123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588 |
- /*############################################################################
- # Copyright 2016-2017 Intel Corporation
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- ############################################################################*/
- #ifndef EPID_VERIFIER_API_H_
- #define EPID_VERIFIER_API_H_
- #include <stddef.h>
- #include "epid/common/errors.h"
- #include "epid/common/stdtypes.h"
- #include "epid/common/types.h"
- /*!
- * \file
- * \brief Intel(R) EPID SDK verifier API.
- */
- /// Verifier functionality
- /*!
- \defgroup EpidVerifierModule verifier
- Defines the APIs needed by Intel(R) EPID verifiers. Each verifier
- context (::VerifierCtx) represents a verifier for a single group.
- To use this module, include the header epid/verifier/api.h.
- \ingroup EpidModule
- @{
- */
- /// Internal context of verifier.
- typedef struct VerifierCtx VerifierCtx;
- /// Pre-computed verifier settings.
- /*!
- Serialized form of the information about a verifier that remains stable for
- a given set of keys.
- \note e12 = 0 implies that this data is not valid
- */
- #pragma pack(1)
- typedef struct VerifierPrecomp {
- GroupId gid; ///< group ID
- GtElemStr e12; ///< an element in GT
- GtElemStr e22; ///< an element in GT
- GtElemStr e2w; ///< an element in GT
- GtElemStr eg12; ///< an element in GT
- } VerifierPrecomp;
- #pragma pack()
- /// Creates a new verifier context.
- /*!
- Must be called to create the verifier context that is used by
- other "Verifier" APIs.
- Allocates memory for the context, then initializes it.
- EpidVerifierDelete() must be called to safely release the member context.
- \param[in] pub_key
- The group certificate.
- \param[in] precomp
- Optional pre-computed data. If NULL the value is computed internally and is
- readable using EpidVerifierWritePrecomp().
- \param[out] ctx
- Newly constructed verifier context.
- \returns ::EpidStatus
- \note
- If the result is not ::kEpidNoErr the content of ctx is undefined.
- \see EpidVerifierDelete
- \see EpidVerifierWritePrecomp
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierCreate(GroupPubKey const* pub_key,
- VerifierPrecomp const* precomp,
- VerifierCtx** ctx);
- /// Deletes an existing verifier context.
- /*!
- Must be called to safely release a verifier context created using
- EpidVerifierCreate().
- De-initializes the context, frees memory used by the context, and sets the
- context pointer to NULL.
- \param[in,out] ctx
- The verifier context. Can be NULL.
- \see EpidVerifierCreate
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- void EpidVerifierDelete(VerifierCtx** ctx);
- /// Serializes the pre-computed verifier settings.
- /*!
- \param[in] ctx
- The verifier context.
- \param[out] precomp
- The Serialized pre-computed verifier settings.
- \returns ::EpidStatus
- \note
- If the result is not ::kEpidNoErr the content of precomp is undefined.
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierWritePrecomp(VerifierCtx const* ctx,
- VerifierPrecomp* precomp);
- /// Sets the private key based revocation list.
- /*!
- The caller is responsible for ensuring the revocation list is authorized,
- e.g signed by the issuer. The caller is also responsible checking the version
- of the revocation list. The call fails if trying to set an older version
- of the revocation list than was last set.
- \attention
- The memory pointed to by priv_rl is accessed directly by the verifier
- until a new list is set or the verifier is destroyed. Do not modify the
- contents of this memory. The behavior of subsequent operations that rely on
- the revocation list is undefined if the memory is modified.
- \attention
- It is the responsibility of the caller to free the memory pointed to by priv_rl
- after the verifier is no longer using it.
- \param[in,out] ctx
- The verifier context.
- \param[in] priv_rl
- The private key based revocation list.
- \param[in] priv_rl_size
- The size of the private key based revocation list in bytes.
- \returns ::EpidStatus
- \note
- If the result is not ::kEpidNoErr the private key based revocation list
- pointed to by the verifier is undefined.
- \see EpidVerifierCreate
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierSetPrivRl(VerifierCtx* ctx, PrivRl const* priv_rl,
- size_t priv_rl_size);
- /// Sets the signature based revocation list.
- /*!
- The caller is responsible for ensuring the revocation list is authorized,
- e.g signed by the issuer. The caller is also responsible checking the version
- of the revocation list. The call fails if trying to set an older version
- of the revocation list than was last set.
- \attention
- The memory pointed to by sig_rl is accessed directly by the verifier
- until a new list is set or the verifier is destroyed. Do not modify the
- contents of this memory. The behavior of subsequent operations that rely on
- the revocation list is undefined if the memory is modified.
- \attention
- It is the responsibility of the caller to free the memory pointed to by sig_rl
- after the verifier is no longer using it.
- \param[in,out] ctx
- The verifier context.
- \param[in] sig_rl
- The signature based revocation list.
- \param[in] sig_rl_size
- The size of the signature based revocation list in bytes.
- \returns ::EpidStatus
- \note
- If the result is not ::kEpidNoErr the signature based revocation list pointed
- to by the verifier is undefined.
- \see EpidVerifierCreate
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierSetSigRl(VerifierCtx* ctx, SigRl const* sig_rl,
- size_t sig_rl_size);
- /// Sets the group based revocation list.
- /*!
- The caller is responsible for ensuring the revocation list is authorized,
- e.g signed by the issuer. The caller is also responsible checking the version
- of the revocation list. The call fails if trying to set an older version
- of the revocation list than was last set.
- \attention
- The memory pointed to by grp_rl is accessed directly by the verifier
- until a new list is set or the verifier is destroyed. Do not modify the
- contents of this memory. The behavior of subsequent operations that rely on
- the revocation list is undefined if the memory is modified.
- \attention
- It is the responsibility of the caller to free the memory pointed to by grp_rl
- after the verifier is no longer using it.
- \param[in,out] ctx
- The verifier context.
- \param[in] grp_rl
- The group based revocation list.
- \param[in] grp_rl_size
- The size of the group based revocation list in bytes.
- \returns ::EpidStatus
- \note
- If the result is not ::kEpidNoErr the group based revocation list pointed
- to by the verifier is undefined.
- \see EpidVerifierCreate
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierSetGroupRl(VerifierCtx* ctx, GroupRl const* grp_rl,
- size_t grp_rl_size);
- /// Sets the verifier revocation list.
- /*!
- The caller is responsible for ensuring the revocation list is
- authorized. The caller is also responsible for checking the version
- of the revocation list. The call fails if trying to set an older
- version of the same revocation list than was last set.
- Once ::EpidVerifierSetVerifierRl returns, callers are free to release
- the memory pointed to by ver_rl.
- \param[in,out] ctx
- The verifier context.
- \param[in] ver_rl
- The verifier revocation list.
- \param[in] ver_rl_size
- The size of the verifier revocation list in bytes.
- \returns ::EpidStatus
- \note
- If the result is not ::kEpidNoErr the verifier revocation list pointed
- to by the verifier is undefined.
- \see EpidVerifierCreate
- \see EpidBlacklistSig
- \see EpidWriteVerifierRl
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierSetVerifierRl(VerifierCtx* ctx, VerifierRl const* ver_rl,
- size_t ver_rl_size);
- /// Sets the hash algorithm to be used by a verifier.
- /*!
- \param[in] ctx
- The verifier context.
- \param[in] hash_alg
- The hash algorithm to use.
- \returns ::EpidStatus
- \note
- If the result is not ::kEpidNoErr, the hash algorithm used by the
- verifier is undefined.
- \see EpidVerifierCreate
- \see ::HashAlg
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierSetHashAlg(VerifierCtx* ctx, HashAlg hash_alg);
- /// Sets the basename to be used by a verifier.
- /*!
- \note
- A successful call to this function will clear the current verifier
- blacklist.
- \param[in, out] ctx
- The verifier context.
- \param[in] basename
- The basename. Pass NULL for random base.
- \param[in] basename_len
- Number of bytes in basename buffer. Must be 0 if basename is NULL.
- \returns ::EpidStatus
- \see EpidVerifierCreate
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerifierSetBasename(VerifierCtx* ctx, void const* basename,
- size_t basename_len);
- /// Verifies a signature and checks revocation status.
- /*!
- \param[in] ctx
- The verifier context.
- \param[in] sig
- The signature.
- \param[in] sig_len
- The size of sig in bytes.
- \param[in] msg
- The message that was signed.
- \param[in] msg_len
- The size of msg in bytes.
- \returns ::EpidStatus
- \retval ::kEpidSigValid
- Signature validated successfully
- \retval ::kEpidSigInvalid
- Signature is invalid
- \retval ::kEpidSigRevokedInGroupRl
- Signature revoked in GroupRl
- \retval ::kEpidSigRevokedInPrivRl
- Signature revoked in PrivRl
- \retval ::kEpidSigRevokedInSigRl
- Signature revoked in SigRl
- \retval ::kEpidSigRevokedInVerifierRl
- Signature revoked in VerifierRl
- \note
- If the result is not ::kEpidNoErr or one of the values listed above the
- verify should be considered to have failed.
- \see EpidVerifierCreate
- \see EpidSignBasic
- \see EpidSign
- \b Example
- \ref UserManual_VerifyingAnIntelEpidSignature
- */
- EpidStatus EpidVerify(VerifierCtx const* ctx, EpidSignature const* sig,
- size_t sig_len, void const* msg, size_t msg_len);
- /// Determines if two signatures are linked.
- /*!
- The Intel(R) EPID scheme allows signatures to be linked. If basename
- option is specified when signing, signatures with the same basename
- are linkable. This linking capability allows the verifier, or
- anyone, to know whether two Intel(R) EPID signatures are generated
- by the same member.
- \param[in] sig1
- A basic signature.
- \param[in] sig2
- A basic signature.
- \result bool
- \retval true
- if the signatures were generated by the same member
- \retval false
- if it couldn't be determined if the signatures were generated by
- the same member
- \note
- The input signatures should be verified using EpidVerifyBasicSig() before
- invocation. Behavior is undefined if either of the signatures cannot be
- verified.
- \see EpidVerifyBasicSig
- \see EpidSignBasic
- \see EpidSign
- */
- bool EpidAreSigsLinked(BasicSignature const* sig1, BasicSignature const* sig2);
- /// Verifies a member signature without revocation checks.
- /*!
- Used in constrained environments where, due to limited memory, it may not
- be possible to process through a large and potentially unbounded revocation
- list.
- \param[in] ctx
- The verifier context.
- \param[in] sig
- The basic signature.
- \param[in] msg
- The message that was signed.
- \param[in] msg_len
- The size of msg in bytes.
- \returns ::EpidStatus
- \note
- This function should be used in conjunction with EpidNrVerify() and
- EpidCheckPrivRlEntry().
- \note
- If the result is not ::kEpidNoErr the verify should be considered to have
- failed.
- \see EpidVerifierCreate
- \see EpidSignBasic
- \see EpidSign
- */
- EpidStatus EpidVerifyBasicSig(VerifierCtx const* ctx, BasicSignature const* sig,
- void const* msg, size_t msg_len);
- /// Verifies the non-revoked proof for a single signature based revocation list
- /// entry.
- /*!
- Used in constrained environments where, due to limited memory, it may not
- be possible to process through a large and potentially unbounded revocation
- list.
- \param[in] ctx
- The verifier context.
- \param[in] sig
- The basic signature.
- \param[in] msg
- The message that was signed.
- \param[in] msg_len
- The size of msg in bytes.
- \param[in] sigrl_entry
- The signature based revocation list entry.
- \param[in] proof
- The non-revoked proof.
- \returns ::EpidStatus
- \note
- Sig should be verified using EpidVerifyBasicSig() before invocation. Behavior
- is undefined if sig cannot be verified.
- \note
- This function should be used in conjunction with EpidVerifyBasicSig() and
- EpidCheckPrivRlEntry().
- \note
- If the result is not ::kEpidNoErr, the verification should be
- considered to have failed.
- \see EpidVerifierCreate
- \see EpidVerifyBasicSig
- \see EpidCheckPrivRlEntry
- */
- EpidStatus EpidNrVerify(VerifierCtx const* ctx, BasicSignature const* sig,
- void const* msg, size_t msg_len,
- SigRlEntry const* sigrl_entry, NrProof const* proof);
- /// Verifies a signature has not been revoked in the private key based
- /// revocation list.
- /*!
- Used in constrained environments where, due to limited memory, it may not
- be possible to process through a large and potentially unbounded revocation
- list.
- \param[in] ctx
- The verifier context.
- \param[in] sig
- The basic signature.
- \param[in] f
- The private key based revocation list entry.
- \note
- Sig should be verified using EpidVerifyBasicSig() before invocation. Behavior
- is undefined if sig cannot be verified.
- \note
- This function should be used in conjunction with EpidNrVerify() and
- EpidVerifyBasicSig().
- \note
- If the result is not ::kEpidNoErr the verify should be considered to have
- failed.
- \returns ::EpidStatus
- \see EpidVerifierCreate
- \see EpidNrVerify
- \see EpidVerifyBasicSig
- */
- EpidStatus EpidCheckPrivRlEntry(VerifierCtx const* ctx,
- BasicSignature const* sig, FpElemStr const* f);
- /// Returns the number of bytes required to serialize the verifier blacklist
- /*!
- Use this function to determine the buffer size required by
- ::EpidWriteVerifierRl.
- \param[in] ctx
- The verifier context.
- \returns
- Size in bytes required to serialize the verifier blacklist
- \see EpidVerifierCreate
- \see EpidVerifierSetVerifierRl
- \see EpidBlacklistSig
- \see EpidWriteVerifierRl
- */
- size_t EpidGetVerifierRlSize(VerifierCtx const* ctx);
- /// Serializes the verifier blacklist to a buffer.
- /*!
- If the current blacklist is empty or not set a valid empty verifier
- blacklist will be serialized.
- Use ::EpidGetVerifierRlSize to determine the buffer size required to
- serialize the verifier blacklist.
- \param[in] ctx
- The verifier context.
- \param[out] ver_rl
- An existing buffer in which to write the verifier revocation list.
- \param[in] ver_rl_size
- The size of the caller allocated output buffer in bytes.
- \returns ::EpidStatus
- \see EpidVerifierCreate
- \see EpidVerifierSetVerifierRl
- \see EpidBlacklistSig
- \see EpidGetVerifierRlSize
- */
- EpidStatus EpidWriteVerifierRl(VerifierCtx const* ctx, VerifierRl* ver_rl,
- size_t ver_rl_size);
- /// Adds a valid name-based signature to the verifier blacklist.
- /*!
- If the signature is not valid it will not be added to the blacklist.
- \param[in] ctx
- The verifier context.
- \param[in] sig
- The name-based signature to revoke.
- \param[in] sig_len
- The size of sig in bytes.
- \param[in] msg
- The message that was signed.
- \param[in] msg_len
- The size of msg in bytes.
- \returns ::EpidStatus
- \see EpidVerifierCreate
- \see EpidVerifierSetVerifierRl
- \see EpidWriteVerifierRl
- */
- EpidStatus EpidBlacklistSig(VerifierCtx* ctx, EpidSignature const* sig,
- size_t sig_len, void const* msg, size_t msg_len);
- /*! @} */
- #endif // EPID_VERIFIER_API_H_
|