default/libeic/EicOps.h

*4d7e907cSAndroid Build Coastguard Worker/*
*4d7e907cSAndroid Build Coastguard Worker * Copyright 2020, The Android Open Source Project
*4d7e907cSAndroid Build Coastguard Worker *
*4d7e907cSAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License");
*4d7e907cSAndroid Build Coastguard Worker * you may not use this file except in compliance with the License.
*4d7e907cSAndroid Build Coastguard Worker * You may obtain a copy of the License at
*4d7e907cSAndroid Build Coastguard Worker *
*4d7e907cSAndroid Build Coastguard Worker *     http://www.apache.org/licenses/LICENSE-2.0
*4d7e907cSAndroid Build Coastguard Worker *
*4d7e907cSAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software
*4d7e907cSAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS,
*4d7e907cSAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*4d7e907cSAndroid Build Coastguard Worker * See the License for the specific language governing permissions and
*4d7e907cSAndroid Build Coastguard Worker * limitations under the License.
*4d7e907cSAndroid Build Coastguard Worker */
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#if !defined(EIC_INSIDE_LIBEIC_H) && !defined(EIC_COMPILATION)
*4d7e907cSAndroid Build Coastguard Worker#error "Never include this file directly, include libeic.h instead."
*4d7e907cSAndroid Build Coastguard Worker#endif
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#ifndef ANDROID_HARDWARE_IDENTITY_EIC_OPS_H
*4d7e907cSAndroid Build Coastguard Worker#define ANDROID_HARDWARE_IDENTITY_EIC_OPS_H
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#include <stdarg.h>
*4d7e907cSAndroid Build Coastguard Worker#include <stdbool.h>
*4d7e907cSAndroid Build Coastguard Worker#include <stddef.h>
*4d7e907cSAndroid Build Coastguard Worker#include <stdlib.h>
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Uncomment or define if debug messages are needed.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker//#define EIC_DEBUG
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#ifdef __cplusplus
*4d7e907cSAndroid Build Coastguard Workerextern "C" {
*4d7e907cSAndroid Build Coastguard Worker#endif
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// The following defines must be set to something appropriate
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker//   EIC_SHA256_CONTEXT_SIZE - the size of EicSha256Ctx
*4d7e907cSAndroid Build Coastguard Worker//   EIC_HMAC_SHA256_CONTEXT_SIZE - the size of EicHmacSha256Ctx
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// For example, if EicSha256Ctx is implemented using BoringSSL this would be defined
*4d7e907cSAndroid Build Coastguard Worker// as sizeof(SHA256_CTX).
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// We expect the implementation to provide a header file with the name
*4d7e907cSAndroid Build Coastguard Worker// EicOpsImpl.h to do all this.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#include "EicOpsImpl.h"
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#define EIC_SHA256_DIGEST_SIZE 32
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// The size of a P-256 private key.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#define EIC_P256_PRIV_KEY_SIZE 32
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// The size of a P-256 public key in uncompressed form.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The public key is stored in uncompressed form, first the X coordinate, then
*4d7e907cSAndroid Build Coastguard Worker// the Y coordinate.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#define EIC_P256_PUB_KEY_SIZE 64
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Size of one of the coordinates in a curve-point.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#define EIC_P256_COORDINATE_SIZE 32
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// The size of an ECSDA signature using P-256.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The R and S values are stored here, first R then S.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#define EIC_ECDSA_P256_SIGNATURE_SIZE 64
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#define EIC_AES_128_KEY_SIZE 16
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// The following are definitions of implementation functions the
*4d7e907cSAndroid Build Coastguard Worker// underlying platform must provide.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Workerstruct EicSha256Ctx {
*4d7e907cSAndroid Build Coastguard Worker    uint8_t reserved[EIC_SHA256_CONTEXT_SIZE];
*4d7e907cSAndroid Build Coastguard Worker};
*4d7e907cSAndroid Build Coastguard Workertypedef struct EicSha256Ctx EicSha256Ctx;
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Workerstruct EicHmacSha256Ctx {
*4d7e907cSAndroid Build Coastguard Worker    uint8_t reserved[EIC_HMAC_SHA256_CONTEXT_SIZE];
*4d7e907cSAndroid Build Coastguard Worker};
*4d7e907cSAndroid Build Coastguard Workertypedef struct EicHmacSha256Ctx EicHmacSha256Ctx;
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#ifdef EIC_DEBUG
*4d7e907cSAndroid Build Coastguard Worker// Debug macro. Don't include a new-line in message.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#define eicDebug(...)                            \
*4d7e907cSAndroid Build Coastguard Worker    do {                                         \
*4d7e907cSAndroid Build Coastguard Worker        eicPrint("%s:%d: ", __FILE__, __LINE__); \
*4d7e907cSAndroid Build Coastguard Worker        eicPrint(__VA_ARGS__);                   \
*4d7e907cSAndroid Build Coastguard Worker        eicPrint("\n");                          \
*4d7e907cSAndroid Build Coastguard Worker    } while (0)
*4d7e907cSAndroid Build Coastguard Worker#else
*4d7e907cSAndroid Build Coastguard Worker#define eicDebug(...) \
*4d7e907cSAndroid Build Coastguard Worker    do {              \
*4d7e907cSAndroid Build Coastguard Worker    } while (0)
*4d7e907cSAndroid Build Coastguard Worker#endif
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Prints message which should include new-line character. Can be no-op.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// Don't use this from code, use eicDebug() instead.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#ifdef EIC_DEBUG
*4d7e907cSAndroid Build Coastguard Workervoid eicPrint(const char* format, ...);
*4d7e907cSAndroid Build Coastguard Worker#else
*4d7e907cSAndroid Build Coastguard Workerinline void eicPrint(const char*, ...) {}
*4d7e907cSAndroid Build Coastguard Worker#endif
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Dumps data as pretty-printed hex. Can be no-op.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#ifdef EIC_DEBUG
*4d7e907cSAndroid Build Coastguard Workervoid eicHexdump(const char* message, const uint8_t* data, size_t dataSize);
*4d7e907cSAndroid Build Coastguard Worker#else
*4d7e907cSAndroid Build Coastguard Workerinline void eicHexdump(const char*, const uint8_t*, size_t) {}
*4d7e907cSAndroid Build Coastguard Worker#endif
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Pretty-prints encoded CBOR. Can be no-op.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// If a byte-string is larger than |maxBStrSize| its contents will not be
*4d7e907cSAndroid Build Coastguard Worker// printed, instead the value of the form "<bstr size=1099016
*4d7e907cSAndroid Build Coastguard Worker// sha1=ef549cca331f73dfae2090e6a37c04c23f84b07b>" will be printed. Pass zero
*4d7e907cSAndroid Build Coastguard Worker// for |maxBStrSize| to disable this.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker#ifdef EIC_DEBUG
*4d7e907cSAndroid Build Coastguard Workervoid eicCborPrettyPrint(const uint8_t* cborData, size_t cborDataSize, size_t maxBStrSize);
*4d7e907cSAndroid Build Coastguard Worker#else
*4d7e907cSAndroid Build Coastguard Workerinline void eicCborPrettyPrint(const uint8_t*, size_t, size_t) {}
*4d7e907cSAndroid Build Coastguard Worker#endif
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Memory setting, see memset(3).
*4d7e907cSAndroid Build Coastguard Workervoid* eicMemSet(void* s, int c, size_t n);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Memory copying, see memcpy(3).
*4d7e907cSAndroid Build Coastguard Workervoid* eicMemCpy(void* dest, const void* src, size_t n);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// String length, see strlen(3).
*4d7e907cSAndroid Build Coastguard Workersize_t eicStrLen(const char* s);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Locate a substring, see memmem(3)
*4d7e907cSAndroid Build Coastguard Workervoid* eicMemMem(const uint8_t* haystack, size_t haystackLen, const uint8_t* needle,
*4d7e907cSAndroid Build Coastguard Worker                size_t needleLen);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Memory compare, see CRYPTO_memcmp(3SSL)
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// It takes an amount of time dependent on len, but independent of the contents of the
*4d7e907cSAndroid Build Coastguard Worker// memory regions pointed to by s1 and s2.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerint eicCryptoMemCmp(const void* s1, const void* s2, size_t n);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Random number generation.
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsRandom(uint8_t* buf, size_t numBytes);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Creates a new non-zero identifier in |id|.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// Is guaranteed to be non-zero and different than what is already in |id|.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicNextId(uint32_t* id);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// If |testCredential| is true, returns the 128-bit AES Hardware-Bound Key (16 bytes).
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// Otherwise returns all zeroes (16 bytes).
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerconst uint8_t* eicOpsGetHardwareBoundKey(bool testCredential);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Encrypts |data| with |key| and |additionalAuthenticatedData| using |nonce|,
*4d7e907cSAndroid Build Coastguard Worker// returns the resulting (nonce || ciphertext || tag) in |encryptedData| which
*4d7e907cSAndroid Build Coastguard Worker// must be of size |dataSize| + 28.
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsEncryptAes128Gcm(
*4d7e907cSAndroid Build Coastguard Worker        const uint8_t* key,    // Must be 16 bytes
*4d7e907cSAndroid Build Coastguard Worker        const uint8_t* nonce,  // Must be 12 bytes
*4d7e907cSAndroid Build Coastguard Worker        const uint8_t* data,   // May be NULL if size is 0
*4d7e907cSAndroid Build Coastguard Worker        size_t dataSize,
*4d7e907cSAndroid Build Coastguard Worker        const uint8_t* additionalAuthenticationData,  // May be NULL if size is 0
*4d7e907cSAndroid Build Coastguard Worker        size_t additionalAuthenticationDataSize, uint8_t* encryptedData);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Decrypts |encryptedData| using |key| and |additionalAuthenticatedData|,
*4d7e907cSAndroid Build Coastguard Worker// returns resulting plaintext in |data| must be of size |encryptedDataSize| - 28.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The format of |encryptedData| must be as specified in the
*4d7e907cSAndroid Build Coastguard Worker// encryptAes128Gcm() function.
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsDecryptAes128Gcm(const uint8_t* key,  // Must be 16 bytes
*4d7e907cSAndroid Build Coastguard Worker                            const uint8_t* encryptedData, size_t encryptedDataSize,
*4d7e907cSAndroid Build Coastguard Worker                            const uint8_t* additionalAuthenticationData,
*4d7e907cSAndroid Build Coastguard Worker                            size_t additionalAuthenticationDataSize, uint8_t* data);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Creates an EC key using the P-256 curve. The private key is written to
*4d7e907cSAndroid Build Coastguard Worker// |privateKey|. The public key is written to |publicKey|.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsCreateEcKey(uint8_t privateKey[EIC_P256_PRIV_KEY_SIZE],
*4d7e907cSAndroid Build Coastguard Worker                       uint8_t publicKey[EIC_P256_PUB_KEY_SIZE]);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Generates CredentialKey plus an attestation certificate.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// If |attestationKeyBlob| is non-NULL, the certificate must be signed by the
*4d7e907cSAndroid Build Coastguard Worker// the provided attestation key. Else, the certificate must be signed by the
*4d7e907cSAndroid Build Coastguard Worker// attestation key that the secure area has been factory provisioned with. The
*4d7e907cSAndroid Build Coastguard Worker// given |challenge|, |applicationId|, and |testCredential| must be signed
*4d7e907cSAndroid Build Coastguard Worker// into the attestation.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// When |attestationKeyBlob| is non-NULL, then |attestationKeyCert| must
*4d7e907cSAndroid Build Coastguard Worker// also be passed so that the underlying implementation can properly chain up
*4d7e907cSAndroid Build Coastguard Worker// the newly-generated certificate to the existing chain.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The generated certificate must be in X.509 format and returned in |cert|
*4d7e907cSAndroid Build Coastguard Worker// and |certSize| must be set to the size of this array. This function must
*4d7e907cSAndroid Build Coastguard Worker// set |certSize| to the size of the certification chain on successfully return.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// This may return either a single certificate or an entire certificate
*4d7e907cSAndroid Build Coastguard Worker// chain. If it returns only a single certificate, the implementation of
*4d7e907cSAndroid Build Coastguard Worker// SecureHardwareProvisioningProxy::createCredentialKey() should amend the
*4d7e907cSAndroid Build Coastguard Worker// remainder of the certificate chain on the HAL side.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsCreateCredentialKey(uint8_t privateKey[EIC_P256_PRIV_KEY_SIZE], const uint8_t* challenge,
*4d7e907cSAndroid Build Coastguard Worker                               size_t challengeSize, const uint8_t* applicationId,
*4d7e907cSAndroid Build Coastguard Worker                               size_t applicationIdSize, bool testCredential,
*4d7e907cSAndroid Build Coastguard Worker                               const uint8_t* attestationKeyBlob, size_t attestationKeyBlobSize,
*4d7e907cSAndroid Build Coastguard Worker                               const uint8_t* attestationKeyCert, size_t attestationKeyCertSize,
*4d7e907cSAndroid Build Coastguard Worker                               uint8_t* /*out*/ cert, size_t* /*inout*/ certSize);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Generate an X.509 certificate for the key identified by |publicKey| which
*4d7e907cSAndroid Build Coastguard Worker// must be of the form returned by eicOpsCreateEcKey().
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// If proofOfBinding is not NULL, it will be included as an OCTET_STRING
*4d7e907cSAndroid Build Coastguard Worker// X.509 extension at OID 1.3.6.1.4.1.11129.2.1.26.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The certificate will be signed by the key identified by |signingKey| which
*4d7e907cSAndroid Build Coastguard Worker// must be of the form returned by eicOpsCreateEcKey().
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsSignEcKey(const uint8_t publicKey[EIC_P256_PUB_KEY_SIZE],
*4d7e907cSAndroid Build Coastguard Worker                     const uint8_t signingKey[EIC_P256_PRIV_KEY_SIZE], unsigned int serial,
*4d7e907cSAndroid Build Coastguard Worker                     const char* issuerName, const char* subjectName, time_t validityNotBefore,
*4d7e907cSAndroid Build Coastguard Worker                     time_t validityNotAfter, const uint8_t* proofOfBinding,
*4d7e907cSAndroid Build Coastguard Worker                     size_t proofOfBindingSize, uint8_t* cert, size_t* certSize);  // inout
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Uses |privateKey| to create an ECDSA signature of some data (the SHA-256 must
*4d7e907cSAndroid Build Coastguard Worker// be given by |digestOfData|). Returns the signature in |signature|.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsEcDsa(const uint8_t privateKey[EIC_P256_PRIV_KEY_SIZE],
*4d7e907cSAndroid Build Coastguard Worker                 const uint8_t digestOfData[EIC_SHA256_DIGEST_SIZE],
*4d7e907cSAndroid Build Coastguard Worker                 uint8_t signature[EIC_ECDSA_P256_SIGNATURE_SIZE]);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Performs Elliptic Curve Diffie-Helman.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsEcdh(const uint8_t publicKey[EIC_P256_PUB_KEY_SIZE],
*4d7e907cSAndroid Build Coastguard Worker                const uint8_t privateKey[EIC_P256_PRIV_KEY_SIZE],
*4d7e907cSAndroid Build Coastguard Worker                uint8_t sharedSecret[EIC_P256_COORDINATE_SIZE]);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Performs HKDF.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsHkdf(const uint8_t* sharedSecret, size_t sharedSecretSize, const uint8_t* salt,
*4d7e907cSAndroid Build Coastguard Worker                size_t saltSize, const uint8_t* info, size_t infoSize, uint8_t* output,
*4d7e907cSAndroid Build Coastguard Worker                size_t outputSize);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// SHA-256 functions.
*4d7e907cSAndroid Build Coastguard Workervoid eicOpsSha256Init(EicSha256Ctx* ctx);
*4d7e907cSAndroid Build Coastguard Workervoid eicOpsSha256Update(EicSha256Ctx* ctx, const uint8_t* data, size_t len);
*4d7e907cSAndroid Build Coastguard Workervoid eicOpsSha256Final(EicSha256Ctx* ctx, uint8_t digest[EIC_SHA256_DIGEST_SIZE]);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// HMAC SHA-256 functions.
*4d7e907cSAndroid Build Coastguard Workervoid eicOpsHmacSha256Init(EicHmacSha256Ctx* ctx, const uint8_t* key, size_t keySize);
*4d7e907cSAndroid Build Coastguard Workervoid eicOpsHmacSha256Update(EicHmacSha256Ctx* ctx, const uint8_t* data, size_t len);
*4d7e907cSAndroid Build Coastguard Workervoid eicOpsHmacSha256Final(EicHmacSha256Ctx* ctx, uint8_t digest[EIC_SHA256_DIGEST_SIZE]);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Extracts the public key in the given X.509 certificate.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// If the key is not an EC key, this function fails.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// Otherwise the public key is stored in uncompressed form in |publicKey| which
*4d7e907cSAndroid Build Coastguard Worker// size should be set in |publicKeySize|. On successful return |publicKeySize|
*4d7e907cSAndroid Build Coastguard Worker// is set to the length of the key. If there is not enough space, the function
*4d7e907cSAndroid Build Coastguard Worker// fails.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// (The public key returned is not necessarily a P-256 key, even if it is note
*4d7e907cSAndroid Build Coastguard Worker// that its size is not EIC_P256_PUBLIC_KEY_SIZE because of the leading 0x04.)
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsX509GetPublicKey(const uint8_t* x509Cert, size_t x509CertSize, uint8_t* publicKey,
*4d7e907cSAndroid Build Coastguard Worker                            size_t* publicKeySize);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Checks that the X.509 certificate given by |x509Cert| is signed by the public
*4d7e907cSAndroid Build Coastguard Worker// key given by |publicKey| which must be an EC key in uncompressed form (e.g.
*4d7e907cSAndroid Build Coastguard Worker// same formatt as returned by eicOpsX509GetPublicKey()).
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsX509CertSignedByPublicKey(const uint8_t* x509Cert, size_t x509CertSize,
*4d7e907cSAndroid Build Coastguard Worker                                     const uint8_t* publicKey, size_t publicKeySize);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Checks that |signature| is a signature of some data (given by |digest|),
*4d7e907cSAndroid Build Coastguard Worker// signed by the public key given by |publicKey|.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The key must be an EC key in uncompressed form (e.g.  same format as returned
*4d7e907cSAndroid Build Coastguard Worker// by eicOpsX509GetPublicKey()).
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The format of the signature is the same encoding as the 'signature' field of
*4d7e907cSAndroid Build Coastguard Worker// COSE_Sign1 - that is, it's the R and S integers both with the same length as
*4d7e907cSAndroid Build Coastguard Worker// the key-size.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Worker// The size of digest must match the size of the key.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsEcDsaVerifyWithPublicKey(const uint8_t* digest, size_t digestSize,
*4d7e907cSAndroid Build Coastguard Worker                                    const uint8_t* signature, size_t signatureSize,
*4d7e907cSAndroid Build Coastguard Worker                                    const uint8_t* publicKey, size_t publicKeySize);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Validates that the passed in data constitutes a valid auth- and verification tokens.
*4d7e907cSAndroid Build Coastguard Worker//
*4d7e907cSAndroid Build Coastguard Workerbool eicOpsValidateAuthToken(uint64_t challenge, uint64_t secureUserId, uint64_t authenticatorId,
*4d7e907cSAndroid Build Coastguard Worker                             int hardwareAuthenticatorType, uint64_t timeStamp, const uint8_t* mac,
*4d7e907cSAndroid Build Coastguard Worker                             size_t macSize, uint64_t verificationTokenChallenge,
*4d7e907cSAndroid Build Coastguard Worker                             uint64_t verificationTokenTimeStamp,
*4d7e907cSAndroid Build Coastguard Worker                             int verificationTokenSecurityLevel,
*4d7e907cSAndroid Build Coastguard Worker                             const uint8_t* verificationTokenMac, size_t verificationTokenMacSize);
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker// Also see eicOpsLookupActiveSessionFromId() defined in EicSession.h
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#ifdef __cplusplus
*4d7e907cSAndroid Build Coastguard Worker}
*4d7e907cSAndroid Build Coastguard Worker#endif
*4d7e907cSAndroid Build Coastguard Worker
*4d7e907cSAndroid Build Coastguard Worker#endif  // ANDROID_HARDWARE_IDENTITY_EIC_OPS_H