/* * ===================================================================================== * * Filename: pebble_x509.h * * Description: PEBBLE definitions for x509 certificates manipulation * * Version: 1.0 * Created: 06/03/2020 * Revision: none * Compiler: gcc * * Company: Samsung Electronics * Copyright (c) 2020 by Samsung Electronics, All rights reserved. * * ===================================================================================== */ #ifndef _PEBBLE_x509_H_ #define _PEBBLE_x509_H_ /** * PEBBLE includes */ #include "tz_pebble_interface.h" #include "pebble_defs.h" #include "pebble_drk.h" #include "base64.h" #include "pebble_utils.h" #include "pebble_core.h" /** * External includes */ #include #include #include #include #include #include #include /** * @brief * verify_cert_chain * Validates x509 certificates chain * * @param[in] cert_chain - certificates chain * @param[in] leaf_first - first cert is leaf cert * @param[in] key - envelopped key * * @return PEBBLE status code */ pebble_return_code_t verify_cert_chain(cert_chain_t cert_chain, bool leaf_first, EVP_PKEY **pkey); /** * @brief * verify_aks_cert_chain * Validates x509 certificates chain with AKS anchor * * @param[in] cert_chain - certificates chain * @param[in/out] pkey - envelopped key * @param[in] nonce - attestation challenge to check with cert 0 extension * @param[in] nonce_len - challenge length * * @return PEBBLE status code */ pebble_return_code_t verify_aks_cert_chain(cert_chain_t cert_chain, EVP_PKEY **pkey, uint8_t *nonce, uint32_t nonce_len); /** * @brief * convert_der_to_b64 * Convert der certificates to PEM. * * @param[in] cert_chain - array of certificates to be converted * @param[in] num_certs - the number of certificates in the array * * @return Status Code */ pebble_return_code_t convert_der_to_b64(cert_t *cert_chain, uint32_t num_certs); #endif /* _PEBBLE_x509_H_ */