blob: cf549422e39da872d64993be944099ac62ba22a9 [file] [log] [blame] [edit]
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may not
// use this file except in compliance with the License. You may obtain a copy of
// the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
// License for the specific language governing permissions and limitations under
// the License.
#ifndef DICE_DICE_H_
#define DICE_DICE_H_
#include <stddef.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
#endif
#define DICE_CDI_SIZE 32
#define DICE_HASH_SIZE 64
#define DICE_HIDDEN_SIZE 64
#define DICE_INLINE_CONFIG_SIZE 64
#define DICE_PRIVATE_KEY_SEED_SIZE 32
#define DICE_ID_SIZE 20
typedef enum {
kDiceResultOk,
kDiceResultInvalidInput,
kDiceResultBufferTooSmall,
kDiceResultPlatformError,
} DiceResult;
typedef enum {
kDiceModeNotInitialized,
kDiceModeNormal,
kDiceModeDebug,
kDiceModeMaintenance,
} DiceMode;
typedef enum {
kDiceConfigTypeInline,
kDiceConfigTypeDescriptor,
} DiceConfigType;
// Contains a full set of input values describing the target program or system.
// See the Open Profile for DICE specification for a detailed explanation of
// these inputs.
//
// Fields:
// code_hash: A hash or similar representation of the target code.
// code_descriptor: An optional descriptor to be included in the certificate.
// This descriptor is opaque to the DICE flow and is included verbatim
// in the certificate with no validation. May be null.
// code_descriptor_size: The size in bytes of |code_descriptor|.
// config_type: Indicates how to interpret the remaining config-related
// fields. If the type is 'inline', then the 64 byte configuration input
// value must be provided in |config_value| and |config_descriptor| is
// ignored. If the type is 'descriptor', then |config_descriptor| is
// hashed to get the configuration input value and |config_value| is
// ignored.
// config_value: A 64-byte configuration input value when |config_type| is
// kDiceConfigTypeInline. Otherwise, this field is ignored.
// config_descriptor: A descriptor to be hashed for the configuration input
// value when |config_type| is kDiceConfigTypeDescriptor. Otherwise,
// this field is ignored and may be null.
// config_descriptor_size: The size in bytes of |config_descriptor|.
// authority_hash: A hash or similar representation of the authority used to
// verify the target code. If the code is not verified or the authority
// is implicit, for example hard coded as part of the code currently
// executing, then this value should be set to all zero bytes.
// authority_descriptor: An optional descriptor to be included in the
// certificate. This descriptor is opaque to the DICE flow and is
// included verbatim in the certificate with no validation. May be null.
// authority_descriptor_size: The size in bytes of |authority_descriptor|.
// mode: The current operating mode.
// hidden: Additional input which will not appear in certificates. If this is
// not used it should be set to all zero bytes.
typedef struct DiceInputValues_ {
uint8_t code_hash[DICE_HASH_SIZE];
const uint8_t* code_descriptor;
size_t code_descriptor_size;
DiceConfigType config_type;
uint8_t config_value[DICE_INLINE_CONFIG_SIZE];
const uint8_t* config_descriptor;
size_t config_descriptor_size;
uint8_t authority_hash[DICE_HASH_SIZE];
const uint8_t* authority_descriptor;
size_t authority_descriptor_size;
DiceMode mode;
uint8_t hidden[DICE_HIDDEN_SIZE];
} DiceInputValues;
// Derives a |cdi_private_key_seed| from a |cdi_attest| value. On success
// populates |cdi_private_key_seed| and returns kDiceResultOk.
DiceResult DiceDeriveCdiPrivateKeySeed(
void* context, const uint8_t cdi_attest[DICE_CDI_SIZE],
uint8_t cdi_private_key_seed[DICE_PRIVATE_KEY_SEED_SIZE]);
// Derives an |id| from a |cdi_public_key| value. Because public keys can vary
// in length depending on the algorithm, the |cdi_public_key_size| in bytes must
// be provided. When interpreted as an integer, |id| is big-endian. On success
// populates |id| and returns kDiceResultOk.
DiceResult DiceDeriveCdiCertificateId(void* context,
const uint8_t* cdi_public_key,
size_t cdi_public_key_size,
uint8_t id[DICE_ID_SIZE]);
// Executes the main DICE flow.
//
// Given a full set of input values and the current CDI values, computes the
// next CDI values and a matching certificate. See the Open Profile for DICE
// specification for a detailed explanation of this flow.
// In certain cases, the caller may not need to generate the CDI certificate.
// The caller should signal this by setting the certificate parameters to
// null/zero values appropriately.
//
// Parameters:
// context: Context provided by the caller that is opaque to this library
// but is passed through to the integration-provided operations in
// dice/ops.h. The value is, therefore, integration-specific and may be
// null.
// current_cdi_attest, current_cdi_seal: The current CDI values as produced
// by a previous DICE flow. If this is the first DICE flow in a system,
// the Unique Device Secret (UDS) should be used for both of these
// arguments.
// input_values: A set of input values describing the target program or
// system.
// next_cdi_certificate_buffer_size: The size in bytes of the buffer pointed
// to by the |next_cdi_certificate| argument. This should be set to zero
// if next CDI certificate should not be computed.
// next_cdi_certificate: On success, will be populated with the generated
// certificate, up to |next_cdi_certificate_buffer_size| in size. If the
// certificate cannot fit in the buffer, |next_cdi_certificate_size| is
// populated with the required size and kDiceResultBufferTooSmall is
// returned. This should be set to NULL if next CDI certificate should
// not be computed.
// next_cdi_certificate_actual_size: On success, will be populated with the
// size, in bytes, of the certificate data written to
// |next_cdi_certificate|. If kDiceResultBufferTooSmall is returned, will
// be populated with the required buffer size. This should be set to NULL
// if next CDI certificate should not be computed.
// next_cdi_attest: On success, will be populated with the next CDI value for
// attestation.
// next_cdi_seal: On success, will be populated with the next CDI value for
// sealing.
DiceResult DiceMainFlow(void* context,
const uint8_t current_cdi_attest[DICE_CDI_SIZE],
const uint8_t current_cdi_seal[DICE_CDI_SIZE],
const DiceInputValues* input_values,
size_t next_cdi_certificate_buffer_size,
uint8_t* next_cdi_certificate,
size_t* next_cdi_certificate_actual_size,
uint8_t next_cdi_attest[DICE_CDI_SIZE],
uint8_t next_cdi_seal[DICE_CDI_SIZE]);
#ifdef __cplusplus
} // extern "C"
#endif
#endif // DICE_DICE_H_