Digital Authentication Framework 6.0.1.33
|
00001 /* 00002 * (c) 2014 Good Technology Corporation. All rights reserved. 00003 */ 00004 00005 #ifndef DAF_AUTH_IDENTIFY_H 00006 #define DAF_AUTH_IDENTIFY_H 00007 00008 #include "../daf/DigitalAuthenticationFramework.h" 00009 00038 #define DA_AUTH_HAS_CRYPTO 0x01000000 ///< Device can do cryptographic ops 00039 #define DA_AUTH_NO_CRYPTO 0x00000000 ///< Device has no usable crypto 00040 #define DA_AUTH_CRYPTO_MASK 0xff000000 ///< Mask for testing crypto capability 00041 00042 00043 #define DA_AUTH_AUTHENTICATED 0x00010000 ///< Device has \ref DA_PROTECTED_PATH and \ref DA_AUTHENTIC_PATH set 00044 #define DA_AUTH_PUBLIC 0x00000000 ///< Non-secure path to device (needs user password) 00045 #define DA_AUTH_AUTH_MASK 0x00ff0000 ///< Mask for testing secure path capability 00046 00047 00048 #define DA_AUTH_CRYPT_SYMM 0x00002000 ///< Can do symmetric crypto (encrypt/decrypt or MAC) 00049 #define DA_AUTH_CRYPT_ASYMM 0x00001000 ///< Can do asymmetic crypto (encrypt/decrypt or signature) 00050 #define DA_AUTH_CRYPT_INVERT 0x00000200 ///< Can do invertible transformation (i.e. encryption/decryption) 00051 #define DA_AUTH_CRYPT_ONEWAY 0x00000100 ///< Can do one-way transformation (signature or HMAC) 00052 #define DA_AUTH_CRYPT_MASK 0x0000ff00 ///< Mask for all crypto type flags 00053 #define DA_AUTH_CRYPT_SYMM_MASK 0x0000f000 ///< Mask for testing symmetric/asymmetric 00054 #define DA_AUTH_CRYPT_INVT_MASK 0x00000f00 ///< Mask for testing invertible/oneway 00055 #define DA_AUTH_CRYPT_NONE 0x00000000 ///< No usable crypto functions 00056 00057 00058 #define DA_AUTH_HAS_STORAGE 0x00000010 ///< Device can store data 00059 00060 #define DA_AUTH_VALID 0x00000001 ///< Device is usable for authentication 00061 00070 #if !(DOXYGEN) 00071 #define DA_AUTH_CLASSES(f) \ 00072 f(DA_AUTH_CLASS_UNKNOWN, 0) \ 00073 /* Identification-only. */ \ 00074 f(DA_AUTH_CLASS0, \ 00075 DA_AUTH_NO_CRYPTO | \ 00076 DA_AUTH_PUBLIC | \ 00077 DA_AUTH_VALID) \ 00078 /* Persistent storage. */ \ 00079 f(DA_AUTH_CLASS1_AUTHENTICATED, \ 00080 DA_AUTH_NO_CRYPTO | \ 00081 DA_AUTH_AUTHENTICATED | \ 00082 DA_AUTH_HAS_STORAGE | \ 00083 DA_AUTH_VALID) \ 00084 f(DA_AUTH_CLASS1_PUBLIC, \ 00085 DA_AUTH_NO_CRYPTO | \ 00086 DA_AUTH_PUBLIC | \ 00087 DA_AUTH_HAS_STORAGE | \ 00088 DA_AUTH_VALID) \ 00089 /* Basic symmetric crypto. */ \ 00090 f(DA_AUTH_CLASS2_AUTHENTICATED_INVERTIBLE, \ 00091 DA_AUTH_HAS_CRYPTO | \ 00092 DA_AUTH_AUTHENTICATED | \ 00093 DA_AUTH_CRYPT_SYMM | \ 00094 DA_AUTH_CRYPT_INVERT | \ 00095 DA_AUTH_VALID) \ 00096 f(DA_AUTH_CLASS2_PUBLIC_INVERTIBLE, \ 00097 DA_AUTH_HAS_CRYPTO | \ 00098 DA_AUTH_PUBLIC | \ 00099 DA_AUTH_CRYPT_SYMM | \ 00100 DA_AUTH_CRYPT_INVERT) \ 00101 f(DA_AUTH_CLASS2_AUTHENTICATED_ONEWAY, \ 00102 DA_AUTH_HAS_CRYPTO | \ 00103 DA_AUTH_AUTHENTICATED | \ 00104 DA_AUTH_CRYPT_SYMM | \ 00105 DA_AUTH_CRYPT_ONEWAY) \ 00106 f(DA_AUTH_CLASS2_PUBLIC_ONEWAY, \ 00107 DA_AUTH_HAS_CRYPTO | \ 00108 DA_AUTH_PUBLIC | \ 00109 DA_AUTH_CRYPT_SYMM | \ 00110 DA_AUTH_CRYPT_ONEWAY) \ 00111 /* Public key crypto. */ \ 00112 f(DA_AUTH_CLASS3_AUTHENTICATED_INVERTIBLE, \ 00113 DA_AUTH_HAS_CRYPTO | \ 00114 DA_AUTH_AUTHENTICATED | \ 00115 DA_AUTH_CRYPT_ASYMM | \ 00116 DA_AUTH_CRYPT_INVERT) \ 00117 f(DA_AUTH_CLASS3_PUBLIC_INVERTIBLE, \ 00118 DA_AUTH_HAS_CRYPTO | \ 00119 DA_AUTH_PUBLIC | \ 00120 DA_AUTH_CRYPT_ASYMM | \ 00121 DA_AUTH_CRYPT_INVERT) \ 00122 f(DA_AUTH_CLASS3_AUTHENTICATED_ONEWAY, \ 00123 DA_AUTH_HAS_CRYPTO | \ 00124 DA_AUTH_AUTHENTICATED | \ 00125 DA_AUTH_CRYPT_ASYMM | \ 00126 DA_AUTH_CRYPT_ONEWAY) \ 00127 f(DA_AUTH_CLASS3_PUBLIC_ONEWAY, \ 00128 DA_AUTH_HAS_CRYPTO | \ 00129 DA_AUTH_PUBLIC | \ 00130 DA_AUTH_CRYPT_ASYMM | \ 00131 DA_AUTH_CRYPT_ONEWAY) 00132 #endif 00133 00134 /* Class 4 devices get identified as one of the above for the 00135 * purposes of authentication. */ 00136 00139 enum DAAuthClass 00140 { 00141 #if DOXYGEN 00142 #error "This section purely for documentation, do not compile" 00143 DA_AUTH_CLASS_UNKNOWN, 00146 DA_AUTH_CLASS0, 00152 DA_AUTH_CLASS1_PUBLIC, 00158 DA_AUTH_CLASS1_AUTHENTICATED, 00161 DA_AUTH_CLASS2_AUTHENTICATED_INVERTIBLE, 00168 DA_AUTH_CLASS2_AUTHENTICATED_ONEWAY, 00175 DA_AUTH_CLASS2_PUBLIC_INVERTIBLE, 00182 DA_AUTH_CLASS2_PUBLIC_ONEWAY, 00185 DA_AUTH_CLASS3_AUTHENTICATED_INVERTIBLE, 00190 DA_AUTH_CLASS3_AUTHENTICATED_ONEWAY, 00195 DA_AUTH_CLASS3_PUBLIC_INVERTIBLE, 00198 DA_AUTH_CLASS3_PUBLIC_ONEWAY, 00201 #else 00202 #define C(tag,val) tag = val, 00203 DA_AUTH_CLASSES(C) 00204 #undef C 00205 #endif 00206 }; 00207 00213 bool DAIdentifyAuthKey(DADevice &dev, DAKey &key, DAAuthClass &class_out); 00214 00220 bool DAIdentifyAuthDevice(DADevice &dev, DASession &sess, DAAuthClass &class_out); 00221 00223 const char * DAAuthClassToString(DAAuthClass cls); 00224 00226 DAAuthClass DAStringToAuthClass(const char *str); 00227 00228 #endif 00229