aboutsummaryrefslogtreecommitdiff
path: root/service_provider.h
blob: 2529af9b3f21f5eff735807b12c9ba38ef84a855 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
/* implementation of a basic service provider for use with the trusted
 * module */

#ifndef CSAA_SERVICE_PROVIDER_H
#define CSAA_SERVICE_PROVIDER_H

#include "crypto.h"
#include "trusted_module.h"

struct service_provider;

struct service_provider *sp_new(const void *key, size_t keylen, int logleaves);
void sp_free(struct service_provider *sp);

/* see .c file for documentation */
struct tm_cert sp_request(struct service_provider *sp,
                          const struct user_request *req, hash_t req_hmac,
                          hash_t *hmac_out,
                          struct tm_cert *vr_out, hash_t *vr_hmac_out,
                          hash_t *ack_hmac_out,
                          hash_t encrypted_secret, hash_t kf,
                          const void *encrypted_contents, size_t contents_len,
                          struct iomt *new_acl);

/* Reserve a new file index with user_id added to the ACL. Returns
 * cert on failure. Authenticated with ack_hmac, which is the returned
 * request with a zero byte appended, signed by the module. */
struct user_request sp_createfile(struct service_provider *sp,
                                  uint64_t user_id, const void *key, size_t keylen,
                                  hash_t *ack_hmac);

struct user_request sp_modifyfile(struct service_provider *sp,
                                  uint64_t user_id, const void *key, size_t keylen,
                                  uint64_t file_idx,
                                  hash_t encrypted_secret, hash_t kf,
                                  const void *encrypted_file, size_t filelen,
                                  hash_t *ack_hmac);

void sp_test(void);

#endif