t_long_term_pairing.h 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131
  1. /*
  2. * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #ifndef _LONG_TERM_PAIRING_H_
  32. #define _LONG_TERM_PAIRING_H_
  33. #include "pse_pr_inc.h"
  34. #include "pse_pr_types.h"
  35. #include "sigma_crypto_layer.h"
  36. #include "epid/common/types.h"
  37. #include "Epid11_rl.h"
  38. #include "pairing_blob.h"
  39. class TEpidSigma11Verifier
  40. {
  41. public:
  42. TEpidSigma11Verifier();
  43. ~TEpidSigma11Verifier(void);
  44. enum State
  45. {
  46. STATE_GENM7,
  47. STATE_VERIFYM8,
  48. STATE_DONE,
  49. STATE_ERROR
  50. };
  51. static bool get_sigRL_info(const EPID11_SIG_RL* pSigRL, uint32_t& sigRL_entries, uint32_t& sigRL_size);
  52. static bool get_privRL_info(const EPID11_PRIV_RL* pPrivRL, uint32_t& privRL_entries, uint32_t& privRL_size);
  53. ae_error_t GenM7
  54. (
  55. /*in */ const SIGMA_S1_MESSAGE* pS1,
  56. /*in */ const EPID11_SIG_RL* pSigRL,
  57. /*in */ uint32_t nTotalLen_SigRL,
  58. /*in */ const uint8_t* pOcspResp,
  59. /*in */ uint32_t nLen_OcspResp,
  60. /*in */ const uint8_t* pVerifierCert,
  61. /*in */ uint32_t nLen_VerifierCert,
  62. /*in */ const pairing_blob_t* pPairingBlob,
  63. /*in */ uint32_t nMax_S2,
  64. /*out*/ SIGMA_S2_MESSAGE* pS2,
  65. /*out*/ uint32_t* pnLen_S2
  66. );
  67. ae_error_t VerifyM8
  68. (
  69. /*in */ const SIGMA_S3_MESSAGE* pS3,
  70. /*in */ uint32_t nLen_S3,
  71. /*in */ const EPID11_PRIV_RL* pPrivRL,
  72. /*in */ uint32_t nTotalLen_PrivRL,
  73. /*i/o*/ pairing_blob_t* pPairingBlob,
  74. /*out*/ bool* pbNewPairing
  75. );
  76. private:
  77. SigmaCryptoLayer m_sigmaAlg;
  78. State m_nextState;
  79. EcDsaPrivKey m_verifierPrivateKey;
  80. uint8_t* m_pSigRL;
  81. size_t m_nSigRL;
  82. uint32_t m_nSigRLVersion;
  83. uint32_t m_nPrivRLVersion;
  84. uint32_t m_nDalAppletVersion;
  85. SAFEID_GID m_gid;
  86. SIGMA_SECRET_KEY m_pairingID; // sk used for repairing check
  87. Nonce128_t m_pairingNonce;
  88. bool TaskInfoIsValid(const ME_TASK_INFO& taskInfo);
  89. ae_error_t ValidateS3DataBlock(const SIGMA_S3_MESSAGE* pS3, uint32_t nLen_S3, X509_GROUP_CERTIFICATE_VLR** X509GroupCertVlr, EPID_SIGNATURE_VLR** EpidSigVlr);
  90. ae_error_t AddCertificateChain(SIGMA_S2_MESSAGE* pS2, size_t& index,
  91. size_t nMaxS2, const UINT8* pCertChain, size_t nCertChain);
  92. ae_error_t AddRevocationList(SIGMA_S2_MESSAGE* pS2, size_t& index,
  93. size_t nMaxS2, const EPID11_SIG_RL* pRL, uint32_t nSigRL);
  94. ae_error_t AddOcspResponses(SIGMA_S2_MESSAGE* pS2, size_t& index,
  95. size_t nMaxS2, const uint8_t* pOcspResp, size_t nOcspResp);
  96. ae_error_t ValidateSigRL(const EPID11_SIG_RL* pSigRL, uint32_t sigRL_entries, uint32_t sigRL_size, uint32_t* pVersion);
  97. ae_error_t ValidatePrivRL(const EPID11_PRIV_RL* pPrivRL, uint32_t privRL_entries, uint32_t privRL_size, uint32_t* pVersion);
  98. private:
  99. // Disable class operations (default constructor, copy constructor, assignment operator, and address-of operator)
  100. //TEpidSigma11Verifier(void); // default constructor
  101. TEpidSigma11Verifier(const TEpidSigma11Verifier& rhs); // copy constructor
  102. TEpidSigma11Verifier& operator=(const TEpidSigma11Verifier& rhs); // assignment operator
  103. TEpidSigma11Verifier* operator&(); // address-of operator
  104. const TEpidSigma11Verifier* operator&() const; // address-of operator
  105. };
  106. #endif