145 lines
5.3 KiB
C
145 lines
5.3 KiB
C
/*
|
|
* Copyright 2020, The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#ifndef ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H
|
|
#define ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#include "EicCbor.h"
|
|
|
|
#define EIC_MAX_NUM_NAMESPACES 32
|
|
#define EIC_MAX_NUM_ACCESS_CONTROL_PROFILE_IDS 32
|
|
|
|
typedef struct {
|
|
// Set by eicCreateCredentialKey() OR eicProvisioningInitForUpdate()
|
|
uint8_t credentialPrivateKey[EIC_P256_PRIV_KEY_SIZE];
|
|
|
|
int numEntryCounts;
|
|
uint8_t entryCounts[EIC_MAX_NUM_NAMESPACES];
|
|
|
|
int curNamespace;
|
|
int curNamespaceNumProcessed;
|
|
|
|
size_t curEntrySize;
|
|
size_t curEntryNumBytesReceived;
|
|
|
|
// Set by eicProvisioningInit() OR eicProvisioningInitForUpdate()
|
|
uint8_t storageKey[EIC_AES_128_KEY_SIZE];
|
|
|
|
size_t expectedCborSizeAtEnd;
|
|
|
|
// SHA-256 for AdditionalData, updated for each entry.
|
|
uint8_t additionalDataSha256[EIC_SHA256_DIGEST_SIZE];
|
|
|
|
// Digester just for ProofOfProvisioning (without Sig_structure).
|
|
EicSha256Ctx proofOfProvisioningDigester;
|
|
|
|
EicCbor cbor;
|
|
|
|
bool testCredential;
|
|
|
|
// Set to true if this is an update.
|
|
bool isUpdate;
|
|
} EicProvisioning;
|
|
|
|
bool eicProvisioningInit(EicProvisioning* ctx, bool testCredential);
|
|
|
|
bool eicProvisioningInitForUpdate(EicProvisioning* ctx, bool testCredential,
|
|
const char* docType, size_t docTypeLength,
|
|
const uint8_t* encryptedCredentialKeys,
|
|
size_t encryptedCredentialKeysSize);
|
|
|
|
bool eicProvisioningCreateCredentialKey(
|
|
EicProvisioning* ctx, const uint8_t* challenge, size_t challengeSize,
|
|
const uint8_t* applicationId, size_t applicationIdSize,
|
|
uint8_t* publicKeyCert, size_t* publicKeyCertSize);
|
|
|
|
bool eicProvisioningStartPersonalization(
|
|
EicProvisioning* ctx, int accessControlProfileCount, const int* entryCounts,
|
|
size_t numEntryCounts, const char* docType, size_t docTypeLength,
|
|
size_t expectedProofOfProvisioningingSize);
|
|
|
|
// The scratchSpace should be set to a buffer at least 512 bytes. It's done this
|
|
// way to avoid allocating stack space.
|
|
//
|
|
bool eicProvisioningAddAccessControlProfile(
|
|
EicProvisioning* ctx, int id, const uint8_t* readerCertificate,
|
|
size_t readerCertificateSize, bool userAuthenticationRequired,
|
|
uint64_t timeoutMillis, uint64_t secureUserId, uint8_t outMac[28],
|
|
uint8_t* scratchSpace, size_t scratchSpaceSize);
|
|
|
|
// The scratchSpace should be set to a buffer at least 512 bytes. It's done this
|
|
// way to avoid allocating stack space.
|
|
//
|
|
bool eicProvisioningBeginAddEntry(EicProvisioning* ctx,
|
|
const uint8_t* accessControlProfileIds,
|
|
size_t numAccessControlProfileIds,
|
|
const char* nameSpace, size_t nameSpaceLength,
|
|
const char* name, size_t nameLength,
|
|
uint64_t entrySize, uint8_t* scratchSpace,
|
|
size_t scratchSpaceSize);
|
|
|
|
// The outEncryptedContent array must be contentSize + 28 bytes long.
|
|
//
|
|
// The scratchSpace should be set to a buffer at least 512 bytes. It's done this
|
|
// way to avoid allocating stack space.
|
|
//
|
|
bool eicProvisioningAddEntryValue(
|
|
EicProvisioning* ctx, const uint8_t* accessControlProfileIds,
|
|
size_t numAccessControlProfileIds, const char* nameSpace,
|
|
size_t nameSpaceLength, const char* name, size_t nameLength,
|
|
const uint8_t* content, size_t contentSize, uint8_t* outEncryptedContent,
|
|
uint8_t* scratchSpace, size_t scratchSpaceSize);
|
|
|
|
// The data returned in |signatureOfToBeSigned| contains the ECDSA signature of
|
|
// the ToBeSigned CBOR from RFC 8051 "4.4. Signing and Verification Process"
|
|
// where content is set to the ProofOfProvisioninging CBOR.
|
|
//
|
|
bool eicProvisioningFinishAddingEntries(
|
|
EicProvisioning* ctx,
|
|
uint8_t signatureOfToBeSigned[EIC_ECDSA_P256_SIGNATURE_SIZE]);
|
|
|
|
//
|
|
//
|
|
// The |encryptedCredentialKeys| array is set to AES-GCM-ENC(HBK, R,
|
|
// CredentialKeys, docType) where
|
|
//
|
|
// CredentialKeys = [
|
|
// bstr, ; storageKey, a 128-bit AES key
|
|
// bstr ; credentialPrivKey, the private key for credentialKey
|
|
// bstr ; SHA-256(ProofOfProvisioning)
|
|
// ]
|
|
//
|
|
// for feature version 202101. For feature version 202009 the third field was
|
|
// not present.
|
|
//
|
|
// Since |storageKey| is 16 bytes and |credentialPrivKey| is 32 bytes, the
|
|
// encoded CBOR for CredentialKeys is 86 bytes and consequently
|
|
// |encryptedCredentialKeys| will be no longer than 86 + 28 = 114 bytes.
|
|
//
|
|
bool eicProvisioningFinishGetCredentialData(
|
|
EicProvisioning* ctx, const char* docType, size_t docTypeLength,
|
|
uint8_t* encryptedCredentialKeys, size_t* encryptedCredentialKeysSize);
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif // ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H
|