1*4d7e907cSAndroid Build Coastguard Worker /* 2*4d7e907cSAndroid Build Coastguard Worker * Copyright 2020, The Android Open Source Project 3*4d7e907cSAndroid Build Coastguard Worker * 4*4d7e907cSAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License"); 5*4d7e907cSAndroid Build Coastguard Worker * you may not use this file except in compliance with the License. 6*4d7e907cSAndroid Build Coastguard Worker * You may obtain a copy of the License at 7*4d7e907cSAndroid Build Coastguard Worker * 8*4d7e907cSAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0 9*4d7e907cSAndroid Build Coastguard Worker * 10*4d7e907cSAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software 11*4d7e907cSAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS, 12*4d7e907cSAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*4d7e907cSAndroid Build Coastguard Worker * See the License for the specific language governing permissions and 14*4d7e907cSAndroid Build Coastguard Worker * limitations under the License. 15*4d7e907cSAndroid Build Coastguard Worker */ 16*4d7e907cSAndroid Build Coastguard Worker 17*4d7e907cSAndroid Build Coastguard Worker #if !defined(EIC_INSIDE_LIBEIC_H) && !defined(EIC_COMPILATION) 18*4d7e907cSAndroid Build Coastguard Worker #error "Never include this file directly, include libeic.h instead." 19*4d7e907cSAndroid Build Coastguard Worker #endif 20*4d7e907cSAndroid Build Coastguard Worker 21*4d7e907cSAndroid Build Coastguard Worker #ifndef ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H 22*4d7e907cSAndroid Build Coastguard Worker #define ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H 23*4d7e907cSAndroid Build Coastguard Worker 24*4d7e907cSAndroid Build Coastguard Worker #ifdef __cplusplus 25*4d7e907cSAndroid Build Coastguard Worker extern "C" { 26*4d7e907cSAndroid Build Coastguard Worker #endif 27*4d7e907cSAndroid Build Coastguard Worker 28*4d7e907cSAndroid Build Coastguard Worker #include "EicCbor.h" 29*4d7e907cSAndroid Build Coastguard Worker 30*4d7e907cSAndroid Build Coastguard Worker #define EIC_MAX_NUM_NAMESPACES 32 31*4d7e907cSAndroid Build Coastguard Worker #define EIC_MAX_NUM_ACCESS_CONTROL_PROFILE_IDS 32 32*4d7e907cSAndroid Build Coastguard Worker 33*4d7e907cSAndroid Build Coastguard Worker typedef struct { 34*4d7e907cSAndroid Build Coastguard Worker // A non-zero number unique for this EicProvisioning instance 35*4d7e907cSAndroid Build Coastguard Worker uint32_t id; 36*4d7e907cSAndroid Build Coastguard Worker 37*4d7e907cSAndroid Build Coastguard Worker // Set by eicCreateCredentialKey() OR eicProvisioningInitForUpdate() 38*4d7e907cSAndroid Build Coastguard Worker uint8_t credentialPrivateKey[EIC_P256_PRIV_KEY_SIZE]; 39*4d7e907cSAndroid Build Coastguard Worker 40*4d7e907cSAndroid Build Coastguard Worker int numEntryCounts; 41*4d7e907cSAndroid Build Coastguard Worker uint8_t entryCounts[EIC_MAX_NUM_NAMESPACES]; 42*4d7e907cSAndroid Build Coastguard Worker 43*4d7e907cSAndroid Build Coastguard Worker int curNamespace; 44*4d7e907cSAndroid Build Coastguard Worker int curNamespaceNumProcessed; 45*4d7e907cSAndroid Build Coastguard Worker 46*4d7e907cSAndroid Build Coastguard Worker size_t curEntrySize; 47*4d7e907cSAndroid Build Coastguard Worker size_t curEntryNumBytesReceived; 48*4d7e907cSAndroid Build Coastguard Worker 49*4d7e907cSAndroid Build Coastguard Worker // Set by eicProvisioningInit() OR eicProvisioningInitForUpdate() 50*4d7e907cSAndroid Build Coastguard Worker uint8_t storageKey[EIC_AES_128_KEY_SIZE]; 51*4d7e907cSAndroid Build Coastguard Worker 52*4d7e907cSAndroid Build Coastguard Worker size_t expectedCborSizeAtEnd; 53*4d7e907cSAndroid Build Coastguard Worker 54*4d7e907cSAndroid Build Coastguard Worker // SHA-256 for AdditionalData, updated for each entry. 55*4d7e907cSAndroid Build Coastguard Worker uint8_t additionalDataSha256[EIC_SHA256_DIGEST_SIZE]; 56*4d7e907cSAndroid Build Coastguard Worker 57*4d7e907cSAndroid Build Coastguard Worker // Digester just for ProofOfProvisioning (without Sig_structure). 58*4d7e907cSAndroid Build Coastguard Worker EicSha256Ctx proofOfProvisioningDigester; 59*4d7e907cSAndroid Build Coastguard Worker 60*4d7e907cSAndroid Build Coastguard Worker EicCbor cbor; 61*4d7e907cSAndroid Build Coastguard Worker 62*4d7e907cSAndroid Build Coastguard Worker bool testCredential; 63*4d7e907cSAndroid Build Coastguard Worker 64*4d7e907cSAndroid Build Coastguard Worker // Set to true if this is an update. 65*4d7e907cSAndroid Build Coastguard Worker bool isUpdate; 66*4d7e907cSAndroid Build Coastguard Worker } EicProvisioning; 67*4d7e907cSAndroid Build Coastguard Worker 68*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningInit(EicProvisioning* ctx, bool testCredential); 69*4d7e907cSAndroid Build Coastguard Worker 70*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningInitForUpdate(EicProvisioning* ctx, bool testCredential, const char* docType, 71*4d7e907cSAndroid Build Coastguard Worker size_t docTypeLength, const uint8_t* encryptedCredentialKeys, 72*4d7e907cSAndroid Build Coastguard Worker size_t encryptedCredentialKeysSize); 73*4d7e907cSAndroid Build Coastguard Worker 74*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningShutdown(EicProvisioning* ctx); 75*4d7e907cSAndroid Build Coastguard Worker 76*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningGetId(EicProvisioning* ctx, uint32_t* outId); 77*4d7e907cSAndroid Build Coastguard Worker 78*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningCreateCredentialKey(EicProvisioning* ctx, const uint8_t* challenge, 79*4d7e907cSAndroid Build Coastguard Worker size_t challengeSize, const uint8_t* applicationId, 80*4d7e907cSAndroid Build Coastguard Worker size_t applicationIdSize, const uint8_t* attestationKeyBlob, 81*4d7e907cSAndroid Build Coastguard Worker size_t attestationKeyBlobSize, 82*4d7e907cSAndroid Build Coastguard Worker const uint8_t* attestationKeyCert, 83*4d7e907cSAndroid Build Coastguard Worker size_t attestationKeyCertSize, uint8_t* publicKeyCert, 84*4d7e907cSAndroid Build Coastguard Worker size_t* publicKeyCertSize); 85*4d7e907cSAndroid Build Coastguard Worker 86*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningStartPersonalization(EicProvisioning* ctx, int accessControlProfileCount, 87*4d7e907cSAndroid Build Coastguard Worker const int* entryCounts, size_t numEntryCounts, 88*4d7e907cSAndroid Build Coastguard Worker const char* docType, size_t docTypeLength, 89*4d7e907cSAndroid Build Coastguard Worker size_t expectedProofOfProvisioningingSize); 90*4d7e907cSAndroid Build Coastguard Worker 91*4d7e907cSAndroid Build Coastguard Worker // The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to 92*4d7e907cSAndroid Build Coastguard Worker // avoid allocating stack space. 93*4d7e907cSAndroid Build Coastguard Worker // 94*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningAddAccessControlProfile(EicProvisioning* ctx, int id, 95*4d7e907cSAndroid Build Coastguard Worker const uint8_t* readerCertificate, 96*4d7e907cSAndroid Build Coastguard Worker size_t readerCertificateSize, 97*4d7e907cSAndroid Build Coastguard Worker bool userAuthenticationRequired, 98*4d7e907cSAndroid Build Coastguard Worker uint64_t timeoutMillis, uint64_t secureUserId, 99*4d7e907cSAndroid Build Coastguard Worker uint8_t outMac[28], uint8_t* scratchSpace, 100*4d7e907cSAndroid Build Coastguard Worker size_t scratchSpaceSize); 101*4d7e907cSAndroid Build Coastguard Worker 102*4d7e907cSAndroid Build Coastguard Worker // The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to 103*4d7e907cSAndroid Build Coastguard Worker // avoid allocating stack space. 104*4d7e907cSAndroid Build Coastguard Worker // 105*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const uint8_t* accessControlProfileIds, 106*4d7e907cSAndroid Build Coastguard Worker size_t numAccessControlProfileIds, const char* nameSpace, 107*4d7e907cSAndroid Build Coastguard Worker size_t nameSpaceLength, const char* name, size_t nameLength, 108*4d7e907cSAndroid Build Coastguard Worker uint64_t entrySize, uint8_t* scratchSpace, 109*4d7e907cSAndroid Build Coastguard Worker size_t scratchSpaceSize); 110*4d7e907cSAndroid Build Coastguard Worker 111*4d7e907cSAndroid Build Coastguard Worker // The outEncryptedContent array must be contentSize + 28 bytes long. 112*4d7e907cSAndroid Build Coastguard Worker // 113*4d7e907cSAndroid Build Coastguard Worker // The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to 114*4d7e907cSAndroid Build Coastguard Worker // avoid allocating stack space. 115*4d7e907cSAndroid Build Coastguard Worker // 116*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const uint8_t* accessControlProfileIds, 117*4d7e907cSAndroid Build Coastguard Worker size_t numAccessControlProfileIds, const char* nameSpace, 118*4d7e907cSAndroid Build Coastguard Worker size_t nameSpaceLength, const char* name, size_t nameLength, 119*4d7e907cSAndroid Build Coastguard Worker const uint8_t* content, size_t contentSize, 120*4d7e907cSAndroid Build Coastguard Worker uint8_t* outEncryptedContent, uint8_t* scratchSpace, 121*4d7e907cSAndroid Build Coastguard Worker size_t scratchSpaceSize); 122*4d7e907cSAndroid Build Coastguard Worker 123*4d7e907cSAndroid Build Coastguard Worker // The data returned in |signatureOfToBeSigned| contains the ECDSA signature of 124*4d7e907cSAndroid Build Coastguard Worker // the ToBeSigned CBOR from RFC 8051 "4.4. Signing and Verification Process" 125*4d7e907cSAndroid Build Coastguard Worker // where content is set to the ProofOfProvisioninging CBOR. 126*4d7e907cSAndroid Build Coastguard Worker // 127*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningFinishAddingEntries( 128*4d7e907cSAndroid Build Coastguard Worker EicProvisioning* ctx, uint8_t signatureOfToBeSigned[EIC_ECDSA_P256_SIGNATURE_SIZE]); 129*4d7e907cSAndroid Build Coastguard Worker 130*4d7e907cSAndroid Build Coastguard Worker // 131*4d7e907cSAndroid Build Coastguard Worker // 132*4d7e907cSAndroid Build Coastguard Worker // The |encryptedCredentialKeys| array is set to AES-GCM-ENC(HBK, R, CredentialKeys, docType) 133*4d7e907cSAndroid Build Coastguard Worker // where 134*4d7e907cSAndroid Build Coastguard Worker // 135*4d7e907cSAndroid Build Coastguard Worker // CredentialKeys = [ 136*4d7e907cSAndroid Build Coastguard Worker // bstr, ; storageKey, a 128-bit AES key 137*4d7e907cSAndroid Build Coastguard Worker // bstr ; credentialPrivKey, the private key for credentialKey 138*4d7e907cSAndroid Build Coastguard Worker // bstr ; SHA-256(ProofOfProvisioning) 139*4d7e907cSAndroid Build Coastguard Worker // ] 140*4d7e907cSAndroid Build Coastguard Worker // 141*4d7e907cSAndroid Build Coastguard Worker // for feature version 202101. For feature version 202009 the third field was not present. 142*4d7e907cSAndroid Build Coastguard Worker // 143*4d7e907cSAndroid Build Coastguard Worker // Since |storageKey| is 16 bytes and |credentialPrivKey| is 32 bytes, the 144*4d7e907cSAndroid Build Coastguard Worker // encoded CBOR for CredentialKeys is 86 bytes and consequently 145*4d7e907cSAndroid Build Coastguard Worker // |encryptedCredentialKeys| will be no longer than 86 + 28 = 114 bytes. 146*4d7e907cSAndroid Build Coastguard Worker // 147*4d7e907cSAndroid Build Coastguard Worker bool eicProvisioningFinishGetCredentialData(EicProvisioning* ctx, const char* docType, 148*4d7e907cSAndroid Build Coastguard Worker size_t docTypeLength, 149*4d7e907cSAndroid Build Coastguard Worker uint8_t* encryptedCredentialKeys, 150*4d7e907cSAndroid Build Coastguard Worker size_t* encryptedCredentialKeysSize); 151*4d7e907cSAndroid Build Coastguard Worker 152*4d7e907cSAndroid Build Coastguard Worker #ifdef __cplusplus 153*4d7e907cSAndroid Build Coastguard Worker } 154*4d7e907cSAndroid Build Coastguard Worker #endif 155*4d7e907cSAndroid Build Coastguard Worker 156*4d7e907cSAndroid Build Coastguard Worker #endif // ANDROID_HARDWARE_IDENTITY_EIC_PROVISIONING_H 157