chromium/chromeos/ash/services/secure_channel/background_eid_generator.cc

// Copyright 2016 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "chromeos/ash/services/secure_channel/background_eid_generator.h"

#include <cstring>
#include <memory>

#include "base/containers/contains.h"
#include "base/ranges/algorithm.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/string_util.h"
#include "base/time/clock.h"
#include "base/time/default_clock.h"
#include "base/time/time.h"
#include "chromeos/ash/components/multidevice/beacon_seed.h"
#include "chromeos/ash/components/multidevice/logging/logging.h"
#include "chromeos/ash/components/multidevice/remote_device_ref.h"
#include "chromeos/ash/services/device_sync/proto/cryptauth_api.pb.h"
#include "chromeos/ash/services/secure_channel/data_with_timestamp.h"
#include "chromeos/ash/services/secure_channel/raw_eid_generator.h"
#include "chromeos/ash/services/secure_channel/raw_eid_generator_impl.h"

namespace ash::secure_channel {

namespace {

// The duration of a EID period in milliseconds.
const int64_t kEidPeriodMs = 15 * 60 * 1000;  // 15 minutes

// The number of periods to look forward and backwards when calculating the
// neartest EIDs.
const int kEidLookAhead = 2;

// Returns the BeaconSeed valid for |timestamp_ms|, or nullptr if none can be
// found.
const cryptauth::BeaconSeed* GetBeaconSeedForTimestamp(
    int64_t timestamp_ms,
    const std::vector<cryptauth::BeaconSeed>& beacon_seeds) {
  for (const cryptauth::BeaconSeed& seed : beacon_seeds) {
    if (timestamp_ms >= seed.start_time_millis() &&
        timestamp_ms <= seed.end_time_millis()) {
      return &seed;
    }
  }
  return nullptr;
}

}  // namespace

BackgroundEidGenerator::BackgroundEidGenerator()
    : BackgroundEidGenerator(std::make_unique<RawEidGeneratorImpl>(),
                             base::DefaultClock::GetInstance()) {}

BackgroundEidGenerator::~BackgroundEidGenerator() {}

BackgroundEidGenerator::BackgroundEidGenerator(
    std::unique_ptr<RawEidGenerator> raw_eid_generator,
    base::Clock* clock)
    : raw_eid_generator_(std::move(raw_eid_generator)), clock_(clock) {}

std::vector<DataWithTimestamp> BackgroundEidGenerator::GenerateNearestEids(
    const std::vector<cryptauth::BeaconSeed>& beacon_seeds) const {
  int64_t now_timestamp_ms = clock_->Now().InMillisecondsSinceUnixEpoch();
  std::vector<DataWithTimestamp> eids;

  for (int i = -kEidLookAhead; i <= kEidLookAhead; ++i) {
    int64_t timestamp_ms = now_timestamp_ms + i * kEidPeriodMs;
    std::unique_ptr<DataWithTimestamp> eid =
        GenerateEid(timestamp_ms, beacon_seeds);
    if (eid)
      eids.push_back(*eid);
  }

  return eids;
}

std::unique_ptr<DataWithTimestamp> BackgroundEidGenerator::GenerateEid(
    int64_t timestamp_ms,
    const std::vector<cryptauth::BeaconSeed>& beacon_seeds) const {
  const cryptauth::BeaconSeed* beacon_seed =
      GetBeaconSeedForTimestamp(timestamp_ms, beacon_seeds);
  if (!beacon_seed) {
    PA_LOG(WARNING) << "  " << timestamp_ms << ": outside of BeaconSeed range.";
    return nullptr;
  }

  int64_t seed_start_time_ms = beacon_seed->start_time_millis();
  int64_t offset_time_ms = timestamp_ms - seed_start_time_ms;
  int64_t start_of_period_ms =
      seed_start_time_ms + (offset_time_ms / kEidPeriodMs) * kEidPeriodMs;

  std::string eid = raw_eid_generator_->GenerateEid(
      beacon_seed->data(), start_of_period_ms, nullptr);

  return std::make_unique<DataWithTimestamp>(eid, start_of_period_ms,
                                             start_of_period_ms + kEidPeriodMs);
}

std::string BackgroundEidGenerator::IdentifyRemoteDeviceByAdvertisement(
    const std::string& advertisement_service_data,
    const multidevice::RemoteDeviceRefList& remote_devices) const {
  // Resize the service data to analyze only the first |kNumBytesInEidValue|
  // bytes. If there are any bytes after those first |kNumBytesInEidValue|
  // bytes, they are flags, so they are not needed to identify the device which
  // sent a message.
  std::string service_data_without_flags = advertisement_service_data;
  service_data_without_flags.resize(RawEidGenerator::kNumBytesInEidValue);

  const auto remote_device_it = base::ranges::find_if(
      remote_devices,
      [this, &service_data_without_flags](const auto& remote_device) {
        std::vector<DataWithTimestamp> eids = GenerateNearestEids(
            multidevice::ToCryptAuthSeedList(remote_device.beacon_seeds()));
        bool success = base::Contains(eids, service_data_without_flags,
                                      &DataWithTimestamp::data);
        std::stringstream ss;
        ss << "BackgroundEidGenerator::IdentifyRemoteDeviceByAdvertisement: "
           << (success ? "Identified " : "Failed to identify ")
           << "the following remote device from advertisement service data 0x"
           << base::HexEncode(service_data_without_flags) << ": "
           << "\n  device_name: " << remote_device.name()
           << "\n  device_id: " << remote_device.GetDeviceId()
           << "\n  beacon seeds: ";
        for (const auto& seed : remote_device.beacon_seeds()) {
          ss << "\n    " << seed;
        }
        ss << "\n  eids: " << DataWithTimestamp::ToDebugString(eids);
        PA_LOG(VERBOSE) << ss.str();

        return success;
      });

  // Return empty string if no matching device is found.
  return remote_device_it != remote_devices.end()
             ? remote_device_it->GetDeviceId()
             : std::string();
}

}  // namespace ash::secure_channel