1 /* 2 * Copyright 2018 Google LLC 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * https://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef FCP_SECAGG_CLIENT_SECAGG_CLIENT_R1_SHARE_KEYS_BASE_STATE_H_ 18 #define FCP_SECAGG_CLIENT_SECAGG_CLIENT_R1_SHARE_KEYS_BASE_STATE_H_ 19 20 #include <memory> 21 #include <string> 22 #include <vector> 23 24 #include "fcp/secagg/client/other_client_state.h" 25 #include "fcp/secagg/client/secagg_client_alive_base_state.h" 26 #include "fcp/secagg/client/send_to_server_interface.h" 27 #include "fcp/secagg/client/state_transition_listener_interface.h" 28 #include "fcp/secagg/shared/aes_key.h" 29 #include "fcp/secagg/shared/compute_session_id.h" 30 #include "fcp/secagg/shared/ecdh_key_agreement.h" 31 #include "fcp/secagg/shared/prng.h" 32 #include "fcp/secagg/shared/secagg_messages.pb.h" 33 #include "fcp/secagg/shared/shamir_secret_sharing.h" 34 35 namespace fcp { 36 namespace secagg { 37 38 // This is an abstract class which is the parent of two possible state classes 39 // representing the states that the client may be in at Round 1: Share Keys. 40 // It should never be instantiated directly, but contains code that will be used 41 // by both concrete Round 1 client classes. 42 43 class SecAggClientR1ShareKeysBaseState : public SecAggClientAliveBaseState { 44 public: 45 ~SecAggClientR1ShareKeysBaseState() override = default; 46 47 protected: 48 // SecAggClientR1ShareKeysBaseState should never be instantiated directly. 49 explicit SecAggClientR1ShareKeysBaseState( 50 std::unique_ptr<SendToServerInterface> sender, 51 std::unique_ptr<StateTransitionListenerInterface> transition_listener, 52 53 AsyncAbort* async_abort = nullptr); 54 55 void SetUpShares(int threshold, int n, const Key& agreement_key, 56 const Key& self_prng_key, 57 std::vector<ShamirShare>* self_prng_key_shares, 58 std::vector<ShamirShare>* pairwise_prng_key_shares); 59 60 // Handles the logic associated with receiving a ShareKeysRequest. Uses the 61 // ECDH public keys of other clients to compute shared secrets with other 62 // clients, and shares its own private keys to send to the server. 63 // 64 // The arguments following prng are outputs. The vectors should be empty prior 65 // to calling this method. 66 // 67 // The output will be false if an error was detected; this error will be 68 // stored in *error_message. If the protocol should proceed, the output will 69 // be true and *error_message will be an empty string. 70 bool HandleShareKeysRequest( 71 const ShareKeysRequest& request, 72 const EcdhKeyAgreement& enc_key_agreement, 73 uint32_t max_neighbors_expected, 74 uint32_t minimum_surviving_neighbors_for_reconstruction, 75 const EcdhKeyAgreement& prng_key_agreement, const AesKey& self_prng_key, 76 SecurePrng* prng, uint32_t* client_id, std::string* error_message, 77 uint32_t* number_of_alive_clients, uint32_t* number_of_clients, 78 std::vector<AesKey>* other_client_enc_keys, 79 std::vector<AesKey>* other_client_prng_keys, 80 std::vector<OtherClientState>* other_client_states, 81 std::vector<ShamirShare>* self_prng_key_shares, 82 std::vector<ShamirShare>* pairwise_prng_key_shares, 83 SessionId* session_id); 84 85 // Individually encrypts each pair of key shares with the agreed-upon key for 86 // the client that share is for, and then sends the encrypted keys to the 87 // server. Dropped-out clients and this client are represented by empty 88 // strings. Returns true if successful, false if aborted by client. 89 bool EncryptAndSendResponse( 90 const std::vector<AesKey>& other_client_enc_keys, 91 const std::vector<ShamirShare>& pairwise_prng_key_shares, 92 const std::vector<ShamirShare>& self_prng_key_shares, 93 SendToServerInterface* sender); 94 }; 95 96 } // namespace secagg 97 } // namespace fcp 98 #endif // FCP_SECAGG_CLIENT_SECAGG_CLIENT_R1_SHARE_KEYS_BASE_STATE_H_ 99