SDCP Claim

SDCP Claim

Functions

GType fpi_sdcp_claim_get_type ()
FpiSdcpClaim * fpi_sdcp_claim_new ()
FpiSdcpClaim * fpi_sdcp_claim_copy ()
void fpi_sdcp_claim_free ()
GBytes * fpi_sdcp_claim_hash ()

Types and Values

struct FpiSdcpClaim

Description

Functions

fpi_sdcp_claim_get_type ()

GType
fpi_sdcp_claim_get_type (void);

fpi_sdcp_claim_new ()

FpiSdcpClaim *
fpi_sdcp_claim_new (void);

Create an empty FpiSdcpClaim to provide to the base class.

Returns

A newly created FpiSdcpClaim.

[transfer full]

fpi_sdcp_claim_copy ()

FpiSdcpClaim *
fpi_sdcp_claim_copy (FpiSdcpClaim *other);

Create a (shallow) copy of a FpiSdcpClaim.

Parameters

other

The FpiSdcpClaim to copy

  

Returns

A newly created FpiSdcpClaim.

[transfer full]

fpi_sdcp_claim_free ()

void
fpi_sdcp_claim_free (FpiSdcpClaim *claim);

Release the memory used by an FpiSdcpClaim.

Parameters

claim

a FpiSdcpClaim

  

fpi_sdcp_claim_hash ()

GBytes *
fpi_sdcp_claim_hash (FpiSdcpClaim *claim,
                     GError **error);

Computes SHA256 over the claim fields (model_certificate || device_public_key || firmware_public_key || firmware_hash || model_signature || device_signature).

Parameters

claim

The FpiSdcpClaim to hash

  

error

GError in case the return value is NULL.

[out]

Returns

A new GBytes with the SHA256 hash

Types and Values

struct FpiSdcpClaim

struct FpiSdcpClaim {
  const char *master_secret_label;
  const char *application_keys_label;
  const char *connect_label;
  const char *reconnect_label;
  const char *enroll_label;
  const char *identify_label;
  const char *sample_label;

  GBytes     *model_certificate;   /* cert_m */
  GBytes     *device_public_key;   /* pk_d   */
  GBytes     *firmware_public_key; /* pk_f   */
  GBytes     *firmware_hash;       /* h_f    */
  GBytes     *model_signature;     /* s_m    */
  GBytes     *device_signature;    /* s_d    */
};

Structure to hold the claim as produced by the device during a secure connect. See the SDCP specification for more details.

Note all of these may simply be memory views into a larger GBytes created using g_bytes_new_from_bytes().

Members

const char *master_secret_label;

HMAC label for master secret derivation, or NULL to use FPI_SDCP_DEFAULT_LABEL_MASTER_SECRET

  

const char *application_keys_label;

HMAC label for application keys derivation, or NULL to use FPI_SDCP_DEFAULT_LABEL_APPLICATION_KEYS

  

const char *connect_label;

HMAC label for connect operations, or NULL to use FPI_SDCP_DEFAULT_LABEL_CONNECT

  

const char *reconnect_label;

HMAC label for reconnect operations, or NULL to use FPI_SDCP_DEFAULT_LABEL_RECONNECT

  

const char *enroll_label;

HMAC label for enroll operations, or NULL to use FPI_SDCP_DEFAULT_LABEL_ENROLL

  

const char *identify_label;

HMAC label for identify operations, or NULL to use FPI_SDCP_DEFAULT_LABEL_IDENTIFY

  

const char *sample_label;

HMAC label for sample operations, or NULL to use FPI_SDCP_DEFAULT_LABEL_SAMPLE

  

GBytes *model_certificate;

Microsoft-issued per-model certificate encoded in x509 ASN.1 DER format (cert_m)

  

GBytes *device_public_key;

The per-device ECDSA public key (pk_d)

  

GBytes *firmware_public_key;

The ephemeral public key generated by the device firmware (pk_f)

  

GBytes *firmware_hash;

Hash of the firmware and firmware public key (h_f)

  

GBytes *model_signature;

Device public key signed by the model key (s_m)

  

GBytes *device_signature;

Firmware hash and public key signed by the device private key (s_d)

  
Generated by GTK-Doc V1.35.1