Google is committed to advancing racial equity for Black communities. See how.

NLWeaveKeyExportClient

#include <src/device-manager/cocoa/NLWeaveKeyExportClient.h>

Wrapper for C++ implementation of key export functionality to support pin encryption.

Summary

Inheritance

Inherits from: NSObject

Public functions

allowNestDevelopmentDevices()
virtual BOOL
True if key export responses from Nest development devices will be allowed.
allowSHA1DeviceCertificates()
virtual BOOL
True if key export responses from devices with SHA1 certificates will be allowed.
generateKeyExportRequest:responderNodeId:accessToken:error:(UInt32 keyId, UInt64 responderNodeId, NSData *accessToken, NSError **errOut)
virtual nullable NSData *
Generate a key export request given an access token.
generateKeyExportRequest:responderNodeId:clientCert:clientKey:error:(UInt32 keyId, UInt64 responderNodeId, NSData *clientCert, NSData *clientKey, NSError **errOut)
virtual nullable NSData *
Generate a key export request given a client certificate and private key.
init()
virtual instancetype
Initializes NLWeaveKeyExportClient object.
processKeyExportReconfigure:error:(NSData *reconfig, NSError **errOut)
virtual BOOL
Process a reconfigure message received in response to a previously-generated key export request.
processKeyExportResponse:exportResp:error:(UInt64 responderNodeId, NSData *exportResp, NSError **errOut)
virtual nullable NSData *
Process the response to a previously-generated key export request.
reset()
virtual void
Reset the key export client object, discarding any state associated with a pending key export request.
setAllowNestDevelopmentDevices:(BOOL nestDev)
virtual void
Allow or disallow key export responses from Nest development devices.
setAllowSHA1DeviceCertificates:(BOOL nestDev)
virtual void
Allow or disallow key export responses from devices with SHA1 certificates.

Public functions

allowNestDevelopmentDevices

virtual BOOL allowNestDevelopmentDevices()

True if key export responses from Nest development devices will be allowed.

allowSHA1DeviceCertificates

virtual BOOL allowSHA1DeviceCertificates()

True if key export responses from devices with SHA1 certificates will be allowed.

generateKeyExportRequest:responderNodeId:accessToken:error:

virtual nullable NSData * generateKeyExportRequest:responderNodeId:accessToken:error:(
  UInt32 keyId,
  UInt64 responderNodeId,
  NSData *accessToken,
  NSError **errOut
)

Generate a key export request given an access token.

Details
Parameters
[in] keyId
The Weave key id of the key to be exported.
[in] responderNodeId
The Weave node id of the device to which the request will be forwarded; or 0 if the particular device id is unknown.
[in] accessToken
A buffer containing a Weave access token, in Weave TLV format.
[out] errOut
Output error parameter, set in the event an error occurs and errOut is not null.
Returns
Binary buffer containing the generated key export request. Set to nil if error occurs.

generateKeyExportRequest:responderNodeId:clientCert:clientKey:error:

virtual nullable NSData * generateKeyExportRequest:responderNodeId:clientCert:clientKey:error:(
  UInt32 keyId,
  UInt64 responderNodeId,
  NSData *clientCert,
  NSData *clientKey,
  NSError **errOut
)

Generate a key export request given a client certificate and private key.

Details
Parameters
[in] keyId
The Weave key id of the key to be exported.
[in] responderNodeId
The Weave node id of the device to which the request will be forwarded; or 0 if the particular device id is unknown.
[in] clientCert
A buffer containing a Weave certificate identifying the client making the request. The certificate is expected to be encoded in Weave TLV format.
[in] clientKey
A buffer containing the private key associated with the client certificate. The private key is expected to be encoded in Weave TLV format.
[out] errOut
Output error parameter, set in the event an error occurs and errOut is not null.
Returns
Binary buffer containing the generated key export request. Set to nil if error occurs.

init

virtual instancetype init()

Initializes NLWeaveKeyExportClient object.

Creates instance and initializes instace of internal C++ object for performing key export functionality.

processKeyExportReconfigure:error:

virtual BOOL processKeyExportReconfigure:error:(
  NSData *reconfig,
  NSError **errOut
)

Process a reconfigure message received in response to a previously-generated key export request.

Details
Parameters
[in] reconfig
A buffer containing a Weave key export reconfigure message, as returned by the device.
[out] errOut
Output error parameter, set in the event an error occurs and errOut is not null.
Returns
True on success, False on failure.

processKeyExportResponse:exportResp:error:

virtual nullable NSData * processKeyExportResponse:exportResp:error:(
  UInt64 responderNodeId,
  NSData *exportResp,
  NSError **errOut
)

Process the response to a previously-generated key export request.

Details
Parameters
[in] responderNodeId
The Weave node id of the device to which the request was forwarded; or 0 if the particular device id is unknown.
[in] exportResp
A buffer containing a Weave key export response, as returned by the device.
[out] errOut
Output error parameter, set in the event an error occurs and errOut is not null.
Returns
Binary buffer containing exported key. Set to nil if error occurs.

reset

virtual void reset()

Reset the key export client object, discarding any state associated with a pending key export request.

setAllowNestDevelopmentDevices:

virtual void setAllowNestDevelopmentDevices:(
  BOOL nestDev
)

Allow or disallow key export responses from Nest development devices.

setAllowSHA1DeviceCertificates:

virtual void setAllowSHA1DeviceCertificates:(
  BOOL nestDev
)

Allow or disallow key export responses from devices with SHA1 certificates.