// Copyright 2023 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.

#ifndef DICE_CBOR_CONSTANTS_H_
#define DICE_CBOR_CONSTANTS_H_

namespace widevine {

// The BCC is encoded using RFC 8949- Concise Binary Object Representation
// (CBOR).

// The full definition of the following enums can be found here:
// go/remote-provisioning-hal#bcc.

// The device key is encoded in a cbor map. The key values are a mix of
// positive and negative integer values.
enum {
  MAP_KEY_DEVICE_KEY_TYPE = 1,
  MAP_KEY_DEVICE_KEY_ALGORITHM = 3,
  MAP_KEY_DEVICE_KEY_OPS = 4,
  MAP_KEY_DEVICE_KEY_CURVE = -1,
  MAP_KEY_DEVICE_KEY_BYTES_0 = -2,
  MAP_KEY_DEVICE_KEY_BYTES_1 = -3,
};

// The device key may be encoded in the BCC as either X,Y elliptic curve
// coordinates, or as raw bytes. The value is identified using
// MAP_KEY_DEVICE_KEY_TYPE.
enum {
  DEVICE_KEY_ENCODING_UNKNOWN = 0,
  DEVICE_KEY_BYTE_STRING = 1,
  DEVICE_KEY_OCTET_PAIR = 2,
};

// Android/Widevine Dice Attestation allows two signing models. This is
// identified using MAP_KEY_DEVICE_KEY_ALGORITHM.
enum {
  DEVICE_KEY_ALGORITHM_ES256 = -7,   // EC key with SHA-256
  DEVICE_KEY_ALGORITHM_EDDSA = -8,   // Pure ED25519.
  DEVICE_KEY_ALGORITHM_ES384 = -35,  // EC key with SHA-384
};

// The curve used to generate the device public key is identified using the
// MAP_KEY_DEVICE_KEY_CURVE.
enum {
  DEVICE_KEY_CURVE_P256 = 1,
  DEVICE_KEY_CURVE_P384 = 2,
  DEVICE_KEY_CURVE_ED25519 = 6,
};

}  // namespace widevine

#endif  // DICE_CBOR_CONSTANTS_H_