Vectorize website settings icons in omnibox
[chromium-blink-merge.git] / components / proximity_auth / device_to_device_responder_operations.h
blob6a3f1c94f51abbd264f9ea34b4a877ae5b289f66
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_RESPONDER_OPERATIONS_H
6 #define COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_RESPONDER_OPERATIONS_H
8 #include <string>
10 #include "base/callback_forward.h"
11 #include "base/macros.h"
13 namespace proximity_auth {
15 class SecureMessageDelegate;
17 // Utility class containing operations in the DeviceToDevice protocol that the
18 // initiator needs to perform. For Smart Lock, in which a phone unlocks a
19 // laptop, the responder is the phone. Because the responder side of this
20 // protocol does not run in Chrome, this class is implemented solely for
21 // testing purposes.
23 // All operations are asynchronous because we use the SecureMessageDelegate for
24 // crypto operations, whose implementation may be asynchronous.
26 // In the DeviceToDevice protocol, the responder parses two messages received
27 // from the initiator and sends one message:
28 // 1. Parse [Hello] Message
29 // This message contains the initiator's session public key and is signed
30 // by the long term symmetric key.
31 // 2. Send [Responder Auth] Message
32 // This message contains the responder's session public key, and allows the
33 // initiator to authenticate the responder. After both sides have each
34 // other's public keys, they can derive a symmetric key for the session.
35 // 3. Parse [Initiator Auth] Message
36 // This message allows the responder to authenticate the initiator.
37 class DeviceToDeviceResponderOperations {
38 public:
39 // Callback for operations that create a message. Invoked with the serialized
40 // SecureMessage upon success or the empty string upon failure.
41 typedef base::Callback<void(const std::string&)> MessageCallback;
43 // Callback for operations that validates a message.
44 typedef base::Callback<void(bool)> ValidationCallback;
46 // Callback for ValidateHelloMessage. The first argument will be called with
47 // the validation outcome. If validation succeeded, then the second argument
48 // will contain the initiator's public key.
49 typedef base::Callback<void(bool, const std::string&)> ValidateHelloCallback;
51 // Validates that the [Hello] message, received from the initiator,
52 // is properly signed and encrypted.
53 // |hello_message|: The bytes of the [Hello] message to validate.
54 // |persistent_symmetric_key|: The long-term symmetric key that is shared by
55 // the initiator and responder.
56 // |secure_message_delegate|: Delegate for SecureMessage operations. This
57 // instance is not owned, and must live until after |callback| is invoked.
58 // |callback|: Invoked upon operation completion with whether
59 // |responder_auth_message| is validated successfully and the initiator's
60 // public key.
61 static void ValidateHelloMessage(
62 const std::string& hello_message,
63 const std::string& persistent_symmetric_key,
64 SecureMessageDelegate* secure_message_delegate,
65 const ValidateHelloCallback& callback);
67 // Creates the [Responder Auth] message:
68 // |hello_message|: The initial [Hello] message that was sent, which is used
69 // in the signature calculation.
70 // |session_public_key|: This session public key will be stored in plaintext
71 // to be read by the initiator.
72 // |session_private_key|: The session private key is used in conjunction with
73 // the initiator's public key to derive the session symmetric key.
74 // |persistent_private_key|: The long-term private key possessed by the
75 // responder device.
76 // |persistent_symmetric_key|: The long-term symmetric key that is shared by
77 // the initiator and responder.
78 // |secure_message_delegate|: Delegate for SecureMessage operations. This
79 // instance is not owned, and must live until after |callback| is invoked.
80 // |callback|: Invoked upon operation completion with the serialized message
81 // or an empty string.
82 static void CreateResponderAuthMessage(
83 const std::string& hello_message,
84 const std::string& session_public_key,
85 const std::string& session_private_key,
86 const std::string& persistent_private_key,
87 const std::string& persistent_symmetric_key,
88 SecureMessageDelegate* secure_message_delegate,
89 const MessageCallback& callback);
91 // Validates that the [Initiator Auth] message, received from the initiator,
92 // is properly signed and encrypted.
93 // |initiator_auth_message|: The bytes of the [Local Auth] message to
94 // validate.
95 // |session_symmetric_key|: The derived symmetric key used just for the
96 // session.
97 // |persistent_symmetric_key|: The long-term symmetric key that is shared by
98 // the initiator and responder.
99 // |secure_message_delegate|: Delegate for SecureMessage operations. This
100 // instance is not owned, and must live until after |callback| is invoked.
101 // |callback|: Invoked upon operation completion with whether
102 // |responder_auth_message| is validated successfully.
103 static void ValidateInitiatorAuthMessage(
104 const std::string& initiator_auth_message,
105 const std::string& session_symmetric_key,
106 const std::string& persistent_symmetric_key,
107 const std::string& responder_auth_message,
108 SecureMessageDelegate* secure_message_delegate,
109 const ValidationCallback& callback);
111 private:
112 DISALLOW_IMPLICIT_CONSTRUCTORS(DeviceToDeviceResponderOperations);
115 } // proximity_auth
117 #endif // COMPONENTS_PROXIMITY_AUTH_DEVICE_TO_DEVICE_RESPONDER_OPERATIONS_H