| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_INITIATOR_OPERATIONS_H | 5 #ifndef COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_INITIATOR_OPERATIONS_H |
| 6 #define COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_INITIATOR_OPERATIONS_H | 6 #define COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_INITIATOR_OPERATIONS_H |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/callback_forward.h" | 10 #include "base/callback_forward.h" |
| 11 #include "base/macros.h" | 11 #include "base/macros.h" |
| 12 | 12 |
| 13 namespace cryptauth { |
| 14 class SecureMessageDelegate; |
| 15 } |
| 16 |
| 13 namespace proximity_auth { | 17 namespace proximity_auth { |
| 14 | 18 |
| 15 class SecureMessageDelegate; | |
| 16 | |
| 17 // Utility class containing operations in the DeviceToDevice protocol that the | 19 // Utility class containing operations in the DeviceToDevice protocol that the |
| 18 // initiator needs to perform. For Smart Lock, in which a phone unlocks a | 20 // initiator needs to perform. For Smart Lock, in which a phone unlocks a |
| 19 // laptop, the initiator is laptop. | 21 // laptop, the initiator is laptop. |
| 20 // | 22 // |
| 21 // All operations are asynchronous because we use the SecureMessageDelegate for | 23 // All operations are asynchronous because we use the SecureMessageDelegate for |
| 22 // crypto operations, whose implementation may be asynchronous. | 24 // crypto operations, whose implementation may be asynchronous. |
| 23 // | 25 // |
| 24 // In the DeviceToDevice protocol, the initiator needs to send two messages to | 26 // In the DeviceToDevice protocol, the initiator needs to send two messages to |
| 25 // the responder and parse one message from the responder: | 27 // the responder and parse one message from the responder: |
| 26 // 1. Send [Hello] Message | 28 // 1. Send [Hello] Message |
| (...skipping 21 matching lines...) Expand all Loading... |
| 48 | 50 |
| 49 // Creates the [Hello] message, which is the first message that is sent: | 51 // Creates the [Hello] message, which is the first message that is sent: |
| 50 // |session_public_key|: This session public key will be stored in plaintext | 52 // |session_public_key|: This session public key will be stored in plaintext |
| 51 // (but signed) so the responder can parse it. | 53 // (but signed) so the responder can parse it. |
| 52 // |persistent_symmetric_key|: The long-term symmetric key that is shared by | 54 // |persistent_symmetric_key|: The long-term symmetric key that is shared by |
| 53 // the initiator and responder. | 55 // the initiator and responder. |
| 54 // |secure_message_delegate|: Delegate for SecureMessage operations. This | 56 // |secure_message_delegate|: Delegate for SecureMessage operations. This |
| 55 // instance is not owned, and must live until after |callback| is invoked. | 57 // instance is not owned, and must live until after |callback| is invoked. |
| 56 // |callback|: Invoked upon operation completion with the serialized message | 58 // |callback|: Invoked upon operation completion with the serialized message |
| 57 // or an empty string. | 59 // or an empty string. |
| 58 static void CreateHelloMessage(const std::string& session_public_key, | 60 static void CreateHelloMessage( |
| 59 const std::string& persistent_symmetric_key, | 61 const std::string& session_public_key, |
| 60 SecureMessageDelegate* secure_message_delegate, | 62 const std::string& persistent_symmetric_key, |
| 61 const MessageCallback& callback); | 63 cryptauth::SecureMessageDelegate* secure_message_delegate, |
| 64 const MessageCallback& callback); |
| 62 | 65 |
| 63 // Validates that the [Responder Auth] message, received from the responder, | 66 // Validates that the [Responder Auth] message, received from the responder, |
| 64 // is properly signed and encrypted. | 67 // is properly signed and encrypted. |
| 65 // |responder_auth_message|: The bytes of the [Responder Auth] message to | 68 // |responder_auth_message|: The bytes of the [Responder Auth] message to |
| 66 // validate. | 69 // validate. |
| 67 // |persistent_responder_public_key|: The long-term public key possessed by | 70 // |persistent_responder_public_key|: The long-term public key possessed by |
| 68 // the responder device. | 71 // the responder device. |
| 69 // |persistent_symmetric_key|: The long-term symmetric key that is shared by | 72 // |persistent_symmetric_key|: The long-term symmetric key that is shared by |
| 70 // the initiator and responder. | 73 // the initiator and responder. |
| 71 // |session_private_key|: The session private key is used in an Diffie-Helmann | 74 // |session_private_key|: The session private key is used in an Diffie-Helmann |
| 72 // key exchange once the responder public key is extracted. The derived | 75 // key exchange once the responder public key is extracted. The derived |
| 73 // session symmetric key is used in the validation process. | 76 // session symmetric key is used in the validation process. |
| 74 // |hello_message|: The initial [Hello] message that was sent, which is used | 77 // |hello_message|: The initial [Hello] message that was sent, which is used |
| 75 // in the signature calculation. | 78 // in the signature calculation. |
| 76 // |secure_message_delegate|: Delegate for SecureMessage operations. This | 79 // |secure_message_delegate|: Delegate for SecureMessage operations. This |
| 77 // instance is not owned, and must live until after |callback| is invoked. | 80 // instance is not owned, and must live until after |callback| is invoked. |
| 78 // |callback|: Invoked upon operation completion with whether | 81 // |callback|: Invoked upon operation completion with whether |
| 79 // |responder_auth_message| is validated successfully. | 82 // |responder_auth_message| is validated successfully. |
| 80 static void ValidateResponderAuthMessage( | 83 static void ValidateResponderAuthMessage( |
| 81 const std::string& responder_auth_message, | 84 const std::string& responder_auth_message, |
| 82 const std::string& persistent_responder_public_key, | 85 const std::string& persistent_responder_public_key, |
| 83 const std::string& persistent_symmetric_key, | 86 const std::string& persistent_symmetric_key, |
| 84 const std::string& session_private_key, | 87 const std::string& session_private_key, |
| 85 const std::string& hello_message, | 88 const std::string& hello_message, |
| 86 SecureMessageDelegate* secure_message_delegate, | 89 cryptauth::SecureMessageDelegate* secure_message_delegate, |
| 87 const ValidateResponderAuthCallback& callback); | 90 const ValidateResponderAuthCallback& callback); |
| 88 | 91 |
| 89 // Creates the [Initiator Auth] message, which allows the responder to | 92 // Creates the [Initiator Auth] message, which allows the responder to |
| 90 // authenticate the initiator: | 93 // authenticate the initiator: |
| 91 // |persistent_symmetric_key|: The long-term symmetric key that is shared by | 94 // |persistent_symmetric_key|: The long-term symmetric key that is shared by |
| 92 // the initiator and responder. | 95 // the initiator and responder. |
| 93 // |responder_auth_message|: The [Responder Auth] message sent previously to | 96 // |responder_auth_message|: The [Responder Auth] message sent previously to |
| 94 // the responder. These bytes are used in the signature calculation. | 97 // the responder. These bytes are used in the signature calculation. |
| 95 // |secure_message_delegate|: Delegate for SecureMessage operations. This | 98 // |secure_message_delegate|: Delegate for SecureMessage operations. This |
| 96 // instance is not owned, and must live until after |callback| is invoked. | 99 // instance is not owned, and must live until after |callback| is invoked. |
| 97 // |callback|: Invoked upon operation completion with the serialized message | 100 // |callback|: Invoked upon operation completion with the serialized message |
| 98 // or an empty string. | 101 // or an empty string. |
| 99 static void CreateInitiatorAuthMessage( | 102 static void CreateInitiatorAuthMessage( |
| 100 const std::string& session_symmetric_key, | 103 const std::string& session_symmetric_key, |
| 101 const std::string& persistent_symmetric_key, | 104 const std::string& persistent_symmetric_key, |
| 102 const std::string& responder_auth_message, | 105 const std::string& responder_auth_message, |
| 103 SecureMessageDelegate* secure_message_delegate, | 106 cryptauth::SecureMessageDelegate* secure_message_delegate, |
| 104 const MessageCallback& callback); | 107 const MessageCallback& callback); |
| 105 | 108 |
| 106 private: | 109 private: |
| 107 DISALLOW_IMPLICIT_CONSTRUCTORS(DeviceToDeviceInitiatorOperations); | 110 DISALLOW_IMPLICIT_CONSTRUCTORS(DeviceToDeviceInitiatorOperations); |
| 108 }; | 111 }; |
| 109 | 112 |
| 110 } // proximity_auth | 113 } // proximity_auth |
| 111 | 114 |
| 112 #endif // COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_INITIATOR_OPERATIONS_H | 115 #endif // COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_INITIATOR_OPERATIONS_H |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2502343003:
Moved //components/proximity_auth/cryptauth to //components/cryptauth. (Closed)
