}, type: Setting.TYPE_OBJECT, public: false, secure: true },
+			'encryption.shouldReencrypt': {
+				value: -1, // will be set on app startup
+				type: Setting.TYPE_INT,
+				public: false,
+			},
 
 			// Deprecated in favour of windowContentZoomFactor
 			'style.zoom': { value: 100, type: Setting.TYPE_INT, public: false, appTypes: ['desktop'], section: 'appearance', label: () => '', minimum: 50, maximum: 500, step: 10 },
@@ -1053,6 +1058,10 @@ Setting.DATE_FORMAT_7 = 'YYYY.MM.DD';
 Setting.TIME_FORMAT_1 = 'HH:mm';
 Setting.TIME_FORMAT_2 = 'h:mm A';
 
+Setting.SHOULD_REENCRYPT_NO = 0; // Data doesn't need to be reencrypted
+Setting.SHOULD_REENCRYPT_YES = 1; // Data should be reencrypted
+Setting.SHOULD_REENCRYPT_NOTIFIED = 2; // Data should be reencrypted, and user has been notified
+
 Setting.custom_css_files = {
 	JOPLIN_APP: 'userchrome.css',
 	RENDERED_MARKDOWN: 'userstyle.css',