mcContainer.h revision 4e9e8c9c0169b40318386436d762c3d73cf4c328
1/** @addtogroup MC_CONTAINER mcContainer - Containers for MobiCore Content Management. 2 * @ingroup MC_DATA_TYPES 3 * @{ 4 * 5 * <!-- Copyright Giesecke & Devrient GmbH 2009-2012 --> 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. The name of the author may not be used to endorse or promote 16 * products derived from this software without specific prior 17 * written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS 20 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 21 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 23 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 25 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 28 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 29 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 */ 31#ifndef MC_CONTAINER_H_ 32#define MC_CONTAINER_H_ 33 34#include <stdint.h> 35 36#include "mcRootid.h" 37#include "mcSpid.h" 38#include "mcUuid.h" 39#include "mcSo.h" 40#include "mcSuid.h" 41 42#define CONTAINER_VERSION_MAJOR 2 43#define CONTAINER_VERSION_MINOR 0 44 45#define MC_CONT_SYMMETRIC_KEY_SIZE 32 46#define MC_CONT_PUBLIC_KEY_SIZE 320 47#define MC_CONT_CHILDREN_COUNT 16 48#define MC_DATA_CONT_MAX_DATA_SIZE 2048 49#define MC_TLT_CODE_HASH_SIZE 32 50 51#define MC_BYTES_TO_WORDS(bytes) ( (bytes) / sizeof(uint32_t) ) 52#define MC_ENUM_32BIT_SPACER ((int32_t)-1) 53 54typedef uint32_t mcContVersion_t; 55 56/** Personalization Data ID. */ 57typedef struct { 58 uint32_t data; 59} mcPid_t; 60 61typedef struct { 62 uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_SYMMETRIC_KEY_SIZE)]; 63} mcSymmetricKey_t; 64 65typedef struct { 66 uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_PUBLIC_KEY_SIZE)]; 67} mcPublicKey_t; 68 69typedef mcSpid_t spChild_t[MC_CONT_CHILDREN_COUNT]; 70 71typedef mcUuid_t mcUuidChild_t[MC_CONT_CHILDREN_COUNT]; 72 73/** Content management container states. 74 */ 75typedef enum { 76 /** Container state unregistered. */ 77 MC_CONT_STATE_UNREGISTERED = 0, 78 /** Container is registered. */ 79 MC_CONT_STATE_REGISTERED = 1, 80 /** Container is activated. */ 81 MC_CONT_STATE_ACTIVATED = 2, 82 /** Container is locked by root. */ 83 MC_CONT_STATE_ROOT_LOCKED = 3, 84 /** Container is locked by service provider. */ 85 MC_CONT_STATE_SP_LOCKED = 4, 86 /** Container is locked by root and service provider. */ 87 MC_CONT_STATE_ROOT_SP_LOCKED = 5, 88 /** Dummy: ensure that enum is 32 bits wide. */ 89 MC_CONT_ATTRIB_SPACER = MC_ENUM_32BIT_SPACER 90} mcContainerState_t; 91 92/** Content management container attributes. 93 */ 94typedef struct { 95 mcContainerState_t state; 96} mcContainerAttribs_t; 97 98/** Container types. */ 99typedef enum { 100 /** SOC container. */ 101 CONT_TYPE_SOC = 0, 102 /** Root container. */ 103 CONT_TYPE_ROOT, 104 /** Service provider container. */ 105 CONT_TYPE_SP, 106 /** Trustlet container. */ 107 CONT_TYPE_TLCON, 108 /** Service provider data. */ 109 CONT_TYPE_SPDATA, 110 /** Trustlet data. */ 111 CONT_TYPE_TLDATA 112} contType_t; 113 114 115/** @defgroup MC_CONTAINER_CRYPTO_OBJECTS Container secrets. 116 * Data that is stored encrypted within the container. 117 * @{ */ 118 119/** SoC secret */ 120typedef struct { 121 mcSymmetricKey_t kSocAuth; 122} mcCoSocCont_t; 123 124/** */ 125typedef struct { 126 mcSymmetricKey_t kRootAuth; 127} mcCoRootCont_t; 128 129/** */ 130typedef struct { 131 mcSymmetricKey_t kSpAuth; 132} mcCoSpCont_t; 133 134/** */ 135typedef struct { 136 mcSymmetricKey_t kTl; 137} mcCoTltCont_t; 138 139/** */ 140typedef struct { 141 uint8_t data[MC_DATA_CONT_MAX_DATA_SIZE]; 142} mcCoDataCont_t; 143 144/** */ 145typedef union { 146 mcSpid_t spid; 147 mcUuid_t uuid; 148} mcCid_t; 149 150/** @} */ 151 152/** @defgroup MC_CONTAINER_CONTAINER_OBJECTS Container definitions. 153 * Container type definitions. 154 * @{ */ 155 156/** SoC Container */ 157typedef struct { 158 contType_t type; 159 uint32_t version; 160 mcContainerAttribs_t attribs; 161 mcSuid_t suid; 162 // Secrets. 163 mcCoSocCont_t co; 164} mcSocCont_t; 165 166/** */ 167typedef struct { 168 contType_t type; 169 uint32_t version; 170 mcContainerAttribs_t attribs; 171 mcSuid_t suid; 172 mcRootid_t rootid; 173 spChild_t children; 174 // Secrets. 175 mcCoRootCont_t co; 176} mcRootCont_t; 177 178/** */ 179typedef struct { 180 contType_t type; 181 uint32_t version; 182 mcContainerAttribs_t attribs; 183 mcSpid_t spid; 184 mcUuidChild_t children; 185 // Secrets. 186 mcCoSpCont_t co; 187} mcSpCont_t; 188 189/** */ 190typedef struct { 191 contType_t type; 192 uint32_t version; 193 mcContainerAttribs_t attribs; 194 mcSpid_t parent; 195 mcUuid_t uuid; 196 // Secrets. 197 mcCoTltCont_t co; 198} mcTltCont_t; 199 200/** */ 201typedef struct { 202 contType_t type; 203 uint32_t version; 204 mcUuid_t uuid; 205 mcPid_t pid; 206 // Secrets. 207 mcCoDataCont_t co; 208} mcDataCont_t; 209 210/** @} */ 211 212/** Calculates the total size of the secure object hash and padding for a given 213 * container. 214 * @param contTotalSize Total size of the container (sum of plain and encrypted 215 * parts). 216 * @param contCoSize Size/length of the encrypted container part ("crypto 217 * object"). 218 * @return Total size of hash and padding for given container. 219 */ 220#define SO_CONT_HASH_AND_PAD_SIZE(contTotalSize, contCoSize) ( \ 221 MC_SO_SIZE((contTotalSize) - (contCoSize), (contCoSize)) \ 222 - sizeof(mcSoHeader_t) \ 223 - (contTotalSize) ) 224 225/** @defgroup MC_CONTAINER_SECURE_OBJECTS Containers in secure objects. 226 * Secure objects wrapping different containers. 227 * @{ */ 228 229/** Authentication token */ 230typedef struct { 231 mcSoHeader_t soHeader; 232 mcSocCont_t coSoc; 233 uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSocCont_t), sizeof(mcCoSocCont_t))]; 234} mcSoAuthTokenCont_t; 235 236/** Root container */ 237typedef struct { 238 mcSoHeader_t soHeader; 239 mcRootCont_t cont; 240 uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcRootCont_t), sizeof(mcCoRootCont_t))]; 241} mcSoRootCont_t; 242 243/** */ 244typedef struct { 245 mcSoHeader_t soHeader; 246 mcSpCont_t cont; 247 uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSpCont_t), sizeof(mcCoSpCont_t))]; 248} mcSoSpCont_t; 249 250/** */ 251typedef struct { 252 mcSoHeader_t soHeader; 253 mcTltCont_t cont; 254 uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcTltCont_t), sizeof(mcCoTltCont_t))]; 255} mcSoTltCont_t; 256 257/** */ 258typedef struct { 259 mcSoHeader_t soHeader; 260 mcDataCont_t cont; 261 uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcDataCont_t), sizeof(mcCoDataCont_t))]; 262} mcSoDataCont_t; 263 264/** */ 265typedef struct { 266 mcSoRootCont_t soRoot; 267 mcSoSpCont_t soSp; 268 mcSoTltCont_t soTlt; 269} mcSoContainerPath_t; 270 271/** @} */ 272 273#endif // MC_CONTAINER_H_ 274 275/** @} */ 276