| /** @addtogroup MC_CONTAINER mcContainer - Containers for MobiCore Content Management. | |
| * @ingroup MC_DATA_TYPES | |
| * @{ | |
| * | |
| * <!-- Copyright Giesecke & Devrient GmbH 2009-2012 --> | |
| * | |
| * Redistribution and use in source and binary forms, with or without | |
| * modification, are permitted provided that the following conditions | |
| * are met: | |
| * 1. Redistributions of source code must retain the above copyright | |
| * notice, this list of conditions and the following disclaimer. | |
| * 2. Redistributions in binary form must reproduce the above copyright | |
| * notice, this list of conditions and the following disclaimer in the | |
| * documentation and/or other materials provided with the distribution. | |
| * 3. The name of the author may not be used to endorse or promote | |
| * products derived from this software without specific prior | |
| * written permission. | |
| * | |
| * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS | |
| * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
| * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
| * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | |
| * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
| * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE | |
| * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
| * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | |
| * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
| * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | |
| * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| */ | |
| #ifndef MC_CONTAINER_H_ | |
| #define MC_CONTAINER_H_ | |
| #include <stdint.h> | |
| #include "mcRootid.h" | |
| #include "mcSpid.h" | |
| #include "mcUuid.h" | |
| #include "mcSo.h" | |
| #include "mcSuid.h" | |
| #define CONTAINER_VERSION_MAJOR 2 | |
| #define CONTAINER_VERSION_MINOR 0 | |
| #define MC_CONT_SYMMETRIC_KEY_SIZE 32 | |
| #define MC_CONT_PUBLIC_KEY_SIZE 320 | |
| #define MC_CONT_CHILDREN_COUNT 16 | |
| #define MC_DATA_CONT_MAX_DATA_SIZE 2048 | |
| #define MC_TLT_CODE_HASH_SIZE 32 | |
| #define MC_BYTES_TO_WORDS(bytes) ( (bytes) / sizeof(uint32_t) ) | |
| #define MC_ENUM_32BIT_SPACER ((int32_t)-1) | |
| typedef uint32_t mcContVersion_t; | |
| /** Personalization Data ID. */ | |
| typedef struct { | |
| uint32_t data; | |
| } mcPid_t; | |
| typedef struct { | |
| uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_SYMMETRIC_KEY_SIZE)]; | |
| } mcSymmetricKey_t; | |
| typedef struct { | |
| uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_PUBLIC_KEY_SIZE)]; | |
| } mcPublicKey_t; | |
| typedef mcSpid_t spChild_t[MC_CONT_CHILDREN_COUNT]; | |
| typedef mcUuid_t mcUuidChild_t[MC_CONT_CHILDREN_COUNT]; | |
| /** Content management container states. | |
| */ | |
| typedef enum { | |
| /** Container state unregistered. */ | |
| MC_CONT_STATE_UNREGISTERED = 0, | |
| /** Container is registered. */ | |
| MC_CONT_STATE_REGISTERED = 1, | |
| /** Container is activated. */ | |
| MC_CONT_STATE_ACTIVATED = 2, | |
| /** Container is locked by root. */ | |
| MC_CONT_STATE_ROOT_LOCKED = 3, | |
| /** Container is locked by service provider. */ | |
| MC_CONT_STATE_SP_LOCKED = 4, | |
| /** Container is locked by root and service provider. */ | |
| MC_CONT_STATE_ROOT_SP_LOCKED = 5, | |
| /** Dummy: ensure that enum is 32 bits wide. */ | |
| MC_CONT_ATTRIB_SPACER = MC_ENUM_32BIT_SPACER | |
| } mcContainerState_t; | |
| /** Content management container attributes. | |
| */ | |
| typedef struct { | |
| mcContainerState_t state; | |
| } mcContainerAttribs_t; | |
| /** Container types. */ | |
| typedef enum { | |
| /** SOC container. */ | |
| CONT_TYPE_SOC = 0, | |
| /** Root container. */ | |
| CONT_TYPE_ROOT, | |
| /** Service provider container. */ | |
| CONT_TYPE_SP, | |
| /** Trustlet container. */ | |
| CONT_TYPE_TLCON, | |
| /** Service provider data. */ | |
| CONT_TYPE_SPDATA, | |
| /** Trustlet data. */ | |
| CONT_TYPE_TLDATA | |
| } contType_t; | |
| /** @defgroup MC_CONTAINER_CRYPTO_OBJECTS Container secrets. | |
| * Data that is stored encrypted within the container. | |
| * @{ */ | |
| /** SoC secret */ | |
| typedef struct { | |
| mcSymmetricKey_t kSocAuth; | |
| } mcCoSocCont_t; | |
| /** */ | |
| typedef struct { | |
| mcSymmetricKey_t kRootAuth; | |
| } mcCoRootCont_t; | |
| /** */ | |
| typedef struct { | |
| mcSymmetricKey_t kSpAuth; | |
| } mcCoSpCont_t; | |
| /** */ | |
| typedef struct { | |
| mcSymmetricKey_t kTl; | |
| } mcCoTltCont_t; | |
| /** */ | |
| typedef struct { | |
| uint8_t data[MC_DATA_CONT_MAX_DATA_SIZE]; | |
| } mcCoDataCont_t; | |
| /** */ | |
| typedef union { | |
| mcSpid_t spid; | |
| mcUuid_t uuid; | |
| } mcCid_t; | |
| /** @} */ | |
| /** @defgroup MC_CONTAINER_CONTAINER_OBJECTS Container definitions. | |
| * Container type definitions. | |
| * @{ */ | |
| /** SoC Container */ | |
| typedef struct { | |
| contType_t type; | |
| uint32_t version; | |
| mcContainerAttribs_t attribs; | |
| mcSuid_t suid; | |
| // Secrets. | |
| mcCoSocCont_t co; | |
| } mcSocCont_t; | |
| /** */ | |
| typedef struct { | |
| contType_t type; | |
| uint32_t version; | |
| mcContainerAttribs_t attribs; | |
| mcSuid_t suid; | |
| mcRootid_t rootid; | |
| spChild_t children; | |
| // Secrets. | |
| mcCoRootCont_t co; | |
| } mcRootCont_t; | |
| /** */ | |
| typedef struct { | |
| contType_t type; | |
| uint32_t version; | |
| mcContainerAttribs_t attribs; | |
| mcSpid_t spid; | |
| mcUuidChild_t children; | |
| // Secrets. | |
| mcCoSpCont_t co; | |
| } mcSpCont_t; | |
| /** */ | |
| typedef struct { | |
| contType_t type; | |
| uint32_t version; | |
| mcContainerAttribs_t attribs; | |
| mcSpid_t parent; | |
| mcUuid_t uuid; | |
| // Secrets. | |
| mcCoTltCont_t co; | |
| } mcTltCont_t; | |
| /** */ | |
| typedef struct { | |
| contType_t type; | |
| uint32_t version; | |
| mcUuid_t uuid; | |
| mcPid_t pid; | |
| // Secrets. | |
| mcCoDataCont_t co; | |
| } mcDataCont_t; | |
| /** @} */ | |
| /** Calculates the total size of the secure object hash and padding for a given | |
| * container. | |
| * @param contTotalSize Total size of the container (sum of plain and encrypted | |
| * parts). | |
| * @param contCoSize Size/length of the encrypted container part ("crypto | |
| * object"). | |
| * @return Total size of hash and padding for given container. | |
| */ | |
| #define SO_CONT_HASH_AND_PAD_SIZE(contTotalSize, contCoSize) ( \ | |
| MC_SO_SIZE((contTotalSize) - (contCoSize), (contCoSize)) \ | |
| - sizeof(mcSoHeader_t) \ | |
| - (contTotalSize) ) | |
| /** @defgroup MC_CONTAINER_SECURE_OBJECTS Containers in secure objects. | |
| * Secure objects wrapping different containers. | |
| * @{ */ | |
| /** Authentication token */ | |
| typedef struct { | |
| mcSoHeader_t soHeader; | |
| mcSocCont_t coSoc; | |
| uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSocCont_t), sizeof(mcCoSocCont_t))]; | |
| } mcSoAuthTokenCont_t; | |
| /** Root container */ | |
| typedef struct { | |
| mcSoHeader_t soHeader; | |
| mcRootCont_t cont; | |
| uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcRootCont_t), sizeof(mcCoRootCont_t))]; | |
| } mcSoRootCont_t; | |
| /** */ | |
| typedef struct { | |
| mcSoHeader_t soHeader; | |
| mcSpCont_t cont; | |
| uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSpCont_t), sizeof(mcCoSpCont_t))]; | |
| } mcSoSpCont_t; | |
| /** */ | |
| typedef struct { | |
| mcSoHeader_t soHeader; | |
| mcTltCont_t cont; | |
| uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcTltCont_t), sizeof(mcCoTltCont_t))]; | |
| } mcSoTltCont_t; | |
| /** */ | |
| typedef struct { | |
| mcSoHeader_t soHeader; | |
| mcDataCont_t cont; | |
| uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcDataCont_t), sizeof(mcCoDataCont_t))]; | |
| } mcSoDataCont_t; | |
| /** */ | |
| typedef struct { | |
| mcSoRootCont_t soRoot; | |
| mcSoSpCont_t soSp; | |
| mcSoTltCont_t soTlt; | |
| } mcSoContainerPath_t; | |
| /** @} */ | |
| #endif // MC_CONTAINER_H_ | |
| /** @} */ |