src/device-manager/cocoa/NLWeavePasscodeEncryptionSupport.h - third_party/openweave-core - Git at Google

 /*
  *
  *    Copyright (c) 2016-2017 Nest Labs, Inc.
  *    All rights reserved.
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
  *    You may obtain a copy of the License at
  *
  *        http://www.apache.org/licenses/LICENSE-2.0
  *
  *    Unless required by applicable law or agreed to in writing, software
  *    distributed under the License is distributed on an "AS IS" BASIS,
  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *    See the License for the specific language governing permissions and
  *    limitations under the License.
  */

 /**
  *    @file
  *      This file defines a Wrapper for C++ implementation of pincode encryption/decryption functionality.
  *      for pin encryption.
  *
  */

 #import <Foundation/Foundation.h>

 NS_ASSUME_NONNULL_BEGIN

 extern NSString * const NLPasscodeEncryptionSupportDomain;

 // Error codes for NLPasscodeEncryptionSupportDomain
 typedef NS_ENUM(NSInteger, NLPasscodeEncryptionSupportDomainCode) {
     NLPasscodeEncryptionSupportDomainSuccess = 0,
     NLPasscodeEncryptionSupportDomainEncryptionFailure = 1,
     NLPasscodeEncryptionSupportDomainDecryptionFailure = 2,
     NLPasscodeEncryptionSupportDomainInvalidData = 3,
     NLPasscodeEncryptionSupportDomainInvalidEncKeySize = 4,
     NLPasscodeEncryptionSupportDomainInvalidAuthKeySize = 5,
     NLPasscodeEncryptionSupportDomainInvalidFingerprintKeySize = 6,
 };

 /** Passcode encryption configuration 1 (TEST ONLY)
  *
  * Note: This encryption configuration is for testing only and provides no integrity or confidentiality.
  * Config 1 is only available in development builds.
  */
 extern NSUInteger const NLWeavePasscode_Config1_TEST_ONLY;

 /** Passcode encryption configuration 2
  */
 extern NSUInteger const NLWeavePasscode_Config2;

 /** Key diversifier used in the derivation of the passcode encryption and authentication keys.
  */
 extern UInt8 const NLWeavePasscodeEncKeyDiversifier[];

 /** Key diversifier used in the derivation of the passcode fingerprint key.
  */
 extern UInt8 const NLWeavePasscodeFingerprintKeyDiversifier[];

 extern UInt32 const NLWeavePasscodeEncKeyDiversifierSize;
 extern UInt32 const NLWeavePasscodeFingerprintKeyDiversifierSize;

 extern UInt32 const NLWeavePasscodeEncryptionKeyLen;
 extern UInt32 const NLWeavePasscodeAuthenticationKeyLen;
 extern UInt32 const NLWeavePasscodeFingerprintKeyLen;

 /**
  * @class NLWeavePasscodeEncryptionSupport
  * Wrapper for C++ implementation of pincode encryption/decryption functionality.
  */
 @interface NLWeavePasscodeEncryptionSupport : NSObject
 /** Encrypt a passcode using the Nest Passcode Encryption scheme.
  */
 + (nullable NSData *)encryptPasscode:(UInt8)config
                                keyId:(UInt32)keyId
                                nonce:(UInt32)nonce
                             passcode:(NSData *)passcode
                               encKey:(NSData *)encKey
                              authKey:(NSData *)authKey
                       fingerprintKey:(NSData *)fingerprintKey
                                error:(NSError **)errOut;

 /** Decrypt a passcode that was encrypted using the Nest Passcode Encryption scheme.
  */
 + (nullable NSData *)decryptPasscode:(NSData *)encPasscode
                               config:(UInt8)config
                               encKey:(NSData *)encKey
                              authKey:(NSData *)authKey
                       fingerprintKey:(NSData *)fingerprintKey
                                error:(NSError **)errOut;

 /** Determines if the specified Passcode encryption configuration is supported.
  */
 + (BOOL)isSupportedPasscodeEncryptionConfig:(UInt8)config;

 /** Extract the configuration type from an encrypted Passcode.
  */
 + (BOOL)getEncryptedPasscodeConfig:(NSData *)encPasscode config:(UInt8 *)configOut error:(NSError **)errOut;

 /** Extract the key id from an encrypted Passcode.
  */
 + (BOOL)getEncryptedPasscodeKeyId:(NSData *)encPasscode keyId:(UInt32 *)keyIdOut error:(NSError **)errOut;

 /** Extract the nonce value from an encrypted Passcode.
  */
 + (BOOL)getEncryptedPasscodeNonce:(NSData *)encPasscode nonce:(UInt32 *)nonceOut error:(NSError **)errOut;

 /** Extract the fingerprint from an encrypted Passcode.
  */
 + (nullable NSData *)getEncryptedPasscodeFingerprint:(NSData *)encPasscode error:(NSError **)errOut;

 @end
 NS_ASSUME_NONNULL_END
	/*
	*
	* Copyright (c) 2016-2017 Nest Labs, Inc.
	* All rights reserved.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	/**
	* @file
	* This file defines a Wrapper for C++ implementation of pincode encryption/decryption functionality.
	* for pin encryption.
	*
	*/

	#import <Foundation/Foundation.h>

	NS_ASSUME_NONNULL_BEGIN

	extern NSString * const NLPasscodeEncryptionSupportDomain;

	// Error codes for NLPasscodeEncryptionSupportDomain
	typedef NS_ENUM(NSInteger, NLPasscodeEncryptionSupportDomainCode) {
	NLPasscodeEncryptionSupportDomainSuccess = 0,
	NLPasscodeEncryptionSupportDomainEncryptionFailure = 1,
	NLPasscodeEncryptionSupportDomainDecryptionFailure = 2,
	NLPasscodeEncryptionSupportDomainInvalidData = 3,
	NLPasscodeEncryptionSupportDomainInvalidEncKeySize = 4,
	NLPasscodeEncryptionSupportDomainInvalidAuthKeySize = 5,
	NLPasscodeEncryptionSupportDomainInvalidFingerprintKeySize = 6,
	};

	/** Passcode encryption configuration 1 (TEST ONLY)
	*
	* Note: This encryption configuration is for testing only and provides no integrity or confidentiality.
	* Config 1 is only available in development builds.
	*/
	extern NSUInteger const NLWeavePasscode_Config1_TEST_ONLY;

	/** Passcode encryption configuration 2
	*/
	extern NSUInteger const NLWeavePasscode_Config2;

	/** Key diversifier used in the derivation of the passcode encryption and authentication keys.
	*/
	extern UInt8 const NLWeavePasscodeEncKeyDiversifier[];

	/** Key diversifier used in the derivation of the passcode fingerprint key.
	*/
	extern UInt8 const NLWeavePasscodeFingerprintKeyDiversifier[];

	extern UInt32 const NLWeavePasscodeEncKeyDiversifierSize;
	extern UInt32 const NLWeavePasscodeFingerprintKeyDiversifierSize;

	extern UInt32 const NLWeavePasscodeEncryptionKeyLen;
	extern UInt32 const NLWeavePasscodeAuthenticationKeyLen;
	extern UInt32 const NLWeavePasscodeFingerprintKeyLen;

	/**
	* @class NLWeavePasscodeEncryptionSupport
	* Wrapper for C++ implementation of pincode encryption/decryption functionality.
	*/
	@interface NLWeavePasscodeEncryptionSupport : NSObject
	/** Encrypt a passcode using the Nest Passcode Encryption scheme.
	*/
	+ (nullable NSData *)encryptPasscode:(UInt8)config
	keyId:(UInt32)keyId
	nonce:(UInt32)nonce
	passcode:(NSData *)passcode
	encKey:(NSData *)encKey
	authKey:(NSData *)authKey
	fingerprintKey:(NSData *)fingerprintKey
	error:(NSError **)errOut;

	/** Decrypt a passcode that was encrypted using the Nest Passcode Encryption scheme.
	*/
	+ (nullable NSData )decryptPasscode:(NSData )encPasscode
	config:(UInt8)config
	encKey:(NSData *)encKey
	authKey:(NSData *)authKey
	fingerprintKey:(NSData *)fingerprintKey
	error:(NSError **)errOut;

	/** Determines if the specified Passcode encryption configuration is supported.
	*/
	+ (BOOL)isSupportedPasscodeEncryptionConfig:(UInt8)config;

	/** Extract the configuration type from an encrypted Passcode.
	*/
	+ (BOOL)getEncryptedPasscodeConfig:(NSData )encPasscode config:(UInt8 )configOut error:(NSError **)errOut;

	/** Extract the key id from an encrypted Passcode.
	*/
	+ (BOOL)getEncryptedPasscodeKeyId:(NSData )encPasscode keyId:(UInt32 )keyIdOut error:(NSError **)errOut;

	/** Extract the nonce value from an encrypted Passcode.
	*/
	+ (BOOL)getEncryptedPasscodeNonce:(NSData )encPasscode nonce:(UInt32 )nonceOut error:(NSError **)errOut;

	/** Extract the fingerprint from an encrypted Passcode.
	*/
	+ (nullable NSData )getEncryptedPasscodeFingerprint:(NSData )encPasscode error:(NSError **)errOut;

	@end
	NS_ASSUME_NONNULL_END