NLWeaveKeyExportClient

#include <src/device-manager/cocoa/NLWeaveKeyExportClient.h>

Wrapper for C++ implementation of key export functionality to support pin encryption.

Summary

Inheritance

Inherits from: NSObject

Public functions
`allowNestDevelopmentDevices()`	`virtual BOOL` True if key export responses from Nest development devices will be allowed.
`allowSHA1DeviceCertificates()`	`virtual BOOL` True if key export responses from devices with SHA1 certificates will be allowed.
`generateKeyExportRequest:responderNodeId:accessToken:error:(UInt32 keyId, UInt64 responderNodeId, NSData accessToken, NSError *errOut)`	`virtual nullable NSData *` Generate a key export request given an access token.
`generateKeyExportRequest:responderNodeId:clientCert:clientKey:error:(UInt32 keyId, UInt64 responderNodeId, NSData clientCert, NSData clientKey, NSError **errOut)`	`virtual nullable NSData *` Generate a key export request given a client certificate and private key.
`init()`	`virtual instancetype` Initializes NLWeaveKeyExportClient object.
`processKeyExportReconfigure:error:(NSData reconfig, NSError *errOut)`	`virtual BOOL` Process a reconfigure message received in response to a previously-generated key export request.
`processKeyExportResponse:exportResp:error:(UInt64 responderNodeId, NSData exportResp, NSError *errOut)`	`virtual nullable NSData *` Process the response to a previously-generated key export request.
`reset()`	`virtual void` Reset the key export client object, discarding any state associated with a pending key export request.
`setAllowNestDevelopmentDevices:(BOOL nestDev)`	`virtual void` Allow or disallow key export responses from Nest development devices.
`setAllowSHA1DeviceCertificates:(BOOL nestDev)`	`virtual void` Allow or disallow key export responses from devices with SHA1 certificates.

Public functions

allowNestDevelopmentDevices

virtual BOOL allowNestDevelopmentDevices()

True if key export responses from Nest development devices will be allowed.

allowSHA1DeviceCertificates

virtual BOOL allowSHA1DeviceCertificates()

True if key export responses from devices with SHA1 certificates will be allowed.

generateKeyExportRequest:responderNodeId:accessToken:error:

virtual nullable NSData * generateKeyExportRequest:responderNodeId:accessToken:error:(
  UInt32 keyId,
  UInt64 responderNodeId,
  NSData *accessToken,
  NSError **errOut
)

Generate a key export request given an access token.

Details

Parameters

`[in] keyId`	The Weave key id of the key to be exported.
`[in] responderNodeId`	The Weave node id of the device to which the request will be forwarded; or 0 if the particular device id is unknown.
`[in] accessToken`	A buffer containing a Weave access token, in Weave TLV format.
`[out] errOut`	Output error parameter, set in the event an error occurs and errOut is not null.

Returns

Binary buffer containing the generated key export request. Set to nil if error occurs.

generateKeyExportRequest:responderNodeId:clientCert:clientKey:error:

virtual nullable NSData * generateKeyExportRequest:responderNodeId:clientCert:clientKey:error:(
  UInt32 keyId,
  UInt64 responderNodeId,
  NSData *clientCert,
  NSData *clientKey,
  NSError **errOut
)

Generate a key export request given a client certificate and private key.

Details

Parameters

`[in] keyId`	The Weave key id of the key to be exported.
`[in] responderNodeId`	The Weave node id of the device to which the request will be forwarded; or 0 if the particular device id is unknown.
`[in] clientCert`	A buffer containing a Weave certificate identifying the client making the request. The certificate is expected to be encoded in Weave TLV format.
`[in] clientKey`	A buffer containing the private key associated with the client certificate. The private key is expected to be encoded in Weave TLV format.
`[out] errOut`	Output error parameter, set in the event an error occurs and errOut is not null.

Returns

Binary buffer containing the generated key export request. Set to nil if error occurs.

init

virtual instancetype init()

Initializes NLWeaveKeyExportClient object.

Creates instance and initializes instace of internal C++ object for performing key export functionality.

processKeyExportReconfigure:error:

virtual BOOL processKeyExportReconfigure:error:(
  NSData *reconfig,
  NSError **errOut
)

Process a reconfigure message received in response to a previously-generated key export request.

Details

Parameters

`[in] reconfig`	A buffer containing a Weave key export reconfigure message, as returned by the device.
`[out] errOut`	Output error parameter, set in the event an error occurs and errOut is not null.

Returns

True on success, False on failure.

processKeyExportResponse:exportResp:error:

virtual nullable NSData * processKeyExportResponse:exportResp:error:(
  UInt64 responderNodeId,
  NSData *exportResp,
  NSError **errOut
)

Process the response to a previously-generated key export request.

Details

Parameters

`[in] responderNodeId`	The Weave node id of the device to which the request was forwarded; or 0 if the particular device id is unknown.
`[in] exportResp`	A buffer containing a Weave key export response, as returned by the device.
`[out] errOut`	Output error parameter, set in the event an error occurs and errOut is not null.

Returns

Binary buffer containing exported key. Set to nil if error occurs.

reset

virtual void reset()

Reset the key export client object, discarding any state associated with a pending key export request.

setAllowNestDevelopmentDevices:

virtual void setAllowNestDevelopmentDevices:(
  BOOL nestDev
)

Allow or disallow key export responses from Nest development devices.

setAllowSHA1DeviceCertificates:

virtual void setAllowSHA1DeviceCertificates:(
  BOOL nestDev
)

Allow or disallow key export responses from devices with SHA1 certificates.