Intel(R) EPID 1.1 support

Parser for 1.1 issuer material. More...

Functions

EpidStatus Epid11ParseGroupPubKeyFile (void const *buf, size_t len, EpidCaCertificate const *cert, Epid11GroupPubKey *pubkey)
 Extracts group public key from buffer in issuer binary format. More...
 
EpidStatus Epid11ParsePrivRlFile (void const *buf, size_t len, EpidCaCertificate const *cert, Epid11PrivRl *rl, size_t *rl_len)
 Extracts private key revocation list from buffer in issuer binary format. More...
 
EpidStatus Epid11ParseSigRlFile (void const *buf, size_t len, EpidCaCertificate const *cert, Epid11SigRl *rl, size_t *rl_len)
 Extracts signature revocation list from buffer in issuer binary format. More...
 
EpidStatus Epid11ParseGroupRlFile (void const *buf, size_t len, EpidCaCertificate const *cert, Epid11GroupRl *rl, size_t *rl_len)
 Extracts group revocation list from buffer in issuer binary format. More...
 

Detailed Description

Parser for 1.1 issuer material.

Defines the APIs needed to parse Intel(R) EPID 1.1 issuer material.

See also
Intel(R) EPID 1.1 support

Function Documentation

◆ Epid11ParseGroupPubKeyFile()

EpidStatus Epid11ParseGroupPubKeyFile ( void const *  buf,
size_t  len,
EpidCaCertificate const *  cert,
Epid11GroupPubKey pubkey 
)

Extracts group public key from buffer in issuer binary format.

Extracts the first group public key from a buffer with format of Intel(R) EPID 1.1 Group Public Key Certificate Binary File. The function validates that the first public key was signed by the private key corresponding to the provided CA certificate and the size of the input buffer is correct.

Warning
It is the responsibility of the caller to authenticate the EpidCaCertificate.
Parameters
[in]bufPointer to buffer containing public key to extract.
[in]lenThe size of buf in bytes.
[in]certThe issuing CA public key certificate.
[out]pubkeyThe extracted group public key.
Returns
EpidStatus
Return values
kEpidSigInvalidParsing failed due to data authentication failure.
See also
Intel(R) EPID 1.1 support

◆ Epid11ParseGroupRlFile()

EpidStatus Epid11ParseGroupRlFile ( void const *  buf,
size_t  len,
EpidCaCertificate const *  cert,
Epid11GroupRl rl,
size_t *  rl_len 
)

Extracts group revocation list from buffer in issuer binary format.

Extracts the group revocation list from a buffer with format of Intel(R) EPID 1.1 Binary Group Certificate Revocation List File. The function validates that the revocation list was signed by the private key corresponding to the provided CA certificate and the size of the input buffer is correct.

To determine the required size of the revocation list output buffer, provide a null pointer for the output buffer.

Warning
It is the responsibility of the caller to authenticate the EpidCaCertificate.
Parameters
[in]bufPointer to buffer containing the revocation list to extract.
[in]lenThe size of buf in bytes.
[in]certThe issuing CA public key certificate.
[out]rlThe extracted revocation list. If Null, rl_len is filled with the required output buffer size.
[in,out]rl_lenThe size of rl in bytes.
Returns
EpidStatus
Return values
kEpidSigInvalidParsing failed due to data authentication failure.
See also
Intel(R) EPID 1.1 support

◆ Epid11ParsePrivRlFile()

EpidStatus Epid11ParsePrivRlFile ( void const *  buf,
size_t  len,
EpidCaCertificate const *  cert,
Epid11PrivRl rl,
size_t *  rl_len 
)

Extracts private key revocation list from buffer in issuer binary format.

Extracts the private key revocation list from a buffer with format of Intel(R) EPID 1.1 Binary Private Key Revocation List File. The function validates that the revocation list was signed by the private key corresponding to the provided CA certificate and the size of the input buffer is correct.

To determine the required size of the revocation list output buffer, provide a null pointer for the output buffer.

Warning
It is the responsibility of the caller to authenticate the EpidCaCertificate.
Parameters
[in]bufPointer to buffer containing the revocation list to extract.
[in]lenThe size of buf in bytes.
[in]certThe issuing CA public key certificate.
[out]rlThe extracted revocation list. If Null, rl_len is filled with the required output buffer size.
[in,out]rl_lenThe size of rl in bytes.
Returns
EpidStatus
Return values
kEpidSigInvalidParsing failed due to data authentication failure.
See also
Intel(R) EPID 1.1 support

◆ Epid11ParseSigRlFile()

EpidStatus Epid11ParseSigRlFile ( void const *  buf,
size_t  len,
EpidCaCertificate const *  cert,
Epid11SigRl rl,
size_t *  rl_len 
)

Extracts signature revocation list from buffer in issuer binary format.

Extracts the signature based revocation list from a buffer with format of Intel(R) EPID 1.1 Binary Signature Revocation List File. The function validates that the revocation list was signed by the private key corresponding to the provided CA certificate and the size of the input buffer is correct.

To determine the required size of the revocation list output buffer, provide a null pointer for the output buffer.

Warning
It is the responsibility of the caller to authenticate the EpidCaCertificate.
Parameters
[in]bufPointer to buffer containing the revocation list to extract.
[in]lenThe size of buf in bytes.
[in]certThe issuing CA public key certificate.
[out]rlThe extracted revocation list. If Null, rl_len is filled with the required output buffer size.
[in,out]rl_lenThe size of rl in bytes.
Returns
EpidStatus
Return values
kEpidSigInvalidParsing failed due to data authentication failure.
See also
Intel(R) EPID 1.1 support