file_parser.h 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220
  1. /*############################################################################
  2. # Copyright 2016-2017 Intel Corporation
  3. #
  4. # Licensed under the Apache License, Version 2.0 (the "License");
  5. # you may not use this file except in compliance with the License.
  6. # You may obtain a copy of the License at
  7. #
  8. # http://www.apache.org/licenses/LICENSE-2.0
  9. #
  10. # Unless required by applicable law or agreed to in writing, software
  11. # distributed under the License is distributed on an "AS IS" BASIS,
  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. # See the License for the specific language governing permissions and
  14. # limitations under the License.
  15. ############################################################################*/
  16. /// Intel(R) EPID 1.1 issuer material parsing utilities.
  17. /*!
  18. * \file
  19. */
  20. #ifndef EPID_COMMON_1_1_FILE_PARSER_H_
  21. #define EPID_COMMON_1_1_FILE_PARSER_H_
  22. #include <stddef.h>
  23. #include "epid/common/1.1/types.h"
  24. #include "epid/common/errors.h"
  25. #include "epid/common/file_parser.h"
  26. /// Parser for 1.1 issuer material
  27. /*!
  28. \defgroup Epid11FileParserModule Intel(R) EPID 1.1 support
  29. Defines the APIs needed to parse Intel(R) EPID 1.1 issuer material.
  30. \ingroup FileParser
  31. \see <a href="group___epid11_verifier_module.html#details"><b>Intel(R)
  32. EPID 1.1 support</b></a>
  33. @{
  34. */
  35. /// Extracts group public key from buffer in issuer binary format
  36. /*!
  37. Extracts the first group public key from a buffer with format of
  38. Intel(R) EPID 1.1 Group Public Key Certificate Binary File. The
  39. function validates that the first public key was signed by the
  40. private key corresponding to the provided CA certificate and the
  41. size of the input buffer is correct.
  42. \warning
  43. It is the responsibility of the caller to authenticate the
  44. EpidCaCertificate.
  45. \param[in] buf
  46. Pointer to buffer containing public key to extract.
  47. \param[in] len
  48. The size of buf in bytes.
  49. \param[in] cert
  50. The issuing CA public key certificate.
  51. \param[out] pubkey
  52. The extracted group public key.
  53. \returns ::EpidStatus
  54. \retval ::kEpidSigInvalid
  55. Parsing failed due to data authentication failure.
  56. \see <a href="group___epid11_verifier_module.html#details"><b>Intel(R)
  57. EPID 1.1
  58. support</b></a>
  59. */
  60. EpidStatus Epid11ParseGroupPubKeyFile(void const* buf, size_t len,
  61. EpidCaCertificate const* cert,
  62. Epid11GroupPubKey* pubkey);
  63. /// Extracts private key revocation list from buffer in issuer binary format
  64. /*!
  65. Extracts the private key revocation list from a buffer with format of
  66. Intel(R) EPID 1.1 Binary Private Key Revocation List File. The function
  67. validates that the revocation list was signed by the private
  68. key corresponding to the provided CA certificate and the size of the
  69. input buffer is correct.
  70. To determine the required size of the revocation list output buffer,
  71. provide a null pointer for the output buffer.
  72. \warning
  73. It is the responsibility of the caller to authenticate the
  74. EpidCaCertificate.
  75. \param[in] buf
  76. Pointer to buffer containing the revocation list to extract.
  77. \param[in] len
  78. The size of buf in bytes.
  79. \param[in] cert
  80. The issuing CA public key certificate.
  81. \param[out] rl
  82. The extracted revocation list. If Null, rl_len is filled with
  83. the required output buffer size.
  84. \param[in,out] rl_len
  85. The size of rl in bytes.
  86. \returns ::EpidStatus
  87. \retval ::kEpidSigInvalid
  88. Parsing failed due to data authentication failure.
  89. \see <a href="group___epid11_verifier_module.html#details"><b>Intel(R)
  90. EPID 1.1 support</b></a>
  91. */
  92. EpidStatus Epid11ParsePrivRlFile(void const* buf, size_t len,
  93. EpidCaCertificate const* cert,
  94. Epid11PrivRl* rl, size_t* rl_len);
  95. /// Extracts signature revocation list from buffer in issuer binary format
  96. /*!
  97. Extracts the signature based revocation list from a buffer with
  98. format of Intel(R) EPID 1.1 Binary Signature Revocation List File. The
  99. function
  100. validates that the revocation list was signed by the private key
  101. corresponding to the provided CA certificate and the size of the
  102. input buffer is correct.
  103. To determine the required size of the revocation list output buffer,
  104. provide a null pointer for the output buffer.
  105. \warning
  106. It is the responsibility of the caller to authenticate the
  107. EpidCaCertificate.
  108. \param[in] buf
  109. Pointer to buffer containing the revocation list to extract.
  110. \param[in] len
  111. The size of buf in bytes.
  112. \param[in] cert
  113. The issuing CA public key certificate.
  114. \param[out] rl
  115. The extracted revocation list. If Null, rl_len is filled with
  116. the required output buffer size.
  117. \param[in,out] rl_len
  118. The size of rl in bytes.
  119. \returns ::EpidStatus
  120. \retval ::kEpidSigInvalid
  121. Parsing failed due to data authentication failure.
  122. \see <a href="group___epid11_verifier_module.html#details"><b>Intel(R)
  123. EPID 1.1 support</b></a>
  124. */
  125. EpidStatus Epid11ParseSigRlFile(void const* buf, size_t len,
  126. EpidCaCertificate const* cert, Epid11SigRl* rl,
  127. size_t* rl_len);
  128. /// Extracts group revocation list from buffer in issuer binary format
  129. /*!
  130. Extracts the group revocation list from a buffer with format of
  131. Intel(R) EPID 1.1 Binary Group Certificate Revocation List File. The function
  132. validates that the revocation list was signed by the private key
  133. corresponding to the provided CA certificate and the size of the
  134. input buffer is correct.
  135. To determine the required size of the revocation list output buffer,
  136. provide a null pointer for the output buffer.
  137. \warning
  138. It is the responsibility of the caller to authenticate the
  139. EpidCaCertificate.
  140. \param[in] buf
  141. Pointer to buffer containing the revocation list to extract.
  142. \param[in] len
  143. The size of buf in bytes.
  144. \param[in] cert
  145. The issuing CA public key certificate.
  146. \param[out] rl
  147. The extracted revocation list. If Null, rl_len is filled with
  148. the required output buffer size.
  149. \param[in,out] rl_len
  150. The size of rl in bytes.
  151. \returns ::EpidStatus
  152. \retval ::kEpidSigInvalid
  153. Parsing failed due to data authentication failure.
  154. \see <a href="group___epid11_verifier_module.html#details"><b>Intel(R)
  155. EPID 1.1 support</b></a>
  156. */
  157. EpidStatus Epid11ParseGroupRlFile(void const* buf, size_t len,
  158. EpidCaCertificate const* cert,
  159. Epid11GroupRl* rl, size_t* rl_len);
  160. /*!
  161. @}
  162. */
  163. #endif // EPID_COMMON_1_1_FILE_PARSER_H_