| blob | 82057fc6c749c38b652a0a80932d25e77fb269a6 |
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROMEOS_DBUS_EASY_UNLOCK_CLIENT_H_
6 #define CHROMEOS_DBUS_EASY_UNLOCK_CLIENT_H_
8 #include <string>
17 // Client for calling EasyUnlock dbus service. The service provides
18 // methods used by Easy Unlock for establishing secure communication channel
19 // over (unsecure) bluetooth with devices registered to unlock ChromeOS.
20 // Ideally, this would be done in Chrome, but unfortunatelly, the library used
21 // for wrapping and unwrapping messages sent over the communication channel
22 // depends on OpenSSL for encryption, which is not currently available in
23 // Chrome. To work around this, the message processing will be done in ChromeOS,
24 // where OpenSSL is already supported.
25 // TODO(tbarzic): Get rid of this client when Chrome switches from NSS to
26 // OpenSSL (http://crbug.com/338888).
33 // Callback for |GenerateEcP256KeyPair|. Carries the generated keys.
36 KeyPairCallback;
38 // Generates ECDSA key pair using P256 curve.
39 // The created keys should only be used with this client.
42 // Parameters used to create a secure message.
47 // The key used to sign, and if needed, encrypt the message. If encryption
48 // is required, the key must be symetric.
51 // Data associated with the message. The data will not actually be added to
52 // the message, but it will be used while signing the message (the receiver
53 // will use the same data to authenticate the signature).
56 // Metadata added to the message header.
59 // The key id added to the message header. Has to be set if the message is
60 // signed with private asymetric key. This value is used by the receiver to
61 // identify the key that should be used to verify the signature.
64 // Key id added to the message header. Used by the message receiver to
65 // identify the key that should be used to decrypt the message.
68 // The encryption algorithm to use for encrypting the message.
71 // The algorithm to use to sign the message.
76 };
78 // Parameters used to unwrap a securemessage.
83 // The key used to authenticate message signature and, if needed, decrypt
84 // the message. If the message is encrypted, only symetric key can be used.
87 // Data associated with the message. Message authentication will succeed
88 // only if the message was created with the same associated data.
91 // The encryption algorithm to use for decrypting the message.
94 // The algorithm that should be used to verify the message signature.
99 };
101 // Given a private and a public key, creates a symetric secret key using
102 // EC Diffe-Hellman key exchange. The provided keys come from different
103 // asymetric key pairs, and are expected to be in the same format as the ones
104 // returned by |GenerateEcP256KeyAgreement|. Reversing key pairs from which
105 // private and public key come generates the same secret key.
110 // Creates signed and, if specified, encrypted message in format used by Easy
111 // Unlock.
112 // |payload|: The cleartext message body.
113 // |options|: The message parameters used for creating the secure message.
114 // |callback|: Called with the created message. On failure, the message will
115 // be empty.
120 // Authenticates and, if specified, decrypts a secure message.
121 // |message|: The message to unwrap. It is in the same format as the message
122 // returned by |CreateSecureMessage|.
123 // |options|: The parameters that should be used to unwrap the message.
124 // |callback|: Called with the cleartext message header and body in a signle
125 // protobuf. If the message could not be authenticated or decrypted, it
126 // will be called with an empty string.
131 // Factory function, creates a new instance and returns ownership.
132 // For normal usage, access the singleton via DBusThreadManager::Get().
136 // Create() should be used instead.
141 };