components/proximity_auth/cryptauth/secure_message_delegate.h

   1 // Copyright 2015 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef COMPONENTS_PROXIMITY_AUTH_SECURE_MESSAGE_DELEGATE_H
   6 #define COMPONENTS_PROXIMITY_AUTH_SECURE_MESSAGE_DELEGATE_H
   7
   8 #include <string>
   9
  10 #include "base/callback_forward.h"
  11 #include "components/proximity_auth/cryptauth/proto/securemessage.pb.h"
  12
  13 namespace proximity_auth {
  14
  15 // Interface of delegate responsible for cryptographic operations based on the
  16 // secure message library. This interface is asynchronous as the current
  17 // implementation on ChromeOS communicates with a daemon process over IPC.
  18 class SecureMessageDelegate {
  19  public:
  20   // Fields specifying how to create a SecureMessage.
  21   struct CreateOptions {
  22     CreateOptions();
  23     ~CreateOptions();
  24
  25     // The scheme used to encrypt the message.
  26     securemessage::EncScheme encryption_scheme;
  27     // The scheme used to sign the message.
  28     securemessage::SigScheme signature_scheme;
  29     // Additional data that is used as part of the signature computation but not
  30     // included in the message contents.
  31     std::string associated_data;
  32     // Plain-text data included in the message header.
  33     std::string public_metadata;
  34     // Identifies the key to use for verifying the message signature.
  35     std::string verification_key_id;
  36     // Identifies the key to use for decrypting the message.
  37     std::string decryption_key_id;
  38   };
  39
  40   // Fields specifying how to unwrap a SecureMessage.
  41   struct UnwrapOptions {
  42     UnwrapOptions();
  43     ~UnwrapOptions();
  44
  45     // The scheme used to decrypt the message.
  46     securemessage::EncScheme encryption_scheme;
  47     // The scheme used to verify the message signature.
  48     securemessage::SigScheme signature_scheme;
  49     // Additional data that is used as part of the signature computation but not
  50     // included in the message contents.
  51     std::string associated_data;
  52   };
  53
  54   SecureMessageDelegate();
  55   virtual ~SecureMessageDelegate();
  56
  57   // Generates a new asymmetric key pair.
  58   typedef base::Callback<void(const std::string& public_key,
  59                               const std::string& private_key)>
  60       GenerateKeyPairCallback;
  61   virtual void GenerateKeyPair(const GenerateKeyPairCallback& callback) = 0;
  62
  63   // Derives a symmetric key from our private key and the remote device's
  64   // public key.
  65   typedef base::Callback<void(const std::string& derived_key)>
  66       DeriveKeyCallback;
  67   virtual void DeriveKey(const std::string& private_key,
  68                          const std::string& public_key,
  69                          const DeriveKeyCallback& callback) = 0;
  70
  71   // Creates a new secure message with a |payload| given the |key| and
  72   // |create_options| specifying the cryptographic details.
  73   // |callback| will be invoked with the serialized SecureMessage upon success
  74   // or the empty string upon failure.
  75   typedef base::Callback<void(const std::string& secure_message)>
  76       CreateSecureMessageCallback;
  77   virtual void CreateSecureMessage(
  78       const std::string& payload,
  79       const std::string& key,
  80       const CreateOptions& create_options,
  81       const CreateSecureMessageCallback& callback) = 0;
  82
  83   // Unwraps |secure_message| given the |key| and |unwrap_options| specifying
  84   // the cryptographic details.
  85   // |callback| will be invoked with true for the |verified| argument if the
  86   // message was verified and decrypted successfully. The |payload| and
  87   // |header| fields will be non-empty if the message was verified successfully.
  88   typedef base::Callback<void(bool verified,
  89                               const std::string& payload,
  90                               const securemessage::Header& header)>
  91       UnwrapSecureMessageCallback;
  92   virtual void UnwrapSecureMessage(
  93       const std::string& serialized_message,
  94       const std::string& key,
  95       const UnwrapOptions& unwrap_options,
  96       const UnwrapSecureMessageCallback& callback) = 0;
  97 };
  98
  99 }  // namespace proximity_auth
 100
 101 #endif  // COMPONENTS_PROXIMITY_AUTH_SECURE_MESSAGE_DELEGATE_H