widevine-partner/odkitee
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First Publicly Shared Version of ODKiTEE v15

Browse Source
This commit is contained in:
John W. Bruce
2020-07-24 12:03:58 -07:00
commit eaa8984c06
56 changed files with 21391 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
oemcrypto_ta/tee_interfaces/assert_interface.h Normal file
View File

@@ -0,0 +1,19 @@
/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_ASSERT_INTERFACE_H_
#define OEMCRYPTO_TA_ASSERT_INTERFACE_H_
#include "logging_interface.h"
/* Abort the program execution. */
void Abort(void);
#define ASSERT(expression, ...) \
if (!(expression)) { \
LOGE(__VA_ARGS__); \
Abort(); \
}
#endif /* OEMCRYPTO_TA_ASSERT_INTERFACE_H_ */

42
oemcrypto_ta/tee_interfaces/clock_interface.h Normal file
View File

@@ -0,0 +1,42 @@
/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_CLOCK_INTERFACE_H_
#define OEMCRYPTO_TA_CLOCK_INTERFACE_H_
#include "stdint.h"
#include "OEMCryptoCENC.h"
#ifdef __cplusplus
extern "C" {
#endif
/* Calculates the system time at the time of call and modifies |time_in_s|.
TODO(b/158719238): This needs some design work. We should wrap this in
something that can upgrade the clock type to being monotonic over reboot.
TODO(b/158719238): Reword this paragraph to say what the real requirements
are:
This time does not need to be strictly increasing across
device reboots, but must be strictly increasing between calls to
OEMCrypto_Initialize and OEMCrypto_Terminate. This does not need to be time
since epoch. This does not need to start at 0 on boot.
If clock_type is not null, set *clock_type to the type of clock, as defined
in the OEMCrypto spec.
Returns OEMCrypto_ERROR_UNKNOWN_FAILURE on failure and OEMCrypto_SUCCESS on
success.
Returns OEMCrypto_ERROR_UNKNOWN_FAILURE if time_in_s is a null pointer.
Caller retains ownership of all pointers. */
OEMCryptoResult GetSystemTime(uint64_t* time_in_s,
OEMCrypto_Clock_Security_Level* clock_type);
#ifdef __cplusplus
}
#endif
#endif /* OEMCRYPTO_TA_CLOCK_INTERFACE_H_ */

189
oemcrypto_ta/tee_interfaces/crypto_interface.h Normal file
View File

@@ -0,0 +1,189 @@
/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_CRYPTO_INTERFACE_H_
#define OEMCRYPTO_TA_CRYPTO_INTERFACE_H_
#include "OEMCryptoCENC.h"
#include "oemcrypto_key_types.h"
typedef struct tee_key_handle* TEE_Key_Handle;
/* Creates a key handle from |size| bytes of |serialized_bytes| and the
|key_type|, and places the result in |key_handle|. Returns
OEMCrypto_ERROR_INVALID_CONTEXT if any of the parameters are NULL, size is 0,
or |key_type| is UNKNOWN_KEY_TYPE, OEMCrypto_ERROR_INVALID_RSA_KEY if the
key type is DRM_PRIVATE_RSA_KEY and |serialized_bytes| is an invalid PKCS8
RSA private key, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other
failures, and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all parameters. */
OEMCryptoResult CreateKeyHandle(const uint8_t* serialized_bytes, uint32_t size,
CryptoKeyType key_type,
TEE_Key_Handle* key_handle);
/* Creates a key handle from |size| bytes of |wrapped_key| and the
|key_type|, and places the result in |key_handle|. Returns
OEMCrypto_ERROR_INVALID_CONTEXT if any of the parameters are NULL, size is 0,
or |key_type| is UNKNOWN_KEY_TYPE, OEMCrypto_ERROR_INVALID_RSA_KEY if the
key type is DRM_PRIVATE_RSA_KEY and |serialized_bytes| is an invalid PKCS8
RSA private key, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other
failures, and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all parameters. */
OEMCryptoResult UnwrapIntoKeyHandle(const uint8_t* wrapped_key, uint32_t size,
CryptoKeyType key_type,
TEE_Key_Handle* key_handle);
/* Frees |key_handle| that was constructed from a previous call to
CreateKeyHandle. Returns OEMCrypto_ERROR_INVALID_CONTEXT if |key_handle| is
NULL, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult FreeKeyHandle(TEE_Key_Handle key_handle);
/* Wraps the key data into a buffer that can be saved to the file system. The
wrapping must be device unique. Caller retains ownership of |key| and
|buffer| and they must not be NULL. Caller ensures that buffer_length is at
least as big as the wrapped key size specified in
oemcrypto_config_macros.h. */
OEMCryptoResult WrapKey(uint8_t* wrapped_key, uint32_t size,
CryptoKeyType key_type, TEE_Key_Handle key_handle);
/* AES decryption for 1 block - 16 bytes. |key| is a handle to the AES key used
for decryption. It is used to decrypt |in| and place the result in |out|.
|in| and |out| must be >= 16 bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult AESDecrypt(TEE_Key_Handle key, const uint8_t* in, uint8_t* out);
/* AES encryption for 1 block - 16 bytes. |key| is a handle to the AES key used
for encryption. It is used to encrypt |in| and place the result in |out|.
|in| and |out| must be >= 16 bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult AESEncrypt(TEE_Key_Handle key, const uint8_t* in, uint8_t* out);
/* Decrypts |in_length| bytes of |in| using AES CBC and |iv| and places the
result in |out|. |key| is a handle to the AES key used for decryption and
|key_length| determines the number of bytes to use from |key|. |out| must be
>= |in_length| bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL,
|key_length| is not either 16 or 32 bytes, |key_length| is greater than the
size of |key|, |in_length| is 0 or not a multiple of the AES block size,
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult AESCBCDecrypt(TEE_Key_Handle key, uint32_t key_length,
const uint8_t* in, uint32_t in_length,
const uint8_t* iv, uint8_t* out);
/* Encrypts |in_length| bytes of |in| using AES CBC and |iv| and places the
result in |out|. |key| is a handle to the AES key used for encryption. |out|
must be >= |in_length| bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL,
|in_length| is 0 or not a multiple of the AES block size,
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult AESCBCEncrypt(TEE_Key_Handle key, const uint8_t* in,
uint32_t in_length, const uint8_t* iv,
uint8_t* out);
/* Calculates the HMAC of |message_length| bytes of |message| using SHA256 as
the hash function and places the result in |out| and sets |out_length| to the
correct length of the HMAC. |key| is a handle to the key used in the
derivation.
|out|'s length must be >= 32 bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
|message_length| is 0, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other
failures, and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult HMAC_SHA256(TEE_Key_Handle key, const uint8_t* message,
uint32_t message_length, uint8_t* out);
/* Calculates the HMAC of |message_length| bytes of |message| using SHA1 as the
hash function and places the result in |out|. |key| is a handle to the key
used in the derivation.
|out|'s length must be >= 20 bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
|message_length| is 0, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other
failures, and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult HMAC_SHA1(TEE_Key_Handle key, const uint8_t* message,
uint32_t message_length, uint8_t* out);
/* Sign |message_length| bytes of |message| with the given RSA key handle using
the given |padding scheme| and place the result in |signature|.
|key| is a handle to the RSA key used for signing.
Returns OEMCrypto_ERROR_SHORT_BUFFER if |signature_length| is too small or if
|signature| is NULL, in which case it sets |signature_length| to the
appropriate length. Returns OEMCrypto_ERROR_INVALID_CONTEXT if
|message_length| is 0 or if any of the pointers except |signature| are NULL,
OEMCrypto_ERROR_INVALID_RSA_KEY if the padding_scheme provided is not
supported, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures,
and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult RSASign(TEE_Key_Handle key, const uint8_t* message,
uint32_t message_length, uint8_t* signature,
uint32_t* signature_length,
RSA_Padding_Scheme padding_scheme);
/* Decrypts |in_length| bytes of |in| and places it in |out|. The padding scheme
shall only be PKCS1 OAEP. |key| is a handle to the RSA key used for
decryption.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
|in_length| is 0, OEMCrypto_ERROR_SHORT_BUFFER if |out_length| is too small,
in which case it sets |out_length| to the appropriate length,
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult RSADecrypt(TEE_Key_Handle key, const uint8_t* in,
uint32_t in_length, uint8_t* out,
uint32_t* out_length);
/* The device key is used to wrap and unwrap the DRM RSA key. It should be
separate from the key tied to the Widevine root of trust if possible.
Derives a 16 byte key from the device key and |context_length| bytes of
|context| using AES-128-CMAC. Prepends |counter| to context in the
derivation. Modifies |out| to the correct value.
|out| must be >= 16 bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
|context_length| is 0, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other
failures, and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult DeriveKeyFromDeviceKey(uint8_t counter, const uint8_t* context,
uint32_t context_length, uint8_t* out);
/* Identical to the previous function, except that it uses |key| to derive a
key. */
OEMCryptoResult DeriveKeyFromKeyHandle(TEE_Key_Handle key, uint8_t counter,
const uint8_t* context,
uint32_t context_length, uint8_t* out);
/* Generates |size| random bytes and places them in |out|. Returns
OEMCrypto_ERROR_BUFFER_TOO_LARGE if |size| is too big,
OEMCrypto_ERROR_UNKNOWN_FAILURE or any other failures, and OEMCrypto_SUCCESS
otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult RandomBytes(uint8_t* out, uint32_t size);
/* Initializes the 32-bit |initial_hash| to the starting CRC-32 value.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if |initial_hash| is NULL and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult Crc32Init(uint32_t* initial_hash);
/* Calculates the new crc-32 value given |in_length| bytes of |in| and the
previous CRC-32 value, |prev_crc|. Places the result in |new_crc|.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any pointers are NULL or
|in_length| is 0 and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult Crc32Cont(const uint8_t* in, uint32_t in_length,
uint32_t prev_crc, uint32_t* new_crc);
#endif /* OEMCRYPTO_TA_CRYPTO_INTERFACE_H_ */

64
oemcrypto_ta/tee_interfaces/generation_number_interface.h Normal file
View File

@@ -0,0 +1,64 @@
/* Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_GENERATION_NUMBER_INTERFACE_H_
#define OEMCRYPTO_TA_GENERATION_NUMBER_INTERFACE_H_
#include <stdint.h>
#include "OEMCryptoCENC.h"
/**
* Prepare to load the generation number. If the generation number is loaded
* asynchronously, this should initialize that process so that the next call to
* TEE_LoadGenerationNumber does not block for too long.
*
* TODO(b/160022428): define and document "too long".
*
* The generation number should be stored in secure persistent storage. By
* *persistent* we mean that the generation number should not be changed by
* shutting down and later restarting the system. By *secure* we mean that the
* user should not be able to modify the generation number. In particular, the
* user should not be able to revert the generation number to a previous value.
*
* Returns true on success. On failure, initialization of the TA will fail.
*/
bool TEE_PrepareGenerationNumber(void);
/**
* Load the usage table generation number. This is called once, on first use of
* the usage table. This is expected to block until a value is available. It is
* the porting interface's responsibility to fail if this blocks too
* long. Returns true on success. A return value of false will fail OEMCrypto
* initialization. If the generation number has never been saved before, a
* random number should be generated -- this is NOT an error.
*/
bool TEE_LoadGenerationNumber(uint64_t* value);
/**
* Save the generation number.
*
* If the generation number is saved asynchronously, then it is OK for the first
* call to this function to begin a save process and then return true.
* Subsequent calls will verify that the previous save has completed
* successfully. If the previous save resulted in an error, then this call will
* return false. If the previous call has not completed, then this call should
* block until the previous save finishes before initializing a new save. If the
* previous call was successful, then this call will initialize a new save and
* return true. It is the porting interface's responsibility to fail if this
* blocks too long.
*
* If the generation number is saved synchronously, then this function should
* attempt to save the generation number and return true if the save was
* successful.
*
* Returns true on success. A return value of false will fail the current
* attempt to save the usage table. If a failure actually indicates that the
* previous save had failed, then the usage table will be saved with a
* generation number skew of 1. When the usage table is loaded with a generation
* skew of 1, it will result in a warning, but not a failure.
*/
bool TEE_SaveGenerationNumber(uint64_t value);
#endif /* OEMCRYPTO_TA_GENERATION_NUMBER_INTERFACE_H_ */

18
oemcrypto_ta/tee_interfaces/initialize_terminate_interface.h Normal file
View File

@@ -0,0 +1,18 @@
/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_INITIALIZE_TERMINATE_INTERFACE_H_
#define OEMCRYPTO_TA_INITIALIZE_TERMINATE_INTERFACE_H_
/* Set up for any work needed for initializing the TA-specific components of the
TEE. Returns 0 on success and any other int, which will be logged, on
failure. */
int Initialize(void);
/* Set up for any work needed for terminating the TA-specific components of the
TEE. Returns 0 on success and any other int, which will be logged, on
failure. */
int Terminate(void);
#endif /* OEMCRYPTO_TA_INITIALIZE_TERMINATE_INTERFACE_H_ */

21
oemcrypto_ta/tee_interfaces/logging_interface.h Normal file
View File

@@ -0,0 +1,21 @@
/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_LOGGING_INTERFACE_H_
#define OEMCRYPTO_TA_LOGGING_INTERFACE_H_
typedef enum LogPriority {
LOG_ERROR = 0x1098fa73,
LOG_DEBUG = 0x2b898c5a,
} LogPriority;
extern LogPriority g_cutoff;
void Log(const char* file, const char* function, int line, LogPriority level,
const char* fmt, ...);
#define LOGE(...) Log(__FILE__, __func__, __LINE__, LOG_ERROR, __VA_ARGS__)
#define LOGD(...) Log(__FILE__, __func__, __LINE__, LOG_DEBUG, __VA_ARGS__)
#endif /* OEMCRYPTO_TA_LOGGING_INTERFACE_H_ */

84
oemcrypto_ta/tee_interfaces/oemcrypto_config_interface.h Normal file
View File

@@ -0,0 +1,84 @@
/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_OEMCRYPTO_CONFIG_INTERFACE_H_
#define OEMCRYPTO_TA_OEMCRYPTO_CONFIG_INTERFACE_H_
#include "OEMCryptoCENC.h"
#include "oemcrypto_config_macros.h"
/* Returns the provisioning method configured for this TA. */
OEMCrypto_ProvisioningMethod GetProvisioningMethod(void);
/* Returns the resource rating tier associated with this device. */
uint32_t GetResourceRatingTier(void);
/* Returns an xor of all the padding schemes allowed by this device. */
uint32_t GetRSAPaddingSchemes(void);
/* Gets the current supported version of SRM for the device and sets the
|srm_version|. Returns OEMCrypto_SUCCESS if it was able to be fetched,
OEMCrypto_ERROR_INVALID_CONTEXT if |srm_version| is NULL, any
OEMCrypto_ERROR_UNKNOWN_FAILURE otherwise. */
OEMCryptoResult GetCurrentSRMVersion(uint32_t* srm_version);
/* Returns whether the device has hardware protection preventing rollback of the
usage table. */
bool IsAntiRollbackHWPresent(void);
/* Returns whether or not the device was able to apply the CGMS protection for
the device. The |cgms_field| correlates to those under the Key Control Block
description in the OEMCrypto doc. If the cgms_field is invalid, return
OEMCrypto_ERROR_UNKNOWN_FAILURE. Even if this function is not called, the
device should attempt best effort for CGMS. */
OEMCryptoResult ApplyCGMS(uint8_t cgms_field);
/* Returns whether CGMS is enabled for analog output for this device. */
bool IsCGMS_AActive(void);
/* Returns whether this device is capable of supporting 2-bit CGMS-A. */
bool SupportsCGMS_A(void);
/* Returns whether the device is capable of analog display. */
bool HasAnalogDisplay(void);
/* Returns whether analog display is enabled for this display. */
bool IsAnalogDisplayActive(void);
/* Returns whether the analog display is capable of being disabled. If this
device doesn't have analog display, return false. */
bool CanDisableAnalogDisplay(void);
/* Turn off analog display and return whether it was successful. If this device
doesn't have analog display, return false. */
bool DisableAnalogDisplay(void);
/* Returns the max buffer size/max subsample size in bytes allowed for
DecryptCENC. If there is no restriction, returns 0. */
uint32_t MaxBufferSizeForDecrypt(void);
/* Returns the max output size in bytes allowed for DecryptCENC and CopyBuffer.
If there is no restriction, returns 0. */
uint32_t MaxOutputSizeForDecrypt(void);
/* A closed platform can use clear buffers during decryption. */
/* TODO(b/145245387): define what constitutes a closed platform. */
bool IsClosedPlatform(void);
/* Returns the current and maximum HDCP capabilities of the device. Look at the
OEMCrypto integration guide for full details on what the current and maximum
capabilities entail. */
OEMCrypto_HDCP_Capability CurrentHDCPCapability(void);
OEMCrypto_HDCP_Capability MaxHDCPCapability(void);
/* Returns the max buffer size allowed for OEMCrypto_Generic_*.
If there is no restriction, returns 0. */
uint32_t MaxBufferSizeForGenericCrypto(void);
/* Returns the type of certificates this device can support. See
OEMCrypto_SupportedCertificates in the integration guide for details on
return value. */
uint32_t SupportedCertificates(void);
#endif /* OEMCRYPTO_TA_OEMCRYPTO_CONFIG_INTERFACE_H_ */

114
oemcrypto_ta/tee_interfaces/root_of_trust_interface.h Normal file
View File

@@ -0,0 +1,114 @@
/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
source code may only be used and distributed under the Widevine Master
License Agreement. */
#ifndef OEMCRYPTO_TA_ROOT_OF_TRUST_INTERFACE_H_
#define OEMCRYPTO_TA_ROOT_OF_TRUST_INTERFACE_H_
#include "stddef.h"
#include "stdint.h"
#include "OEMCryptoCENC.h"
/* Sets the length of the OEM public certificate. Returns
OEMCrypto_ERROR_INVALID_CONTEXT if |public_cert| is NULL,
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other issues, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of |public_cert|. */
OEMCryptoResult GetOEMPublicCertificateLength(uint32_t* public_cert_length);
/* Sets the OEM public certificate. Returns OEMCrypto_ERROR_INVALID_CONTEXT
if |public_cert| is NULL, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any
other issues, and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of |public_cert|. */
OEMCryptoResult GetOEMPublicCertificate(uint8_t* public_cert);
/* Calls to the crypto engine to sign |message_length| bytes of |message| using
padding scheme RSASSA-PSS with SHA1 and places the result in |signature| and
modifies |signature_length| to the appropriate value.
Returns OEMCrypto_ERROR_SHORT_BUFFER if |signature_length| is too small or if
|signature| is NULL, in which case it sets |signature_length| to the
appropriate length. Returns OEMCrypto_ERROR_INVALID_CONTEXT if
|message_length| is 0 or if any of the pointers except |signature| are NULL,
OEMCrypto_ERROR_INVALID_RSA_KEY if the OEM RSA key is invalid,
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise. */
OEMCryptoResult SignMessageWithOEMPrivateKey(const uint8_t* message,
uint32_t message_length,
uint8_t* signature,
uint32_t* signature_length);
/* Calls to the crypto engine to decrypt |in_length| bytes of |in| and place it
in |out| using the OEM private key. The padding scheme shall only be
PKCS1-OAEP.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
|in_length| is 0, OEMCrypto_ERROR_SHORT_BUFFER if *|out_length| is too small,
in which case it sets *|out_length| to the appropriate length,
OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other failures, and
OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult DecryptMessageWithOEMPrivateKey(const uint8_t* in,
uint32_t in_length,
uint8_t* out,
uint32_t* out_length);
/* Validates the OEM private key stored on the device.
Returns OEMCrypto_ERROR_INVALID_RSA_KEY if the key is not a valid RSA key,
OEMCrypto_ERROR_UNKNOWN_FAILURE on any other failures, and OEMCrypto_SUCCESS
otherwise. */
OEMCryptoResult ValidateOEMPrivateKey(void);
/* For devices that use Provisioning 3.0 and want to provide a custom device id
instead of using the OEM cert as the unique identifier.
Returns OEMCrypto_ERROR_SHORT_BUFFER if |device_id_length| is too small,
OEMCrypto_ERROR_INVALID_CONTEXT if |device_id| is NULL,
OEMCrypto_ERROR_NOT_IMPLEMENTED if the OEM cert should be used,
OEMCrypto_ERROR_UNKNOWN_FAILURE on any other failures, and OEMCrypto_SUCCESS
otherwise.
Caller retains ownership of all pointers and |device_id_length| must not be
NULL. */
OEMCryptoResult GetDeviceIDForOEMCert(uint8_t* device_id,
uint32_t* device_id_length);
/* Attempt to validate the current keybox loaded.
Returns OEMCrypto_ERROR_BAD_MAGIC if magic field is not "kbox",
OEMCrypto_ERROR_BAD_CRC if computed CRC is not equivalent to stored CRC,
and OEMCrypto_SUCCESS otherwise. */
OEMCryptoResult ValidateKeybox(void);
/* Get the 72 byte encrypted key data from the current keybox.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if |key_data| is NULL and
OEMCrypto_SUCCESS otherwise.
In order to avoid buffer overflow attacks, we recommend partners to keep this
separate from the device key in the keybox, so that when this accessed, the
device key is not exposed.
|key_data| must be >= 72 bytes. */
OEMCryptoResult GetKeyDataFromKeybox(uint8_t* key_data);
/* Get the 32 byte device id from the current keybox.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if |device_id| is NULL and
OEMCrypto_SUCCESS otherwise.
In order to avoid buffer overflow attacks, we recommend partners to keep this
separate from the device key in the keybox, so that when this accessed, the
device key is not exposed.
|device_id| must be >= 32 bytes. */
OEMCryptoResult GetDeviceIDFromKeybox(uint8_t* device_id);
/* Load a test keybox to be used until the next OEMCrypto_Terminate call.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if |test_keybox| is NULL and
OEMCrypto_SUCCESS otherwise.
|test_keybox| must be >= 128 bytes. */
OEMCryptoResult LoadTestKeybox(const uint8_t* test_keybox);
/* Derives a 16 byte key from the keybox key and |context_length| bytes of
|context| using AES-128-CMAC. Prepends |counter| to context in the
derivation. Modifies |out| to the correct value.
|out| must be >= 16 bytes.
Returns OEMCrypto_ERROR_INVALID_CONTEXT if any of the pointers are NULL or
|context_length| is 0, OEMCrypto_ERROR_UNKNOWN_FAILURE if there are any other
failures, and OEMCrypto_SUCCESS otherwise.
Caller retains ownership of all pointers. */
OEMCryptoResult DeriveKeyFromKeybox(uint8_t counter, const uint8_t* context,
uint32_t context_length, uint8_t* out);
#endif /* OEMCRYPTO_TA_ROOT_OF_TRUST_INTERFACE_H_ */