diff options
Diffstat (limited to 'identity/aidl/default/libeic/EicProvisioning.h')
| -rw-r--r-- | identity/aidl/default/libeic/EicProvisioning.h | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/identity/aidl/default/libeic/EicProvisioning.h b/identity/aidl/default/libeic/EicProvisioning.h index f064787b1b..2619bfc45e 100644 --- a/identity/aidl/default/libeic/EicProvisioning.h +++ b/identity/aidl/default/libeic/EicProvisioning.h @@ -31,6 +31,9 @@ extern "C" { #define EIC_MAX_NUM_ACCESS_CONTROL_PROFILE_IDS 32 typedef struct { + // A non-zero number unique for this EicProvisioning instance + uint32_t id; + // Set by eicCreateCredentialKey() OR eicProvisioningInitForUpdate() uint8_t credentialPrivateKey[EIC_P256_PRIV_KEY_SIZE]; @@ -65,31 +68,44 @@ typedef struct { bool eicProvisioningInit(EicProvisioning* ctx, bool testCredential); bool eicProvisioningInitForUpdate(EicProvisioning* ctx, bool testCredential, const char* docType, - const uint8_t* encryptedCredentialKeys, + size_t docTypeLength, const uint8_t* encryptedCredentialKeys, size_t encryptedCredentialKeysSize); +bool eicProvisioningShutdown(EicProvisioning* ctx); + +bool eicProvisioningGetId(EicProvisioning* ctx, uint32_t* outId); + bool eicProvisioningCreateCredentialKey(EicProvisioning* ctx, const uint8_t* challenge, size_t challengeSize, const uint8_t* applicationId, - size_t applicationIdSize, uint8_t* publicKeyCert, + size_t applicationIdSize, const uint8_t* attestationKeyBlob, + size_t attestationKeyBlobSize, + const uint8_t* attestationKeyCert, + size_t attestationKeyCertSize, uint8_t* publicKeyCert, size_t* publicKeyCertSize); bool eicProvisioningStartPersonalization(EicProvisioning* ctx, int accessControlProfileCount, const int* entryCounts, size_t numEntryCounts, - const char* docType, + const char* docType, size_t docTypeLength, size_t expectedProofOfProvisioningingSize); +// The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to +// avoid allocating stack space. +// bool eicProvisioningAddAccessControlProfile(EicProvisioning* ctx, int id, const uint8_t* readerCertificate, size_t readerCertificateSize, - bool userAuthenticationRequired, uint64_t timeoutMillis, - uint64_t secureUserId, uint8_t outMac[28]); + bool userAuthenticationRequired, + uint64_t timeoutMillis, uint64_t secureUserId, + uint8_t outMac[28], uint8_t* scratchSpace, + size_t scratchSpaceSize); // The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to // avoid allocating stack space. // -bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const int* accessControlProfileIds, +bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const uint8_t* accessControlProfileIds, size_t numAccessControlProfileIds, const char* nameSpace, - const char* name, uint64_t entrySize, uint8_t* scratchSpace, + size_t nameSpaceLength, const char* name, size_t nameLength, + uint64_t entrySize, uint8_t* scratchSpace, size_t scratchSpaceSize); // The outEncryptedContent array must be contentSize + 28 bytes long. @@ -97,9 +113,10 @@ bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const int* accessControl // The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to // avoid allocating stack space. // -bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const int* accessControlProfileIds, +bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const uint8_t* accessControlProfileIds, size_t numAccessControlProfileIds, const char* nameSpace, - const char* name, const uint8_t* content, size_t contentSize, + size_t nameSpaceLength, const char* name, size_t nameLength, + const uint8_t* content, size_t contentSize, uint8_t* outEncryptedContent, uint8_t* scratchSpace, size_t scratchSpaceSize); @@ -128,6 +145,7 @@ bool eicProvisioningFinishAddingEntries( // |encryptedCredentialKeys| will be no longer than 86 + 28 = 114 bytes. // bool eicProvisioningFinishGetCredentialData(EicProvisioning* ctx, const char* docType, + size_t docTypeLength, uint8_t* encryptedCredentialKeys, size_t* encryptedCredentialKeysSize); |