diff options
Diffstat (limited to 'doc/html/group___epid11_verifier_module.html')
| -rw-r--r-- | doc/html/group___epid11_verifier_module.html | 780 |
1 files changed, 780 insertions, 0 deletions
diff --git a/doc/html/group___epid11_verifier_module.html b/doc/html/group___epid11_verifier_module.html new file mode 100644 index 0000000..8b383c3 --- /dev/null +++ b/doc/html/group___epid11_verifier_module.html @@ -0,0 +1,780 @@ +<!-- HTML header for doxygen 1.8.10--> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> +<meta http-equiv="X-UA-Compatible" content="IE=9"/> +<meta name="generator" content="Doxygen 1.8.11"/> +<title>Intel® Enhanced Privacy ID SDK: EPID 1.1 support</title> +<link href="tabs.css" rel="stylesheet" type="text/css"/> +<script type="text/javascript" src="jquery.js"></script> +<script type="text/javascript" src="dynsections.js"></script> +<link href="navtree.css" rel="stylesheet" type="text/css"/> +<script type="text/javascript" src="resize.js"></script> +<script type="text/javascript" src="navtreedata.js"></script> +<script type="text/javascript" src="navtree.js"></script> +<script type="text/javascript"> + $(document).ready(initResizable); + $(window).load(resizeHeight); +</script> +<link href="doxygen.css" rel="stylesheet" type="text/css" /> +<link href="epidstyle.css" rel="stylesheet" type="text/css"/> +</head> +<body> +<div id="top"><!-- do not remove this div, it is closed by doxygen! --> +<div id="titlearea"> +<table cellspacing="0" cellpadding="0"> + <tbody> + <tr style="height: 56px;"> + <td id="projectalign" style="padding-left: 0.5em;"> + <div id="projectname"><a + onclick="storeLink('index.html')" + id="projectlink" + class="index.html" + href="index.html">Intel® Enhanced Privacy ID SDK</a> + <span id="projectnumber">3.0.0</span> +</div> + </td> + </tr> + </tbody> +</table> +</div> +<!-- end header part --> +<!-- Generated by Doxygen 1.8.11 --> +</div><!-- top --> +<div id="side-nav" class="ui-resizable side-nav-resizable"> + <div id="nav-tree"> + <div id="nav-tree-contents"> + <div id="nav-sync" class="sync"></div> + </div> + </div> + <div id="splitbar" style="-moz-user-select:none;" + class="ui-resizable-handle"> + </div> +</div> +<script type="text/javascript"> +$(document).ready(function(){initNavTree('group___epid11_verifier_module.html','');}); +</script> +<div id="doc-content"> +<div class="header"> + <div class="summary"> +<a href="#nested-classes">Data Structures</a> | +<a href="#typedef-members">Typedefs</a> | +<a href="#func-members">Functions</a> </div> + <div class="headertitle"> +<div class="title">EPID 1.1 support<div class="ingroups"><a class="el" href="group___epid_module.html">epid</a> » <a class="el" href="group___epid_verifier_module.html">verifier</a></div></div> </div> +</div><!--header--> +<div class="contents"> + +<p>Intel(R) EPID 1.1 Verifier functionality. +<a href="#details">More...</a></p> +<table class="memberdecls"> +<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="nested-classes"></a> +Data Structures</h2></td></tr> +<tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct_epid11_verifier_precomp.html">Epid11VerifierPrecomp</a></td></tr> +<tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Intel(R) EPID 1.1 Pre-computed verifier settings. <a href="struct_epid11_verifier_precomp.html#details">More...</a><br /></td></tr> +<tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> +</table><table class="memberdecls"> +<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="typedef-members"></a> +Typedefs</h2></td></tr> +<tr class="memitem:gabe6a864a06322205ae7536ffea34c702"><td class="memItemLeft" align="right" valign="top"><a class="anchor" id="gabe6a864a06322205ae7536ffea34c702"></a> +typedef struct <a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a></td></tr> +<tr class="memdesc:gabe6a864a06322205ae7536ffea34c702"><td class="mdescLeft"> </td><td class="mdescRight">Internal context of Intel(R) EPID 1.1 verifier. <br /></td></tr> +<tr class="separator:gabe6a864a06322205ae7536ffea34c702"><td class="memSeparator" colspan="2"> </td></tr> +</table><table class="memberdecls"> +<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a> +Functions</h2></td></tr> +<tr class="memitem:gac5a8f8d7624063ea428d81dbdbf61fa8"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8">Epid11VerifierCreate</a> (<a class="el" href="struct_epid11_group_pub_key.html">Epid11GroupPubKey</a> const *pub_key, <a class="el" href="struct_epid11_verifier_precomp.html">Epid11VerifierPrecomp</a> const *precomp, <a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> **ctx)</td></tr> +<tr class="memdesc:gac5a8f8d7624063ea428d81dbdbf61fa8"><td class="mdescLeft"> </td><td class="mdescRight">Creates a new Intel(R) EPID 1.1 verifier context. <a href="#gac5a8f8d7624063ea428d81dbdbf61fa8">More...</a><br /></td></tr> +<tr class="separator:gac5a8f8d7624063ea428d81dbdbf61fa8"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ga63cae8d5abcf4d7e3af4157de18998f1"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#ga63cae8d5abcf4d7e3af4157de18998f1">Epid11VerifierDelete</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> **ctx)</td></tr> +<tr class="memdesc:ga63cae8d5abcf4d7e3af4157de18998f1"><td class="mdescLeft"> </td><td class="mdescRight">Deletes an existing Intel(R) EPID 1.1 verifier context. <a href="#ga63cae8d5abcf4d7e3af4157de18998f1">More...</a><br /></td></tr> +<tr class="separator:ga63cae8d5abcf4d7e3af4157de18998f1"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ga241520cb925e5be89893a2037451cf1c"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#ga241520cb925e5be89893a2037451cf1c">Epid11VerifierWritePrecomp</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const *ctx, <a class="el" href="struct_epid11_verifier_precomp.html">Epid11VerifierPrecomp</a> *precomp)</td></tr> +<tr class="memdesc:ga241520cb925e5be89893a2037451cf1c"><td class="mdescLeft"> </td><td class="mdescRight">Serializes the pre-computed Intel(R) EPID 1.1 verifier settings. <a href="#ga241520cb925e5be89893a2037451cf1c">More...</a><br /></td></tr> +<tr class="separator:ga241520cb925e5be89893a2037451cf1c"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:gaffbe6ac2bc7236ad65126a17ebdceb14"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#gaffbe6ac2bc7236ad65126a17ebdceb14">Epid11VerifierSetPrivRl</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> *ctx, <a class="el" href="struct_epid11_priv_rl.html">Epid11PrivRl</a> const *priv_rl, size_t priv_rl_size)</td></tr> +<tr class="memdesc:gaffbe6ac2bc7236ad65126a17ebdceb14"><td class="mdescLeft"> </td><td class="mdescRight">Sets the Intel(R) EPID 1.1 private key based revocation list. <a href="#gaffbe6ac2bc7236ad65126a17ebdceb14">More...</a><br /></td></tr> +<tr class="separator:gaffbe6ac2bc7236ad65126a17ebdceb14"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:gaff5a014b0334be7e8583f0f99cb5e9b8"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#gaff5a014b0334be7e8583f0f99cb5e9b8">Epid11VerifierSetSigRl</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> *ctx, <a class="el" href="struct_epid11_sig_rl.html">Epid11SigRl</a> const *sig_rl, size_t sig_rl_size)</td></tr> +<tr class="memdesc:gaff5a014b0334be7e8583f0f99cb5e9b8"><td class="mdescLeft"> </td><td class="mdescRight">Sets the Intel(R) EPID 1.1 signature based revocation list. <a href="#gaff5a014b0334be7e8583f0f99cb5e9b8">More...</a><br /></td></tr> +<tr class="separator:gaff5a014b0334be7e8583f0f99cb5e9b8"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ga809c777908b2f9d029062d9424cb5f65"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#ga809c777908b2f9d029062d9424cb5f65">Epid11VerifierSetGroupRl</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> *ctx, <a class="el" href="struct_epid11_group_rl.html">Epid11GroupRl</a> const *grp_rl, size_t grp_rl_size)</td></tr> +<tr class="memdesc:ga809c777908b2f9d029062d9424cb5f65"><td class="mdescLeft"> </td><td class="mdescRight">Sets the Intel(R) EPID 1.1 group based revocation list. <a href="#ga809c777908b2f9d029062d9424cb5f65">More...</a><br /></td></tr> +<tr class="separator:ga809c777908b2f9d029062d9424cb5f65"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ga0cb6d30df527ee0d8f0a1b68d2b7c0c0"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#ga0cb6d30df527ee0d8f0a1b68d2b7c0c0">Epid11VerifierSetBasename</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> *ctx, void const *basename, size_t basename_len)</td></tr> +<tr class="memdesc:ga0cb6d30df527ee0d8f0a1b68d2b7c0c0"><td class="mdescLeft"> </td><td class="mdescRight">Sets the basename to be used by a verifier. <a href="#ga0cb6d30df527ee0d8f0a1b68d2b7c0c0">More...</a><br /></td></tr> +<tr class="separator:ga0cb6d30df527ee0d8f0a1b68d2b7c0c0"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:gafe5ad6bde38ad0c3e0a9960975fd5216"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#gafe5ad6bde38ad0c3e0a9960975fd5216">Epid11Verify</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const *ctx, <a class="el" href="struct_epid11_signature.html">Epid11Signature</a> const *sig, size_t sig_len, void const *msg, size_t msg_len)</td></tr> +<tr class="memdesc:gafe5ad6bde38ad0c3e0a9960975fd5216"><td class="mdescLeft"> </td><td class="mdescRight">Verifies an Intel(R) EPID 1.1 signature and checks revocation status. <a href="#gafe5ad6bde38ad0c3e0a9960975fd5216">More...</a><br /></td></tr> +<tr class="separator:gafe5ad6bde38ad0c3e0a9960975fd5216"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:gab0b6560b226a37321f5ca5d4fb55eba7"><td class="memItemLeft" align="right" valign="top"><a class="el" href="stdtypes_8h.html#ad5c9d4ba3dc37783a528b0925dc981a0">bool</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#gab0b6560b226a37321f5ca5d4fb55eba7">Epid11AreSigsLinked</a> (<a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const *sig1, <a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const *sig2)</td></tr> +<tr class="memdesc:gab0b6560b226a37321f5ca5d4fb55eba7"><td class="mdescLeft"> </td><td class="mdescRight">Determines if two Intel(R) EPID 1.1 signatures are linked. <a href="#gab0b6560b226a37321f5ca5d4fb55eba7">More...</a><br /></td></tr> +<tr class="separator:gab0b6560b226a37321f5ca5d4fb55eba7"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ga7b5d19277da043c2b79721975d7bd070"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070">Epid11VerifyBasicSig</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const *ctx, <a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const *sig, void const *msg, size_t msg_len)</td></tr> +<tr class="memdesc:ga7b5d19277da043c2b79721975d7bd070"><td class="mdescLeft"> </td><td class="mdescRight">Verifies an Intel(R) EPID 1.1 member signature without revocation checks. <a href="#ga7b5d19277da043c2b79721975d7bd070">More...</a><br /></td></tr> +<tr class="separator:ga7b5d19277da043c2b79721975d7bd070"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ga3a2e320d7de6156b2ce9d73e9cdce813"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#ga3a2e320d7de6156b2ce9d73e9cdce813">Epid11NrVerify</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const *ctx, <a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const *sig, void const *msg, size_t msg_len, <a class="el" href="struct_epid11_sig_rl_entry.html">Epid11SigRlEntry</a> const *sigrl_entry, <a class="el" href="struct_epid11_nr_proof.html">Epid11NrProof</a> const *proof)</td></tr> +<tr class="memdesc:ga3a2e320d7de6156b2ce9d73e9cdce813"><td class="mdescLeft"> </td><td class="mdescRight">Verifies the non-revoked proof for a single Intel(R) EPID 1.1 signature based revocation list entry. <a href="#ga3a2e320d7de6156b2ce9d73e9cdce813">More...</a><br /></td></tr> +<tr class="separator:ga3a2e320d7de6156b2ce9d73e9cdce813"><td class="memSeparator" colspan="2"> </td></tr> +<tr class="memitem:ga0b79c79d09e3551158e1c38c7c335929"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group___epid11_verifier_module.html#ga0b79c79d09e3551158e1c38c7c335929">Epid11CheckPrivRlEntry</a> (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const *ctx, <a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const *sig, <a class="el" href="struct_fp_elem_str.html">FpElemStr</a> const *f)</td></tr> +<tr class="memdesc:ga0b79c79d09e3551158e1c38c7c335929"><td class="mdescLeft"> </td><td class="mdescRight">Verifies an Intel(R) EPID 1.1 signature has not been revoked in the private key based revocation list. <a href="#ga0b79c79d09e3551158e1c38c7c335929">More...</a><br /></td></tr> +<tr class="separator:ga0b79c79d09e3551158e1c38c7c335929"><td class="memSeparator" colspan="2"> </td></tr> +</table> +<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2> +<p>Intel(R) EPID 1.1 Verifier functionality. </p> +<p>To verify signatures coming from member devices that belong to an Intel® EPID 1.1 group, you need to use Intel® EPID 1.1 verifier APIs.</p> +<p>If you are acting as a verifier for both Intel® EPID 1.1 and 2.0 members, you can determine if you need version 1.1 or 2.0 verification by checking the Intel® EPID version field in the group public key file (see <a class="el" href="group___file_parser.html#ga8e38d1102eb1dd9b5af2e2f79236da55" title="Extracts Intel(R) EPID Binary Output File header information. ">EpidParseFileHeader</a>). You can also check the version in other binary issuer material, such as the GroupRL and SigRL.</p> +<p>The 1.1 verifier APIs take a verifier context as input. Each verifier context (<a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702" title="Internal context of Intel(R) EPID 1.1 verifier. ">Epid11VerifierCtx</a>) represents a verifier for a single group.</p> +<p>The Intel® EPID 1.1 specification does not provide hash algorithm selection and verifier blacklist revocation. Therefore, APIs such as <a class="el" href="group___epid_verifier_module.html#ga97b58b2382f24756b66a357f1e825c92" title="Sets the hash algorithm to be used by a verifier. ">EpidVerifierSetHashAlg</a> and <a class="el" href="group___epid_verifier_module.html#ga0909703a0a4dfe080374d0d99077465a" title="Sets the verifier revocation list. ">EpidVerifierSetVerifierRl</a> are not available.</p> +<p>You can find the Intel® EPID 1.1 API headers in the 1.1 directories, for example, <code>epid/verifier/1.1/api.h</code>.</p> +<p>Intel® EPID 1.1 APIs and data structures are indicated with the "Epid11" prefix. For example, the Intel® EPID 1.1 version of <a class="el" href="group___file_parser.html#ga43fdbc1bf2edd3695d21cb457365afbb" title="Extracts group public key from buffer in issuer binary format. ">EpidParseGroupPubKeyFile</a> is called <a class="el" href="group___epid11_file_parser_module.html#ga1f92d1cb6bd7d9815711fde515b40a4c" title="Extracts group public key from buffer in issuer binary format. ">Epid11ParseGroupPubKeyFile</a>, and the Intel® EPID 1.1 version of <code><a class="el" href="struct_group_rl.html" title="group revocation list ">GroupRl</a></code> is <code><a class="el" href="struct_epid11_group_rl.html" title="Intel(R) EPID 1.1 group revocation list. ">Epid11GroupRl</a></code>. </p> +<h2 class="groupheader">Function Documentation</h2> +<a class="anchor" id="gab0b6560b226a37321f5ca5d4fb55eba7"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="stdtypes_8h.html#ad5c9d4ba3dc37783a528b0925dc981a0">bool</a> Epid11AreSigsLinked </td> + <td>(</td> + <td class="paramtype"><a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const * </td> + <td class="paramname"><em>sig1</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const * </td> + <td class="paramname"><em>sig2</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Determines if two Intel(R) EPID 1.1 signatures are linked. </p> +<p>The Intel(R) EPID scheme allows signatures to be linked. If basename option is specified when signing signatures with the same basename will be linkable. This linking capability allows the verifier, or anyone, to know whether two Intel(R) EPID signatures are generated by the same member.</p> +<p>This API supports Intel(R) EPID 1.1 verification.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in]</td><td class="paramname">sig1</td><td>A basic signature. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig2</td><td>A basic signature.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd>bool</dd></dl> +<dl class="retval"><dt>Return values</dt><dd> + <table class="retval"> + <tr><td class="paramname">true</td><td>if the signatures were generated by the same member </td></tr> + <tr><td class="paramname">false</td><td>if it couldn't be determined if the signatures were generated by the same member</td></tr> + </table> + </dd> +</dl> +<dl class="section note"><dt>Note</dt><dd>The input signatures should be verified using <a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig()</a> before invocation. Behavior is undefined if either of the signatures cannot be verified.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="ga0b79c79d09e3551158e1c38c7c335929"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11CheckPrivRlEntry </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const * </td> + <td class="paramname"><em>sig</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_fp_elem_str.html">FpElemStr</a> const * </td> + <td class="paramname"><em>f</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Verifies an Intel(R) EPID 1.1 signature has not been revoked in the private key based revocation list. </p> +<p>Used in constrained environments where, due to limited memory, it may not be possible to process through a large and potentially unbounded revocation list.</p> +<p>This API supports Intel(R) EPID 1.1 verification.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig</td><td>The basic signature. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">f</td><td>The private key based revocation list entry.</td></tr> + </table> + </dd> +</dl> +<dl class="section note"><dt>Note</dt><dd>Sig should be verified using <a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig()</a> before invocation. Behavior is undefined if sig cannot be verified.</dd> +<dd> +This function should be used in conjunction with <a class="el" href="group___epid11_verifier_module.html#ga3a2e320d7de6156b2ce9d73e9cdce813" title="Verifies the non-revoked proof for a single Intel(R) EPID 1.1 signature based revocation list entry...">Epid11NrVerify()</a> and <a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig()</a>.</dd> +<dd> +If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the verify should de considered to have failed.</dd></dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a> </dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +<a class="el" href="group___epid11_verifier_module.html#ga3a2e320d7de6156b2ce9d73e9cdce813" title="Verifies the non-revoked proof for a single Intel(R) EPID 1.1 signature based revocation list entry...">Epid11NrVerify</a> </dd> +<dd> +<a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="ga3a2e320d7de6156b2ce9d73e9cdce813"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11NrVerify </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const * </td> + <td class="paramname"><em>sig</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">void const * </td> + <td class="paramname"><em>msg</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>msg_len</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_sig_rl_entry.html">Epid11SigRlEntry</a> const * </td> + <td class="paramname"><em>sigrl_entry</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_nr_proof.html">Epid11NrProof</a> const * </td> + <td class="paramname"><em>proof</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Verifies the non-revoked proof for a single Intel(R) EPID 1.1 signature based revocation list entry. </p> +<p>Used in constrained environments where, due to limited memory, it may not be possible to process through a large and potentially unbounded revocation list.</p> +<p>This API supports Intel(R) EPID 1.1 verification.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig</td><td>The basic signature. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">msg</td><td>The message that was signed. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">msg_len</td><td>The size of msg in bytes. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sigrl_entry</td><td>The signature based revocation list entry. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">proof</td><td>The non-revoked proof.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section note"><dt>Note</dt><dd>Sig should be verified using <a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig()</a> before invocation. Behavior is undefined if sig cannot be verified.</dd> +<dd> +This function should be used in conjunction with <a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig()</a> and <a class="el" href="group___epid11_verifier_module.html#ga0b79c79d09e3551158e1c38c7c335929" title="Verifies an Intel(R) EPID 1.1 signature has not been revoked in the private key based revocation list...">Epid11CheckPrivRlEntry()</a>.</dd> +<dd> +If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the verify should de considered to have failed.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +<a class="el" href="group___epid11_verifier_module.html#ga7b5d19277da043c2b79721975d7bd070" title="Verifies an Intel(R) EPID 1.1 member signature without revocation checks. ">Epid11VerifyBasicSig</a> </dd> +<dd> +<a class="el" href="group___epid11_verifier_module.html#ga0b79c79d09e3551158e1c38c7c335929" title="Verifies an Intel(R) EPID 1.1 signature has not been revoked in the private key based revocation list...">Epid11CheckPrivRlEntry</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="gac5a8f8d7624063ea428d81dbdbf61fa8"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11VerifierCreate </td> + <td>(</td> + <td class="paramtype"><a class="el" href="struct_epid11_group_pub_key.html">Epid11GroupPubKey</a> const * </td> + <td class="paramname"><em>pub_key</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_verifier_precomp.html">Epid11VerifierPrecomp</a> const * </td> + <td class="paramname"><em>precomp</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> ** </td> + <td class="paramname"><em>ctx</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Creates a new Intel(R) EPID 1.1 verifier context. </p> +<p>Must be called to create the verifier context that is used by other "Verifier" APIs.</p> +<p>Allocates memory for the context, then initialize it.</p> +<p><a class="el" href="group___epid11_verifier_module.html#ga63cae8d5abcf4d7e3af4157de18998f1" title="Deletes an existing Intel(R) EPID 1.1 verifier context. ">Epid11VerifierDelete()</a> must be called to safely release the member context.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in]</td><td class="paramname">pub_key</td><td>The group certificate. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">precomp</td><td>Optional pre-computed data. If NULL the value is computed internally and is readable using <a class="el" href="group___epid11_verifier_module.html#ga241520cb925e5be89893a2037451cf1c" title="Serializes the pre-computed Intel(R) EPID 1.1 verifier settings. ">Epid11VerifierWritePrecomp()</a>. </td></tr> + <tr><td class="paramdir">[out]</td><td class="paramname">ctx</td><td>Newly constructed verifier context.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section note"><dt>Note</dt><dd>If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the content of ctx is undefined.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#ga63cae8d5abcf4d7e3af4157de18998f1" title="Deletes an existing Intel(R) EPID 1.1 verifier context. ">Epid11VerifierDelete</a> </dd> +<dd> +<a class="el" href="group___epid11_verifier_module.html#ga241520cb925e5be89893a2037451cf1c" title="Serializes the pre-computed Intel(R) EPID 1.1 verifier settings. ">Epid11VerifierWritePrecomp</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="ga63cae8d5abcf4d7e3af4157de18998f1"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname">void Epid11VerifierDelete </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> ** </td> + <td class="paramname"><em>ctx</em></td><td>)</td> + <td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Deletes an existing Intel(R) EPID 1.1 verifier context. </p> +<p>Must be called to safely release a verifier context created using <a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate()</a>.</p> +<p>De-initializes the context, frees memory used by the context, and sets the context pointer to NULL.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in,out]</td><td class="paramname">ctx</td><td>The verifier context. Can be NULL.</td></tr> + </table> + </dd> +</dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="ga0cb6d30df527ee0d8f0a1b68d2b7c0c0"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11VerifierSetBasename </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">void const * </td> + <td class="paramname"><em>basename</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>basename_len</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Sets the basename to be used by a verifier. </p> +<p>This API allows setting a zero length base name.</p> +<dl class="section warning"><dt>Warning</dt><dd>Not all members in the Intel(R) EPID 1.1 ecosystem may support zero length basenames. They may interpret a zero length basename as random base.</dd></dl> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in,out]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">basename</td><td>The basename. Pass NULL for random base. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">basename_len</td><td>Number of bytes in basename buffer. Must be 0 if basename is NULL.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd></dl> + +</div> +</div> +<a class="anchor" id="ga809c777908b2f9d029062d9424cb5f65"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11VerifierSetGroupRl </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_group_rl.html">Epid11GroupRl</a> const * </td> + <td class="paramname"><em>grp_rl</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>grp_rl_size</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Sets the Intel(R) EPID 1.1 group based revocation list. </p> +<p>The caller is responsible to for ensuring the revocation list is authorized, e.g signed by the issuer. The caller is also responsible checking the version of the revocation list. The call will fail if trying to set an older version of the revocation list than was last set.</p> +<p>This API supports Intel(R) EPID 1.1 verification.</p> +<dl class="section attention"><dt>Attention</dt><dd>The memory pointed to by grp_rl will be accessed directly by the verifier until a new list is set or the verifier is destroyed. Do not modify the contents of this memory. The behavior of subsequent operations that rely on the revocation list will be undefined if the memory is modified.</dd> +<dd> +It is the responsibility of the caller to free the memory pointed to by grp_rl after the verifier is no longer using it.</dd></dl> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in,out]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">grp_rl</td><td>The group based revocation list. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">grp_rl_size</td><td>The size of the group based revocation list in bytes.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section note"><dt>Note</dt><dd>If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the group based revocation list pointed to by the verifier is undefined.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="gaffbe6ac2bc7236ad65126a17ebdceb14"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11VerifierSetPrivRl </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_priv_rl.html">Epid11PrivRl</a> const * </td> + <td class="paramname"><em>priv_rl</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>priv_rl_size</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Sets the Intel(R) EPID 1.1 private key based revocation list. </p> +<p>The caller is responsible to for ensuring the revocation list is authorized, e.g signed by the issuer. The caller is also responsible checking the version of the revocation list. The call will fail if trying to set an older version of the revocation list than was last set.</p> +<p>This API supports Intel(R) EPID 1.1 verification.</p> +<dl class="section attention"><dt>Attention</dt><dd>The memory pointed to by priv_rl will be accessed directly by the verifier until a new list is set or the verifier is destroyed. Do not modify the contents of this memory. The behavior of subsequent operations that rely on the revocation list will be undefined if the memory is modified.</dd> +<dd> +It is the responsibility of the caller to free the memory pointed to by priv_rl after the verifier is no longer using it.</dd></dl> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in,out]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">priv_rl</td><td>The private key based revocation list. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">priv_rl_size</td><td>The size of the private key based revocation list in bytes.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section note"><dt>Note</dt><dd>If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the private key based revocation list pointed to by the verifier is undefined.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="gaff5a014b0334be7e8583f0f99cb5e9b8"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11VerifierSetSigRl </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_sig_rl.html">Epid11SigRl</a> const * </td> + <td class="paramname"><em>sig_rl</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>sig_rl_size</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Sets the Intel(R) EPID 1.1 signature based revocation list. </p> +<p>The caller is responsible to for ensuring the revocation list is authorized, e.g signed by the issuer. The caller is also responsible checking the version of the revocation list. The call will fail if trying to set an older version of the revocation list than was last set.</p> +<p>This API supports Intel(R) EPID 1.1 verification.</p> +<dl class="section attention"><dt>Attention</dt><dd>The memory pointed to by sig_rl will be accessed directly by the verifier until a new list is set or the verifier is destroyed. Do not modify the contents of this memory. The behavior of subsequent operations that rely on the revocation list will be undefined if the memory is modified.</dd> +<dd> +It is the responsibility of the caller to free the memory pointed to by sig_rl after the verifier is no longer using it.</dd></dl> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in,out]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig_rl</td><td>The signature based revocation list. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig_rl_size</td><td>The size of the signature based revocation list in bytes.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section note"><dt>Note</dt><dd>If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the signature based revocation list pointed to by the verifier is undefined.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +SdkOverview_11Verifier </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="ga241520cb925e5be89893a2037451cf1c"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11VerifierWritePrecomp </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_verifier_precomp.html">Epid11VerifierPrecomp</a> * </td> + <td class="paramname"><em>precomp</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Serializes the pre-computed Intel(R) EPID 1.1 verifier settings. </p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[out]</td><td class="paramname">precomp</td><td>The Serialized pre-computed verifier settings.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section note"><dt>Note</dt><dd>If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the content of precomp is undefined.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="gafe5ad6bde38ad0c3e0a9960975fd5216"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11Verify </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_signature.html">Epid11Signature</a> const * </td> + <td class="paramname"><em>sig</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>sig_len</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">void const * </td> + <td class="paramname"><em>msg</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>msg_len</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Verifies an Intel(R) EPID 1.1 signature and checks revocation status. </p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig</td><td>The signature. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig_len</td><td>The size of sig in bytes. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">msg</td><td>The message that was signed. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">msg_len</td><td>The size of msg in bytes.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="retval"><dt>Return values</dt><dd> + <table class="retval"> + <tr><td class="paramname"><a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360ab45ad60085d03c03ea30b40a0519897e" title="Signature is valid. ">kEpidSigValid</a></td><td>Signature validated successfully </td></tr> + <tr><td class="paramname"><a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360aeedd19b8a1cbdecf963f90b4860e02b8" title="Signature is invalid. ">kEpidSigInvalid</a></td><td>Signature is invalid </td></tr> + <tr><td class="paramname"><a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360aedd43fb4043bef3b515fc23f1d9a5fe5" title="Signature revoked in GroupRl. ">kEpidSigRevokedInGroupRl</a></td><td>Signature revoked in <a class="el" href="struct_group_rl.html" title="group revocation list ">GroupRl</a> </td></tr> + <tr><td class="paramname"><a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a1dc7b7e6ff97c7ed9ff4191d76ebd6e1" title="Signature revoked in PrivRl. ">kEpidSigRevokedInPrivRl</a></td><td>Signature revoked in <a class="el" href="struct_priv_rl.html" title="private-key based revocation list. ">PrivRl</a> </td></tr> + <tr><td class="paramname"><a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a43c658cbf0d156850d71ce3f8efd461c" title="Signature revoked in SigRl. ">kEpidSigRevokedInSigRl</a></td><td>Signature revoked in <a class="el" href="struct_sig_rl.html" title="signature based revocation list ">SigRl</a></td></tr> + </table> + </dd> +</dl> +<dl class="section note"><dt>Note</dt><dd>If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> or one of the values listed above the verify should de considered to have failed.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +<a class="anchor" id="ga7b5d19277da043c2b79721975d7bd070"></a> +<div class="memitem"> +<div class="memproto"> + <table class="memname"> + <tr> + <td class="memname"><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360">EpidStatus</a> Epid11VerifyBasicSig </td> + <td>(</td> + <td class="paramtype"><a class="el" href="group___epid11_verifier_module.html#gabe6a864a06322205ae7536ffea34c702">Epid11VerifierCtx</a> const * </td> + <td class="paramname"><em>ctx</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype"><a class="el" href="struct_epid11_basic_signature.html">Epid11BasicSignature</a> const * </td> + <td class="paramname"><em>sig</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">void const * </td> + <td class="paramname"><em>msg</em>, </td> + </tr> + <tr> + <td class="paramkey"></td> + <td></td> + <td class="paramtype">size_t </td> + <td class="paramname"><em>msg_len</em> </td> + </tr> + <tr> + <td></td> + <td>)</td> + <td></td><td></td> + </tr> + </table> +</div><div class="memdoc"> + +<p>Verifies an Intel(R) EPID 1.1 member signature without revocation checks. </p> +<p>Used in constrained environments where, due to limited memory, it may not be possible to process through a large and potentially unbounded revocation list.</p> +<dl class="params"><dt>Parameters</dt><dd> + <table class="params"> + <tr><td class="paramdir">[in]</td><td class="paramname">ctx</td><td>The verifier context. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">sig</td><td>The basic signature. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">msg</td><td>The message that was signed. </td></tr> + <tr><td class="paramdir">[in]</td><td class="paramname">msg_len</td><td>The size of msg in bytes.</td></tr> + </table> + </dd> +</dl> +<dl class="section return"><dt>Returns</dt><dd><a class="el" href="group___error_codes.html#gafdb27c77c2c4b32c807e326a8a0da360" title="Return status for SDK functions. ">EpidStatus</a></dd></dl> +<dl class="section note"><dt>Note</dt><dd>This function should be used in conjunction with <a class="el" href="group___epid11_verifier_module.html#ga3a2e320d7de6156b2ce9d73e9cdce813" title="Verifies the non-revoked proof for a single Intel(R) EPID 1.1 signature based revocation list entry...">Epid11NrVerify()</a> and <a class="el" href="group___epid11_verifier_module.html#ga0b79c79d09e3551158e1c38c7c335929" title="Verifies an Intel(R) EPID 1.1 signature has not been revoked in the private key based revocation list...">Epid11CheckPrivRlEntry()</a>.</dd> +<dd> +If the result is not <a class="el" href="group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a8a6861e14322ca9193498ffc955537f9" title="no error ">kEpidNoErr</a> the verify should be considered to have failed.</dd></dl> +<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___epid11_verifier_module.html#gac5a8f8d7624063ea428d81dbdbf61fa8" title="Creates a new Intel(R) EPID 1.1 verifier context. ">Epid11VerifierCreate</a> </dd> +<dd> +<a href="group___epid11_verifier_module.html#details"><b>EPID 1.1 support</b></a> </dd></dl> + +</div> +</div> +</div><!-- contents --> +</div><!-- doc-content --> +<!-- HTML footer for doxygen 1.8.10--> +<!-- start footer part --> +<div id="nav-path" class="navpath"><!-- id is needed for treeview function! --> + <ul> + <li class="footer"> + © 2016 Intel Corporation + </li> + </ul> +</div> +</body> +</html> |