Reland "Don't have two copies of //device/fido."

This is a reland of e23bd4d7, now without `dllimport`-annotated classes with inline MOCK_METHODs. Original change's description: > Don't have two copies of //device/fido. > > Prior to this change, both libcontents.so and content_unittests would > each have a copy of //device/fido because the test_support code would > pull in a copy directly. This caused there two be two copies of > |U2fDiscovery::g_factory_func_| – one used by the test_support code and > one by the code that's used for actual processing. That obviously breaks > things. > > This CL makes //device/fido a `component` instead of a `source_set`, > which, however, necessitates adding COMPONENT_EXPORT annotations to all > exported classes/functions/constants. > > The CL also cleans up the components by: > -- adding some missing #includes and DISALLOW_COPY_AND_ASSIGNs, and > -- moving dependencies included in public headers into `public_deps`. > > Bug: 785955, 820441 > Change-Id: I7a2ab0977a3090ff91fcd8bb53b16d13419d434a > Reviewed-on: https://chromium-review.googlesource.com/955698 > Commit-Queue: Balazs Engedy <engedy@chromium.org> > Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> > Reviewed-by: Adam Langley <agl@chromium.org> > Cr-Commit-Position: refs/heads/master@{#542472} TBR=jdoerrie@chromium.org Bug: 785955, 820441 Change-Id: I9ed13c7d1105f133c5f54cce7f0a4d74f1d57904 Reviewed-on: https://chromium-review.googlesource.com/958863 Commit-Queue: Balazs Engedy <engedy@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#542523}

Reland "Don't have two copies of //device/fido."
This is a reland of e23bd4d7, now without `dllimport`-annotated classes with inline MOCK_METHODs. Original change's description: > Don't have two copies of //device/fido. > > Prior to this change, both libcontents.so and content_unittests would > each have a copy of //device/fido because the test_support code would > pull in a copy directly. This caused there two be two copies of > |U2fDiscovery::g_factory_func_| – one used by the test_support code and > one by the code that's used for actual processing. That obviously breaks > things. > > This CL makes //device/fido a `component` instead of a `source_set`, > which, however, necessitates adding COMPONENT_EXPORT annotations to all > exported classes/functions/constants. > > The CL also cleans up the components by: > -- adding some missing #includes and DISALLOW_COPY_AND_ASSIGNs, and > -- moving dependencies included in public headers into `public_deps`. > > Bug: 785955, 820441 > Change-Id: I7a2ab0977a3090ff91fcd8bb53b16d13419d434a > Reviewed-on: https://chromium-review.googlesource.com/955698 > Commit-Queue: Balazs Engedy <engedy@chromium.org> > Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> > Reviewed-by: Adam Langley <agl@chromium.org> > Cr-Commit-Position: refs/heads/master@{#542472} TBR=jdoerrie@chromium.org Bug: 785955, 820441 Change-Id: I9ed13c7d1105f133c5f54cce7f0a4d74f1d57904 Reviewed-on: https://chromium-review.googlesource.com/958863 Commit-Queue: Balazs Engedy <engedy@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#542523}
bae82629 · Balazs Engedy · Commit Bot · 7b9be6c3 · bae82629 · bae82629
Commit bae82629 authored Mar 12, 2018 by Balazs Engedy Committed by Commit Bot Mar 12, 2018
48 changed files
--- a/device/fido/BUILD.gn
+++ b/device/fido/BUILD.gn
@@ -5,7 +5,7 @@
 import("//build/config/features.gni")
 import("//testing/libfuzzer/fuzzer_test.gni")

-source_set("fido") {
+component("fido") {
  sources = [
    "attestation_object.cc",
    "attestation_object.h",
@@ -90,19 +90,23 @@ source_set("fido") {
    "u2f_transport_protocol.h",
  ]

+  defines = [ "IS_DEVICE_FIDO_IMPL" ]
+
  deps = [
-    "//base",
    "//components/cbor",
    "//crypto",
    "//device/base",
-    "//device/bluetooth",
-    "//net",
-    "//services/device/public/mojom",
    "//services/service_manager/public/cpp",
    "//services/service_manager/public/mojom",
    "//third_party/boringssl",
  ]

+  public_deps = [
+    "//base",
+    "//device/bluetooth",
+    "//services/device/public/mojom",
+  ]
+
  # HID is not supported on Android.
  if (!is_android) {
    sources += [
@@ -144,7 +148,6 @@ fuzzer_test("u2f_apdu_fuzzer") {
  ]
  deps = [
    ":fido",
-    "//net",
  ]
  libfuzzer_options = [ "max_len=65537" ]
 }
@@ -166,7 +169,6 @@ fuzzer_test("u2f_ble_frames_fuzzer") {
  ]
  deps = [
    ":fido",
-    "//net",
  ]
  libfuzzer_options = [ "max_len=65535" ]
 }
@@ -178,7 +180,6 @@ fuzzer_test("sign_response_data_fuzzer") {
  deps = [
    ":fido",
    "//base",
-    "//net",
  ]
  seed_corpus = "response_data_fuzzer_corpus/"
  libfuzzer_options = [ "max_len=65537" ]
@@ -190,7 +191,6 @@ fuzzer_test("register_response_data_fuzzer") {
  ]
  deps = [
    ":fido",
-    "//net",
  ]

  seed_corpus = "response_data_fuzzer_corpus/"

--- a/device/fido/attestation_object.h
+++ b/device/fido/attestation_object.h
@@ -9,6 +9,7 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "device/fido/authenticator_data.h"

@@ -19,7 +20,7 @@ class AttestationStatement;
 // Object containing the authenticator-provided attestation every time
 // a credential is created, per
 // https://www.w3.org/TR/2017/WD-webauthn-20170505/#cred-attestation.
-class AttestationObject {
+class COMPONENT_EXPORT(DEVICE_FIDO) AttestationObject {
 public:
  AttestationObject(AuthenticatorData data,
                    std::unique_ptr<AttestationStatement> statement);

--- a/device/fido/attestation_statement.h
+++ b/device/fido/attestation_statement.h
@@ -5,6 +5,9 @@
 #ifndef DEVICE_FIDO_ATTESTATION_STATEMENT_H_
 #define DEVICE_FIDO_ATTESTATION_STATEMENT_H_

+#include <string>
+
+#include "base/component_export.h"
 #include "base/macros.h"
 #include "components/cbor/cbor_values.h"

@@ -17,7 +20,7 @@ namespace device {
 // - The set of attestation types supported by the format.
 // - The syntax of an attestation statement produced in this format.
 // https://www.w3.org/TR/2017/WD-webauthn-20170505/#cred-attestation.
-class AttestationStatement {
+class COMPONENT_EXPORT(DEVICE_FIDO) AttestationStatement {
 public:
  virtual ~AttestationStatement();

@@ -42,7 +45,8 @@ class AttestationStatement {
 // NoneAttestationStatement represents a “none” attestation, which is used when
 // attestation information will not be returned. See
 // https://w3c.github.io/webauthn/#none-attestation
-class NoneAttestationStatement : public AttestationStatement {
+class COMPONENT_EXPORT(DEVICE_FIDO) NoneAttestationStatement
+    : public AttestationStatement {
 public:
  NoneAttestationStatement();


--- a/device/fido/attested_credential_data.h
+++ b/device/fido/attested_credential_data.h
@@ -9,6 +9,7 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/span.h"
 #include "base/macros.h"
 #include "base/optional.h"
@@ -18,7 +19,7 @@ namespace device {
 class PublicKey;

 // https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-attestation-data
-class AttestedCredentialData {
+class COMPONENT_EXPORT(DEVICE_FIDO) AttestedCredentialData {
 public:
  static base::Optional<AttestedCredentialData> CreateFromU2fRegisterResponse(
      base::span<const uint8_t> u2f_data,

--- a/device/fido/authenticator_data.h
+++ b/device/fido/authenticator_data.h
@@ -9,6 +9,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/attested_credential_data.h"
@@ -16,7 +17,7 @@
 namespace device {

 // https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-authenticator-data.
-class AuthenticatorData {
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorData {
 public:
  enum class Flag : uint8_t {
    kTestOfUserPresence = 1u << 0,

--- a/device/fido/authenticator_get_assertion_response.h
+++ b/device/fido/authenticator_get_assertion_response.h
@@ -9,6 +9,7 @@

 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/ctap_constants.h"
@@ -20,7 +21,7 @@ namespace device {
 // Represents response from authenticators for AuthenticatorGetAssertion and
 // AuthenticatorGetNextAssertion requests.
 // https://fidoalliance.org/specs/fido-v2.0-rd-20170927/fido-client-to-authenticator-protocol-v2.0-rd-20170927.html#authenticatorGetAssertion
-class AuthenticatorGetAssertionResponse {
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorGetAssertionResponse {
 public:
  AuthenticatorGetAssertionResponse(CtapDeviceResponseCode response_code,
                                    std::vector<uint8_t> auth_data,

--- a/device/fido/authenticator_get_info_response.h
+++ b/device/fido/authenticator_get_info_response.h
@@ -10,6 +10,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/authenticator_supported_options.h"
@@ -21,7 +22,7 @@ namespace device {
 // versions, options, AAGUID(Authenticator Attestation GUID), other
 // authenticator device information.
 // https://fidoalliance.org/specs/fido-v2.0-rd-20170927/fido-client-to-authenticator-protocol-v2.0-rd-20170927.html#authenticatorGetInfo
-class AuthenticatorGetInfoResponse {
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorGetInfoResponse {
 public:
  AuthenticatorGetInfoResponse(CtapDeviceResponseCode response_code,
                               std::vector<std::string> versions,

--- a/device/fido/authenticator_make_credential_response.h
+++ b/device/fido/authenticator_make_credential_response.h
@@ -9,6 +9,7 @@

 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "device/fido/ctap_constants.h"

@@ -18,7 +19,7 @@ namespace device {
 // data, and attestation statement returned by the authenticator as a response
 // to MakeCredential request.
 // https://fidoalliance.org/specs/fido-v2.0-rd-20170927/fido-client-to-authenticator-protocol-v2.0-rd-20170927.html#authenticatorMakeCredential
-class AuthenticatorMakeCredentialResponse {
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorMakeCredentialResponse {
 public:
  AuthenticatorMakeCredentialResponse(CtapDeviceResponseCode response_code,
                                      std::vector<uint8_t> attestation_object);

--- a/device/fido/authenticator_supported_options.h
+++ b/device/fido/authenticator_supported_options.h
@@ -5,6 +5,7 @@
 #ifndef DEVICE_FIDO_AUTHENTICATOR_SUPPORTED_OPTIONS_H_
 #define DEVICE_FIDO_AUTHENTICATOR_SUPPORTED_OPTIONS_H_

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "components/cbor/cbor_values.h"
@@ -13,7 +14,7 @@ namespace device {

 // Represents CTAP device properties and capabilities received as a response to
 // AuthenticatorGetInfo command.
-class AuthenticatorSupportedOptions {
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorSupportedOptions {
 public:
  AuthenticatorSupportedOptions();
  AuthenticatorSupportedOptions(AuthenticatorSupportedOptions&& other);

--- a/device/fido/ctap_constants.h
+++ b/device/fido/ctap_constants.h
@@ -10,6 +10,8 @@
 #include <array>
 #include <vector>

+#include "base/component_export.h"
+
 namespace device {

 // CTAP protocol device response code, as specified in
@@ -164,21 +166,22 @@ enum class kCoseAlgorithmIdentifier : int { kCoseEs256 = -7 };

 // String key values for CTAP request optional parameters and
 // AuthenticatorGetInfo response.
-extern const char kResidentKeyMapKey[];
-extern const char kUserVerificationMapKey[];
-extern const char kUserPresenceMapKey[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kResidentKeyMapKey[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kUserVerificationMapKey[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kUserPresenceMapKey[];

 // HID transport specific constants.
-extern const size_t kHidPacketSize;
-extern const uint32_t kHidBroadcastChannel;
-extern const size_t kHidInitPacketHeaderSize;
-extern const size_t kHidContinuationPacketHeader;
-extern const size_t kHidMaxPacketSize;
-extern const size_t kHidInitPacketDataSize;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const size_t kHidPacketSize;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const uint32_t kHidBroadcastChannel;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const size_t kHidInitPacketHeaderSize;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const size_t kHidContinuationPacketHeader;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const size_t kHidMaxPacketSize;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const size_t kHidInitPacketDataSize;
+COMPONENT_EXPORT(DEVICE_FIDO)
 extern const size_t kHidContinuationPacketDataSize;
-extern const uint8_t kHidMaxLockSeconds;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const uint8_t kHidMaxLockSeconds;
 // Messages are limited to an initiation packet and 128 continuation packets.
-extern const size_t kHidMaxMessageSize;
+COMPONENT_EXPORT(DEVICE_FIDO) extern const size_t kHidMaxMessageSize;

 }  // namespace device


--- a/device/fido/ctap_empty_authenticator_request.h
+++ b/device/fido/ctap_empty_authenticator_request.h
@@ -10,6 +10,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "device/fido/ctap_constants.h"

 namespace device {
@@ -19,7 +20,7 @@ namespace internal {
 // Represents CTAP requests with empty parameters, including
 // AuthenticatorGetInfo, AuthenticatorCancel, AuthenticatorReset and
 // AuthenticatorGetNextAssertion commands.
-class CtapEmptyAuthenticatorRequest {
+class COMPONENT_EXPORT(DEVICE_FIDO) CtapEmptyAuthenticatorRequest {
 public:
  CtapRequestCommand cmd() const { return cmd_; }
  std::vector<uint8_t> Serialize() const;
@@ -33,7 +34,7 @@ class CtapEmptyAuthenticatorRequest {

 }  // namespace internal

-class AuthenticatorGetNextAssertionRequest
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorGetNextAssertionRequest
    : public internal::CtapEmptyAuthenticatorRequest {
 public:
  AuthenticatorGetNextAssertionRequest()
@@ -41,7 +42,7 @@ class AuthenticatorGetNextAssertionRequest
            CtapRequestCommand::kAuthenticatorGetNextAssertion) {}
 };

-class AuthenticatorGetInfoRequest
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorGetInfoRequest
    : public internal::CtapEmptyAuthenticatorRequest {
 public:
  AuthenticatorGetInfoRequest()
@@ -49,7 +50,7 @@ class AuthenticatorGetInfoRequest
            CtapRequestCommand::kAuthenticatorGetInfo) {}
 };

-class AuthenticatorResetRequest
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorResetRequest
    : public internal::CtapEmptyAuthenticatorRequest {
 public:
  AuthenticatorResetRequest()
@@ -57,7 +58,7 @@ class AuthenticatorResetRequest
  }
 };

-class AuthenticatorCancelRequest
+class COMPONENT_EXPORT(DEVICE_FIDO) AuthenticatorCancelRequest
    : public internal::CtapEmptyAuthenticatorRequest {
 public:
  AuthenticatorCancelRequest()

--- a/device/fido/ctap_get_assertion_request.h
+++ b/device/fido/ctap_get_assertion_request.h
@@ -10,6 +10,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/public_key_credential_descriptor.h"
@@ -19,7 +20,7 @@ namespace device {
 // Object that encapsulates request parameters for AuthenticatorGetAssertion as
 // specified in the CTAP spec.
 // https://fidoalliance.org/specs/fido-v2.0-rd-20161004/fido-client-to-authenticator-protocol-v2.0-rd-20161004.html#authenticatorgetassertion
-class CtapGetAssertionRequest {
+class COMPONENT_EXPORT(DEVICE_FIDO) CtapGetAssertionRequest {
 public:
  CtapGetAssertionRequest(std::string rp_id,
                          std::vector<uint8_t> client_data_hash);

--- a/device/fido/ctap_make_credential_request.h
+++ b/device/fido/ctap_make_credential_request.h
@@ -10,6 +10,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/public_key_credential_descriptor.h"
@@ -22,7 +23,7 @@ namespace device {
 // Object containing request parameters for AuthenticatorMakeCredential command
 // as specified in
 // https://fidoalliance.org/specs/fido-v2.0-rd-20170927/fido-client-to-authenticator-protocol-v2.0-rd-20170927.html
-class CtapMakeCredentialRequest {
+class COMPONENT_EXPORT(DEVICE_FIDO) CtapMakeCredentialRequest {
 public:
  CtapMakeCredentialRequest(
      std::vector<uint8_t> client_data_hash,

--- a/device/fido/device_response_converter.h
+++ b/device/fido/device_response_converter.h
@@ -9,6 +9,7 @@

 #include <vector>

+#include "base/component_export.h"
 #include "base/optional.h"
 #include "device/fido/authenticator_get_assertion_response.h"
 #include "device/fido/authenticator_get_info_response.h"
@@ -22,12 +23,14 @@ namespace device {

 // Parses response code from response received from the authenticator. If
 // unknown response code value is received, then CTAP2_ERR_OTHER is returned.
+COMPONENT_EXPORT(DEVICE_FIDO)
 CtapDeviceResponseCode GetResponseCode(const std::vector<uint8_t>& buffer);

 // De-serializes CBOR encoded response, checks for valid CBOR map formatting,
 // and converts response to AuthenticatorMakeCredentialResponse object with
 // CBOR map keys that conform to format of attestation object defined by the
 // WebAuthN spec : https://w3c.github.io/webauthn/#fig-attStructs
+COMPONENT_EXPORT(DEVICE_FIDO)
 base::Optional<AuthenticatorMakeCredentialResponse>
 ReadCTAPMakeCredentialResponse(CtapDeviceResponseCode response_code,
                               const std::vector<uint8_t>& buffer);
@@ -35,12 +38,14 @@ ReadCTAPMakeCredentialResponse(CtapDeviceResponseCode response_code,
 // De-serializes CBOR encoded response to AuthenticatorGetAssertion /
 // AuthenticatorGetNextAssertion request to AuthenticatorGetAssertionResponse
 // object.
+COMPONENT_EXPORT(DEVICE_FIDO)
 base::Optional<AuthenticatorGetAssertionResponse> ReadCTAPGetAssertionResponse(
    CtapDeviceResponseCode response_code,
    const std::vector<uint8_t>& buffer);

 // De-serializes CBOR encoded response to AuthenticatorGetInfo request to
 // AuthenticatorGetInfoResponse object.
+COMPONENT_EXPORT(DEVICE_FIDO)
 base::Optional<AuthenticatorGetInfoResponse> ReadCTAPGetInfoResponse(
    CtapDeviceResponseCode response_code,
    const std::vector<uint8_t>& buffer);

--- a/device/fido/ec_public_key.h
+++ b/device/fido/ec_public_key.h
@@ -10,6 +10,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/span.h"
 #include "base/macros.h"
 #include "device/fido/public_key.h"
@@ -19,7 +20,7 @@ namespace device {
 // An uncompressed ECPublicKey consisting of 64 bytes:
 // - the 32-byte x coordinate
 // - the 32-byte y coordinate.
-class ECPublicKey : public PublicKey {
+class COMPONENT_EXPORT(DEVICE_FIDO) ECPublicKey : public PublicKey {
 public:
  static std::unique_ptr<ECPublicKey> ExtractFromU2fRegistrationResponse(
      std::string algorithm,

--- a/device/fido/fake_hid_impl_for_testing.h
+++ b/device/fido/fake_hid_impl_for_testing.h
@@ -11,6 +11,7 @@

 #include "base/bind.h"
 #include "base/containers/span.h"
+#include "base/macros.h"
 #include "base/memory/ptr_util.h"
 #include "mojo/public/cpp/bindings/binding_set.h"
 #include "mojo/public/cpp/bindings/interface_ptr_set.h"
@@ -56,6 +57,8 @@ class MockHidConnection : public device::mojom::HidConnection {
  device::mojom::HidDeviceInfoPtr device_;
  std::vector<uint8_t> nonce_;
  std::vector<uint8_t> connection_channel_id_;
+
+  DISALLOW_COPY_AND_ASSIGN(MockHidConnection);
 };

 class FakeHidConnection : public device::mojom::HidConnection {
@@ -79,6 +82,8 @@ class FakeHidConnection : public device::mojom::HidConnection {

 private:
  device::mojom::HidDeviceInfoPtr device_;
+
+  DISALLOW_COPY_AND_ASSIGN(FakeHidConnection);
 };

 class FakeHidManager : public device::mojom::HidManager {
@@ -105,6 +110,8 @@ class FakeHidManager : public device::mojom::HidManager {
  std::map<std::string, device::mojom::HidConnectionPtr> connections_;
  mojo::AssociatedInterfacePtrSet<device::mojom::HidManagerClient> clients_;
  mojo::BindingSet<device::mojom::HidManager> bindings_;
+
+  DISALLOW_COPY_AND_ASSIGN(FakeHidManager);
 };

 }  // namespace device

--- a/device/fido/fido_attestation_statement.h
+++ b/device/fido/fido_attestation_statement.h
@@ -9,6 +9,7 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/span.h"
 #include "base/macros.h"
 #include "components/cbor/cbor_values.h"
@@ -17,7 +18,8 @@
 namespace device {

 // https://www.w3.org/TR/2017/WD-webauthn-20170505/#fido-u2f-attestation
-class FidoAttestationStatement : public AttestationStatement {
+class COMPONENT_EXPORT(DEVICE_FIDO) FidoAttestationStatement
+    : public AttestationStatement {
 public:
  static std::unique_ptr<FidoAttestationStatement>
  CreateFromU2fRegisterResponse(base::span<const uint8_t> u2f_data);

--- a/device/fido/fido_hid_message.h
+++ b/device/fido/fido_hid_message.h
@@ -12,9 +12,11 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/circular_deque.h"
 #include "base/containers/queue.h"
 #include "base/containers/span.h"
+#include "base/macros.h"
 #include "device/fido/ctap_constants.h"
 #include "device/fido/fido_hid_packet.h"

@@ -22,7 +24,7 @@ namespace device {

 // Represents HID message format defined by the specification at
 // https://fidoalliance.org/specs/fido-v2.0-rd-20161004/fido-client-to-authenticator-protocol-v2.0-rd-20161004.html#message-and-packet-structure
-class FidoHidMessage {
+class COMPONENT_EXPORT(DEVICE_FIDO) FidoHidMessage {
 public:
  // Static functions to create CTAP/U2F HID commands.
  static std::unique_ptr<FidoHidMessage> Create(uint32_t channel_id,
@@ -61,6 +63,8 @@ class FidoHidMessage {
  CtapHidDeviceCommand cmd_ = CtapHidDeviceCommand::kCtapHidMsg;
  base::circular_deque<std::unique_ptr<FidoHidPacket>> packets_;
  size_t remaining_size_ = 0;
+
+  DISALLOW_COPY_AND_ASSIGN(FidoHidMessage);
 };

 }  // namespace device

--- a/device/fido/fido_hid_packet.h
+++ b/device/fido/fido_hid_packet.h
@@ -11,7 +11,9 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/span.h"
+#include "base/macros.h"
 #include "device/fido/ctap_constants.h"

 namespace device {
@@ -22,7 +24,7 @@ namespace device {
 // packets. HID Packets have header information and a payload. If a
 // FidoHidInitPacket cannot store the entire payload, further payload
 // information is stored in HidContinuationPackets.
-class FidoHidPacket {
+class COMPONENT_EXPORT(DEVICE_FIDO) FidoHidPacket {
 public:
  FidoHidPacket(std::vector<uint8_t> data, uint32_t channel_id);
  virtual ~FidoHidPacket();
@@ -39,6 +41,8 @@ class FidoHidPacket {

 private:
  friend class HidMessage;
+
+  DISALLOW_COPY_AND_ASSIGN(FidoHidPacket);
 };

 // FidoHidInitPacket, based on the CTAP specification consists of a header with
@@ -47,7 +51,7 @@ class FidoHidPacket {
 // determine the type of message the packet corresponds to. Payload length
 // is the length of the entire message payload, and the data is only the portion
 // of the payload that will fit into the HidInitPacket.
-class FidoHidInitPacket : public FidoHidPacket {
+class COMPONENT_EXPORT(DEVICE_FIDO) FidoHidInitPacket : public FidoHidPacket {
 public:
  // Creates a packet from the serialized data of an initialization packet. As
  // this is the first packet, the payload length of the entire message will be
@@ -70,6 +74,8 @@ class FidoHidInitPacket : public FidoHidPacket {
 private:
  CtapHidDeviceCommand command_;
  uint16_t payload_length_;
+
+  DISALLOW_COPY_AND_ASSIGN(FidoHidInitPacket);
 };

 // FidoHidContinuationPacket, based on the CTAP Specification consists of a
@@ -77,7 +83,8 @@ class FidoHidInitPacket : public FidoHidPacket {
 // will be identical to the identifier in all other packets of the message. The
 // packet sequence will be the sequence number of this particular packet, from
 // 0x00 to 0x7f.
-class FidoHidContinuationPacket : public FidoHidPacket {
+class COMPONENT_EXPORT(DEVICE_FIDO) FidoHidContinuationPacket
+    : public FidoHidPacket {
 public:
  // Creates a packet from the serialized data of a continuation packet. As an
  // HidInitPacket would have arrived earlier with the total payload size,
@@ -97,6 +104,8 @@ class FidoHidContinuationPacket : public FidoHidPacket {

 private:
  uint8_t sequence_;
+
+  DISALLOW_COPY_AND_ASSIGN(FidoHidContinuationPacket);
 };

 }  // namespace device

--- a/device/fido/mock_u2f_ble_connection.h
+++ b/device/fido/mock_u2f_ble_connection.h
@@ -8,6 +8,8 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
+#include "base/macros.h"
 #include "device/fido/u2f_ble_connection.h"
 #include "testing/gmock/include/gmock/gmock.h"

@@ -45,6 +47,8 @@ class MockU2fBleConnection : public U2fBleConnection {
 private:
  ConnectionStatusCallback connection_status_callback_;
  ReadCallback read_callback_;
+
+  DISALLOW_COPY_AND_ASSIGN(MockU2fBleConnection);
 };

 }  // namespace device

--- a/device/fido/mock_u2f_device.h
+++ b/device/fido/mock_u2f_device.h
@@ -11,6 +11,8 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
+#include "base/macros.h"
 #include "device/fido/u2f_device.h"
 #include "testing/gmock/include/gmock/gmock.h"

@@ -51,6 +53,8 @@ class MockU2fDevice : public U2fDevice {

 private:
  base::WeakPtrFactory<U2fDevice> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(MockU2fDevice);
 };

 }  // namespace device

--- a/device/fido/mock_u2f_discovery_observer.h
+++ b/device/fido/mock_u2f_discovery_observer.h
@@ -5,6 +5,8 @@
 #ifndef DEVICE_FIDO_MOCK_U2F_DISCOVERY_OBSERVER_H_
 #define DEVICE_FIDO_MOCK_U2F_DISCOVERY_OBSERVER_H_

+#include "base/component_export.h"
+#include "base/macros.h"
 #include "device/fido/u2f_discovery.h"
 #include "testing/gmock/include/gmock/gmock.h"

@@ -21,6 +23,9 @@ class MockU2fDiscoveryObserver : public U2fDiscovery::Observer {
  MOCK_METHOD2(DiscoveryStopped, void(U2fDiscovery*, bool));
  MOCK_METHOD2(DeviceAdded, void(U2fDiscovery*, U2fDevice*));
  MOCK_METHOD2(DeviceRemoved, void(U2fDiscovery*, U2fDevice*));
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(MockU2fDiscoveryObserver);
 };

 }  // namespace device

--- a/device/fido/public_key.cc
+++ b/device/fido/public_key.cc
@@ -6,8 +6,6 @@

 #include <utility>

-#include "base/macros.h"
-
 namespace device {

 PublicKey::~PublicKey() = default;

--- a/device/fido/public_key.h
+++ b/device/fido/public_key.h
@@ -9,12 +9,13 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"

 namespace device {

 // https://www.w3.org/TR/2017/WD-webauthn-20170505/#sec-attestation-data.
-class PublicKey {
+class COMPONENT_EXPORT(DEVICE_FIDO) PublicKey {
 public:
  virtual ~PublicKey();


--- a/device/fido/public_key_credential_descriptor.h
+++ b/device/fido/public_key_credential_descriptor.h
@@ -9,6 +9,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/optional.h"
 #include "components/cbor/cbor_values.h"

@@ -18,7 +19,7 @@ namespace device {
 // id (byte array) as specified in the CTAP spec. Used for exclude_list for
 // AuthenticatorMakeCredential command and allow_list parameter for
 // AuthenticatorGetAssertion command.
-class PublicKeyCredentialDescriptor {
+class COMPONENT_EXPORT(DEVICE_FIDO) PublicKeyCredentialDescriptor {
 public:
  static base::Optional<PublicKeyCredentialDescriptor> CreateFromCBORValue(
      const cbor::CBORValue& cbor);

--- a/device/fido/public_key_credential_params.h
+++ b/device/fido/public_key_credential_params.h
@@ -9,6 +9,7 @@
 #include <tuple>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/numerics/safe_conversions.h"
 #include "components/cbor/cbor_values.h"
@@ -19,7 +20,7 @@ namespace device {
 // Data structure containing public key credential type(string) and
 // cryptographic algorithm(integer) as specified by the CTAP spec. Used as a
 // request parameter for AuthenticatorMakeCredential.
-class PublicKeyCredentialParams {
+class COMPONENT_EXPORT(DEVICE_FIDO) PublicKeyCredentialParams {
 public:
  struct CredentialInfo {
    std::string type;

--- a/device/fido/public_key_credential_rp_entity.h
+++ b/device/fido/public_key_credential_rp_entity.h
@@ -8,6 +8,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/optional.h"
 #include "components/cbor/cbor_values.h"
@@ -18,7 +19,7 @@ namespace device {
 // Data structure containing information about relying party that invoked
 // WebAuth API. Includes a relying party id, an optional relying party name,,
 // and optional relying party display image url.
-class PublicKeyCredentialRpEntity {
+class COMPONENT_EXPORT(DEVICE_FIDO) PublicKeyCredentialRpEntity {
 public:
  explicit PublicKeyCredentialRpEntity(std::string rp_id);
  PublicKeyCredentialRpEntity(PublicKeyCredentialRpEntity&& other);

--- a/device/fido/public_key_credential_user_entity.h
+++ b/device/fido/public_key_credential_user_entity.h
@@ -9,6 +9,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/optional.h"
 #include "components/cbor/cbor_values.h"
 #include "url/gurl.h"
@@ -19,7 +20,7 @@ namespace device {
 // display image url, and an optional user display name as specified by the CTAP
 // spec. Used as required parameter type for AuthenticatorMakeCredential
 // request.
-class PublicKeyCredentialUserEntity {
+class COMPONENT_EXPORT(DEVICE_FIDO) PublicKeyCredentialUserEntity {
 public:
  static base::Optional<PublicKeyCredentialUserEntity> CreateFromCBORValue(
      const cbor::CBORValue& cbor);

--- a/device/fido/register_response_data.h
+++ b/device/fido/register_response_data.h
@@ -10,6 +10,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/span.h"
 #include "base/macros.h"
 #include "base/optional.h"
@@ -20,7 +21,7 @@ namespace device {
 class AttestationObject;

 // See figure 2: https://goo.gl/rsgvXk
-class RegisterResponseData : public ResponseData {
+class COMPONENT_EXPORT(DEVICE_FIDO) RegisterResponseData : public ResponseData {
 public:
  static base::Optional<RegisterResponseData> CreateFromU2fRegisterResponse(
      const std::vector<uint8_t>& relying_party_id_hash,

--- a/device/fido/response_data.h
+++ b/device/fido/response_data.h
@@ -10,12 +10,13 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"

 namespace device {

 // Base class for RegisterResponseData and SignResponseData.
-class ResponseData {
+class COMPONENT_EXPORT(DEVICE_FIDO) ResponseData {
 public:
  std::string GetId() const;
  const std::vector<uint8_t>& raw_id() const { return raw_id_; }

--- a/device/fido/sign_response_data.h
+++ b/device/fido/sign_response_data.h
@@ -9,6 +9,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "device/fido/authenticator_data.h"
 #include "device/fido/response_data.h"
@@ -18,7 +19,7 @@ namespace device {
 // Corresponds to a CTAP AuthenticatorGetAssertion response.
 // See mapping from a U2F response to a CTAP response
 // at https://goo.gl/eZTacx.
-class SignResponseData : public ResponseData {
+class COMPONENT_EXPORT(DEVICE_FIDO) SignResponseData : public ResponseData {
 public:
  static base::Optional<SignResponseData> CreateFromU2fSignResponse(
      const std::vector<uint8_t>& relying_party_id_hash,

--- a/device/fido/u2f_apdu_command.h
+++ b/device/fido/u2f_apdu_command.h
@@ -9,6 +9,7 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/gtest_prod_util.h"

 namespace device {
@@ -21,7 +22,7 @@ namespace device {
 // byte, denoting the instruction code, P1 and P2, each one byte denoting
 // instruction parameters, a length field (Lc), a data field of length Lc, and
 // a maximum expected response length (Le).
-class U2fApduCommand {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fApduCommand {
 public:
  U2fApduCommand();
  U2fApduCommand(uint8_t cla,

--- a/device/fido/u2f_apdu_response.h
+++ b/device/fido/u2f_apdu_response.h
@@ -8,6 +8,7 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/gtest_prod_util.h"
 #include "base/memory/ref_counted.h"

@@ -16,7 +17,7 @@ namespace device {
 // APDU responses are defined as part of ISO 7816-4. Serialized responses
 // consist of a data field of varying length, up to a maximum 65536, and a
 // two byte status field.
-class U2fApduResponse {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fApduResponse {
 public:
  // Status bytes are specified in ISO 7816-4
  enum class Status : uint16_t {
@@ -33,8 +34,8 @@ class U2fApduResponse {
  static std::unique_ptr<U2fApduResponse> CreateFromMessage(
      const std::vector<uint8_t>& data);
  std::vector<uint8_t> GetEncodedResponse() const;
-  const std::vector<uint8_t> data() const { return data_; };
-  Status status() const { return response_status_; };
+  const std::vector<uint8_t> data() const { return data_; }
+  Status status() const { return response_status_; }

 private:
  FRIEND_TEST_ALL_PREFIXES(U2fApduTest, TestDeserializeResponse);

--- a/device/fido/u2f_ble_connection.h
+++ b/device/fido/u2f_ble_connection.h
@@ -13,6 +13,7 @@
 #include <vector>

 #include "base/callback_forward.h"
+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
@@ -40,7 +41,8 @@ class BluetoothRemoteGattService;
 //
 // TODO(crbug.com/763303): Add support for pairing from within this class and
 // provide users with an option to manually specify a PIN code.
-class U2fBleConnection : public BluetoothAdapter::Observer {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleConnection
+    : public BluetoothAdapter::Observer {
 public:
  enum class ServiceRevision {
    VERSION_1_0,

--- a/device/fido/u2f_ble_device.h
+++ b/device/fido/u2f_ble_device.h
@@ -10,6 +10,7 @@
 #include <utility>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/queue.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
@@ -24,7 +25,7 @@ namespace device {

 class U2fBleFrame;

-class U2fBleDevice : public U2fDevice {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleDevice : public U2fDevice {
 public:
  using FrameCallback = U2fBleTransaction::FrameCallback;
  explicit U2fBleDevice(std::string address);

--- a/device/fido/u2f_ble_discovery.h
+++ b/device/fido/u2f_ble_discovery.h
@@ -7,6 +7,8 @@

 #include <memory>

+#include "base/component_export.h"
+#include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
 #include "device/bluetooth/bluetooth_adapter.h"
@@ -18,7 +20,9 @@ class BluetoothDevice;
 class BluetoothDiscoverySession;
 class BluetoothUUID;

-class U2fBleDiscovery : public U2fDiscovery, BluetoothAdapter::Observer {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleDiscovery
+    : public U2fDiscovery,
+      BluetoothAdapter::Observer {
 public:
  U2fBleDiscovery();
  ~U2fBleDiscovery() override;

--- a/device/fido/u2f_ble_frames.h
+++ b/device/fido/u2f_ble_frames.h
@@ -10,6 +10,7 @@
 #include <utility>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/queue.h"
 #include "base/containers/span.h"
 #include "base/macros.h"
@@ -28,7 +29,7 @@ class U2fBleFrameContinuationFragment;
 // https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-bt-protocol-v1.2-ps-20170411.html#h2_framing
 //
 // TODO(crbug/763303): Consider refactoring U2fMessage to support BLE frames.
-class U2fBleFrame {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleFrame {
 public:
  // The values which can be carried in the |data| section of a KEEPALIVE
  // message sent from an authenticator.
@@ -97,7 +98,7 @@ class U2fBleFrame {
 // https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-bt-protocol-v1.2-ps-20170411.html#h2_framing-fragmentation
 //
 // Note: This class and its subclasses don't own the |data|.
-class U2fBleFrameFragment {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleFrameFragment {
 public:
  base::span<const uint8_t> fragment() const { return fragment_; }
  virtual size_t Serialize(std::vector<uint8_t>* buffer) const = 0;
@@ -113,7 +114,8 @@ class U2fBleFrameFragment {
 };

 // An initialization fragment of a frame.
-class U2fBleFrameInitializationFragment : public U2fBleFrameFragment {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleFrameInitializationFragment
+    : public U2fBleFrameFragment {
 public:
  static bool Parse(base::span<const uint8_t> data,
                    U2fBleFrameInitializationFragment* fragment);
@@ -137,7 +139,8 @@ class U2fBleFrameInitializationFragment : public U2fBleFrameFragment {
 };

 // A continuation fragment of a frame.
-class U2fBleFrameContinuationFragment : public U2fBleFrameFragment {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleFrameContinuationFragment
+    : public U2fBleFrameFragment {
 public:
  static bool Parse(base::span<const uint8_t> data,
                    U2fBleFrameContinuationFragment* fragment);
@@ -156,7 +159,7 @@ class U2fBleFrameContinuationFragment : public U2fBleFrameFragment {
 };

 // The helper used to construct a U2fBleFrame from a sequence of its fragments.
-class U2fBleFrameAssembler {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fBleFrameAssembler {
 public:
  explicit U2fBleFrameAssembler(
      const U2fBleFrameInitializationFragment& fragment);

--- a/device/fido/u2f_ble_transaction.h
+++ b/device/fido/u2f_ble_transaction.h
@@ -9,6 +9,7 @@
 #include <vector>

 #include "base/containers/queue.h"
+#include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "base/optional.h"
 #include "base/timer/timer.h"
@@ -54,6 +55,8 @@ class U2fBleTransaction {
  base::OneShotTimer timer_;

  base::WeakPtrFactory<U2fBleTransaction> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(U2fBleTransaction);
 };

 }  // namespace device

--- a/device/fido/u2f_ble_uuids.h
+++ b/device/fido/u2f_ble_uuids.h
@@ -5,6 +5,8 @@
 #ifndef DEVICE_FIDO_U2F_BLE_UUIDS_H_
 #define DEVICE_FIDO_U2F_BLE_UUIDS_H_

+#include "base/component_export.h"
+
 namespace device {

 // U2F GATT Service's UUIDs as defined by the standard:
@@ -13,11 +15,12 @@ namespace device {
 // For details on how the short UUIDs for U2F Service (0xFFFD) and U2F Service
 // Revision (0x2A28) were converted to the long canonical ones, see
 // https://www.bluetooth.com/specifications/assigned-numbers/service-discovery
-extern const char kU2fServiceUUID[];
-extern const char kU2fControlPointUUID[];
-extern const char kU2fStatusUUID[];
-extern const char kU2fControlPointLengthUUID[];
-extern const char kU2fServiceRevisionUUID[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kU2fServiceUUID[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kU2fControlPointUUID[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kU2fStatusUUID[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kU2fControlPointLengthUUID[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kU2fServiceRevisionUUID[];
+COMPONENT_EXPORT(DEVICE_FIDO)
 extern const char kU2fServiceRevisionBitfieldUUID[];

 }  // namespace device

--- a/device/fido/u2f_device.h
+++ b/device/fido/u2f_device.h
@@ -10,6 +10,8 @@
 #include <vector>

 #include "base/callback.h"
+#include "base/component_export.h"
+#include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "device/fido/u2f_apdu_response.h"
 #include "device/fido/u2f_return_code.h"
@@ -18,7 +20,7 @@ namespace device {

 // Device abstraction for an individual U2F device. A U2F device defines the
 // standardized Register, Sign, and GetVersion methods.
-class U2fDevice {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fDevice {
 public:
  enum class ProtocolVersion {
    U2F_V2,

--- a/device/fido/u2f_discovery.cc
+++ b/device/fido/u2f_discovery.cc
@@ -45,6 +45,8 @@ std::unique_ptr<U2fDiscovery> CreateU2fDiscoveryImpl(

 }  // namespace

+U2fDiscovery::Observer::~Observer() = default;
+
 // static
 U2fDiscovery::FactoryFuncPtr U2fDiscovery::g_factory_func_ =
    &CreateU2fDiscoveryImpl;

--- a/device/fido/u2f_discovery.h
+++ b/device/fido/u2f_discovery.h
@@ -11,6 +11,7 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "base/observer_list.h"
@@ -29,11 +30,11 @@ namespace internal {
 class ScopedU2fDiscoveryFactory;
 }

-class U2fDiscovery {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fDiscovery {
 public:
-  class Observer {
+  class COMPONENT_EXPORT(DEVICE_FIDO) Observer {
   public:
-    virtual ~Observer() = default;
+    virtual ~Observer();
    virtual void DiscoveryStarted(U2fDiscovery* discovery, bool success) = 0;
    virtual void DiscoveryStopped(U2fDiscovery* discovery, bool success) = 0;
    virtual void DeviceAdded(U2fDiscovery* discovery, U2fDevice* device) = 0;

--- a/device/fido/u2f_hid_device.h
+++ b/device/fido/u2f_hid_device.h
@@ -12,6 +12,8 @@
 #include <vector>

 #include "base/cancelable_callback.h"
+#include "base/component_export.h"
+#include "base/macros.h"
 #include "device/fido/u2f_device.h"
 #include "services/device/public/mojom/hid.mojom.h"

@@ -19,7 +21,7 @@ namespace device {

 class FidoHidMessage;

-class U2fHidDevice : public U2fDevice {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fHidDevice : public U2fDevice {
 public:
  U2fHidDevice(device::mojom::HidDeviceInfoPtr device_info,
               device::mojom::HidManager* hid_manager);

--- a/device/fido/u2f_hid_discovery.h
+++ b/device/fido/u2f_hid_discovery.h
@@ -8,6 +8,7 @@
 #include <memory>
 #include <vector>

+#include "base/component_export.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "device/fido/u2f_discovery.h"
@@ -25,7 +26,9 @@ namespace device {
 // servicification is unblocked, we'll move U2F back to //service/device/.
 // Then it will talk to HID via C++ as part of servicifying U2F.

-class U2fHidDiscovery : public U2fDiscovery, device::mojom::HidManagerClient {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fHidDiscovery
+    : public U2fDiscovery,
+      device::mojom::HidManagerClient {
 public:
  explicit U2fHidDiscovery(::service_manager::Connector* connector);
  ~U2fHidDiscovery() override;

--- a/device/fido/u2f_parsing_utils.h
+++ b/device/fido/u2f_parsing_utils.h
@@ -9,19 +9,25 @@
 #include <stdint.h>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/span.h"

 namespace device {
 namespace u2f_parsing_utils {
+
 // U2FResponse offsets. The format of a U2F response is defined in
 // https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#registration-response-message-success
+COMPONENT_EXPORT(DEVICE_FIDO)
 extern const uint32_t kU2fResponseKeyHandleLengthPos;
+COMPONENT_EXPORT(DEVICE_FIDO)
 extern const uint32_t kU2fResponseKeyHandleStartPos;
-extern const char kEs256[];
+COMPONENT_EXPORT(DEVICE_FIDO) extern const char kEs256[];

+COMPONENT_EXPORT(DEVICE_FIDO)
 void Append(std::vector<uint8_t>* target, base::span<const uint8_t> in_values);

 // Parses out a sub-vector after verifying no out-of-bound reads.
+COMPONENT_EXPORT(DEVICE_FIDO)
 std::vector<uint8_t> Extract(base::span<const uint8_t> source,
                             size_t pos,
                             size_t length);

--- a/device/fido/u2f_register.h
+++ b/device/fido/u2f_register.h
@@ -10,7 +10,9 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/flat_set.h"
+#include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/u2f_request.h"
 #include "device/fido/u2f_transport_protocol.h"
@@ -23,7 +25,7 @@ namespace device {

 class RegisterResponseData;

-class U2fRegister : public U2fRequest {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fRegister : public U2fRequest {
 public:
  using RegisterResponseCallback = base::OnceCallback<void(
      U2fReturnCode status_code,
@@ -78,6 +80,8 @@ class U2fRegister : public U2fRequest {
  // exclude list.
  std::set<std::string> checked_device_id_list_;
  base::WeakPtrFactory<U2fRegister> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(U2fRegister);
 };

 }  // namespace device

--- a/device/fido/u2f_request.h
+++ b/device/fido/u2f_request.h
@@ -11,7 +11,9 @@
 #include <vector>

 #include "base/cancelable_callback.h"
+#include "base/component_export.h"
 #include "base/containers/flat_set.h"
+#include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/u2f_apdu_command.h"
 #include "device/fido/u2f_device.h"
@@ -24,7 +26,7 @@ class Connector;

 namespace device {

-class U2fRequest : public U2fDiscovery::Observer {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fRequest : public U2fDiscovery::Observer {
 public:
  // U2fRequest will create a discovery instance and register itself as an
  // observer for each passed in transport protocol.
@@ -107,6 +109,8 @@ class U2fRequest : public U2fDiscovery::Observer {
  size_t started_count_ = 0;

  base::WeakPtrFactory<U2fRequest> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(U2fRequest);
 };

 }  // namespace device

--- a/device/fido/u2f_sign.h
+++ b/device/fido/u2f_sign.h
@@ -9,7 +9,9 @@
 #include <string>
 #include <vector>

+#include "base/component_export.h"
 #include "base/containers/flat_set.h"
+#include "base/macros.h"
 #include "base/optional.h"
 #include "device/fido/sign_response_data.h"
 #include "device/fido/u2f_request.h"
@@ -21,7 +23,7 @@ class Connector;

 namespace device {

-class U2fSign : public U2fRequest {
+class COMPONENT_EXPORT(DEVICE_FIDO) U2fSign : public U2fRequest {
 public:
  using SignResponseCallback =
      base::OnceCallback<void(U2fReturnCode status_code,
@@ -71,6 +73,8 @@ class U2fSign : public U2fRequest {
  SignResponseCallback completion_callback_;

  base::WeakPtrFactory<U2fSign> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(U2fSign);
 };

 }  // namespace device