provision_msg.h 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151
  1. /*
  2. * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. /**
  32. * File: provision_msg.h
  33. * Description: Definition for data structure and provision protocol
  34. *
  35. * Definition for data structure and provision protocol
  36. */
  37. #ifndef _PVE_MSG_H_
  38. #define _PVE_MSG_H_
  39. #include "epid_pve_type.h"
  40. #include "sgx_tseal.h"
  41. #include "sgx_report.h"
  42. /*error code definition*/
  43. typedef enum _pve_status_t
  44. {
  45. PVEC_SUCCESS = 0,
  46. PVEC_PARAMETER_ERROR,
  47. PVEC_INSUFFICIENT_MEMORY_ERROR,
  48. PVEC_READ_RAND_ERROR,
  49. PVEC_SIGRL_INTEGRITY_CHECK_ERROR,
  50. PVEC_MALLOC_ERROR,
  51. PVEC_EPID_BLOB_ERROR,
  52. PVEC_SE_ERROR,
  53. PVEC_IPP_ERROR,
  54. PVEC_MSG_ERROR,
  55. PVEC_PEK_SIGN_ERROR,
  56. PVEC_XEGDSK_SIGN_ERROR,
  57. PVEC_INTEGER_OVERFLOW_ERROR,
  58. PVEC_SEAL_ERROR,
  59. PVEC_EPID_ERROR,
  60. PVEC_REVOKED_ERROR,
  61. PVEC_UNSUPPORTED_VERSION_ERROR,
  62. PVEC_INVALID_CPU_ISV_SVN,
  63. PVEC_INVALID_EPID_KEY,
  64. PVEC_UNEXPECTED_ERROR /*unknown error which should never happen, it indicates there're internal logical error in PvE's code*/
  65. }pve_status_t;
  66. /*State inside PvE*/
  67. typedef enum _prov_stage_t
  68. {
  69. PVE_STAGE_IDLE, /*waiting for ProvMsg1*/
  70. PVE_STAGE_WAIT_FOR_GET_EK2, /*waiting for get ek2 after processing msg1*/
  71. PVE_STAGE_WAIT_FOR_MSG2_OR_MSG4, /*waiting for ProvMsg2 or ProvMsg4 after getting ek2*/
  72. PVE_STAGE_WAIT_FOR_MSG4, /*waiting for ProvMsg4 only*/
  73. }prov_stage_t;
  74. /*macro definition for RSA-OAEP algorithm
  75. SHA-256 will be used for the hash generation*/
  76. #define PVE_RSAOAEP_ENCRYPT_MAXLEN (RSA_3072_KEY_BYTES - 2*SHA_SIZE_BIT/8 - 2) /*190 bytes at most*/
  77. #define SHA_SIZE_BIT 256
  78. #define pointer_diff_u32(p1, p2) static_cast<uint32_t>(p1-p2)
  79. #pragma pack(1)
  80. /*input information for PvE to decode data from ProvMsg2*/
  81. typedef struct _proc_prov_msg2_blob_input_t{
  82. signed_epid_group_cert_t group_cert; /*ECDSA signed EPID Group Public Certificate decoded from ProvMsg2*/
  83. extended_epid_group_blob_t xegb;
  84. signed_pek_t pek;
  85. sgx_target_info_t pce_target_info;
  86. uint8_t challenge_nonce[CHALLENGE_NONCE_SIZE]; /*The challenge nonce from ProvMsg2*/
  87. bk_platform_info_t equiv_pi; /*The Equivalent platform_info*/
  88. bk_platform_info_t previous_pi; /*an optional platform_info for Sigrl correpondent to previous EPID (if we upgrade TCB or performance rekey)*/
  89. GroupId previous_gid; /*optional previous_gid if previous_psvn is provided*/
  90. uint8_t old_epid_data_blob[SGX_TRUSTED_EPID_BLOB_SIZE_SDK]; /*optional old epid data blob correpondent to previous EPID*/
  91. uint8_t is_previous_pi_provided; /*both previous_platform_info and old_epid_data_blob should be provided if it is true and prev gid must be provided too*/
  92. }proc_prov_msg2_blob_input_t;
  93. #define HARD_CODED_JOIN_PROOF_WITH_ESCROW_TLV_SIZE (4+sizeof(join_proof_with_escrow_t))
  94. #define HARD_CODED_EPID_MEMBER_WITH_ESCROW_TLV_SIZE (4+sizeof(membership_credential_with_escrow_t))
  95. /*output information from PvE for AESM to generate ProvMsg3*/
  96. typedef struct _gen_prov_msg3_output_t{
  97. uint8_t field1_iv[IV_SIZE]; /*The random generated IV for aes-gcm encryption of join proof and escrow data*/
  98. uint8_t field1_data[HARD_CODED_JOIN_PROOF_WITH_ESCROW_TLV_SIZE]; /*The encrypted join proof and escrow data TLV by aes-gcm*/
  99. uint8_t field1_mac[MAC_SIZE]; /*The corresponding mac value of previous encrypted data*/
  100. uint8_t n2[NONCE_2_SIZE];
  101. uint8_t epid_sig_iv[IV_SIZE]; /*The random generated IV for aes-gcm encryption of EPIDSignature if available*/
  102. uint8_t epid_sig_mac[MAC_SIZE];/*The corresponding mac value for encrypted EPIDSignature if available*/
  103. uint8_t encrypted_pwk2[PEK_MOD_SIZE];
  104. sgx_report_t pwk2_report;
  105. uint32_t epid_sig_output_size; /*The size of EPIDSignature if available*/
  106. uint8_t is_join_proof_generated;/*boolean value to tell whether join pro[of and escrow data is generated. The first three fields in this structure will be invalid if this field is false*/
  107. uint8_t is_epid_sig_generated; /*boolean value to tell whether EpidSignature is generated*/
  108. /*If it is false, the epid_sig_iv/mac/output_size are all invalid*/
  109. }gen_prov_msg3_output_t;
  110. /*input information for PvE to decode data from ProvMsg4 and generate EPID Data Blob*/
  111. typedef struct _proc_prov_msg4_input_t{
  112. extended_epid_group_blob_t xegb;
  113. uint8_t member_credential_iv[IV_SIZE]; /*The random IV to decode member credential and escrow data TLV*/
  114. uint8_t encrypted_member_credential[HARD_CODED_EPID_MEMBER_WITH_ESCROW_TLV_SIZE]; /*The encrypted member credential and escrow data TLV by aes-gcm*/
  115. uint8_t member_credential_mac[MAC_SIZE];/*The mac value of previous field*/
  116. uint8_t n2[NONCE_2_SIZE];
  117. psvn_t equivalent_psvn; /*An equivalent PSVN including ISVN and equivalent CPUSVN*/
  118. fmsp_t fmsp; /*The fmsp from provisioning backend server*/
  119. signed_epid_group_cert_t group_cert; /*ECDSA signed EPID Group Public Certificate from Intel decoded from ProvMsg4*/
  120. }proc_prov_msg4_input_t;
  121. /*The EPID Data Blob generated by PvE in processing ProvMsg4 data*/
  122. typedef struct _proc_prov_msg4_output_t{
  123. uint8_t truested_epid_blob[SGX_TRUSTED_EPID_BLOB_SIZE_SDK];
  124. }proc_prov_msg4_output_t;
  125. /*output data of PvE to generate End Point Selection TLV*/
  126. typedef struct _gen_endpoint_selection_output_t{
  127. uint8_t xid[XID_SIZE];
  128. uint8_t selector_id;
  129. }gen_endpoint_selection_output_t;
  130. #pragma pack()
  131. #define PSVN_START_IN_DEVICE_ID sizeof(ppid_t)
  132. #define PPID_START_IN_DEVICE_ID 0
  133. #define FMSP_START_IN_DEVICE_ID (sizeof(ppid_t)+sizeof(psvn_t))
  134. #endif