Verifier functionality. More...

Modules
	Intel(R) EPID 1.1 support
	Intel(R) EPID 1.1 Verifier functionality.

Data Structures
struct	VerifierPrecomp
	Pre-computed verifier settings. More...

Typedefs
typedef struct VerifierCtx	VerifierCtx
	Internal context of verifier.

Functions
EpidStatus	EpidVerifierCreate (GroupPubKey const pub_key, VerifierPrecomp const precomp, VerifierCtx **ctx)
	Creates a new verifier context. More...

void	EpidVerifierDelete (VerifierCtx **ctx)
	Deletes an existing verifier context. More...

EpidStatus	EpidVerifierWritePrecomp (VerifierCtx const ctx, VerifierPrecomp precomp)
	Serializes the pre-computed verifier settings. More...

EpidStatus	EpidVerifierSetPrivRl (VerifierCtx ctx, PrivRl const priv_rl, size_t priv_rl_size)
	Sets the private key based revocation list. More...

EpidStatus	EpidVerifierSetSigRl (VerifierCtx ctx, SigRl const sig_rl, size_t sig_rl_size)
	Sets the signature based revocation list. More...

EpidStatus	EpidVerifierSetGroupRl (VerifierCtx ctx, GroupRl const grp_rl, size_t grp_rl_size)
	Sets the group based revocation list. More...

EpidStatus	EpidVerifierSetVerifierRl (VerifierCtx ctx, VerifierRl const ver_rl, size_t ver_rl_size)
	Sets the verifier revocation list. More...

EpidStatus	EpidVerifierSetHashAlg (VerifierCtx *ctx, HashAlg hash_alg)
	Sets the hash algorithm to be used by a verifier. More...

EpidStatus	EpidVerifierSetBasename (VerifierCtx ctx, void const basename, size_t basename_len)
	Sets the basename to be used by a verifier. More...

EpidStatus	EpidVerify (VerifierCtx const ctx, EpidSignature const sig, size_t sig_len, void const *msg, size_t msg_len)
	Verifies a signature and checks revocation status. More...

bool	EpidAreSigsLinked (BasicSignature const sig1, BasicSignature const sig2)
	Determines if two signatures are linked. More...

EpidStatus	EpidVerifyBasicSig (VerifierCtx const ctx, BasicSignature const sig, void const *msg, size_t msg_len)
	Verifies a member signature without revocation checks. More...

EpidStatus	EpidNrVerify (VerifierCtx const ctx, BasicSignature const sig, void const msg, size_t msg_len, SigRlEntry const sigrl_entry, NrProof const *proof)
	Verifies the non-revoked proof for a single signature based revocation list entry. More...

EpidStatus	EpidCheckPrivRlEntry (VerifierCtx const ctx, BasicSignature const sig, FpElemStr const *f)
	Verifies a signature has not been revoked in the private key based revocation list. More...

size_t	EpidGetVerifierRlSize (VerifierCtx const *ctx)
	Returns the number of bytes required to serialize the verifier blacklist. More...

EpidStatus	EpidWriteVerifierRl (VerifierCtx const ctx, VerifierRl ver_rl, size_t ver_rl_size)
	Serializes the verifier blacklist to a buffer. More...

EpidStatus	EpidBlacklistSig (VerifierCtx ctx, EpidSignature const sig, size_t sig_len, void const *msg, size_t msg_len)
	Adds a valid name-based signature to the verifier blacklist. More...

Detailed Description

Verifier functionality.

Defines the APIs needed by Intel(R) EPID verifiers. Each verifier context (VerifierCtx) represents a verifier for a single group.

To use this module, include the header epid/verifier/api.h.

Function Documentation

◆ EpidAreSigsLinked()

bool EpidAreSigsLinked	(	BasicSignature const *	sig1,
		BasicSignature const *	sig2
	)

Determines if two signatures are linked.

The Intel(R) EPID scheme allows signatures to be linked. If basename option is specified when signing, signatures with the same basename are linkable. This linking capability allows the verifier, or anyone, to know whether two Intel(R) EPID signatures are generated by the same member.

Parameters

[in]	sig1	A basic signature.
[in]	sig2	A basic signature.

Returns: bool

Return values

true	if the signatures were generated by the same member
false	if it couldn't be determined if the signatures were generated by the same member

Note: The input signatures should be verified using EpidVerifyBasicSig() before invocation. Behavior is undefined if either of the signatures cannot be verified.

See also: EpidVerifyBasicSig; EpidSignBasic; EpidSign

◆ EpidBlacklistSig()

EpidStatus EpidBlacklistSig	(	VerifierCtx *	ctx,
		EpidSignature const *	sig,
		size_t	sig_len,
		void const *	msg,
		size_t	msg_len
	)

Adds a valid name-based signature to the verifier blacklist.

If the signature is not valid it will not be added to the blacklist.

Parameters

[in]	ctx	The verifier context.
[in]	sig	The name-based signature to revoke.
[in]	sig_len	The size of sig in bytes.
[in]	msg	The message that was signed.
[in]	msg_len	The size of msg in bytes.

Returns: EpidStatus

See also: EpidVerifierCreate; EpidVerifierSetVerifierRl; EpidWriteVerifierRl

◆ EpidCheckPrivRlEntry()

EpidStatus EpidCheckPrivRlEntry	(	VerifierCtx const *	ctx,
		BasicSignature const *	sig,
		FpElemStr const *	f
	)

Verifies a signature has not been revoked in the private key based revocation list.

Used in constrained environments where, due to limited memory, it may not be possible to process through a large and potentially unbounded revocation list.

Parameters

[in]	ctx	The verifier context.
[in]	sig	The basic signature.
[in]	f	The private key based revocation list entry.

Note: Sig should be verified using EpidVerifyBasicSig() before invocation. Behavior is undefined if sig cannot be verified.; This function should be used in conjunction with EpidNrVerify() and EpidVerifyBasicSig().; If the result is not kEpidNoErr the verify should be considered to have failed.

Returns: EpidStatus

See also: EpidVerifierCreate; EpidNrVerify; EpidVerifyBasicSig

◆ EpidGetVerifierRlSize()

size_t EpidGetVerifierRlSize ( VerifierCtx const * ctx )

Returns the number of bytes required to serialize the verifier blacklist.

Use this function to determine the buffer size required by EpidWriteVerifierRl.

Parameters

[in] ctx The verifier context.

Returns: Size in bytes required to serialize the verifier blacklist

See also: EpidVerifierCreate; EpidVerifierSetVerifierRl; EpidBlacklistSig; EpidWriteVerifierRl

◆ EpidNrVerify()

EpidStatus EpidNrVerify	(	VerifierCtx const *	ctx,
		BasicSignature const *	sig,
		void const *	msg,
		size_t	msg_len,
		SigRlEntry const *	sigrl_entry,
		NrProof const *	proof
	)

Verifies the non-revoked proof for a single signature based revocation list entry.

Used in constrained environments where, due to limited memory, it may not be possible to process through a large and potentially unbounded revocation list.

Parameters

[in]	ctx	The verifier context.
[in]	sig	The basic signature.
[in]	msg	The message that was signed.
[in]	msg_len	The size of msg in bytes.
[in]	sigrl_entry	The signature based revocation list entry.
[in]	proof	The non-revoked proof.

Returns: EpidStatus

Note: Sig should be verified using EpidVerifyBasicSig() before invocation. Behavior is undefined if sig cannot be verified.; This function should be used in conjunction with EpidVerifyBasicSig() and EpidCheckPrivRlEntry().; If the result is not kEpidNoErr, the verification should be considered to have failed.

See also: EpidVerifierCreate; EpidVerifyBasicSig; EpidCheckPrivRlEntry

◆ EpidVerifierCreate()

EpidStatus EpidVerifierCreate	(	GroupPubKey const *	pub_key,
		VerifierPrecomp const *	precomp,
		VerifierCtx **	ctx
	)

Creates a new verifier context.

Must be called to create the verifier context that is used by other "Verifier" APIs.

Allocates memory for the context, then initializes it.

EpidVerifierDelete() must be called to safely release the member context.

Parameters

[in]	pub_key	The group certificate.
[in]	precomp	Optional pre-computed data. If NULL the value is computed internally and is readable using EpidVerifierWritePrecomp().
[out]	ctx	Newly constructed verifier context.

Returns: EpidStatus

Note: If the result is not kEpidNoErr the content of ctx is undefined.

See also: EpidVerifierDelete; EpidVerifierWritePrecomp

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierDelete()

void EpidVerifierDelete ( VerifierCtx ** ctx )

Deletes an existing verifier context.

Must be called to safely release a verifier context created using EpidVerifierCreate().

De-initializes the context, frees memory used by the context, and sets the context pointer to NULL.

Parameters

[in,out] ctx The verifier context. Can be NULL.

See also: EpidVerifierCreate

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierSetBasename()

EpidStatus EpidVerifierSetBasename	(	VerifierCtx *	ctx,
		void const *	basename,
		size_t	basename_len
	)

Sets the basename to be used by a verifier.

Note: A successful call to this function will clear the current verifier blacklist.

Parameters

[in,out]	ctx	The verifier context.
[in]	basename	The basename. Pass NULL for random base.
[in]	basename_len	Number of bytes in basename buffer. Must be 0 if basename is NULL.

Returns: EpidStatus

See also: EpidVerifierCreate

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierSetGroupRl()

EpidStatus EpidVerifierSetGroupRl	(	VerifierCtx *	ctx,
		GroupRl const *	grp_rl,
		size_t	grp_rl_size
	)

Sets the group based revocation list.

The caller is responsible for ensuring the revocation list is authorized, e.g signed by the issuer. The caller is also responsible checking the version of the revocation list. The call fails if trying to set an older version of the revocation list than was last set.

Attention: The memory pointed to by grp_rl is accessed directly by the verifier until a new list is set or the verifier is destroyed. Do not modify the contents of this memory. The behavior of subsequent operations that rely on the revocation list is undefined if the memory is modified.; It is the responsibility of the caller to free the memory pointed to by grp_rl after the verifier is no longer using it.

Parameters

[in,out]	ctx	The verifier context.
[in]	grp_rl	The group based revocation list.
[in]	grp_rl_size	The size of the group based revocation list in bytes.

Returns: EpidStatus

Note: If the result is not kEpidNoErr the group based revocation list pointed to by the verifier is undefined.

See also: EpidVerifierCreate

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierSetHashAlg()

EpidStatus EpidVerifierSetHashAlg	(	VerifierCtx *	ctx,
		HashAlg	hash_alg
	)

Sets the hash algorithm to be used by a verifier.

Parameters

[in]	ctx	The verifier context.
[in]	hash_alg	The hash algorithm to use.

Returns: EpidStatus

Note: If the result is not kEpidNoErr, the hash algorithm used by the verifier is undefined.

See also: EpidVerifierCreate; HashAlg

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierSetPrivRl()

EpidStatus EpidVerifierSetPrivRl	(	VerifierCtx *	ctx,
		PrivRl const *	priv_rl,
		size_t	priv_rl_size
	)

Sets the private key based revocation list.

The caller is responsible for ensuring the revocation list is authorized, e.g signed by the issuer. The caller is also responsible checking the version of the revocation list. The call fails if trying to set an older version of the revocation list than was last set.

Attention: The memory pointed to by priv_rl is accessed directly by the verifier until a new list is set or the verifier is destroyed. Do not modify the contents of this memory. The behavior of subsequent operations that rely on the revocation list is undefined if the memory is modified.; It is the responsibility of the caller to free the memory pointed to by priv_rl after the verifier is no longer using it.

Parameters

[in,out]	ctx	The verifier context.
[in]	priv_rl	The private key based revocation list.
[in]	priv_rl_size	The size of the private key based revocation list in bytes.

Returns: EpidStatus

Note: If the result is not kEpidNoErr the private key based revocation list pointed to by the verifier is undefined.

See also: EpidVerifierCreate

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierSetSigRl()

EpidStatus EpidVerifierSetSigRl	(	VerifierCtx *	ctx,
		SigRl const *	sig_rl,
		size_t	sig_rl_size
	)

Sets the signature based revocation list.

The caller is responsible for ensuring the revocation list is authorized, e.g signed by the issuer. The caller is also responsible checking the version of the revocation list. The call fails if trying to set an older version of the revocation list than was last set.

Attention: The memory pointed to by sig_rl is accessed directly by the verifier until a new list is set or the verifier is destroyed. Do not modify the contents of this memory. The behavior of subsequent operations that rely on the revocation list is undefined if the memory is modified.; It is the responsibility of the caller to free the memory pointed to by sig_rl after the verifier is no longer using it.

Parameters

[in,out]	ctx	The verifier context.
[in]	sig_rl	The signature based revocation list.
[in]	sig_rl_size	The size of the signature based revocation list in bytes.

Returns: EpidStatus

Note: If the result is not kEpidNoErr the signature based revocation list pointed to by the verifier is undefined.

See also: EpidVerifierCreate

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierSetVerifierRl()

EpidStatus EpidVerifierSetVerifierRl	(	VerifierCtx *	ctx,
		VerifierRl const *	ver_rl,
		size_t	ver_rl_size
	)

Sets the verifier revocation list.

The caller is responsible for ensuring the revocation list is authorized. The caller is also responsible for checking the version of the revocation list. The call fails if trying to set an older version of the same revocation list than was last set.

Once EpidVerifierSetVerifierRl returns, callers are free to release the memory pointed to by ver_rl.

Parameters

[in,out]	ctx	The verifier context.
[in]	ver_rl	The verifier revocation list.
[in]	ver_rl_size	The size of the verifier revocation list in bytes.

Returns: EpidStatus

Note: If the result is not kEpidNoErr the verifier revocation list pointed to by the verifier is undefined.

See also: EpidVerifierCreate; EpidBlacklistSig; EpidWriteVerifierRl

Example

Verifying an Intel® EPID Signature

◆ EpidVerifierWritePrecomp()

EpidStatus EpidVerifierWritePrecomp	(	VerifierCtx const *	ctx,
		VerifierPrecomp *	precomp
	)

Serializes the pre-computed verifier settings.

Parameters

[in]	ctx	The verifier context.
[out]	precomp	The Serialized pre-computed verifier settings.

Returns: EpidStatus

Note: If the result is not kEpidNoErr the content of precomp is undefined.

Example

Verifying an Intel® EPID Signature

◆ EpidVerify()

EpidStatus EpidVerify	(	VerifierCtx const *	ctx,
		EpidSignature const *	sig,
		size_t	sig_len,
		void const *	msg,
		size_t	msg_len
	)

Verifies a signature and checks revocation status.

Parameters

[in]	ctx	The verifier context.
[in]	sig	The signature.
[in]	sig_len	The size of sig in bytes.
[in]	msg	The message that was signed.
[in]	msg_len	The size of msg in bytes.

Returns: EpidStatus

Return values

kEpidSigValid	Signature validated successfully
kEpidSigInvalid	Signature is invalid
kEpidSigRevokedInGroupRl	Signature revoked in GroupRl
kEpidSigRevokedInPrivRl	Signature revoked in PrivRl
kEpidSigRevokedInSigRl	Signature revoked in SigRl
kEpidSigRevokedInVerifierRl	Signature revoked in VerifierRl

Note: If the result is not kEpidNoErr or one of the values listed above the verify should be considered to have failed.

See also: EpidVerifierCreate; EpidSignBasic; EpidSign

Example

Verifying an Intel® EPID Signature

◆ EpidVerifyBasicSig()

EpidStatus EpidVerifyBasicSig	(	VerifierCtx const *	ctx,
		BasicSignature const *	sig,
		void const *	msg,
		size_t	msg_len
	)

Verifies a member signature without revocation checks.

Used in constrained environments where, due to limited memory, it may not be possible to process through a large and potentially unbounded revocation list.

Parameters

[in]	ctx	The verifier context.
[in]	sig	The basic signature.
[in]	msg	The message that was signed.
[in]	msg_len	The size of msg in bytes.

Returns: EpidStatus

Note: This function should be used in conjunction with EpidNrVerify() and EpidCheckPrivRlEntry().; If the result is not kEpidNoErr the verify should be considered to have failed.

See also: EpidVerifierCreate; EpidSignBasic; EpidSign

◆ EpidWriteVerifierRl()

EpidStatus EpidWriteVerifierRl	(	VerifierCtx const *	ctx,
		VerifierRl *	ver_rl,
		size_t	ver_rl_size
	)

Serializes the verifier blacklist to a buffer.

If the current blacklist is empty or not set a valid empty verifier blacklist will be serialized.

Use EpidGetVerifierRlSize to determine the buffer size required to serialize the verifier blacklist.

Parameters

[in]	ctx	The verifier context.
[out]	ver_rl	An existing buffer in which to write the verifier revocation list.
[in]	ver_rl_size	The size of the caller allocated output buffer in bytes.

Returns: EpidStatus

See also: EpidVerifierCreate; EpidVerifierSetVerifierRl; EpidBlacklistSig; EpidGetVerifierRlSize

Modules

Data Structures

Typedefs

Functions

Detailed Description

Function Documentation

◆ EpidAreSigsLinked()

◆ EpidBlacklistSig()

◆ EpidCheckPrivRlEntry()

◆ EpidGetVerifierRlSize()

◆ EpidNrVerify()

◆ EpidVerifierCreate()

◆ EpidVerifierDelete()

◆ EpidVerifierSetBasename()

◆ EpidVerifierSetGroupRl()

◆ EpidVerifierSetHashAlg()

◆ EpidVerifierSetPrivRl()

◆ EpidVerifierSetSigRl()

◆ EpidVerifierSetVerifierRl()

◆ EpidVerifierWritePrecomp()

◆ EpidVerify()

◆ EpidVerifyBasicSig()

◆ EpidWriteVerifierRl()