WeaveKeyExportClient

public final class WeaveKeyExportClient extends Object

Implements the client side of the Weave key export protocol for use in stand-alone (non-Weave messaging) contexts.

Public Constructor Summary

Public Method Summary

boolean
allowNestDevelopmentDevices()
True if key export responses from Nest development devices will be allowed.
boolean
allowSHA1DeviceCertificates()
True if key export responses from devices with SHA1 certificates will be allowed.
void
byte[]
generateKeyExportRequest(int keyId, long responderNodeId, byte[] accessToken)
Generate a key export request given an access token.
byte[]
generateKeyExportRequest(int keyId, long responderNodeId, byte[] clientCert, byte[] clientKey)
Generate a key export request given a client certificate and private key.
void
processKeyExportReconfigure(byte[] reconfig)
Process a reconfigure message received in response to a previously-generated key export request.
byte[]
processKeyExportResponse(long responderNodeId, byte[] exportResp)
Process the response to a previously-generated key export request.
void
reset()
Reset the key export client object, discarding any state associated with a pending key export request.
void
setAllowNestDevelopmentDevices(boolean val)
Allow or disallow key export responses from Nest development devices.
void
setAllowSHA1DeviceCertificates(boolean val)
Allow or disallow key export responses from devices with SHA1 certificates.

Inherited Method Summary

Public Constructors

public WeaveKeyExportClient ()

Public Methods

public boolean allowNestDevelopmentDevices ()

True if key export responses from Nest development devices will be allowed.

public boolean allowSHA1DeviceCertificates ()

True if key export responses from devices with SHA1 certificates will be allowed.

public void finalize ()

Throws
Throwable

public byte[] generateKeyExportRequest (int keyId, long responderNodeId, byte[] accessToken)

Generate a key export request given an access token.

Parameters
keyId The Weave key id of the key to be exported.
responderNodeId The Weave node id of the device to which the request will be forwarded; or 0 if the particular device id is unknown.
accessToken A buffer containing a Weave access token, in Weave TLV format.
Returns
  • A byte array containing the generated key export request.

public byte[] generateKeyExportRequest (int keyId, long responderNodeId, byte[] clientCert, byte[] clientKey)

Generate a key export request given a client certificate and private key.

Parameters
keyId The Weave key id of the key to be exported.
responderNodeId The Weave node id of the device to which the request will be forwarded; or 0 if the particular device id is unknown.
clientCert A buffer containing a Weave certificate identifying the client making the request. The certificate is expected to be encoded in Weave TLV format.
clientKey A buffer containing the private key associated with the client certificate. The private key is expected to be encoded in Weave TLV format.
Returns
  • A byte array containing the generated key export request.

public void processKeyExportReconfigure (byte[] reconfig)

Process a reconfigure message received in response to a previously-generated key export request.

Parameters
reconfig A buffer containing a Weave key export reconfigure message, as returned by the device.

public byte[] processKeyExportResponse (long responderNodeId, byte[] exportResp)

Process the response to a previously-generated key export request.

Parameters
responderNodeId The Weave node id of the device to which the request was forwarded; or 0 if the particular device id is unknown.
exportResp A buffer containing a Weave key export response, as returned by the device.
Returns
  • A byte array containing exported key.

public void reset ()

Reset the key export client object, discarding any state associated with a pending key export request.

public void setAllowNestDevelopmentDevices (boolean val)

Allow or disallow key export responses from Nest development devices.

Parameters
val

public void setAllowSHA1DeviceCertificates (boolean val)

Allow or disallow key export responses from devices with SHA1 certificates.

Parameters
val