aboutsummaryrefslogtreecommitdiff
path: root/helper.h
blob: 7cdbf61719618d02f717bcfb4296f9e4b6f00f7f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#include "trusted_module.h"
#include "crypto.h"

struct tm_cert cert_ru(const struct trusted_module *tm,
                       struct iomt_node node, hash_t new_val,
                       const hash_t *comp, const int *orders, size_t n,
                       hash_t *hmac_out);

struct tm_cert cert_rv(const struct trusted_module *tm,
                       struct iomt_node node,
                       const hash_t *comp, const int *orders, size_t n,
                       hash_t *hmac_out,
                       uint64_t b,
                       struct tm_cert *nonexist, hash_t *hmac_nonexist);

/* Search the leaves of the IOMT for the index, or find an enclosing
 * node, generating an RV certificate verifying either the existence
 * or nonexistence of a node with the given index. */
struct tm_cert cert_rv_by_idx(const struct trusted_module *tm,
                              const struct iomt *tree,
                              uint64_t idx,
                              hash_t *hmac_out);

/* Fill out a tm_request struct to create a file with the index
 * given in file_node->idx with the user added with level 3 access in
 * the ACL. */
struct tm_request req_filecreate(const struct trusted_module *tm,
                                 uint64_t user_id,
                                 struct iomt_node file_node,
                                 const hash_t *file_comp, const int *file_orders, size_t file_n);

/* Fill out a tm_request struct to modify an existing file's
 * contents, given the previously generated FR certificate, and the
 * ACL node giving the user's access rights. */
struct tm_request req_filemodify(const struct trusted_module *tm,
                                 const struct tm_cert *fr_cert, hash_t fr_hmac,
                                 struct iomt_node file_node,
                                 const hash_t *file_comp, const int *file_orders, size_t file_n,
                                 struct iomt_node acl_node,
                                 const hash_t *acl_comp, const int *acl_orders, size_t acl_n,
                                 hash_t fileval);

/* Fill out a tm_request struct to modify a file's ACL. Same
 * parameters as req_filemodify(), except the hash is the root of the
 * new ACL. */
struct tm_request req_aclmodify(const struct trusted_module *tm,
                                const struct tm_cert *fr_cert, hash_t fr_hmac,
                                struct iomt_node file_node,
                                const hash_t *file_comp, const int *file_orders, size_t file_n,
                                struct iomt_node oldacl_node,
                                const hash_t *oldacl_comp, const int *oldacl_orders, size_t oldacl_n,
                                hash_t newacl_root);