1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
21 #ifndef PKIX_INTERFACE_H
22 #define PKIX_INTERFACE_H
24 #include "cainterface.h"
26 #include "mbedtls/ssl.h"
34 * Pre-Definition for key context
36 // IoTivity service name for HW key context query
37 #define HWKEY_SVC_IOTIVITY "iotivity"
39 // Default usage name for HW key context query
40 #define HWKEY_USAGE_PRIMARY "primary"
44 * Callback function for HW
46 //this callback will be invoked to get key context based on key usage
47 typedef void* (*GetHwKeyContext)(const char* service, const char* usage, const char* keytype);
49 //this callback will free key context that was retreived from TZ
50 typedef int (*FreeHwKeyContext)(void* keyContext);
52 //this callback will be invoked to load own certificate in case of TZ
53 typedef int (*GetOwnCertFromHwCallback)(const void* keyContext, uint8_t** certChain, size_t* certChainLen);
55 //this callback will be invoked to load private key in case of TZ
56 typedef int (*SetupPkContextFromHwCallback)(mbedtls_pk_context* ctx, void* keyContext);
58 typedef struct HWPkixContext {
59 GetHwKeyContext getHwKeyContext;
60 FreeHwKeyContext freeHwKeyContext;
61 GetOwnCertFromHwCallback getOwnCertCb;
62 SetupPkContextFromHwCallback setupPkContextCb;
67 * API to seting callbacks which is requried to use H/W based PKI
69 * @param[in] getHwKeyContext callback to get hw key context
70 * @param[in] freeHwKeyContext callback to free hw key context
71 * @param[in] getOwnCertCb callback to load certificate chain
72 * @param[in] setupPkContextCb callback to setup PK context
76 int SetHwPkixCallbacks(GetHwKeyContext getHwKeyContext,
77 FreeHwKeyContext freeHwKeyContext,
78 GetOwnCertFromHwCallback getOwnCertCb,
79 SetupPkContextFromHwCallback setupPkContextCb);
82 * API to invoke the callback for setup PK context with H/W based PKI
84 * @param[in] pkCtx mbedtls's PK context
88 int SetupHwPkContext(mbedtls_pk_context* pkCtx);
91 * This method is used by mbedTLS/SRM to retrieve PKIX related info
93 * @param[out] inf structure with certificate, private key and crl to be filled.
96 void GetPkixInfo(PkiInfo_t * inf);
98 * This method is used by mbedTLS/SRM to retrieve manufacturer PKIX related info
100 * @param[out] inf structure with certificate, private key and crl to be filled.
103 void GetManufacturerPkixInfo(PkiInfo_t * inf);
106 * Used by CA to retrieve credential types
108 * @param[out] list TLS suites boolean map.
110 void InitCipherSuiteList(bool * list);
113 * Used by CA to retrieve manufacturer credential types
115 * @param[out] list TLS suites boolean map.
117 void InitManufacturerCipherSuiteList(bool * list);
122 #endif //PKIX_INTERFACE_H