query.h

Go to the documentation of this file.

/* 2025-2026 Quantum Resistant Cryptographic Solutions Corporation
 * All Rights Reserved.
 *
 * NOTICE:
 * This software and all accompanying materials are the exclusive property of
 * Quantum Resistant Cryptographic Solutions Corporation (QRCS). The intellectual
 * and technical concepts contained herein are proprietary to QRCS and are
 * protected under applicable Canadian, U.S., and international copyright,
 * patent, and trade secret laws.
 *
 * CRYPTOGRAPHIC ALGORITHMS AND IMPLEMENTATIONS:
 * - This software includes implementations of cryptographic primitives and
 *   algorithms that are standardized or in the public domain, such as AES
 *   and SHA-3, which are not proprietary to QRCS.
 * - This software also includes cryptographic primitives, constructions, and
 *   algorithms designed by QRCS, including but not limited to RCS, SCB, CSX, QMAC, and
 *   related components, which are proprietary to QRCS.
 * - All source code, implementations, protocol compositions, optimizations,
 *   parameter selections, and engineering work contained in this software are
 *   original works of QRCS and are protected under this license.
 *
 * LICENSE AND USE RESTRICTIONS:
 * - This software is licensed under the Quantum Resistant Cryptographic Solutions
 *   Public Research and Evaluation License (QRCS-PREL), 2025-2026.
 * - Permission is granted solely for non-commercial evaluation, academic research,
 *   cryptographic analysis, interoperability testing, and feasibility assessment.
 * - Commercial use, production deployment, commercial redistribution, or
 *   integration into products or services is strictly prohibited without a
 *   separate written license agreement executed with QRCS.
 * - Licensing and authorized distribution are solely at the discretion of QRCS.
 *
 * EXPERIMENTAL CRYPTOGRAPHY NOTICE:
 * Portions of this software may include experimental, novel, or evolving
 * cryptographic designs. Use of this software is entirely at the user's risk.
 *
 * DISCLAIMER:
 * THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS
 * FOR A PARTICULAR PURPOSE, SECURITY, OR NON-INFRINGEMENT. QRCS DISCLAIMS ALL
 * LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
 * ARISING FROM THE USE OR MISUSE OF THIS SOFTWARE.
 *
 * FULL LICENSE:
 * This software is subject to the Quantum Resistant Cryptographic Solutions
 * Public Research and Evaluation License (QRCS-PREL), 2025-2026. The complete license terms
 * are provided in the accompanying LICENSE file or at https://www.qrcscorp.ca.
 *
 * Written by: John G. Underhill
 * Contact: contact@qrcscorp.ca
 */
 
#ifndef UDIF_QUERY_H
#define UDIF_QUERY_H
 
#include "udif.h"
#include "capability.h"
#include "registry.h"


#define UDIF_QUERY_MAX_PREDICATE_SIZE 1024U

#define UDIF_QUERY_MAX_PROOF_SIZE 8192U

#define UDIF_QUERY_PREDICATE_SIZE sizeof(size_t)

#define UDIF_QUERY_PROOF_SIZE sizeof(size_t)

#define UDIF_QUERY_TYPE_SIZE 1U

#define UDIF_QUERY_VERDICT_SIZE 1U

#define UDIF_QUERY_STRUCTURE_SIZE (UDIF_CRYPTO_HASH_SIZE + \
    UDIF_QUERY_ID_SIZE + \
    UDIF_SERIAL_NUMBER_SIZE + \
    UDIF_VALID_TIME_SIZE + \
    UDIF_QUERY_PREDICATE_SIZE + \
    UDIF_QUERY_TYPE_SIZE)

#define UDIF_QUERY_RESPONSE_STRUCTURE_SIZE (UDIF_SIGNED_HASH_SIZE + \
    UDIF_QUERY_ID_SIZE + \
    UDIF_CRYPTO_HASH_SIZE + \
    UDIF_SERIAL_NUMBER_SIZE + \
    UDIF_QUERY_VERDICT_SIZE + \
    UDIF_VALID_TIME_SIZE + \
    UDIF_QUERY_PROOF_SIZE)

typedef enum udif_query_types
{
    udif_query_exist = 1U,                      
    udif_query_owner_binding = 2U,              
    udif_query_attr_bucket = 3U,              
    udif_query_membership_proof = 4U         
} udif_query_types;

typedef enum udif_query_verdicts
{
    udif_verdict_no = 0U,                        
    udif_verdict_yes = 1U,                      
    udif_verdict_deny = 2U                     
} udif_query_verdicts;

UDIF_EXPORT_API typedef struct udif_query
{
    uint8_t capabilityref[UDIF_CRYPTO_HASH_SIZE]; 
    uint8_t queryid[UDIF_QUERY_ID_SIZE];           
    uint8_t targser[UDIF_SERIAL_NUMBER_SIZE];     
    uint64_t timeanchor;                          
    size_t predlen;                                  
    uint8_t querytype;                             
    uint8_t* predicate;                                
} udif_query;

UDIF_EXPORT_API typedef struct udif_query_response
{
    uint8_t signature[UDIF_SIGNED_HASH_SIZE];     
    uint8_t queryid[UDIF_QUERY_ID_SIZE];           
    uint8_t querydigest[UDIF_CRYPTO_HASH_SIZE];     
    uint8_t respser[UDIF_SERIAL_NUMBER_SIZE];     
    uint8_t verdict;                             
    uint64_t timestamp;                                
    size_t prooflen;                                
    uint8_t* proof;                                    
} udif_query_response;

UDIF_EXPORT_API void udif_query_clear(udif_query* query);

UDIF_EXPORT_API void udif_query_compute_digest(uint8_t* digest, const udif_query* query);

UDIF_EXPORT_API udif_errors udif_query_create_attr_bucket(udif_query* query, const uint8_t* queryid, const uint8_t* targetser,
    const uint8_t* serial, uint64_t attrmin, uint64_t attrmax, uint64_t timeanchor, const uint8_t* capability);

UDIF_EXPORT_API udif_errors udif_query_create_existence(udif_query* query, const uint8_t* queryid, const uint8_t* targetser,
    const uint8_t* serial, uint64_t timeanchor, const uint8_t* capability);

UDIF_EXPORT_API udif_errors udif_query_create_membership_proof(udif_query* query, const uint8_t* queryid, const uint8_t* targetser,
    const uint8_t* serial, uint64_t timeanchor, const uint8_t* capability);

UDIF_EXPORT_API udif_errors udif_query_create_owner_binding(udif_query* query, const uint8_t* queryid, const uint8_t* targetser,
    const uint8_t* serial, const uint8_t* ownerser, uint64_t time_anchor, const uint8_t* capability);

UDIF_EXPORT_API udif_errors udif_query_create_response(udif_query_response* response, const udif_query* query, uint8_t verdict, const uint8_t* proofdata,
    size_t prooflen, const uint8_t* respser, const uint8_t* respsigkey, uint64_t ctime, bool (*rng_generate)(uint8_t*, size_t));

UDIF_EXPORT_API udif_errors udif_query_deserialize(udif_query* query, const uint8_t* input, size_t inplen);

UDIF_EXPORT_API udif_errors udif_query_serialize(uint8_t* output, size_t* outlen, const udif_query* query);

UDIF_EXPORT_API bool udif_query_is_fresh(const udif_query* query, uint64_t ctime);

UDIF_EXPORT_API void udif_query_response_clear(udif_query_response* response);

UDIF_EXPORT_API void udif_query_response_compute_digest(uint8_t* digest, const udif_query_response* response, const udif_query* query);

UDIF_EXPORT_API bool udif_query_verify_response_signature(const udif_query_response* response, const uint8_t* respverkey);

UDIF_EXPORT_API udif_errors udif_query_response_deserialize(udif_query_response* response, const uint8_t* input, size_t inplen);

UDIF_EXPORT_API udif_errors udif_query_response_serialize(uint8_t* output, size_t* outlen, const udif_query_response* response);

UDIF_EXPORT_API bool udif_query_validate_authorization(const udif_query* query, const udif_capability* capability, const uint8_t* targser);
 

UDIF_EXPORT_API bool udif_query_predicate_is_canonical(const udif_query* query);

UDIF_EXPORT_API udif_errors udif_query_evaluate_registry(uint8_t* verdict, uint8_t* proof, size_t* prooflen, const udif_query* query,
    const udif_registry_state* registry, const udif_capability* capability, const uint8_t* subjectser, uint64_t ctime);

UDIF_EXPORT_API bool udif_query_verify_response(const udif_query_response* response, const udif_query* query, const uint8_t* respverkey);
 
#endif