| David Zeuthen | 630de2a | 2020-05-11 14:04:54 -0400 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2020, The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #if !defined(EIC_INSIDE_LIBEIC_H) && !defined(EIC_COMPILATION) |
| 18 | #error "Never include this file directly, include libeic.h instead." |
| 19 | #endif |
| 20 | |
| 21 | #ifndef ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H |
| 22 | #define ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H |
| 23 | |
| 24 | #ifdef __cplusplus |
| 25 | extern "C" { |
| 26 | #endif |
| 27 | |
| 28 | #include "EicCbor.h" |
| 29 | |
| 30 | #define EIC_MAX_NUM_NAMESPACES 32 |
| 31 | #define EIC_MAX_NUM_ACCESS_CONTROL_PROFILE_IDS 32 |
| 32 | |
| 33 | typedef struct { |
| 34 | // Set by eicCreateCredentialKey. |
| 35 | uint8_t credentialPrivateKey[EIC_P256_PRIV_KEY_SIZE]; |
| 36 | |
| 37 | int numEntryCounts; |
| 38 | uint8_t entryCounts[EIC_MAX_NUM_NAMESPACES]; |
| 39 | |
| 40 | int curNamespace; |
| 41 | int curNamespaceNumProcessed; |
| 42 | |
| 43 | size_t curEntrySize; |
| 44 | size_t curEntryNumBytesReceived; |
| 45 | |
| 46 | uint8_t storageKey[EIC_AES_128_KEY_SIZE]; |
| 47 | |
| 48 | size_t expectedCborSizeAtEnd; |
| 49 | |
| 50 | // SHA-256 for AdditionalData, updated for each entry. |
| 51 | uint8_t additionalDataSha256[EIC_SHA256_DIGEST_SIZE]; |
| 52 | |
| 53 | EicCbor cbor; |
| 54 | |
| 55 | bool testCredential; |
| 56 | } EicProvisioning; |
| 57 | |
| 58 | bool eicProvisioningInit(EicProvisioning* ctx, bool testCredential); |
| 59 | |
| 60 | bool eicProvisioningCreateCredentialKey(EicProvisioning* ctx, const uint8_t* challenge, |
| 61 | size_t challengeSize, const uint8_t* applicationId, |
| 62 | size_t applicationIdSize, uint8_t* publicKeyCert, |
| 63 | size_t* publicKeyCertSize); |
| 64 | |
| 65 | bool eicProvisioningStartPersonalization(EicProvisioning* ctx, int accessControlProfileCount, |
| 66 | const int* entryCounts, size_t numEntryCounts, |
| 67 | const char* docType, |
| 68 | size_t expectedProofOfProvisioningingSize); |
| 69 | |
| 70 | bool eicProvisioningAddAccessControlProfile(EicProvisioning* ctx, int id, |
| 71 | const uint8_t* readerCertificate, |
| 72 | size_t readerCertificateSize, |
| 73 | bool userAuthenticationRequired, uint64_t timeoutMillis, |
| 74 | uint64_t secureUserId, uint8_t outMac[28]); |
| 75 | |
| 76 | // The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to |
| 77 | // avoid allocating stack space. |
| 78 | // |
| 79 | bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const int* accessControlProfileIds, |
| 80 | size_t numAccessControlProfileIds, const char* nameSpace, |
| 81 | const char* name, uint64_t entrySize, uint8_t* scratchSpace, |
| 82 | size_t scratchSpaceSize); |
| 83 | |
| 84 | // The outEncryptedContent array must be contentSize + 28 bytes long. |
| 85 | // |
| 86 | // The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to |
| 87 | // avoid allocating stack space. |
| 88 | // |
| 89 | bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const int* accessControlProfileIds, |
| 90 | size_t numAccessControlProfileIds, const char* nameSpace, |
| 91 | const char* name, const uint8_t* content, size_t contentSize, |
| 92 | uint8_t* outEncryptedContent, uint8_t* scratchSpace, |
| 93 | size_t scratchSpaceSize); |
| 94 | |
| 95 | // The data returned in |signatureOfToBeSigned| contains the ECDSA signature of |
| 96 | // the ToBeSigned CBOR from RFC 8051 "4.4. Signing and Verification Process" |
| 97 | // where content is set to the ProofOfProvisioninging CBOR. |
| 98 | // |
| 99 | bool eicProvisioningFinishAddingEntries( |
| 100 | EicProvisioning* ctx, uint8_t signatureOfToBeSigned[EIC_ECDSA_P256_SIGNATURE_SIZE]); |
| 101 | |
| 102 | // |
| 103 | // |
| 104 | // The |encryptedCredentialKeys| array is set to AES-GCM-ENC(HBK, R, CredentialKeys, docType) |
| 105 | // where |
| 106 | // |
| 107 | // CredentialKeys = [ |
| 108 | // bstr, ; storageKey, a 128-bit AES key |
| 109 | // bstr ; credentialPrivKey, the private key for credentialKey |
| 110 | // ] |
| 111 | // |
| 112 | // Since |storageKey| is 16 bytes and |credentialPrivKey| is 32 bytes, the |
| 113 | // encoded CBOR for CredentialKeys is 52 bytes and consequently |
| 114 | // |encryptedCredentialKeys| will be 52 + 28 = 80 bytes. |
| 115 | // |
| 116 | bool eicProvisioningFinishGetCredentialData(EicProvisioning* ctx, const char* docType, |
| 117 | uint8_t encryptedCredentialKeys[80]); |
| 118 | |
| 119 | #ifdef __cplusplus |
| 120 | } |
| 121 | #endif |
| 122 | |
| 123 | #endif // ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H |