#ifndef _PEBBLE_INTERFACE_H_ #define _PEBBLE_INTERFACE_H_ #include "stdint.h" #define CERT_MAX_LEN 2500 #define CERTS_MAX_NUM 3 #define JWS_LEN 8192 #define PEBBLE_DRK_MAX_BUF_LEN 4096 #define SSS_KEY_MAX_LEN 32 #define SSS_SHARE_MAX_LEN SSS_KEY_MAX_LEN + 1 #define ATN_NONCE_MIN_LEN 8 #define ATN_NONCE_MAX_LEN 32 #define KEY_ALIAS_LEN 256 #define SK_MASTER_KEY_LEN 32 #define SK_SUBKEY_LEN 32 #define SK_KEY_MAX_LEN (SK_MASTER_KEY_LEN > SK_SUBKEY_LEN ? SK_MASTER_KEY_LEN : SK_SUBKEY_LEN) #define SK_WRAP_KEY_LEN 256 #define WRAPPING_AES_KEY_LEN 32 #define WRAPPING_AES_IV_LEN 12 #define WRAPPING_AES_AAD_LEN 54 #define WRAPPING_AES_TAG_LEN 16 #define WRAPPING_RSA_N_BYTES_LEN 256 // In RSA-2048, n's length is 256 bytes //#define WRAPPING_RSA_N_STR_LEN 617 // RSA-2048 has 617 decimal digits (2,048 bits) #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 #define MAX_BUDDIES 5 #define CHECKSUM_LEN 32 //SHA256_DIGEST_LENGTH #define JWE_JWS_MAX_SIZE 4096 #define KEY_METADATA_MAX_LEN 1024 #define SHARE_PAYLOAD_LEN SSS_SHARE_MAX_LEN + CHECKSUM_LEN * MAX_BUDDIES + 20 + KEY_METADATA_MAX_LEN #define CMD_LOAD_CERT 0x00000001 #define CMD_GEN_ATN_NONCE 0x00000002 #define CMD_GEN_MASTER_KEY 0x00000003 #define CMD_DERIVE_SUBKEY 0x00000004 #define CMD_GEN_BACKUP_REQ 0x00000005 #define CMD_GEN_BACKUP_ACK 0x00000006 #define CMD_GEN_RECOVERY_REQ 0x00000007 #define CMD_GEN_RECOVERY_ACK 0x00000008 #define CMD_HANDLE_RECOVERY_ACK 0x00000009 #define CMD_RECONSTRUCT_KEY 0x0000000A //#define CMD_SSS_SPLIT 0x00000101 //#define CMD_SSS_JOIN 0x00000102 //#define CMD_GET_DEVICE_ID 0x00000000 /* const char* allow_all = "eyJzZXJ2aWNlTmFtZSI6InRlc3QiLCJwcm90b2NvbFZlcnNpb24iOiIxLjEiLCJhbGciOiJSUzI1NiIsIng1YyI6Ii0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLU1JSURzekNDQXB1Z0F3SUJBZ0lVTy9LRFlQM2J6bC9zSFllWm5zTFZPQnJuNnQ0d0RRWUpLb1pJaHZjTkFRRUxCUUF3YVRFTE1Ba0dBMVVFQmhNQ1FsSXhDekFKQmdOVkJBZ01BbE5RTVJFd0R3WURWUVFIREFoRFlXMXdhVzVoY3pFUU1BNEdBMVVFQ2d3SFUyRnRjM1Z1WnpFVU1CSUdBMVVFQ3d3TFMyNXZlQ0JUZVhOMFpXMHhFakFRQmdOVkJBTU1DWFJsYzNRZ1kyVnlkREFlRncweE9UQTBNak15TURNeE16WmFGdzB4T1RBMU1qTXlNRE14TXpaYU1Ha3hDekFKQmdOVkJBWVRBa0pTTVFzd0NRWURWUVFJREFKVFVERVJNQThHQTFVRUJ3d0lRMkZ0Y0dsdVlYTXhFREFPQmdOVkJBb01CMU5oYlhOMWJtY3hGREFTQmdOVkJBc01DMHR1YjNnZ1UzbHpkR1Z0TVJJd0VBWURWUVFEREFsMFpYTjBJR05sY25Rd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURTL1FOU3IyZDhLNTVnM0w5MDM5SlFLZ3JWT2hFOUYxYmxOT3JjN0N6V2ZsY2JZaU16REFPcDE2VGhFQ0h4b0J2VGJ1eHVocHkrUnRlV1ptNklKOUZtYVY2NnF0OU1YdjJXR3BUa1MxdFEwV1F1RXgwQzMyNEFoMlJIemlXcUJNZUtyTnpPaFVReGJyWkgvRCtqemFFUkxjajRvZDZUQ0tRVHVwaC8rbVJETklRN1AyTmZZY29Pc0JadFRKNldMSTZnWWg3Z3l4M2RLNU16M1lwaHpWaFVmbDM4aHdQelh3UjJBdEZvei9iNHZITVdSMVluT1IrcWVTQ2ZwUE5JS3N4NlErdkhSMlByY1VzTis5UmFzWWhVRld3TXd0YmZWSlZQSDhCWnZIRFh6T2Mrc2xwSVd0ZVkvVkxPUmVRWkYrdkIxMnY5Q0J4L3Bpc3dScDJTaFpNdEFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCVGFsQXpjVFE5QUd2YkpWeVpxLzgzZkkwR0RFekFmQmdOVkhTTUVHREFXZ0JUYWxBemNUUTlBR3ZiSlZ5WnEvODNmSTBHREV6QVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQmwzaUR3Rm5QRnNmQTlUZCtqd0FSeGN5RFJEVkkyUTRzRnNPT0l1SzZWMmRZdkRyem9UYUpKTGphTWdUVzlxSDRlRWk4WlYybjA1dGw4T0w1L3AzTmd1cmt1OFJ6aFlnRFg2ME9ScVphK1NHT3d3c2lhdGJzeFdFV2dWSHZxTzNhTzRhVXlNbkhPYmdrVTNzbk0yUG9kTkVPMks0NlBSZzZlNGJHMTFiOVF0TE9FeWpKWFZvaU5FYStadFFtUHVXTEY2MHhQMGltemN6R0xGalc5aWhkc3pJeU9RQllaRmdZL0l4VFVCOWZDelNzcUg1Z2FkMkNJRDF6RjdtZ1l2dnJMOVlLVVJscURSSEdCSW5LMklDbCtRU3NqcHlVandua2lqZzNZY2FwbkYraDQzanpNOFFRd1I4M3o5NS96OVdxYVZ6V09QUGFRUlgwV2h0d2RMczg1LS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLSJ9.eyJkZXZpY2VJZCI6IjM1MTc1MTEwMTA1MTQzNCIsInBvbGljeVZlcnNpb24iOiIyMiIsImRldmljZUJsb2NrIjoiMDAwMDAwMDAifQ==.XgGYTdOkxHMtuAPc8HKteRXHUmmV5h1ibzGFl4VfiNqp2Yqq_81_-td9KGz6CVyom4HVCpmcIUY43iSPwI8wJFn1iI5MeccL-b67YLAIEpbWajBtsPTVKfKibDaA7HhDEeJL4lodiSZ7u5fKPkfPSRphut-URgtUTnTLMDXqsiJV6YnFi0pLuUQhRJ_1AqR2Eib_HVlP_TKLllz8VPUhpwrouBznFgsJRZiwyUWqTkbl4Vk5cV-zsLY3tkYwIZmhGgi6TGDQlpP6LZ10euq3StNPotiQTVVaRC-FzYRwKqABP_h3VZ9yETg8aFrKBuBtof_ttE3la_8JQRzKMIAcfw=="; const char* block_camera = "eyJzZXJ2aWNlTmFtZSI6InRlc3QiLCJwcm90b2NvbFZlcnNpb24iOiIxLjEiLCJhbGciOiJSUzI1NiIsIng1YyI6Ii0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLU1JSURzekNDQXB1Z0F3SUJBZ0lVTy9LRFlQM2J6bC9zSFllWm5zTFZPQnJuNnQ0d0RRWUpLb1pJaHZjTkFRRUxCUUF3YVRFTE1Ba0dBMVVFQmhNQ1FsSXhDekFKQmdOVkJBZ01BbE5RTVJFd0R3WURWUVFIREFoRFlXMXdhVzVoY3pFUU1BNEdBMVVFQ2d3SFUyRnRjM1Z1WnpFVU1CSUdBMVVFQ3d3TFMyNXZlQ0JUZVhOMFpXMHhFakFRQmdOVkJBTU1DWFJsYzNRZ1kyVnlkREFlRncweE9UQTBNak15TURNeE16WmFGdzB4T1RBMU1qTXlNRE14TXpaYU1Ha3hDekFKQmdOVkJBWVRBa0pTTVFzd0NRWURWUVFJREFKVFVERVJNQThHQTFVRUJ3d0lRMkZ0Y0dsdVlYTXhFREFPQmdOVkJBb01CMU5oYlhOMWJtY3hGREFTQmdOVkJBc01DMHR1YjNnZ1UzbHpkR1Z0TVJJd0VBWURWUVFEREFsMFpYTjBJR05sY25Rd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURTL1FOU3IyZDhLNTVnM0w5MDM5SlFLZ3JWT2hFOUYxYmxOT3JjN0N6V2ZsY2JZaU16REFPcDE2VGhFQ0h4b0J2VGJ1eHVocHkrUnRlV1ptNklKOUZtYVY2NnF0OU1YdjJXR3BUa1MxdFEwV1F1RXgwQzMyNEFoMlJIemlXcUJNZUtyTnpPaFVReGJyWkgvRCtqemFFUkxjajRvZDZUQ0tRVHVwaC8rbVJETklRN1AyTmZZY29Pc0JadFRKNldMSTZnWWg3Z3l4M2RLNU16M1lwaHpWaFVmbDM4aHdQelh3UjJBdEZvei9iNHZITVdSMVluT1IrcWVTQ2ZwUE5JS3N4NlErdkhSMlByY1VzTis5UmFzWWhVRld3TXd0YmZWSlZQSDhCWnZIRFh6T2Mrc2xwSVd0ZVkvVkxPUmVRWkYrdkIxMnY5Q0J4L3Bpc3dScDJTaFpNdEFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCVGFsQXpjVFE5QUd2YkpWeVpxLzgzZkkwR0RFekFmQmdOVkhTTUVHREFXZ0JUYWxBemNUUTlBR3ZiSlZ5WnEvODNmSTBHREV6QVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQmwzaUR3Rm5QRnNmQTlUZCtqd0FSeGN5RFJEVkkyUTRzRnNPT0l1SzZWMmRZdkRyem9UYUpKTGphTWdUVzlxSDRlRWk4WlYybjA1dGw4T0w1L3AzTmd1cmt1OFJ6aFlnRFg2ME9ScVphK1NHT3d3c2lhdGJzeFdFV2dWSHZxTzNhTzRhVXlNbkhPYmdrVTNzbk0yUG9kTkVPMks0NlBSZzZlNGJHMTFiOVF0TE9FeWpKWFZvaU5FYStadFFtUHVXTEY2MHhQMGltemN6R0xGalc5aWhkc3pJeU9RQllaRmdZL0l4VFVCOWZDelNzcUg1Z2FkMkNJRDF6RjdtZ1l2dnJMOVlLVVJscURSSEdCSW5LMklDbCtRU3NqcHlVandua2lqZzNZY2FwbkYraDQzanpNOFFRd1I4M3o5NS96OVdxYVZ6V09QUGFRUlgwV2h0d2RMczg1LS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLSJ9.eyJkZXZpY2VJZCI6IjM1MTc1MTEwMTA1MTQzNCIsInBvbGljeVZlcnNpb24iOiIyMyIsImRldmljZUJsb2NrIjoiMDAwMDAwMDEifQ==.UvlJw5eqYfsnD7GYC7umpoxGiLMHi4a6rSIZe3RxOfV7cces8GyHNi76u8TTeishYCJ0Ef_7JL6kP6uoG1SVqWcP6Xm0DB27TAY_tdzu4_RwfO-e-HwN8u0aVX9AXiH_HLlzWo_iSIMTLEAoPNLzceJrJ0O_VTg4ZWzRFh2NsBcb-wLk5nuFbD7WVVTtJ2Miw6DjnMgm9t7nvcru037wcjghfddE8vH-6EPbpshen5g20sHMQGzmsoyxUl2cR4PleJ1JjpEti5YNx2J_VfuJCU7GK91A8ulxsfq-tVgFBFcksxA_RhnO5hQfVPpZSYOltqjPwB5KRsE1h3ztYC3Dkw=="; */ const char* policies[2] = {"eyJzZXJ2aWNlTmFtZSI6InRlc3QiLCJwcm90b2NvbFZlcnNpb24iOiIxLjEiLCJhbGciOiJSUzI1NiIsIng1YyI6Ii0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLU1JSURzekNDQXB1Z0F3SUJBZ0lVTy9LRFlQM2J6bC9zSFllWm5zTFZPQnJuNnQ0d0RRWUpLb1pJaHZjTkFRRUxCUUF3YVRFTE1Ba0dBMVVFQmhNQ1FsSXhDekFKQmdOVkJBZ01BbE5RTVJFd0R3WURWUVFIREFoRFlXMXdhVzVoY3pFUU1BNEdBMVVFQ2d3SFUyRnRjM1Z1WnpFVU1CSUdBMVVFQ3d3TFMyNXZlQ0JUZVhOMFpXMHhFakFRQmdOVkJBTU1DWFJsYzNRZ1kyVnlkREFlRncweE9UQTBNak15TURNeE16WmFGdzB4T1RBMU1qTXlNRE14TXpaYU1Ha3hDekFKQmdOVkJBWVRBa0pTTVFzd0NRWURWUVFJREFKVFVERVJNQThHQTFVRUJ3d0lRMkZ0Y0dsdVlYTXhFREFPQmdOVkJBb01CMU5oYlhOMWJtY3hGREFTQmdOVkJBc01DMHR1YjNnZ1UzbHpkR1Z0TVJJd0VBWURWUVFEREFsMFpYTjBJR05sY25Rd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURTL1FOU3IyZDhLNTVnM0w5MDM5SlFLZ3JWT2hFOUYxYmxOT3JjN0N6V2ZsY2JZaU16REFPcDE2VGhFQ0h4b0J2VGJ1eHVocHkrUnRlV1ptNklKOUZtYVY2NnF0OU1YdjJXR3BUa1MxdFEwV1F1RXgwQzMyNEFoMlJIemlXcUJNZUtyTnpPaFVReGJyWkgvRCtqemFFUkxjajRvZDZUQ0tRVHVwaC8rbVJETklRN1AyTmZZY29Pc0JadFRKNldMSTZnWWg3Z3l4M2RLNU16M1lwaHpWaFVmbDM4aHdQelh3UjJBdEZvei9iNHZITVdSMVluT1IrcWVTQ2ZwUE5JS3N4NlErdkhSMlByY1VzTis5UmFzWWhVRld3TXd0YmZWSlZQSDhCWnZIRFh6T2Mrc2xwSVd0ZVkvVkxPUmVRWkYrdkIxMnY5Q0J4L3Bpc3dScDJTaFpNdEFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCVGFsQXpjVFE5QUd2YkpWeVpxLzgzZkkwR0RFekFmQmdOVkhTTUVHREFXZ0JUYWxBemNUUTlBR3ZiSlZ5WnEvODNmSTBHREV6QVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQmwzaUR3Rm5QRnNmQTlUZCtqd0FSeGN5RFJEVkkyUTRzRnNPT0l1SzZWMmRZdkRyem9UYUpKTGphTWdUVzlxSDRlRWk4WlYybjA1dGw4T0w1L3AzTmd1cmt1OFJ6aFlnRFg2ME9ScVphK1NHT3d3c2lhdGJzeFdFV2dWSHZxTzNhTzRhVXlNbkhPYmdrVTNzbk0yUG9kTkVPMks0NlBSZzZlNGJHMTFiOVF0TE9FeWpKWFZvaU5FYStadFFtUHVXTEY2MHhQMGltemN6R0xGalc5aWhkc3pJeU9RQllaRmdZL0l4VFVCOWZDelNzcUg1Z2FkMkNJRDF6RjdtZ1l2dnJMOVlLVVJscURSSEdCSW5LMklDbCtRU3NqcHlVandua2lqZzNZY2FwbkYraDQzanpNOFFRd1I4M3o5NS96OVdxYVZ6V09QUGFRUlgwV2h0d2RMczg1LS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLSJ9.eyJkZXZpY2VJZCI6IjM1MTc1MTEwMTA1MTQzNCIsInBvbGljeVZlcnNpb24iOiIyMiIsImRldmljZUJsb2NrIjoiMDAwMDAwMDAifQ==.XgGYTdOkxHMtuAPc8HKteRXHUmmV5h1ibzGFl4VfiNqp2Yqq_81_-td9KGz6CVyom4HVCpmcIUY43iSPwI8wJFn1iI5MeccL-b67YLAIEpbWajBtsPTVKfKibDaA7HhDEeJL4lodiSZ7u5fKPkfPSRphut-URgtUTnTLMDXqsiJV6YnFi0pLuUQhRJ_1AqR2Eib_HVlP_TKLllz8VPUhpwrouBznFgsJRZiwyUWqTkbl4Vk5cV-zsLY3tkYwIZmhGgi6TGDQlpP6LZ10euq3StNPotiQTVVaRC-FzYRwKqABP_h3VZ9yETg8aFrKBuBtof_ttE3la_8JQRzKMIAcfw==", "eyJzZXJ2aWNlTmFtZSI6InRlc3QiLCJwcm90b2NvbFZlcnNpb24iOiIxLjEiLCJhbGciOiJSUzI1NiIsIng1YyI6Ii0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLU1JSURzekNDQXB1Z0F3SUJBZ0lVTy9LRFlQM2J6bC9zSFllWm5zTFZPQnJuNnQ0d0RRWUpLb1pJaHZjTkFRRUxCUUF3YVRFTE1Ba0dBMVVFQmhNQ1FsSXhDekFKQmdOVkJBZ01BbE5RTVJFd0R3WURWUVFIREFoRFlXMXdhVzVoY3pFUU1BNEdBMVVFQ2d3SFUyRnRjM1Z1WnpFVU1CSUdBMVVFQ3d3TFMyNXZlQ0JUZVhOMFpXMHhFakFRQmdOVkJBTU1DWFJsYzNRZ1kyVnlkREFlRncweE9UQTBNak15TURNeE16WmFGdzB4T1RBMU1qTXlNRE14TXpaYU1Ha3hDekFKQmdOVkJBWVRBa0pTTVFzd0NRWURWUVFJREFKVFVERVJNQThHQTFVRUJ3d0lRMkZ0Y0dsdVlYTXhFREFPQmdOVkJBb01CMU5oYlhOMWJtY3hGREFTQmdOVkJBc01DMHR1YjNnZ1UzbHpkR1Z0TVJJd0VBWURWUVFEREFsMFpYTjBJR05sY25Rd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURTL1FOU3IyZDhLNTVnM0w5MDM5SlFLZ3JWT2hFOUYxYmxOT3JjN0N6V2ZsY2JZaU16REFPcDE2VGhFQ0h4b0J2VGJ1eHVocHkrUnRlV1ptNklKOUZtYVY2NnF0OU1YdjJXR3BUa1MxdFEwV1F1RXgwQzMyNEFoMlJIemlXcUJNZUtyTnpPaFVReGJyWkgvRCtqemFFUkxjajRvZDZUQ0tRVHVwaC8rbVJETklRN1AyTmZZY29Pc0JadFRKNldMSTZnWWg3Z3l4M2RLNU16M1lwaHpWaFVmbDM4aHdQelh3UjJBdEZvei9iNHZITVdSMVluT1IrcWVTQ2ZwUE5JS3N4NlErdkhSMlByY1VzTis5UmFzWWhVRld3TXd0YmZWSlZQSDhCWnZIRFh6T2Mrc2xwSVd0ZVkvVkxPUmVRWkYrdkIxMnY5Q0J4L3Bpc3dScDJTaFpNdEFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCVGFsQXpjVFE5QUd2YkpWeVpxLzgzZkkwR0RFekFmQmdOVkhTTUVHREFXZ0JUYWxBemNUUTlBR3ZiSlZ5WnEvODNmSTBHREV6QVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQmwzaUR3Rm5QRnNmQTlUZCtqd0FSeGN5RFJEVkkyUTRzRnNPT0l1SzZWMmRZdkRyem9UYUpKTGphTWdUVzlxSDRlRWk4WlYybjA1dGw4T0w1L3AzTmd1cmt1OFJ6aFlnRFg2ME9ScVphK1NHT3d3c2lhdGJzeFdFV2dWSHZxTzNhTzRhVXlNbkhPYmdrVTNzbk0yUG9kTkVPMks0NlBSZzZlNGJHMTFiOVF0TE9FeWpKWFZvaU5FYStadFFtUHVXTEY2MHhQMGltemN6R0xGalc5aWhkc3pJeU9RQllaRmdZL0l4VFVCOWZDelNzcUg1Z2FkMkNJRDF6RjdtZ1l2dnJMOVlLVVJscURSSEdCSW5LMklDbCtRU3NqcHlVandua2lqZzNZY2FwbkYraDQzanpNOFFRd1I4M3o5NS96OVdxYVZ6V09QUGFRUlgwV2h0d2RMczg1LS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLSJ9.eyJkZXZpY2VJZCI6IjM1MTc1MTEwMTA1MTQzNCIsInBvbGljeVZlcnNpb24iOiIyMyIsImRldmljZUJsb2NrIjoiMDAwMDAwMDEifQ==.UvlJw5eqYfsnD7GYC7umpoxGiLMHi4a6rSIZe3RxOfV7cces8GyHNi76u8TTeishYCJ0Ef_7JL6kP6uoG1SVqWcP6Xm0DB27TAY_tdzu4_RwfO-e-HwN8u0aVX9AXiH_HLlzWo_iSIMTLEAoPNLzceJrJ0O_VTg4ZWzRFh2NsBcb-wLk5nuFbD7WVVTtJ2Miw6DjnMgm9t7nvcru037wcjghfddE8vH-6EPbpshen5g20sHMQGzmsoyxUl2cR4PleJ1JjpEti5YNx2J_VfuJCU7GK91A8ulxsfq-tVgFBFcksxA_RhnO5hQfVPpZSYOltqjPwB5KRsE1h3ztYC3Dkw=="}; //eyJuYW1lIjoiUE9DIiwiYWxnIjoiUlMyNTYiLCJ2ZXJzaW9uIjoiMS4wIiwidHlwZSI6ImFwcGx5IiwieDVjIjoiLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tTUlJRHN6Q0NBcHVnQXdJQkFnSVVPL0tEWVAzYnpsL3NIWWVabnNMVk9Ccm42dDR3RFFZSktvWklodmNOQVFFTEJRQXdhVEVMTUFrR0ExVUVCaE1DUWxJeEN6QUpCZ05WQkFnTUFsTlFNUkV3RHdZRFZRUUhEQWhEWVcxd2FXNWhjekVRTUE0R0ExVUVDZ3dIVTJGdGMzVnVaekVVTUJJR0ExVUVDd3dMUzI1dmVDQlRlWE4wWlcweEVqQVFCZ05WQkFNTUNYUmxjM1FnWTJWeWREQWVGdzB4T1RBME1qTXlNRE14TXpaYUZ3MHhPVEExTWpNeU1ETXhNelphTUdreEN6QUpCZ05WQkFZVEFrSlNNUXN3Q1FZRFZRUUlEQUpUVURFUk1BOEdBMVVFQnd3SVEyRnRjR2x1WVhNeEVEQU9CZ05WQkFvTUIxTmhiWE4xYm1jeEZEQVNCZ05WQkFzTUMwdHViM2dnVTNsemRHVnRNUkl3RUFZRFZRUUREQWwwWlhOMElHTmxjblF3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRFMvUU5TcjJkOEs1NWczTDkwMzlKUUtnclZPaEU5RjFibE5PcmM3Q3pXZmxjYllpTXpEQU9wMTZUaEVDSHhvQnZUYnV4dWhweStSdGVXWm02SUo5Rm1hVjY2cXQ5TVh2MldHcFRrUzF0UTBXUXVFeDBDMzI0QWgyUkh6aVdxQk1lS3JOek9oVVF4YnJaSC9EK2p6YUVSTGNqNG9kNlRDS1FUdXBoLyttUkROSVE3UDJOZlljb09zQlp0VEo2V0xJNmdZaDdneXgzZEs1TXozWXBoelZoVWZsMzhod1B6WHdSMkF0Rm96L2I0dkhNV1IxWW5PUitxZVNDZnBQTklLc3g2USt2SFIyUHJjVXNOKzlSYXNZaFVGV3dNd3RiZlZKVlBIOEJadkhEWHpPYytzbHBJV3RlWS9WTE9SZVFaRit2QjEydjlDQngvcGlzd1JwMlNoWk10QWdNQkFBR2pVekJSTUIwR0ExVWREZ1FXQkJUYWxBemNUUTlBR3ZiSlZ5WnEvODNmSTBHREV6QWZCZ05WSFNNRUdEQVdnQlRhbEF6Y1RROUFHdmJKVnlacS84M2ZJMEdERXpBUEJnTlZIUk1CQWY4RUJUQURBUUgvTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCbDNpRHdGblBGc2ZBOVRkK2p3QVJ4Y3lEUkRWSTJRNHNGc09PSXVLNlYyZFl2RHJ6b1RhSkpMamFNZ1RXOXFINGVFaThaVjJuMDV0bDhPTDUvcDNOZ3Vya3U4UnpoWWdEWDYwT1JxWmErU0dPd3dzaWF0YnN4V0VXZ1ZIdnFPM2FPNGFVeU1uSE9iZ2tVM3NuTTJQb2RORU8ySzQ2UFJnNmU0YkcxMWI5UXRMT0V5akpYVm9pTkVhK1p0UW1QdVdMRjYweFAwaW16Y3pHTEZqVzlpaGRzekl5T1FCWVpGZ1kvSXhUVUI5ZkN6U3NxSDVnYWQyQ0lEMXpGN21nWXZ2ckw5WUtVUmxxRFJIR0JJbksySUNsK1FTc2pweVVqd25raWpnM1ljYXBuRitoNDNqek04UVF3Ujgzejk1L3o5V3FhVnpXT1BQYVFSWDBXaHR3ZExzODUtLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tIn0=.eyJibG9ja0RlZiI6IkZGRkZGRkZGIiwiZGV2aWNlQmxvY2siOiIwMDAwMDAwMSIsImFkcmVzc1JhbmdlcyI6W3sic2FkZHIiOiIweEFCQ0RFRjEyIiwicmFuZ2UiOiIweDEwMCJ9XX0=.QHueOou0a5dtoX_GpR2uYf34gZnmEe1yEhPN9rhZw6dz2Ok9wbxtgoIisGUtU5LINX0VBlXSp8FdA1y4fhab9IL0s2rxza7ihnTS_gsVPXXd-WiBHncJY32lVQ9yDyJt0cHKkF7LbYzwIJPufSPPurEHlYhODoqDYw3m-1ASxbMfV2JUbcAICRJDJBFpOAwIupe6cH-yGDzXtHd0P6jkvMcVsJjDXQymMhlZpyfYBHmgSMguVipPgA-JaFruyX1CeHTADhx2qr0dq50VAaad5G64qvznCuKORRad5-TySNSK6lNlPFU_UNBDHOQb6As19ieLjxVOT6GU1EV0ukNW6g== const char* sss_tests[4] = { "0123456789", "0123456789ABCDEF", "0123456789ABCDEFGHIJKLMN", "0123456789ABCDEFGHIJKLMNOPQRSTUV" }; uint8_t sss_shares_0[3][11] = { {0x06, 0x12, 0x31, 0x0d, 0x3e, 0x85, 0xcb, 0x46, 0x0b, 0x6f, 0x0b}, {0xe3, 0xf6, 0x31, 0x4a, 0xba, 0x9a, 0x66, 0xb3, 0xb3, 0x64, 0xc8}, {0xcd, 0x57, 0x31, 0x6a, 0xeb, 0x26, 0xfc, 0xb5, 0x84, 0xfa, 0xb9} }; uint8_t sss_shares_1[3][17] = { {0x93, 0xf2, 0x99, 0x82, 0x06, 0xe5, 0x17, 0x9e, 0x88, 0x8b, 0xc6, 0x83, 0x1b, 0xae, 0x5e, 0x79, 0x4d}, {0xe5, 0x9b, 0x51, 0x19, 0xdb, 0xc7, 0x14, 0x56, 0x9e, 0x39, 0x43, 0xea, 0x35, 0x8e, 0xca, 0x7b, 0x55}, {0xfe, 0x10, 0x77, 0x13, 0x00, 0x05, 0x7d, 0x70, 0x0a, 0xbb, 0xfe, 0x61, 0x48, 0x02, 0x16, 0x35, 0x30} }; uint8_t sss_shares_2[3][25] = { {0x4d, 0x4b, 0xeb, 0x9d, 0x86, 0x52, 0x1f, 0xb8, 0x80, 0x6a, 0x3b, 0x30, 0x26, 0xf0, 0xd6, 0x4f, 0x21, 0x9d, 0x49, 0xe8, 0x87, 0xe4, 0x69, 0xe3, 0x90}, {0x44, 0xbb, 0x0e, 0x4c, 0xb0, 0x27, 0x75, 0x89, 0x9a, 0xca, 0x17, 0x5c, 0x7f, 0xb2, 0x74, 0xd3, 0x42, 0x78, 0x5f, 0xfd, 0x7b, 0x35, 0xd1, 0x24, 0x2d}, {0x00, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e} }; uint8_t sss_shares_3[3][33] = { {0x59, 0x0b, 0x71, 0xe8, 0xa6, 0x10, 0x67, 0x3e, 0xd5, 0xee, 0xde, 0xb3, 0xdd, 0xac, 0x50, 0xc1, 0xd9, 0x73, 0x0e, 0x68, 0xcc, 0x21, 0x6d, 0x09, 0xe1, 0x7f, 0x49, 0x72, 0x6b, 0x26, 0x35, 0x43, 0xdb}, {0x45, 0x09, 0x56, 0xc3, 0x2c, 0xdb, 0xa8, 0x94, 0x85, 0x3a, 0x05, 0xac, 0x5a, 0xdd, 0x4a, 0xda, 0x5e, 0xf7, 0xdb, 0x28, 0x70, 0x95, 0x2d, 0x7b, 0xb7, 0xae, 0x72, 0x95, 0xce, 0x5b, 0x52, 0xfe, 0xb4}, {0x6f, 0x0e, 0xa1, 0x26, 0xec, 0x75, 0x08, 0x24, 0x5d, 0x37, 0x93, 0x0f, 0x06, 0xfb, 0x69, 0x77, 0x02, 0x22, 0x58, 0xc8, 0xf1, 0x08, 0xcd, 0xd4, 0x66, 0x23, 0xaf, 0x59, 0xe5, 0x6f, 0x45, 0xf1, 0xbf} }; uint8_t *aks_cert0 = (uint8_t *) "-----BEGIN CERTIFICATE-----\n"\ "MIIE+jCCA2KgAwIBAgIBATANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQFExAzZWYwNzU1NDFiMjM5Nzg2MB4XDTE2MDUyNjE2NTc0MVoXDTI2MDUyNDE2NTc0MVowHzEdMBsGA1UEAwwUQW5kcm9pZCBLZXlzdG9yZSBLZXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXPDtKypArgF4lkVrK4pGv/twX+XcuHUJSoCM2CwAKX5Pgy4IzTwh+dkSDmjQJ+EXcRsv3jHow+ZBOFT+eH6AVz9YFAUX0/H1bsyyFb4f8xbdJb2VgHZf1lZxDcEJzqFDyy+2SG2KrBX2Y+++hGCepzaRmb9FlcdOXsuGgxl+NzDgqnls+7p/7dxHIdfWXhdJXDFfa9w4rieQDYC3wsXvnJhmE68qqUJFAcQN3y4BoIWRjPfaDW8eXqg9b0XjTDwAagG0ZASyFmiKbLm6D8aXfyh9oG0wW9eq+N7hWvo9jQTc7hqGQ6bJOsHDYywEFCLsr+Z+sSbWxf0hSvcu90uRpAgMBAAGjggHDMIIBvzAfBgNVHSMEGDAWgBQhKC9B8N0yX5mHjjkkjXtbx9+wgzCCAUwGCisGAQQB1nkCAREEggE8MIIBOAIBAwoBAQIBBAoBAQQLaGVsbG8gd29ybGQEADBlv4U9CAIGAXOcDYLqv4VFVQRTMFExKzApBCRjb20uc2Ftc3VuZy5hbmRyb2lkLnNlY3JldGtlZXBlcnRlc3QCAQExIgQgmFMlSlxBHVLYEJoPBD2z2Z+VBllrD7Ointu6+2BwdAwwgbOhBTEDAgEFogMCAQGjBAICCACkBTEDAgEBpQUxAwIBBKYFMQMCAQK/gUgFAgMBAAG/g3cCBQC/hT4DAgEAv4VATDBKBCA5Fyg/0b+6HaeyWn/GlhS7WZl/iCaMAKjyc5PEyFrHrAEB/woBAAQgi0O9CxtKNK9U1BkzrxsrJJWjNwmxfoQaYZDE3e2GzTm/hUEFAgMBhqC/hUIFAgMDFRe/hU4GAgQBNDz9v4VPBgIEATQ8/TAgBgsrBgEEAYFsCwMXBwQRMA+gDRMLaGVsbG8gd29ybGQwCwYDVR0PBAQDAgUgMB0GA1UdDgQWBBST4mF4EQo8S5Avmvs3wxN8k9MLrzANBgkqhkiG9w0BAQsFAAOCAYEAILcQ6KIqQMHiGMRADGULg3xlKkggUbe81R/NlGY5/2X/wM6uA018aiZFfAoJ6CemuCSOYidnfCisqWj+l5X8b4VrVcievl5uhtv4VsqG8XmQSmXq4X0Aywpy8I92Chbc4A8ghASPPd/kTZeJllSCszrSy94sSwanumv2WGTUZMH3JkQfEQHEL0KPDNjm35gWbGUylHNOhthqtVjSVMP4+1ywkYcixRLsx4IPcq5wq2idJuvzinhgdsw2YmoERryiq1PXnRPc9WCOArEtFp48i/j59cjd2ubH3GHEDilA0+L8kEJErYszqOm1WKKlAa/WGujgjwUoOqbJEEv0dNgcprL1cNfRAjT8vjb03vvF7KDyqdJbpS5EYb1fxhhw5HAJ7tiV3LpaE01aIbNo8rQdH1TrWV9ZN60YNmqBAR1kZQq2poCx1GUuLX3l2r0VPNEutmYjoW11OvXEujToPwNGsRW1oXfqc2SwdjozQAS0XN4y1FdYJi0GgteEzT7Rm7Ha\n"\ "-----END CERTIFICATE-----"; uint8_t *aks_cert1 = (uint8_t *) "-----BEGIN CERTIFICATE-----\n"\ "MIIFGDCCAwCgAwIBAgIKCDiXQDhVVFR3iDANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQFExA1YjAzNTljY2E4ODc5Y2I1MB4XDTE2MDUyNjE2NTc0MVoXDTI2MDUyNDE2NTc0MVowGzEZMBcGA1UEBRMQM2VmMDc1NTQxYjIzOTc4NjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMAzsq3dZIT7bj42V9paNhJXyP5FSpgpX5ERavOe0aGhiG7S30dxzNwAqRJCg9bc1JdKMT4KfyM4U9PewMhWZEChW69gjFVf6r81uuKgGzyBa65/RI4kQHsxl2Tr1WZGe3ulDogBIUM/ezKsfRHrObP8xARHp64hI07VxKVZYPCBkZQomv33/GsR5vPMMkdqQVM59b7iBIViN/38ITrUZkYA4PP4fUW6z+/2Z0UVuDfBMGcmWKdeXC4mxzlRd76BNmEtlJ+zn6YmmVK+rSW0tNnU/X8q647pH2rZ9Do4O8ksb0RmqdWm2YpfLL+x8ZaL0LvvFp875Q7zt4XLDrvOV3rwThFTur5eFhfcgWEiNvvhRE6e1kYeU19JXAP4S7arl0lj6OqmedoyqfPqK1ymaqiearBnKVtYNtcDmEE5UK+5bBtg4+on5jRrprwe7mRc2ET2FE5p0n5lMSkCfZWUQd5nTV+8invt8yJnL4MkD3Sn5lbJ3EsWUTgNGBx5w21R5QIDAQABo4HdMIHaMB0GA1UdDgQWBBQhKC9B8N0yX5mHjjkkjXtbx9+wgzAfBgNVHSMEGDAWgBRkdqBZ1YRFXa5o2jjSEQcsqmE9ojAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAkBgNVHR4EHTAboBkwF4IVaW52YWxpZDtlbWFpbDppbnZhbGlkMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHBzOi8vYW5kcm9pZC5nb29nbGVhcGlzLmNvbS9hdHRlc3RhdGlvbi9jcmwvMDgzODk3NDAzODU1NTQ1NDc3ODgwDQYJKoZIhvcNAQELBQADggIBAHNRapYDv6tEakbjOadWj2khcjb7/h2cz30hYmR+r1ipik0WbExywX07K67jFesNVfmvbA16ZYe2WJI4VrVOhosRjZu88b3BinJkTcQtXeD7GBuHIYk8XRb/nXC9z3HB+NaHqzft+fRKiuyhOuUCvxhQb3JdwVqB3mmLvLEy6I1n6ohyyTrLHye1mRS+v5yNHAiqLp/lOBoLh4i1xrTw2ckKLdbG7FN5PDcHAi2f5Io78141KiMTdkGDYKuuxoVt7Tgl/RpSGSlGoBDGiROey5rczORCATwTcOfBVVvRpURmV0tcWf/7nqBRXG8YTSVnQTbR00Perr9pGvP2bGzUmMxKNZjJVM4G02Rt+Sx8iRdtSD2ZFFLOLjOyesZKdbt9rl3CWv4xrAMAx7pKS4H4mCago9X9zbtRBpu2RCnQ/i42p2NUcDtpwgiBEZdGZmtrISvMfY/SruOtCB69wJmKQBG66WldlwfhnGrkuxb4pwL7//Ohe5x7U7SCHy71gGVoRrgKgoV5WxUQJUY6OuUW7LoEv90dcxdek6dnBjQt8p/mY9mRtjKI078a3bHWUdWW/olzo3l/HVxUgfr6yLyv4Ddx8JIu3iWL73osGHbONpvrn7c3oaajAa0LP1yH36tlVigVSyTN4nyu3hp05yUK7agD5dFZAJLwkJ6RsLrkmiMQ\n"\ "-----END CERTIFICATE-----"; uint8_t *aks_cert2 = (uint8_t *) "-----BEGIN CERTIFICATE-----\n"\ "MIIFcTCCA1mgAwIBAgIKA4gmZ2BliZaFcjANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MB4XDTE2MDUyNjE2NDExMVoXDTI2MDUyNDE2NDExMVowGzEZMBcGA1UEBRMQNWIwMzU5Y2NhODg3OWNiNTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKQpnVM0Ms0TsKD99lxs+uvM6ZFYDuL5cOIOw/MC2vFRXhoUwJDGlNEgFj8RIHiz72nAdMh9qCnZxGy9YxePWHc3JGoTCjbRR/ztoUWm5ajyJCTEGdbHm8d6qhGyFV2GbDXNri1r55Bu/HJFavMeTanwibCXy3pee2NLzHUraryUKA5gv/qji9LzM+Bl+MBNmVcrF+Uyo1hSdp3qK5CfWnN5jUrLafOu7F95d7OnOJ9DdXNYqJj94TNp3sBfbCYmbzCVBV4YBgVuAGD6jWEkGa/a6aZudqjEghHeYlQEhUYuvbkVi4ce7OmJv0K9icX5Nn20pTpCe1tWT6y+Yrl2JEe7NJ5Q29f9nU6jkzm7/2ZxnpXA1+RyPr77/MqX1KigblZvJkFHXWaSNiLEWAVZi/dSNku/t/RGz9IZX6rJTz+Ajd28kWsO+HhzNZAkXwCTb4ltBenykeiiS7Obll3dfuubOV3G/egJzQG0GR9xY8s9GzfDe8OHXsKeBmXCGK8h0g7sjbHY86wrlmoUw9Z3ozhbQKGCV/eV6YQD/NwTyGFom5e2sBMy0fTloh+xVCQ4HxSaGSPDE9dA8rjf/GRLqL41O//o63HJ8Qm5ly6idnB8pN27V0ACAewlJnOLhFugGlwLFTmg6/P2dlvaViZ67c0Evf3bv5qqMJK5l4v1aDmdAgMBAAGjgbYwgbMwHQYDVR0OBBYEFGR2oFnVhEVdrmjaONIRByyqYT2iMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHBzOi8vYW5kcm9pZC5nb29nbGVhcGlzLmNvbS9hdHRlc3RhdGlvbi9jcmwvRThGQTE5NjMxNEQyRkExODANBgkqhkiG9w0BAQsFAAOCAgEAXivYRipVRq8tdLaEbp7fr0Du5wmh8nY+bI0KAe9ltKLwpXml2YcpIe/qw+yV7qg0IiQAkmMQJQp4drAEkDxw8WNINFXvnlDB32ruZP9HrFY6lxLSGYGH/qnOJJnTV/nFkZ+uEtnn7j6U/rrH4kh0mhyu58sN49FkHMfA4E8gGuDMRuVbFOWA5Ghqn65KFkU61u/X5d1gFFZiQApL6NMw8rCKCUbGbfOyH91I2OHWRnNXFVS0p5siXXPZzmaJ4PJuFgtzqCW6rvRS2FfRg3niiUR9vut38Oavn0wr/JiZLUsGyzdpJKzLJNfTAnGN5QLduYNuSYNZoBawlC5PZSwFqsf/VKNVYtwjog/v5o/zoZOfD2f9oWyJ7wxNPc9/cAVIgA+gW6/jZAXW9BoYZZ7SJ0DmsZP1L7hNIUZS8cluYuZ/3TdwqXgCV6CuZA6MLSWjCKJ5OxS2JAUf3VInUmszTwI9ULugMCPb9gYjlLp04t2HbMN+ky9Ath6/yH4XkGF6AtTLpWHnwW6L2kzZyJdY5cm5n0hfrdtejUyGDJnJKQSVSzldalAu8OVoCd5QcHpEkoR40zMH5zGXm6JgpRBuCi/JZ8WJNkqBAqWv+cHFXCwulE0E3nnevqMDsF2BVmGZz80BF7EXDwHuqMVcAbd22el3L9UP7oiOn2jJyhC5FAE=\n"\ "-----END CERTIFICATE-----"; uint8_t *aks_cert3 = (uint8_t *) "-----BEGIN CERTIFICATE-----\n"\ "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk\n"\ "-----END CERTIFICATE-----"; static const unsigned char master_key_wrapped_ta[] = {0x02, 0x00, 0x00, 0x00, 0xFD, 0xFC, 0xFB, 0xFA, 0x52, 0xA7, 0xA5, 0x63, 0x49, 0xAF, 0x80, 0xDE, 0xD3, 0x1C, 0xE7, 0x12, 0x90, 0x1B, 0x30, 0xFB, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x21, 0x09, 0x64, 0x89, 0xFA, 0x7A, 0x04, 0xDC, 0x80, 0x9B, 0x64, 0xCA, 0x22, 0x6F, 0xD1, 0x37, 0x43, 0xD4, 0x3A, 0x88, 0x94, 0xD8, 0xCD, 0xA3, 0x3C, 0xB0, 0x66, 0x7D, 0xAC, 0x72, 0x89, 0x2A, 0xA7, 0x32, 0x24, 0x97, 0xB2, 0x78, 0x9A, 0xC4, 0x05, 0x14, 0xB1, 0xB1, 0xCD, 0x88, 0x8E, 0x56, 0xFC, 0x6C, 0x77, 0x25, 0xBD, 0x5D, 0x99, 0xEA, 0xFF, 0x06, 0x25, 0x0A, 0xC8, 0xE1, 0xD6, 0xE3, 0x67, 0xC4, 0xE0, 0x92, 0x43, 0x9D, 0xF7, 0x97, 0xBD, 0xB8, 0x01, 0x84, 0x7F, 0x0A, 0x1B, 0x93}; static const unsigned char gcm_aad[] = { 0x30, 0x34, 0x02, 0x01, 0x03, 0x30, 0x2f, 0xa1, 0x08, 0x31, 0x06, 0x02, 0x01, 0x00, 0x02, 0x01, 0x01, 0xa2, 0x03, 0x02, 0x01, 0x20, 0xa3, 0x04, 0x02, 0x02, 0x01, 0x00, 0xa4, 0x08, 0x31, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x02, 0xa6, 0x08, 0x31, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x40, 0xbf, 0x83, 0x77, 0x02, 0x05, 0x00 }; static const char *subkey_alias = "subkey alias"; #define BUF_T(MAX_BUF_LEN) \ struct { \ uint32_t len; \ uint8_t buf[MAX_BUF_LEN]; \ } __attribute__ ((packed)) #define DECLARE_BUF_T(MAX_BUF_LEN) \ typedef struct { \ uint32_t len; \ uint8_t buf[MAX_BUF_LEN]; \ } __attribute__ ((packed)) typedef struct { uint32_t len; uint8_t blob[CERT_MAX_LEN]; } __attribute__ ((packed)) cert_t; /** * DRK certificates chain */ typedef struct{ cert_t cert[CERTS_MAX_NUM]; uint32_t num_certs; } __attribute__ ((packed)) cert_chain_t; /** * input of two_step_wrapping for importing a secret into Android KeyStore */ typedef struct { BUF_T(WRAPPING_AES_AAD_LEN) gcm_aad; cert_chain_t cert_chain; //certificate chain for AKS } __attribute__ ((packed)) two_step_wrap_input_t; /** * output of two_step_wrapping for importing a secret into Android KeyStore */ typedef struct { BUF_T(SK_KEY_MAX_LEN) secret_ct; // secret encrypted by AES GCM uint8_t gcm_iv[WRAPPING_AES_IV_LEN]; uint8_t gcm_tag[WRAPPING_AES_TAG_LEN]; BUF_T(WRAPPING_RSA_N_BYTES_LEN) wrapped_gcm_key; } __attribute__ ((packed)) two_step_wrap_output_t; typedef enum pebble_error_code { PEBBLE_STATUS_SUCCESS = 0, PEBBLE_STATUS_FAIL, PEBBLE_INVALID_JWS, PEBBLE_JWS_INVALID_FORMAT, PEBBLE_JWS_NULL, PEBBLE_JWS_INVALID_LENGTH, PEBBLE_INVALID_SIGNATURE, PEBBLE_INVALID_CERTCHAIN, PEBBLE_INVALID_CA, PEBBLE_INVALID_NONCE_LEN = 0x32, PEBBLE_GEN_NONCE_FAIL = 0x33, PEBBLE_WRAP_FAILED = 0x34, PEBBLE_ATN_NONCE_MISMATCH = 0x35, PEBBLE_GEN_CHECKSUM_FAIL = 0x36, }pebble_error_code_t; typedef struct tz_msg_header { /** First 4 bytes should always be id: either cmd_id or resp_id */ uint32_t id; uint32_t content_id; uint32_t len; uint32_t status; } __attribute__ ((packed)) tz_msg_header_t; typedef struct { uint32_t len; uint8_t data[JWS_LEN]; uint32_t policy_value; } __attribute__ ((packed)) tci_jws_message_t; /** * load cert cmd */ typedef struct { BUF_T(PEBBLE_DRK_MAX_BUF_LEN) wrapped_key; } __attribute__ ((packed)) load_cert_cmd_t; /** * load cert resp */ typedef struct { cert_chain_t cert_chain; } __attribute__ ((packed)) load_cert_resp_t; /** * generate attestation challenge cmd */ typedef struct { // uint32_t len; //requested nonce length ( 8 <= len <= 32) } __attribute__ ((packed)) gen_atn_nonce_cmd_t; /** * generate attestation challenge resp */ typedef struct { BUF_T(ATN_NONCE_MAX_LEN) nonce; } __attribute__ ((packed)) gen_atn_nonce_resp_t; /** * generate master key cmd. */ typedef struct { BUF_T(WRAPPING_AES_AAD_LEN) gcm_aad; cert_chain_t cert_chain; //certificate chain for AKS } __attribute__ ((packed)) gen_master_key_cmd_t; /** * generate master key resp */ typedef struct { BUF_T(SK_WRAP_KEY_LEN) master_key_wrapped_ta;//TODO: size should be bigger than original size BUF_T(SK_WRAP_KEY_LEN) secret_ct; // secret encrypted by AES GCM uint8_t gcm_iv[WRAPPING_AES_IV_LEN]; uint8_t gcm_tag[WRAPPING_AES_TAG_LEN]; BUF_T(WRAPPING_RSA_N_BYTES_LEN) wrapped_gcm_key; } __attribute__ ((packed)) gen_master_key_resp_t; /** * derive subkey cmd */ typedef struct { BUF_T(SK_WRAP_KEY_LEN) master_key_wrapped_ta; BUF_T(KEY_ALIAS_LEN) alias; BUF_T(WRAPPING_AES_AAD_LEN) gcm_aad; cert_chain_t cert_chain; //certificate chain for AKS } __attribute__ ((packed)) derive_subkey_cmd_t; /** * derive subkey resp */ typedef struct { BUF_T(SK_WRAP_KEY_LEN) secret_ct; // secret encrypted by AES GCM uint8_t gcm_iv[WRAPPING_AES_IV_LEN]; uint8_t gcm_tag[WRAPPING_AES_TAG_LEN]; BUF_T(WRAPPING_RSA_N_BYTES_LEN) wrapped_gcm_key; } __attribute__ ((packed)) derive_subkey_resp_t; #if 0 /** * SSS split cmd */ typedef struct { uint32_t len; uint8_t data[SSS_KEY_MAX_LEN]; uint8_t k; uint8_t n; } __attribute__ ((packed)) split_cmd_t; /** * SSS aplit resp */ typedef struct { uint32_t count; uint32_t len; uint8_t data0[SSS_SHARE_MAX_LEN]; uint8_t data1[SSS_SHARE_MAX_LEN]; uint8_t data2[SSS_SHARE_MAX_LEN]; } __attribute__ ((packed)) split_resp_t; /** * SSS join cmd */ typedef struct { uint32_t count; uint32_t len; uint8_t data0[SSS_SHARE_MAX_LEN]; uint8_t data1[SSS_SHARE_MAX_LEN]; uint8_t data2[SSS_SHARE_MAX_LEN]; } __attribute__ ((packed)) join_cmd_t; /** * SSS join resp */ typedef struct { uint32_t len; uint8_t data[SSS_KEY_MAX_LEN]; } __attribute__ ((packed)) join_resp_t; #endif /** * gen backup request cmd */ typedef struct{ BUF_T(SK_WRAP_KEY_LEN) wrapped_master_key; cert_chain_t buddies_cert_chains[MAX_BUDDIES]; uint32_t n; // ensure n <= MAX_BUDDIES uint32_t k; char metadata[KEY_METADATA_MAX_LEN]; } __attribute__ ((packed)) gen_backup_req_cmd_t; /** * gen backup request resp */ typedef struct{ char backup_reqs_jws[MAX_BUDDIES][JWE_JWS_MAX_SIZE]; uint32_t n; // actual number of buddies/shares } __attribute__ ((packed)) gen_backup_req_resp_t; /** * handle_backup_req_and_gen_backup_ack cmd */ typedef struct{ char backup_req_jws[JWE_JWS_MAX_SIZE]; cert_chain_t buddy_cert_chain; } __attribute__ ((packed)) gen_backup_ack_cmd_t; /** * handle_backup_req_and_gen_backup_ack resp */ typedef struct{ char backup_ack_jws[JWE_JWS_MAX_SIZE]; BUF_T(SK_WRAP_KEY_LEN) wrapped_share; uint8_t n; uint8_t i; BUF_T(MAX_BUDDIES * CHECKSUM_LEN) checksums; char metadata[KEY_METADATA_MAX_LEN]; } __attribute__ ((packed)) gen_backup_ack_resp_t; /** * gen_recovery_req cmd */ typedef struct{ char key_alias[KEY_ALIAS_LEN]; } __attribute__ ((packed)) gen_recovery_req_cmd_t; /** * gen_recovery_req resp */ typedef struct{ char recovery_req_jws[JWE_JWS_MAX_SIZE]; } __attribute__ ((packed)) gen_recovery_req_resp_t; /** * handle_recovery_req_and_gen_recovery_ack cmd */ typedef struct{ char recovery_req_jws[JWE_JWS_MAX_SIZE]; BUF_T(SK_WRAP_KEY_LEN) wrapped_share; uint8_t n; uint8_t i; BUF_T(MAX_BUDDIES * CHECKSUM_LEN) checksums; char metadata[KEY_METADATA_MAX_LEN]; cert_chain_t buddy_cert_chain; } __attribute__ ((packed)) gen_recovery_ack_cmd_t; /** * handle_recovery_req_and_gen_recovery_ack resp */ typedef struct{ char recovery_ack_jws[JWE_JWS_MAX_SIZE]; } __attribute__ ((packed)) gen_recovery_ack_resp_t; /** * handle_recovery_ack cmd */ typedef struct{ char recovery_ack_jws[JWE_JWS_MAX_SIZE]; cert_chain_t buddy_cert_chain; } __attribute__ ((packed)) handle_recovery_ack_cmd_t; /** * handle_recovery_ack resp */ typedef struct{ BUF_T(SK_WRAP_KEY_LEN) wrapped_share; uint8_t n; uint8_t i; BUF_T(MAX_BUDDIES * CHECKSUM_LEN) checksums; char metadata[KEY_METADATA_MAX_LEN]; } __attribute__ ((packed)) handle_recovery_ack_resp_t; /** * reconstruct_key cmd */ typedef struct{ uint8_t wrapped_shares[MAX_BUDDIES][SK_WRAP_KEY_LEN]; uint8_t k; // actual number of shares in wrapped_shares uint32_t wshare_len; // actual len gen_master_key_cmd_t master_key_req; } __attribute__ ((packed)) reconstruct_key_cmd_t; /** * reconstruct_key resp */ typedef struct{ gen_master_key_resp_t master_key_resp; } __attribute__ ((packed)) reconstruct_key_resp_t; typedef union { load_cert_cmd_t load_cert_cmd; load_cert_resp_t load_cert_resp; gen_atn_nonce_cmd_t gen_atn_nonce_cmd; gen_atn_nonce_resp_t gen_atn_nonce_resp; gen_master_key_cmd_t gen_master_key_cmd; gen_master_key_resp_t gen_master_key_resp; derive_subkey_cmd_t derive_subkey_cmd; derive_subkey_resp_t derive_subkey_resp; // split_cmd_t split_cmd; // split_resp_t split_resp; // // join_cmd_t join_cmd; // join_resp_t join_resp; gen_backup_req_cmd_t gen_backup_req_cmd; gen_backup_req_resp_t gen_backup_req_resp; gen_backup_ack_cmd_t gen_backup_ack_cmd; gen_backup_ack_resp_t gen_backup_ack_resp; gen_recovery_req_cmd_t gen_recovery_req_cmd; gen_recovery_req_resp_t gen_recovery_req_resp; gen_recovery_ack_cmd_t gen_recovery_ack_cmd; gen_recovery_ack_resp_t gen_recovery_ack_resp; handle_recovery_ack_cmd_t handle_recovery_ack_cmd; handle_recovery_ack_resp_t handle_recovery_ack_resp; reconstruct_key_cmd_t reconstruct_key_cmd; reconstruct_key_resp_t reconstruct_key_resp; // tci_jws_message_t jws_message; } __attribute__ ((packed)) payload_t; typedef struct { tz_msg_header_t header; payload_t payload; } __attribute__ ((packed)) tciMessage_t; #endif /* _PEBBLE_INTERFACE_H_ */