mcContainer.h revision 4e9e8c9c0169b40318386436d762c3d73cf4c328 
1/** @addtogroup MC_CONTAINER mcContainer - Containers for MobiCore Content Management.
2 * @ingroup  MC_DATA_TYPES
3 * @{
4 *
5 * <!-- Copyright Giesecke & Devrient GmbH 2009-2012 -->
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote
16 *    products derived from this software without specific prior
17 *    written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
20 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
21 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
23 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
25 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
27 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
28 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31#ifndef MC_CONTAINER_H_
32#define MC_CONTAINER_H_
33
34#include <stdint.h>
35
36#include "mcRootid.h"
37#include "mcSpid.h"
38#include "mcUuid.h"
39#include "mcSo.h"
40#include "mcSuid.h"
41
42#define CONTAINER_VERSION_MAJOR   2
43#define CONTAINER_VERSION_MINOR   0
44
45#define MC_CONT_SYMMETRIC_KEY_SIZE      32
46#define MC_CONT_PUBLIC_KEY_SIZE         320
47#define MC_CONT_CHILDREN_COUNT          16
48#define MC_DATA_CONT_MAX_DATA_SIZE      2048
49#define MC_TLT_CODE_HASH_SIZE           32
50
51#define MC_BYTES_TO_WORDS(bytes)       ( (bytes) / sizeof(uint32_t) )
52#define MC_ENUM_32BIT_SPACER           ((int32_t)-1)
53
54typedef uint32_t mcContVersion_t;
55
56/** Personalization Data ID. */
57typedef struct {
58    uint32_t data;
59} mcPid_t;
60
61typedef struct {
62    uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_SYMMETRIC_KEY_SIZE)];
63} mcSymmetricKey_t;
64
65typedef struct {
66    uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_PUBLIC_KEY_SIZE)];
67} mcPublicKey_t;
68
69typedef mcSpid_t spChild_t[MC_CONT_CHILDREN_COUNT];
70
71typedef mcUuid_t mcUuidChild_t[MC_CONT_CHILDREN_COUNT];
72
73/** Content management container states.
74 */
75typedef enum {
76     /** Container state unregistered. */
77     MC_CONT_STATE_UNREGISTERED = 0,
78     /** Container is registered. */
79     MC_CONT_STATE_REGISTERED = 1,
80     /** Container  is activated. */
81     MC_CONT_STATE_ACTIVATED = 2,
82     /** Container is locked by root. */
83     MC_CONT_STATE_ROOT_LOCKED = 3,
84     /** Container is locked by service provider. */
85     MC_CONT_STATE_SP_LOCKED = 4,
86     /** Container is locked by root and service provider. */
87     MC_CONT_STATE_ROOT_SP_LOCKED = 5,
88     /** Dummy: ensure that enum is 32 bits wide. */
89     MC_CONT_ATTRIB_SPACER = MC_ENUM_32BIT_SPACER
90} mcContainerState_t;
91
92/** Content management container attributes.
93 */
94typedef struct {
95    mcContainerState_t state;
96} mcContainerAttribs_t;
97
98/** Container types. */
99typedef enum {
100    /** SOC container. */
101    CONT_TYPE_SOC = 0,
102    /** Root container. */
103    CONT_TYPE_ROOT,
104    /** Service provider container. */
105    CONT_TYPE_SP,
106    /** Trustlet container. */
107    CONT_TYPE_TLCON,
108    /** Service provider data. */
109    CONT_TYPE_SPDATA,
110    /** Trustlet data. */
111    CONT_TYPE_TLDATA
112} contType_t;
113
114
115/** @defgroup MC_CONTAINER_CRYPTO_OBJECTS Container secrets.
116 * Data that is stored encrypted within the container.
117 * @{ */
118
119/** SoC secret */
120typedef struct {
121    mcSymmetricKey_t kSocAuth;
122} mcCoSocCont_t;
123
124/** */
125typedef struct {
126    mcSymmetricKey_t kRootAuth;
127} mcCoRootCont_t;
128
129/** */
130typedef struct {
131    mcSymmetricKey_t kSpAuth;
132} mcCoSpCont_t;
133
134/** */
135typedef struct {
136    mcSymmetricKey_t kTl;
137} mcCoTltCont_t;
138
139/** */
140typedef struct {
141    uint8_t data[MC_DATA_CONT_MAX_DATA_SIZE];
142} mcCoDataCont_t;
143
144/** */
145typedef union {
146    mcSpid_t spid;
147    mcUuid_t uuid;
148} mcCid_t;
149
150/** @} */
151
152/** @defgroup MC_CONTAINER_CONTAINER_OBJECTS Container definitions.
153 * Container type definitions.
154 * @{ */
155
156/** SoC Container */
157typedef struct {
158    contType_t type;
159    uint32_t version;
160    mcContainerAttribs_t attribs;
161    mcSuid_t suid;
162    // Secrets.
163    mcCoSocCont_t co;
164} mcSocCont_t;
165
166/** */
167typedef struct {
168    contType_t type;
169    uint32_t version;
170    mcContainerAttribs_t attribs;
171    mcSuid_t suid;
172    mcRootid_t rootid;
173    spChild_t children;
174    // Secrets.
175    mcCoRootCont_t co;
176} mcRootCont_t;
177
178/** */
179typedef struct {
180    contType_t type;
181    uint32_t version;
182    mcContainerAttribs_t attribs;
183    mcSpid_t spid;
184    mcUuidChild_t children;
185    // Secrets.
186    mcCoSpCont_t co;
187} mcSpCont_t;
188
189/** */
190typedef struct {
191    contType_t type;
192    uint32_t version;
193    mcContainerAttribs_t attribs;
194    mcSpid_t parent;
195    mcUuid_t uuid;
196    // Secrets.
197    mcCoTltCont_t co;
198} mcTltCont_t;
199
200/** */
201typedef struct {
202    contType_t type;
203    uint32_t version;
204    mcUuid_t uuid;
205    mcPid_t pid;
206    // Secrets.
207    mcCoDataCont_t co;
208} mcDataCont_t;
209
210/** @} */
211
212/** Calculates the total size of the secure object hash and padding for a given
213 * container.
214 * @param contTotalSize Total size of the container (sum of plain and encrypted
215 * parts).
216 * @param contCoSize Size/length of the encrypted container part ("crypto
217 * object").
218 * @return Total size of hash and padding for given container.
219 */
220#define SO_CONT_HASH_AND_PAD_SIZE(contTotalSize, contCoSize) ( \
221    MC_SO_SIZE((contTotalSize) - (contCoSize), (contCoSize)) \
222        - sizeof(mcSoHeader_t) \
223        - (contTotalSize) )
224
225/** @defgroup MC_CONTAINER_SECURE_OBJECTS Containers in secure objects.
226 * Secure objects wrapping different containers.
227 * @{ */
228
229/** Authentication token */
230typedef struct {
231    mcSoHeader_t soHeader;
232    mcSocCont_t coSoc;
233    uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSocCont_t), sizeof(mcCoSocCont_t))];
234} mcSoAuthTokenCont_t;
235
236/** Root container */
237typedef struct {
238    mcSoHeader_t soHeader;
239    mcRootCont_t cont;
240    uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcRootCont_t), sizeof(mcCoRootCont_t))];
241} mcSoRootCont_t;
242
243/** */
244typedef struct {
245    mcSoHeader_t soHeader;
246    mcSpCont_t cont;
247    uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSpCont_t), sizeof(mcCoSpCont_t))];
248} mcSoSpCont_t;
249
250/** */
251typedef struct {
252    mcSoHeader_t soHeader;
253    mcTltCont_t cont;
254    uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcTltCont_t), sizeof(mcCoTltCont_t))];
255} mcSoTltCont_t;
256
257/** */
258typedef struct {
259    mcSoHeader_t soHeader;
260    mcDataCont_t cont;
261    uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcDataCont_t), sizeof(mcCoDataCont_t))];
262} mcSoDataCont_t;
263
264/** */
265typedef struct {
266    mcSoRootCont_t soRoot;
267    mcSoSpCont_t soSp;
268    mcSoTltCont_t soTlt;
269} mcSoContainerPath_t;
270
271/** @} */
272
273#endif // MC_CONTAINER_H_
274
275/** @} */
276