Line data    Source code

       1             : /*
       2             :  *
       3             :  *    Copyright (c) 2021 Project CHIP Authors
       4             :  *
       5             :  *    Licensed under the Apache License, Version 2.0 (the "License");
       6             :  *    you may not use this file except in compliance with the License.
       7             :  *    You may obtain a copy of the License at
       8             :  *
       9             :  *        http://www.apache.org/licenses/LICENSE-2.0
      10             :  *
      11             :  *    Unless required by applicable law or agreed to in writing, software
      12             :  *    distributed under the License is distributed on an "AS IS" BASIS,
      13             :  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      14             :  *    See the License for the specific language governing permissions and
      15             :  *    limitations under the License.
      16             :  */
      17             : #pragma once
      18             : 
      19             : #include <lib/core/CHIPError.h>
      20             : #include <lib/support/Span.h>
      21             : 
      22             : namespace chip {
      23             : namespace Credentials {
      24             : 
      25             : class DeviceAttestationCredentialsProvider
      26             : {
      27             : public:
      28             :     DeviceAttestationCredentialsProvider()          = default;
      29           0 :     virtual ~DeviceAttestationCredentialsProvider() = default;
      30             : 
      31             :     // Not copyable
      32             :     DeviceAttestationCredentialsProvider(const DeviceAttestationCredentialsProvider &)             = delete;
      33             :     DeviceAttestationCredentialsProvider & operator=(const DeviceAttestationCredentialsProvider &) = delete;
      34             : 
      35             :     /**
      36             :      * @brief Get the Certification Declaration body. Updates `out_cd_buffer`'s size on success
      37             :      *        to match the data size. If no Certification Declaration is available, sets
      38             :      *        `out_cd_buffer` to empty.
      39             :      *
      40             :      * @param[in,out] out_cd_buffer Buffer to receive the Certification Declaration body.
      41             :      * @returns CHIP_NO_ERROR on success, CHIP_ERROR_BUFFER_TOO_SMALL if `out_cd_buffer`
      42             :      *          is too small, or another CHIP_ERROR from the underlying implementation
      43             :      *          if access fails.
      44             :      */
      45             :     virtual CHIP_ERROR GetCertificationDeclaration(MutableByteSpan & out_cd_buffer) = 0;
      46             : 
      47             :     /**
      48             :      * @brief Get the Firmware Information body. Updates `out_firmware_info_buffer`'s size
      49             :      *        on success to match the data size. If no Firmware Information is available,
      50             :      *        sets `out_firmware_info_buffer` to empty.
      51             :      *
      52             :      * @param[in,out] out_firmware_info_buffer Buffer to receive the Firmware Information body.
      53             :      * @returns CHIP_NO_ERROR on success, CHIP_ERROR_BUFFER_TOO_SMALL if `out_firmware_info_buffer`
      54             :      *          is too small, or another CHIP_ERROR from the underlying implementation if access fails.
      55             :      */
      56             :     virtual CHIP_ERROR GetFirmwareInformation(MutableByteSpan & out_firmware_info_buffer) = 0;
      57             : 
      58             :     /**
      59             :      * @brief Get the Device Attestation Certificate in DER format. Updates `out_dac_buffer`'s
      60             :      *        size on success to match the data size. If no Device Attestation Certificate
      61             :      *        is available, sets `out_dac_buffer` to empty.
      62             :      *
      63             :      * @param[in,out] out_dac_buffer Buffer to receive the Device Attestation Certificate.
      64             :      * @returns CHIP_NO_ERROR on success, CHIP_ERROR_BUFFER_TOO_SMALL if `out_dac_buffer`
      65             :      *          is too small, or another CHIP_ERROR from the underlying implementation if
      66             :      *          access fails.
      67             :      */
      68             :     virtual CHIP_ERROR GetDeviceAttestationCert(MutableByteSpan & out_dac_buffer) = 0;
      69             : 
      70             :     /**
      71             :      * @brief Get the PAI Certificate in DER format. Updates `out_pai_buffer`'s
      72             :      *        size on success to match the data size. If no PAI certificate
      73             :      *        is available, sets `out_pai_buffer` to empty.
      74             :      *
      75             :      * @param[in,out] out_pai_buffer Buffer to receive the PAI certificate.
      76             :      * @returns CHIP_NO_ERROR on success, CHIP_ERROR_BUFFER_TOO_SMALL if `out_pai_buffer`
      77             :      *          is too small, or another CHIP_ERROR from the underlying implementation if
      78             :      *          access fails.
      79             :      */
      80             :     virtual CHIP_ERROR GetProductAttestationIntermediateCert(MutableByteSpan & out_pai_buffer) = 0;
      81             : 
      82             :     /**
      83             :      * @brief Signs a message using the device attestation private key
      84             :      *
      85             :      * @param[in] message_to_sign The message to sign using the attestation private key.
      86             :      * @param[in,out] out_signature_buffer Buffer to receive the signature in raw <r,s> format.
      87             :      * @returns CHIP_NO_ERROR on success, CHIP_ERROR_BUFFER_TOO_SMALL if `out_signature_buffer` is too small,
      88             :      *          or another CHIP_ERROR from the underlying implementation if signature fails.
      89             :      */
      90             :     virtual CHIP_ERROR SignWithDeviceAttestationKey(const ByteSpan & message_to_sign, MutableByteSpan & out_signature_buffer) = 0;
      91             : };
      92             : 
      93             : /**
      94             :  * Instance getter for the global DeviceAttestationCredentialsProvider.
      95             :  *
      96             :  * Callers have to externally synchronize usage of this function.
      97             :  *
      98             :  * @return The global device attestation credentials provider. Assume never null.
      99             :  */
     100             : DeviceAttestationCredentialsProvider * GetDeviceAttestationCredentialsProvider();
     101             : 
     102             : /**
     103             :  * Instance setter for the global DeviceAttestationCredentialsProvider.
     104             :  *
     105             :  * Callers have to externally synchronize usage of this function.
     106             :  *
     107             :  * If the `provider` is nullptr, no change is done.
     108             :  *
     109             :  * @param[in] provider the DeviceAttestationCredentialsProvider to start returning with the getter
     110             :  */
     111             : void SetDeviceAttestationCredentialsProvider(DeviceAttestationCredentialsProvider * provider);
     112             : 
     113             : /**
     114             :  * Check if Instance is prepared
     115             :  */
     116             : bool IsDeviceAttestationCredentialsProviderSet();
     117             : 
     118             : } // namespace Credentials
     119             : } // namespace chip