UDIF: Universal Digital Identification Framework 1.1.0.0a (A1)
A quantum-secure cryptographic identification
udif.h
Go to the documentation of this file.
1/* 2025-2026 Quantum Resistant Cryptographic Solutions Corporation
2 * All Rights Reserved.
3 *
4 * NOTICE:
5 * This software and all accompanying materials are the exclusive property of
6 * Quantum Resistant Cryptographic Solutions Corporation (QRCS). The intellectual
7 * and technical concepts contained herein are proprietary to QRCS and are
8 * protected under applicable Canadian, U.S., and international copyright,
9 * patent, and trade secret laws.
10 *
11 * CRYPTOGRAPHIC ALGORITHMS AND IMPLEMENTATIONS:
12 * - This software includes implementations of cryptographic primitives and
13 * algorithms that are standardized or in the public domain, such as AES
14 * and SHA-3, which are not proprietary to QRCS.
15 * - This software also includes cryptographic primitives, constructions, and
16 * algorithms designed by QRCS, including but not limited to RCS, SCB, CSX, QMAC, and
17 * related components, which are proprietary to QRCS.
18 * - All source code, implementations, protocol compositions, optimizations,
19 * parameter selections, and engineering work contained in this software are
20 * original works of QRCS and are protected under this license.
21 *
22 * LICENSE AND USE RESTRICTIONS:
23 * - This software is licensed under the Quantum Resistant Cryptographic Solutions
24 * Public Research and Evaluation License (QRCS-PREL), 2025-2026.
25 * - Permission is granted solely for non-commercial evaluation, academic research,
26 * cryptographic analysis, interoperability testing, and feasibility assessment.
27 * - Commercial use, production deployment, commercial redistribution, or
28 * integration into products or services is strictly prohibited without a
29 * separate written license agreement executed with QRCS.
30 * - Licensing and authorized distribution are solely at the discretion of QRCS.
31 *
32 * EXPERIMENTAL CRYPTOGRAPHY NOTICE:
33 * Portions of this software may include experimental, novel, or evolving
34 * cryptographic designs. Use of this software is entirely at the user's risk.
35 *
36 * DISCLAIMER:
37 * THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
38 * IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS
39 * FOR A PARTICULAR PURPOSE, SECURITY, OR NON-INFRINGEMENT. QRCS DISCLAIMS ALL
40 * LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
41 * ARISING FROM THE USE OR MISUSE OF THIS SOFTWARE.
42 *
43 * FULL LICENSE:
44 * This software is subject to the Quantum Resistant Cryptographic Solutions
45 * Public Research and Evaluation License (QRCS-PREL), 2025-2026. The complete license terms
46 * are provided in the accompanying LICENSE file or at https://www.qrcscorp.ca.
47 *
48 * Written by: John G. Underhill
49 * Contact: contact@qrcscorp.ca
50 */
51
52#ifndef UDIF_H
53#define UDIF_H
54
55#include "udifcommon.h"
56#include "sha3.h"
57#include "socketbase.h"
58
59#define UDIF_CONFIG_DILITHIUM_KYBER
60//#define UDIF_CONFIG_SPHINCS_MCELIECE
61
62#if defined(UDIF_CONFIG_DILITHIUM_KYBER)
63# include "dilithium.h"
64# include "kyber.h"
65#elif defined(UDIF_CONFIG_SPHINCS_MCELIECE)
66# include "mceliece.h"
67# include "sphincsplus.h"
68#else
69# error Invalid parameter set!
70#endif
71
117
118 /* Function Mapping Macros */
119
125#define UDIF_USE_RCS_ENCRYPTION
126
127#if defined(UDIF_USE_RCS_ENCRYPTION)
128# include "rcs.h"
129# define udif_cipher_state qsc_rcs_state
130# define udif_cipher_dispose qsc_rcs_dispose
131# define udif_cipher_initialize qsc_rcs_initialize
132# define udif_cipher_keyparams qsc_rcs_keyparams
133# define udif_cipher_set_associated qsc_rcs_set_associated
134# define udif_cipher_transform qsc_rcs_transform
135#else
136# include "aes.h"
137# define udif_cipher_state qsc_aes_gcm256_state
138# define udif_cipher_dispose qsc_aes_gcm256_dispose
139# define udif_cipher_initialize qsc_aes_gcm256_initialize
140# define udif_cipher_keyparams qsc_aes_keyparams
141# define udif_cipher_set_associated qsc_aes_gcm256_set_associated
142# define udif_cipher_transform qsc_aes_gcm256_transform
143#endif
144
153#if defined(UDIF_CONFIG_SPHINCS_MCELIECE)
158# define udif_cipher_generate_keypair qsc_mceliece_generate_keypair
163# define udif_cipher_decapsulate qsc_mceliece_decapsulate
168# define udif_cipher_encapsulate qsc_mceliece_encapsulate
173# define udif_signature_generate_keypair qsc_sphincsplus_generate_keypair
178# define udif_signature_sign qsc_sphincsplus_sign
183# define udif_signature_verify qsc_sphincsplus_verify
184#elif defined(UDIF_CONFIG_DILITHIUM_KYBER)
189# define udif_cipher_generate_keypair qsc_kyber_generate_keypair
194# define udif_cipher_decapsulate qsc_kyber_decapsulate
199# define udif_cipher_encapsulate qsc_kyber_encapsulate
204# define udif_signature_generate_keypair qsc_dilithium_generate_keypair
209# define udif_signature_sign qsc_dilithium_sign
214# define udif_signature_verify qsc_dilithium_verify
215#else
216# error Invalid parameter set!
217#endif
218
219/* ### Modifiable Constants: These constants can be enabled to turn on protocol features ### */
220
225//#define UDIF_NETWORK_PROTOCOL_IPV6
226
227/* ### End of Modifiable Constants ### */
228
229#if defined(UDIF_CONFIG_DILITHIUM_KYBER)
234# define UDIF_ASYMMETRIC_CIPHERTEXT_SIZE (QSC_KYBER_CIPHERTEXT_SIZE)
235
240# define UDIF_ASYMMETRIC_PRIVATE_KEY_SIZE (QSC_KYBER_PRIVATEKEY_SIZE)
241
246# define UDIF_ASYMMETRIC_PUBLIC_KEY_SIZE (QSC_KYBER_PUBLICKEY_SIZE)
247
252# define UDIF_ASYMMETRIC_SIGNATURE_SIZE (QSC_DILITHIUM_SIGNATURE_SIZE)
253
258# define UDIF_ASYMMETRIC_SIGNING_KEY_SIZE (QSC_DILITHIUM_PRIVATEKEY_SIZE)
259
264# define UDIF_ASYMMETRIC_VERIFICATION_KEY_SIZE (QSC_DILITHIUM_PUBLICKEY_SIZE)
265
266# if defined(QSC_DILITHIUM_S1P44) && defined(QSC_KYBER_S1K2P512)
271# define UDIF_PARAMATERS_DILITHIUM_KYBER_D1K1
276# define UDIF_SUITE_ID 1U
277# elif defined(QSC_DILITHIUM_S3P65) && defined(QSC_KYBER_S3K3P768)
282# define UDIF_PARAMATERS_DILITHIUM_KYBER_D3K3
287# define UDIF_SUITE_ID 2U
288# elif defined(QSC_DILITHIUM_S5P87) && defined(QSC_KYBER_S5K4P1024)
293# define UDIF_PARAMATERS_DILITHIUM_KYBER_D5K5
298# define UDIF_SUITE_ID 3U
299# elif defined(QSC_DILITHIUM_S5P87) && defined(QSC_KYBER_S6K5P1280)
304# define UDIF_PARAMATERS_DILITHIUM_KYBER_D5K6
309# define UDIF_SUITE_ID 4U
310# else
311 /* The library signature scheme and asymmetric cipher parameter sets
312 must be synchronized to a common security level; s1, s3, s5, s5+ */
313# error the library parameter sets are mismatched!
314# endif
315
316#elif defined(UDIF_CONFIG_SPHINCS_MCELIECE)
321# define UDIF_ASYMMETRIC_CIPHERTEXT_SIZE (QSC_MCELIECE_CIPHERTEXT_SIZE)
326# define UDIF_ASYMMETRIC_PRIVATE_KEY_SIZE (QSC_MCELIECE_PRIVATEKEY_SIZE)
331# define UDIF_ASYMMETRIC_PUBLIC_KEY_SIZE (QSC_MCELIECE_PUBLICKEY_SIZE)
336# define UDIF_ASYMMETRIC_SIGNATURE_SIZE (QSC_SPHINCSPLUS_SIGNATURE_SIZE)
341# define UDIF_ASYMMETRIC_SIGNING_KEY_SIZE (QSC_SPHINCSPLUS_PRIVATEKEY_SIZE)
346# define UDIF_ASYMMETRIC_VERIFICATION_KEY_SIZE (QSC_SPHINCSPLUS_PUBLICKEY_SIZE)
347
348# if defined(QSC_MCELIECE_S1N3488T64)&& defined(QSC_SPHINCSPLUS_S1S128SHAKERS)
353# define UDIF_PARAMATERS_SPHINCSPLUS_S1S128SHAKERS
358# define UDIF_SUITE_ID 5U
359# elif defined(QSC_MCELIECE_S3N4608T96) && defined(QSC_SPHINCSPLUS_S3S192SHAKERS)
364# define UDIF_PARAMATERS_SPHINCSPLUS_S3S192SHAKERS
369# define UDIF_SUITE_ID 6U
370# elif defined(QSC_MCELIECE_S5N6688T128) && defined(QSC_SPHINCSPLUS_S5S256SHAKERS)
375# define UDIF_PARAMATERS_SPHINCSPLUS_S5S256SHAKERS
380# define UDIF_SUITE_ID 7U
381# elif defined(QSC_MCELIECE_S6N6960T119) && defined(QSC_SPHINCSPLUS_S5S256SHAKERS)
386# define UDIF_PARAMATERS_SPHINCSPLUS_S6S256SHAKERS
391# define UDIF_SUITE_ID 8U
392# elif defined(QSC_MCELIECE_S7N8192T128) && defined(QSC_SPHINCSPLUS_S5S256SHAKERS)
397# define UDIF_PARAMATERS_SPHINCSPLUS_S7S256SHAKERS
402# define UDIF_SUITE_ID 9U
403# else
404 /* The library signature scheme and asymmetric cipher parameter sets
405 must be synchronized to a common security level; s1, s3, s5 or s6.
406 Check the QSC library common.h file for cipher and signature security level alignment. */
407# error Invalid parameter sets, check the QSC library settings
408# endif
409#endif
410
411
415#define UDIF_CAPABILITY_BITMAP_SIZE 8U
416
421#define UDIF_CAPABILITY_MASK_SIZE 8U
422
427#define UDIF_CAPABILITY_TOKEN_MAX_SIZE 2048U
428
433#define UDIF_CLAIM_ANCHOR_SIZE 32U
434
439#define UDIF_CRYPTO_HASH_SIZE 32U
440
445#define UDIF_CRYPTO_KEY_SIZE 32U
446
451#if defined(UDIF_USE_RCS_ENCRYPTION)
452# define UDIF_CRYPTO_MAC_SIZE 32U
453#else
454# define UDIF_CRYPTO_MAC_SIZE 16U
455#endif
456
461#if defined(UDIF_USE_RCS_ENCRYPTION)
462# define UDIF_CRYPTO_NONCE_SIZE 32U
463#else
464# define UDIF_CRYPTO_NONCE_SIZE 16U
465#endif
466
471#define UDIF_IDENTITY_ID_SIZE 32U
472
477#define UDIF_ISSUER_DOMAIN_CODE_SIZE 8U
478
483#define UDIF_NAMESPACE_CODE_SIZE 8U
484
489#define UDIF_PERMISSION_MASK_SIZE 8U
490
495#define UDIF_POLICY_HASH_SIZE 32U
496
501#define UDIF_POLICY_VERB_SIZE 4U
502
507#define UDIF_PROTOCOL_SET_SIZE 41U
508
513#define UDIF_ROLE_SIZE 1U
514
519#define UDIF_CERT_SERIAL_SIZE 16U
520
525#define UDIF_OBJECT_SERIAL_SIZE 32U
526
531#define UDIF_QUERY_ID_SIZE 16U
532
537#define UDIF_TX_ID_SIZE UDIF_CRYPTO_HASH_SIZE
538
546#define UDIF_SERIAL_NUMBER_SIZE UDIF_CERT_SERIAL_SIZE
547
552#define UDIF_REGISTRY_LEAF_FLAGS_SIZE 4U
553
558#define UDIF_REGISTRY_LEAF_ENCODED_SIZE (UDIF_CRYPTO_HASH_SIZE + \
559 UDIF_CRYPTO_HASH_SIZE + \
560 UDIF_OBJECT_SERIAL_SIZE + \
561 UDIF_REGISTRY_LEAF_FLAGS_SIZE + \
562 UDIF_VALID_TIME_SIZE)
563
568#define UDIF_SIGNED_HASH_SIZE (UDIF_ASYMMETRIC_SIGNATURE_SIZE + UDIF_CRYPTO_HASH_SIZE)
569
574#define UDIF_SUITEID_SIZE 1U
575
580#define UDIF_TIME_WINDOW_SECONDS 60U
581
586#define UDIF_VALID_TIME_SIZE 8U
587
592#define UDIF_VALID_TIME_STRUCTURE_SIZE 16U
593
594/* Policy Macros */
595
604#define UDIF_POLICY_NONE (UINT64_C(0))
605
614#define UDIF_POLICY_DEFAULT_DENY (UINT64_C(1) << 0)
615
623#define UDIF_POLICY_REQUIRE_SUITE_MATCH (UINT64_C(1) << 1)
624
633#define UDIF_POLICY_REQUIRE_CANONICAL_ENCODING (UINT64_C(1) << 2)
634
643#define UDIF_POLICY_REQUIRE_PARENT_SIGNATURE (UINT64_C(1) << 3)
644
652#define UDIF_POLICY_REQUIRE_REVOCATION_CHECK (UINT64_C(1) << 4)
653
662#define UDIF_POLICY_REQUIRE_CAPABILITY_INTERSECT (UINT64_C(1) << 5)
663
672#define UDIF_POLICY_REQUIRE_POLICY_EPOCH_MATCH (UINT64_C(1) << 6)
673
682#define UDIF_POLICY_REQUIRE_MEMBERSHIP_LOG (UINT64_C(1) << 7)
683
691#define UDIF_POLICY_REQUIRE_TRANSACTION_LOG (UINT64_C(1) << 8)
692
700#define UDIF_POLICY_REQUIRE_REGISTRY_COMMIT (UINT64_C(1) << 9)
701
709#define UDIF_POLICY_REQUIRE_ANCHORING (UINT64_C(1) << 10)
710
718#define UDIF_POLICY_REQUIRE_ANCHOR_SEQUENCE (UINT64_C(1) << 11)
719
728#define UDIF_POLICY_REQUIRE_MINIMAL_DISCLOSURE (UINT64_C(1) << 12)
729
737#define UDIF_POLICY_REQUIRE_AUDIT_COUNTERS (UINT64_C(1) << 13)
738
746#define UDIF_POLICY_REQUIRE_TIME_WINDOW (UINT64_C(1) << 14)
747
755#define UDIF_POLICY_REQUIRE_SEQUENCE_CHECK (UINT64_C(1) << 15)
756
764#define UDIF_POLICY_REQUIRE_EPOCH_CHECK (UINT64_C(1) << 16)
765
773#define UDIF_POLICY_REQUIRE_AEAD_AAD_HEADER (UINT64_C(1) << 17)
774
782#define UDIF_POLICY_REQUIRE_RATCHET_REKEY (UINT64_C(1) << 18)
783
791#define UDIF_POLICY_FORBID_RUNTIME_NEGOTIATION (UINT64_C(1) << 19)
792
800#define UDIF_POLICY_FORBID_ADMIN_OBJECT_OWNERSHIP (UINT64_C(1) << 20)
801
809#define UDIF_POLICY_FORBID_CLIENT_ADMIN (UINT64_C(1) << 21)
810
818#define UDIF_POLICY_FORBID_CLIENT_LATERAL_QUERY (UINT64_C(1) << 22)
819
828#define UDIF_POLICY_FORBID_IMPLICIT_TREATY_RIGHTS (UINT64_C(1) << 23)
829
837#define UDIF_POLICY_REQUIRE_TREATY_SCOPE_CHECK (UINT64_C(1) << 24)
838
847#define UDIF_POLICY_ALLOW_TREATY_NEGOTIATION (UINT64_C(1) << 25)
848
856#define UDIF_POLICY_ALLOW_TREATY_QUERY_ORIGIN (UINT64_C(1) << 26)
857
866#define UDIF_POLICY_ALLOW_TREATY_QUERY_EXEC (UINT64_C(1) << 27)
867
876#define UDIF_POLICY_ALLOW_TELEMETRY_EXPORT (UINT64_C(1) << 28)
877
885#define UDIF_POLICY_ALLOW_ERROR_REPORTING (UINT64_C(1) << 29)
886
895#define UDIF_POLICY_ALLOW_PROFILE_HOOKS (UINT64_C(1) << 30)
896
905#define UDIF_POLICY_REQUIRE_PROFILE_HOOK_AUDIT (UINT64_C(1) << 31)
906
914#define UDIF_POLICY_RESERVED_CORE_MASK (UINT64_C(0x0000FFFF00000000))
915
923#define UDIF_POLICY_RESERVED_PROFILE_MASK (UINT64_C(0xFFFF000000000000))
924
934#define UDIF_POLICY_BASELINE_SECURITY_MASK \
935 (UDIF_POLICY_DEFAULT_DENY | \
936 UDIF_POLICY_REQUIRE_SUITE_MATCH | \
937 UDIF_POLICY_REQUIRE_CANONICAL_ENCODING | \
938 UDIF_POLICY_REQUIRE_PARENT_SIGNATURE | \
939 UDIF_POLICY_REQUIRE_REVOCATION_CHECK | \
940 UDIF_POLICY_REQUIRE_CAPABILITY_INTERSECT | \
941 UDIF_POLICY_REQUIRE_POLICY_EPOCH_MATCH | \
942 UDIF_POLICY_REQUIRE_MINIMAL_DISCLOSURE | \
943 UDIF_POLICY_FORBID_RUNTIME_NEGOTIATION)
944
952#define UDIF_POLICY_TRANSPORT_SECURITY_MASK \
953 (UDIF_POLICY_REQUIRE_TIME_WINDOW | \
954 UDIF_POLICY_REQUIRE_SEQUENCE_CHECK | \
955 UDIF_POLICY_REQUIRE_EPOCH_CHECK | \
956 UDIF_POLICY_REQUIRE_AEAD_AAD_HEADER)
957
965#define UDIF_POLICY_LOGGING_MASK \
966 (UDIF_POLICY_REQUIRE_MEMBERSHIP_LOG | \
967 UDIF_POLICY_REQUIRE_TRANSACTION_LOG | \
968 UDIF_POLICY_REQUIRE_REGISTRY_COMMIT | \
969 UDIF_POLICY_REQUIRE_ANCHORING | \
970 UDIF_POLICY_REQUIRE_ANCHOR_SEQUENCE | \
971 UDIF_POLICY_REQUIRE_AUDIT_COUNTERS)
972
980#define UDIF_POLICY_ADMIN_SEPARATION_MASK \
981 (UDIF_POLICY_FORBID_ADMIN_OBJECT_OWNERSHIP | \
982 UDIF_POLICY_FORBID_CLIENT_ADMIN | \
983 UDIF_POLICY_FORBID_CLIENT_LATERAL_QUERY)
984
992#define UDIF_POLICY_TREATY_BASE_MASK \
993 (UDIF_POLICY_FORBID_IMPLICIT_TREATY_RIGHTS | \
994 UDIF_POLICY_REQUIRE_TREATY_SCOPE_CHECK)
995
1004#define UDIF_POLICY_TREATY_ENABLE_MASK \
1005 (UDIF_POLICY_ALLOW_TREATY_NEGOTIATION | \
1006 UDIF_POLICY_ALLOW_TREATY_QUERY_ORIGIN | \
1007 UDIF_POLICY_ALLOW_TREATY_QUERY_EXEC)
1008
1016#define UDIF_POLICY_PROFILE_HOOK_MASK \
1017 (UDIF_POLICY_ALLOW_PROFILE_HOOKS | \
1018 UDIF_POLICY_REQUIRE_PROFILE_HOOK_AUDIT)
1019
1024#define UDIF_POLICY_DEFINED_CORE_MASK \
1025 (UDIF_POLICY_BASELINE_SECURITY_MASK | \
1026 UDIF_POLICY_TRANSPORT_SECURITY_MASK | \
1027 UDIF_POLICY_LOGGING_MASK | \
1028 UDIF_POLICY_ADMIN_SEPARATION_MASK | \
1029 UDIF_POLICY_TREATY_BASE_MASK | \
1030 UDIF_POLICY_TREATY_ENABLE_MASK | \
1031 UDIF_POLICY_ALLOW_TELEMETRY_EXPORT | \
1032 UDIF_POLICY_ALLOW_ERROR_REPORTING | \
1033 UDIF_POLICY_PROFILE_HOOK_MASK | \
1034 UDIF_POLICY_REQUIRE_RATCHET_REKEY)
1035
1049#define UDIF_ROOT_POLICY_DEFAULT \
1050 (UDIF_POLICY_BASELINE_SECURITY_MASK | \
1051 UDIF_POLICY_LOGGING_MASK | \
1052 UDIF_POLICY_ADMIN_SEPARATION_MASK | \
1053 UDIF_POLICY_TREATY_BASE_MASK | \
1054 UDIF_POLICY_ALLOW_TELEMETRY_EXPORT | \
1055 UDIF_POLICY_ALLOW_ERROR_REPORTING)
1056
1069#define UDIF_BC_POLICY_DEFAULT \
1070 (UDIF_POLICY_BASELINE_SECURITY_MASK | \
1071 UDIF_POLICY_TRANSPORT_SECURITY_MASK | \
1072 UDIF_POLICY_REQUIRE_RATCHET_REKEY | \
1073 UDIF_POLICY_REQUIRE_MEMBERSHIP_LOG | \
1074 UDIF_POLICY_REQUIRE_ANCHORING | \
1075 UDIF_POLICY_REQUIRE_ANCHOR_SEQUENCE | \
1076 UDIF_POLICY_REQUIRE_AUDIT_COUNTERS | \
1077 UDIF_POLICY_ADMIN_SEPARATION_MASK | \
1078 UDIF_POLICY_TREATY_BASE_MASK | \
1079 UDIF_POLICY_ALLOW_TELEMETRY_EXPORT | \
1080 UDIF_POLICY_ALLOW_ERROR_REPORTING)
1081
1095#define UDIF_GC_POLICY_DEFAULT \
1096 (UDIF_POLICY_BASELINE_SECURITY_MASK | \
1097 UDIF_POLICY_TRANSPORT_SECURITY_MASK | \
1098 UDIF_POLICY_REQUIRE_MEMBERSHIP_LOG | \
1099 UDIF_POLICY_REQUIRE_TRANSACTION_LOG | \
1100 UDIF_POLICY_REQUIRE_REGISTRY_COMMIT | \
1101 UDIF_POLICY_REQUIRE_ANCHORING | \
1102 UDIF_POLICY_REQUIRE_ANCHOR_SEQUENCE | \
1103 UDIF_POLICY_REQUIRE_AUDIT_COUNTERS | \
1104 UDIF_POLICY_FORBID_ADMIN_OBJECT_OWNERSHIP | \
1105 UDIF_POLICY_FORBID_IMPLICIT_TREATY_RIGHTS | \
1106 UDIF_POLICY_REQUIRE_TREATY_SCOPE_CHECK | \
1107 UDIF_POLICY_ALLOW_TELEMETRY_EXPORT | \
1108 UDIF_POLICY_ALLOW_ERROR_REPORTING)
1109
1124#define UDIF_CLIENT_POLICY_DEFAULT \
1125 (UDIF_POLICY_BASELINE_SECURITY_MASK | \
1126 UDIF_POLICY_TRANSPORT_SECURITY_MASK | \
1127 UDIF_POLICY_REQUIRE_TRANSACTION_LOG | \
1128 UDIF_POLICY_REQUIRE_REGISTRY_COMMIT | \
1129 UDIF_POLICY_FORBID_CLIENT_ADMIN | \
1130 UDIF_POLICY_FORBID_CLIENT_LATERAL_QUERY | \
1131 UDIF_POLICY_ALLOW_ERROR_REPORTING)
1132
1133/* UDIF Enumerations */
1134
1155
1173
1174#if defined(UDIF_PARAMATERS_DILITHIUM_KYBER_D1K1)
1175static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "dilithium-s1_kyber-s1_rcs-256_sha3-256";
1176static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_dilithium1_kyber1_rcs256_shake256;
1177#elif defined(UDIF_PARAMATERS_DILITHIUM_KYBER_D3K3)
1178static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "dilithium-s3_kyber-s3_rcs-256_sha3-256";
1179static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_dilithium3_kyber3_rcs256_shake256;
1180#elif defined(UDIF_PARAMATERS_DILITHIUM_KYBER_D5K5)
1181static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "dilithium-s5_kyber-s5_rcs-256_sha3-256";
1182static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_dilithium5_kyber5_rcs256_shake256;
1183#elif defined(UDIF_PARAMATERS_DILITHIUM_KYBER_D5K6)
1184static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "dilithium-s5_kyber-s6_rcs-512_sha3-512";
1185static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_dilithium5_kyber6_rcs512_shake256;
1186#elif defined(UDIF_PARAMATERS_SPHINCSPLUS_S1S128SHAKERS)
1187static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "sphincs-s1_mceliece-s1_rcs-256_sha3-256";
1188static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_sphincsplus1_mceliece1_rcs256_shake256;
1189#elif defined(UDIF_PARAMATERS_SPHINCSPLUS_S3S192SHAKERS)
1190static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "sphincs-s3_mceliece-s3_rcs-256_sha3-256";
1191static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_sphincsplus3_mceliece3_rcs256_shake256;
1192#elif defined(UDIF_PARAMATERS_SPHINCSPLUS_S5S256SHAKERS)
1193static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "sphincs-s5_mceliece-s5_rcs-256_sha3-256";
1194static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_sphincsplus5_mceliece5_rcs256_shake256;
1195#elif defined(UDIF_PARAMATERS_SPHINCSPLUS_S6S256SHAKERS)
1196static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "sphincs-s5_mceliece-s6_rcs-256_sha3-256";
1197static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_sphincsplus5_mceliece6_rcs256_shake256;
1198#elif defined(UDIF_PARAMATERS_SPHINCSPLUS_S7S256SHAKERS)
1199static const char UDIF_CONFIG_STRING[UDIF_PROTOCOL_SET_SIZE] = "sphincs-s5_mceliece-s7_rcs-256_sha3-256";
1200static const udif_configuration_sets UDIF_CONFIGURATION_SET = udif_configuration_set_sphincsplus5_mceliece7_rcs256_shake256;
1201#else
1202# error Invalid parameter set!
1203#endif
1204
1238
1250
1264
1277
1294
1306
1328
1345
1357
1374
1386
1398
1414
1424
1434
1436
1440#define UDIF_VERSION_STRING "UDIF:1.0a"
1441
1445#define UDIF_SUITE_STRING "UDIF:RCS256-KMAC256-MLKEM5-MLDSA5"
1446
1447/* Domain Separation Labels */
1448
1452#define UDIF_LABEL_MAX_SIZE 64U
1453
1454/* Domain separation label constants */
1455#define UDIF_LABEL_OBJ_DIGEST "UDIF:OBJ-DIGEST:V1"
1456#define UDIF_LABEL_REGROOT "UDIF:REGROOT:V1"
1457#define UDIF_LABEL_TXID "UDIF:TXID:V1"
1458#define UDIF_LABEL_ANCHOR "UDIF:ANCHOR:V1"
1459#define UDIF_LABEL_CAP_DIGEST "UDIF:CAP-DIGEST:V1"
1460#define UDIF_LABEL_SESS_KDF "UDIF:SESS-KDF:V1"
1461#define UDIF_LABEL_RATCHET "UDIF:RATCHET:V1"
1462#define UDIF_LABEL_CERT_DIGEST "UDIF:CERT-DIGEST:V1"
1463#define UDIF_LABEL_ROOT_DIGEST "UDIF:ROOT-DIGEST:V1"
1464
1466
1467/* Role/Designation Strings */
1468
1470
1475#define UDIF_ERROR_STRING_DEPTH 27U
1476
1481#define UDIF_ERROR_STRING_SIZE 128U
1482
1483/* Protocol errors*/
1484
1485static const char UDIF_ERROR_STRINGS[UDIF_ERROR_STRING_DEPTH][UDIF_ERROR_STRING_SIZE] =
1486{
1487 "No error condition",
1488 "Invalid input parameter",
1489 "Invalid function state",
1490 "Authentication failed",
1491 "The certificate expired",
1492 "The certificate has been revoked",
1493 "The capability has been revoked",
1494 "Invalid sequence number",
1495 "The time window has been exceeded",
1496 "Epoch time mismatch",
1497 "Protocol suite mismatch",
1498 "Decoding failure",
1499 "Encoding failure",
1500 "Invalid signature",
1501 "Invalid MAC",
1502 "Not authorized",
1503 "Object not found",
1504 "Registry full",
1505 "Log operation failed",
1506 "Invalid anchor record",
1507 "Invalid treaty",
1508 "Invalid request",
1509 "Internal error",
1510 "File creation failed",
1511 "File not found",
1512 "Invalid parameter",
1513 "Unknown error type"
1514};
1515
1516/* Certificate errors */
1517static const char UDIF_CERTIFICATE_ERROR_STRINGS[][UDIF_ERROR_STRING_SIZE] =
1518{
1519 "No error",
1520 "Unknown certificate type",
1521 "Bad or unknown serial number",
1522 "Invalid certificate chain",
1523 "Signature invalid",
1524 "Certificate expired",
1525 "Certificate not yet valid",
1526 "Policy hash mismatch",
1527 "Certificate revoked"
1528};
1529
1530/* Claims errors */
1531static const char UDIF_CLAIMS_ERROR_STRINGS[][UDIF_ERROR_STRING_SIZE] =
1532{
1533 "No error",
1534 "Unknown claim type",
1535 "Invalid encoding",
1536 "Canonicalization failed",
1537 "Anchor mismatch",
1538 "Invalid claim value"
1539};
1540
1541/* Encoding errors */
1542static const char UDIF_ENCODING_ERROR_STRINGS[][UDIF_ERROR_STRING_SIZE] =
1543{
1544 "No error",
1545 "Buffer overflow",
1546 "Buffer underflow",
1547 "Bad format/version",
1548 "Unsupported encoding"
1549};
1550
1551/* Identity errors */
1552static const char UDIF_IDENTITY_ERROR_STRINGS[][UDIF_ERROR_STRING_SIZE] =
1553{
1554 "No error",
1555 "Invalid namespace code",
1556 "Invalid issuer domain code",
1557 "Invalid subject identifier",
1558 "Capability/permission mask invalid",
1559 "Claim anchor mismatch",
1560 "Signature verification failed",
1561 "Identity expired",
1562 "Identity not yet valid"
1563};
1564
1565/* Policy errors */
1566static const char UDIF_POLICY_ERROR_STRINGS[][UDIF_ERROR_STRING_SIZE] =
1567{
1568 "No error",
1569 "Policy not found",
1570 "Policy hash mismatch",
1571 "Policy evaluation indeterminate"
1572};
1573
1574#define UDIF_ROLE_STRING_SIZE 32U
1575
1576static const char UDIF_ROLE_STRINGS[][UDIF_ROLE_STRING_SIZE] =
1577{
1578 "udif_role_none",
1579 "udif_role_ugc",
1580 "udif_role_ubc",
1581 "udif_role_uor",
1582 "udif_role_client",
1583 "udif_role_audit",
1584 "udif_role_revoked",
1585 "udif_role_any"
1586};
1587
1589
1590/* UDIF Structures */
1591
1601
1606UDIF_EXPORT_API typedef struct udif_claim
1607{
1608 udif_claim_type type;
1609 const uint8_t* value;
1610 uint32_t length;
1611} udif_claim;
1612
1618UDIF_EXPORT_API typedef struct udif_claim_anchor
1619{
1620 uint8_t bytes[UDIF_CLAIM_ANCHOR_SIZE];
1621} udif_claim_anchor;
1622
1633
1638UDIF_EXPORT_API typedef struct udif_encoded_blob
1639{
1640 uint8_t* bytes;
1641 uint32_t size;
1642 uint32_t length;
1643} udif_encoded_blob;
1644
1654
1664
1676
1686
1696
1706
1716
1721UDIF_EXPORT_API typedef struct udif_time_window
1722{
1723 uint64_t before;
1724 uint64_t after;
1725} udif_time_window;
1726
1738
1758
1763UDIF_EXPORT_API typedef struct udif_valid_time
1764{
1765 uint64_t from;
1766 uint64_t to;
1767} udif_valid_time;
1768
1791
1799UDIF_EXPORT_API bool udif_suite_is_valid(uint8_t suiteid);
1800
1808UDIF_EXPORT_API const char* udif_error_to_string(udif_errors error);
1809
1817UDIF_EXPORT_API const char* udif_role_to_string(udif_roles role);
1818
1819#endif
udif_capability_mask
Fixed-size capability bitset (issuer-/role-scoped). Capability bits; bit positions map to udif_capabi...
Definition udif.h:1598
udif_capability_mask::bits
uint8_t bits[UDIF_CAPABILITY_MASK_SIZE]
Definition udif.h:1599
udif_claim_anchor
Anchor (e.g., Merkle root) binding a claim set to an identity. Anchor/merkle root over canonical clai...
Definition udif.h:1619
udif_claim_set
A collection of claims bound to an identity by an anchor.
Definition udif.h:1628
udif_claim_set::items
const udif_claim * items
Definition udif.h:1629
udif_claim_set::count
uint32_t count
Definition udif.h:1630
udif_claim_set::anchor
udif_claim_anchor anchor
Definition udif.h:1631
udif_claim
A typed claim with deterministic canonical encoding.
Definition udif.h:1607
udif_claim::value
const uint8_t * value
Definition udif.h:1609
udif_claim::type
udif_claim_type type
Definition udif.h:1608
udif_claim::length
uint32_t length
Definition udif.h:1610
udif_encoded_blob
Generic encoded object buffer (for decode/encode APIs).
Definition udif.h:1639
udif_encoded_blob::bytes
uint8_t * bytes
Definition udif.h:1640
udif_encoded_blob::size
uint32_t size
Definition udif.h:1641
udif_encoded_blob::length
uint32_t length
Definition udif.h:1642
udif_identity_id
Subject identity identifier (opaque, canonicalized). Subject identifier bytes.
Definition udif.h:1651
udif_identity_id::bytes
uint8_t bytes[UDIF_IDENTITY_ID_SIZE]
Definition udif.h:1652
udif_identity_record
Core identity record bound to a namespace and issuer.
Definition udif.h:1778
udif_identity_record::policy
udif_policy_hash policy
Definition udif.h:1785
udif_identity_record::chash
uint8_t chash[UDIF_CRYPTO_HASH_SIZE]
Definition udif.h:1789
udif_identity_record::perms
udif_permission_mask perms
Definition udif.h:1783
udif_identity_record::nspace
udif_namespace_code nspace
Definition udif.h:1779
udif_identity_record::issuer
udif_issuer_domain_code issuer
Definition udif.h:1780
udif_identity_record::anchor
udif_claim_anchor anchor
Definition udif.h:1786
udif_identity_record::caps
udif_capability_mask caps
Definition udif.h:1784
udif_identity_record::validity
udif_time_window validity
Definition udif.h:1782
udif_identity_record::signature
uint8_t signature[UDIF_ASYMMETRIC_SIGNATURE_SIZE]
Definition udif.h:1787
udif_identity_record::subject
udif_identity_id subject
Definition udif.h:1781
udif_identity_record::verkey
uint8_t verkey[UDIF_ASYMMETRIC_VERIFICATION_KEY_SIZE]
Definition udif.h:1788
udif_issuer_domain_code
Issuer domain/controller identifier. Issuer domain code (ASCII or compact code)
Definition udif.h:1661
udif_issuer_domain_code::bytes
uint8_t bytes[UDIF_ISSUER_DOMAIN_CODE_SIZE]
Definition udif.h:1662
udif_kem_keypair
KEM key pair.
Definition udif.h:1672
udif_kem_keypair::pubkey
uint8_t pubkey[UDIF_ASYMMETRIC_PUBLIC_KEY_SIZE]
Definition udif.h:1673
udif_kem_keypair::prikey
uint8_t prikey[UDIF_ASYMMETRIC_PRIVATE_KEY_SIZE]
Definition udif.h:1674
udif_namespace_code
Namespace partition identifier. Namespace code (ASCII or compact code)
Definition udif.h:1683
udif_namespace_code::bytes
uint8_t bytes[UDIF_NAMESPACE_CODE_SIZE]
Definition udif.h:1684
udif_permission_mask
Fixed-size permission bitset (subject-/resource-scoped). Permission bits; bit positions map to udif_p...
Definition udif.h:1693
udif_permission_mask::bits
uint8_t bits[UDIF_PERMISSION_MASK_SIZE]
Definition udif.h:1694
udif_policy_hash
Policy identifier (hash of canonical policy). SHA3/SHAKE hash of policy document.
Definition udif.h:1703
udif_policy_hash::bytes
uint8_t bytes[UDIF_POLICY_HASH_SIZE]
Definition udif.h:1704
udif_signature_keypair
The UDIF asymmetric signature scheme key container.
Definition udif.h:1712
udif_signature_keypair::sigkey
uint8_t sigkey[UDIF_ASYMMETRIC_SIGNING_KEY_SIZE]
Definition udif.h:1713
udif_signature_keypair::verkey
uint8_t verkey[UDIF_ASYMMETRIC_VERIFICATION_KEY_SIZE]
Definition udif.h:1714
udif_time_window
A validity interval expressed in UTC seconds.
Definition udif.h:1722
udif_time_window::before
uint64_t before
Definition udif.h:1723
udif_time_window::after
uint64_t after
Definition udif.h:1724
udif_token_header
Common header for UDIF tokens (capability/attestation/session).
Definition udif.h:1732
udif_token_header::nspace
udif_namespace_code nspace
Definition udif.h:1734
udif_token_header::issuer
udif_issuer_domain_code issuer
Definition udif.h:1735
udif_token_header::validity
udif_time_window validity
Definition udif.h:1736
udif_token_header::ttype
udif_token_type ttype
Definition udif.h:1733
udif_token
Serialized token container with optional envelope protection.
Definition udif.h:1748
udif_token::chash
uint8_t chash[UDIF_CRYPTO_HASH_SIZE]
Definition udif.h:1751
udif_token::perms
udif_permission_mask perms
Definition udif.h:1755
udif_token::payload
uint8_t payload[UDIF_CAPABILITY_TOKEN_MAX_SIZE]
Definition udif.h:1750
udif_token::paylen
uint32_t paylen
Definition udif.h:1756
udif_token::caps
udif_capability_mask caps
Definition udif.h:1754
udif_token::signature
uint8_t signature[UDIF_ASYMMETRIC_SIGNATURE_SIZE]
Definition udif.h:1749
udif_token::subject
udif_identity_id subject
Definition udif.h:1753
udif_token::head
udif_token_header head
Definition udif.h:1752
udif_valid_time
The certificate expiration time structure.
Definition udif.h:1764
udif_valid_time::to
uint64_t to
Definition udif.h:1766
udif_valid_time::from
uint64_t from
Definition udif.h:1765
udif_roles
udif_roles
UDIF entity roles.
Definition udif.h:1363
udif_role_root
@ udif_role_root
Definition udif.h:1365
udif_role_ubc
@ udif_role_ubc
Definition udif.h:1367
udif_role_none
@ udif_role_none
Definition udif.h:1364
udif_role_client
@ udif_role_client
Definition udif.h:1369
udif_role_uor
@ udif_role_uor
Definition udif.h:1368
udif_role_ugc
@ udif_role_ugc
Definition udif.h:1366
udif_role_audit
@ udif_role_audit
Definition udif.h:1370
udif_role_any
@ udif_role_any
Definition udif.h:1372
udif_role_revoked
@ udif_role_revoked
Definition udif.h:1371
UDIF_ASYMMETRIC_SIGNING_KEY_SIZE
#define UDIF_ASYMMETRIC_SIGNING_KEY_SIZE
The byte size of the asymmetric signature signing-key array.
Definition udif.h:258
UDIF_POLICY_HASH_SIZE
#define UDIF_POLICY_HASH_SIZE
The size of a policy identifier hash in bytes.
Definition udif.h:495
udif_claim_type
udif_claim_type
Claim type identifiers (deterministic canonicalization required).
Definition udif.h:1140
udif_claim_unknown
@ udif_claim_unknown
Definition udif.h:1141
udif_claim_custom
@ udif_claim_custom
Definition udif.h:1153
udif_claim_citizenship
@ udif_claim_citizenship
Definition udif.h:1147
udif_claim_age_over
@ udif_claim_age_over
Definition udif.h:1146
udif_claim_address
@ udif_claim_address
Definition udif.h:1152
udif_claim_contact_email
@ udif_claim_contact_email
Definition udif.h:1150
udif_claim_membership_id
@ udif_claim_membership_id
Definition udif.h:1149
udif_claim_contact_phone
@ udif_claim_contact_phone
Definition udif.h:1151
udif_claim_commodity_id
@ udif_claim_commodity_id
Definition udif.h:1142
udif_claim_residency
@ udif_claim_residency
Definition udif.h:1148
udif_claim_biometric_hash
@ udif_claim_biometric_hash
Definition udif.h:1143
udif_claim_public_key
@ udif_claim_public_key
Definition udif.h:1145
udif_claim_institution_id
@ udif_claim_institution_id
Definition udif.h:1144
UDIF_NAMESPACE_CODE_SIZE
#define UDIF_NAMESPACE_CODE_SIZE
The size of a namespace code (short string or numeric).
Definition udif.h:483
udif_error_policy
udif_error_policy
Policy evaluation/lookup errors.
Definition udif.h:1300
udif_epol_none
@ udif_epol_none
Definition udif.h:1301
udif_epol_not_found
@ udif_epol_not_found
Definition udif.h:1302
udif_epol_indeterminate
@ udif_epol_indeterminate
Definition udif.h:1304
udif_epol_hash_mismatch
@ udif_epol_hash_mismatch
Definition udif.h:1303
udif_logging_event_codes
udif_logging_event_codes
Membership and transaction log event codes.
Definition udif.h:1312
udif_event_revoke
@ udif_event_revoke
Definition udif.h:1316
udif_event_object_create
@ udif_event_object_create
Definition udif.h:1323
udif_event_branch_create
@ udif_event_branch_create
Definition udif.h:1320
udif_event_capability_grant
@ udif_event_capability_grant
Definition udif.h:1317
udif_event_registry_commit
@ udif_event_registry_commit
Definition udif.h:1319
udif_event_suspend
@ udif_event_suspend
Definition udif.h:1314
udif_event_resume
@ udif_event_resume
Definition udif.h:1315
udif_event_branch_suspend
@ udif_event_branch_suspend
Definition udif.h:1321
udif_event_enroll
@ udif_event_enroll
Definition udif.h:1313
udif_event_branch_revoke
@ udif_event_branch_revoke
Definition udif.h:1322
udif_event_object_transfer
@ udif_event_object_transfer
Definition udif.h:1324
udif_event_capability_revoke
@ udif_event_capability_revoke
Definition udif.h:1318
udif_event_object_update
@ udif_event_object_update
Definition udif.h:1325
udif_event_object_destroy
@ udif_event_object_destroy
Definition udif.h:1326
udif_error_identity
udif_error_identity
Identity-specific error codes.
Definition udif.h:1283
udif_eid_mask_invalid
@ udif_eid_mask_invalid
Definition udif.h:1288
udif_eid_expired
@ udif_eid_expired
Definition udif.h:1291
udif_eid_subject_bad
@ udif_eid_subject_bad
Definition udif.h:1287
udif_eid_issuer_bad
@ udif_eid_issuer_bad
Definition udif.h:1286
udif_eid_namespace_bad
@ udif_eid_namespace_bad
Definition udif.h:1285
udif_eid_future
@ udif_eid_future
Definition udif.h:1292
udif_eid_none
@ udif_eid_none
Definition udif.h:1284
udif_eid_sig_invalid
@ udif_eid_sig_invalid
Definition udif.h:1290
udif_eid_anchor_mismatch
@ udif_eid_anchor_mismatch
Definition udif.h:1289
UDIF_ISSUER_DOMAIN_CODE_SIZE
#define UDIF_ISSUER_DOMAIN_CODE_SIZE
The size of an issuer domain code (unique identifier).
Definition udif.h:477
UDIF_IDENTITY_ID_SIZE
#define UDIF_IDENTITY_ID_SIZE
The size of a subject identity identifier in bytes.
Definition udif.h:471
udif_role_to_string
UDIF_EXPORT_API const char * udif_role_to_string(udif_roles role)
Convert a role to its string name.
Definition udif.c:28
UDIF_ASYMMETRIC_PRIVATE_KEY_SIZE
#define UDIF_ASYMMETRIC_PRIVATE_KEY_SIZE
The byte size of the asymmetric cipher private-key array.
Definition udif.h:240
UDIF_CLAIM_ANCHOR_SIZE
#define UDIF_CLAIM_ANCHOR_SIZE
The size of a claim anchor or merkle root in bytes.
Definition udif.h:433
udif_token_type
udif_token_type
Token families issued/validated within UDIF.
Definition udif.h:1392
udif_token_session
@ udif_token_session
Definition udif.h:1396
udif_token_attestation
@ udif_token_attestation
Definition udif.h:1395
udif_token_none
@ udif_token_none
Definition udif.h:1393
udif_token_capability
@ udif_token_capability
Definition udif.h:1394
udif_error_encoding
udif_error_encoding
Encoding/decoding errors for UDIF objects.
Definition udif.h:1270
udif_eenc_none
@ udif_eenc_none
Definition udif.h:1271
udif_eenc_overflow
@ udif_eenc_overflow
Definition udif.h:1272
udif_eenc_format
@ udif_eenc_format
Definition udif.h:1274
udif_eenc_underflow
@ udif_eenc_underflow
Definition udif.h:1273
udif_eenc_unsupported
@ udif_eenc_unsupported
Definition udif.h:1275
UDIF_PROTOCOL_SET_SIZE
#define UDIF_PROTOCOL_SET_SIZE
The size of the protocol configuration string.
Definition udif.h:507
UDIF_CAPABILITY_MASK_SIZE
#define UDIF_CAPABILITY_MASK_SIZE
The size of a capability mask in hex characters.
Definition udif.h:421
udif_verify_policy
udif_verify_policy
Verification strictness for identity/cert/claim checks.
Definition udif.h:1420
udif_verify_lenient
@ udif_verify_lenient
Definition udif.h:1422
udif_verify_strict
@ udif_verify_strict
Definition udif.h:1421
UDIF_CAPABILITY_TOKEN_MAX_SIZE
#define UDIF_CAPABILITY_TOKEN_MAX_SIZE
The maximum size of a serialized capability token.
Definition udif.h:427
udif_permission_class
udif_permission_class
Permission classes whose bits populate the permission mask.
Definition udif.h:1334
udif_perm_export_identity
@ udif_perm_export_identity
Definition udif.h:1342
udif_perm_write_claims
@ udif_perm_write_claims
Definition udif.h:1336
udif_perm_import_identity
@ udif_perm_import_identity
Definition udif.h:1343
udif_perm_delegate
@ udif_perm_delegate
Definition udif.h:1341
udif_perm_read_claims
@ udif_perm_read_claims
Definition udif.h:1335
udif_perm_manage_caps
@ udif_perm_manage_caps
Definition udif.h:1340
udif_perm_read_certs
@ udif_perm_read_certs
Definition udif.h:1337
udif_perm_write_certs
@ udif_perm_write_certs
Definition udif.h:1338
udif_perm_manage_policy
@ udif_perm_manage_policy
Definition udif.h:1339
udif_time_validation
udif_time_validation
Results of time/validity-window checks.
Definition udif.h:1380
udif_time_skew_exceeds
@ udif_time_skew_exceeds
Definition udif.h:1384
udif_time_valid
@ udif_time_valid
Definition udif.h:1381
udif_time_expired
@ udif_time_expired
Definition udif.h:1383
udif_time_future
@ udif_time_future
Definition udif.h:1382
udif_policy_decision
udif_policy_decision
Policy evaluation outcome.
Definition udif.h:1351
udif_policy_permit
@ udif_policy_permit
Definition udif.h:1352
udif_policy_deny
@ udif_policy_deny
Definition udif.h:1353
udif_policy_not_applicable
@ udif_policy_not_applicable
Definition udif.h:1355
udif_policy_indeterminate
@ udif_policy_indeterminate
Definition udif.h:1354
udif_status
udif_status
Generic status codes for UDIF operations.
Definition udif.h:1404
udif_status_internal_error
@ udif_status_internal_error
Definition udif.h:1412
udif_status_out_of_memory
@ udif_status_out_of_memory
Definition udif.h:1409
udif_status_not_found
@ udif_status_not_found
Definition udif.h:1407
udif_status_invalid_argument
@ udif_status_invalid_argument
Definition udif.h:1406
udif_status_buffer_too_small
@ udif_status_buffer_too_small
Definition udif.h:1410
udif_status_already_exists
@ udif_status_already_exists
Definition udif.h:1408
udif_status_not_supported
@ udif_status_not_supported
Definition udif.h:1411
udif_status_success
@ udif_status_success
Definition udif.h:1405
UDIF_ASYMMETRIC_SIGNATURE_SIZE
#define UDIF_ASYMMETRIC_SIGNATURE_SIZE
The byte size of the asymmetric signature array.
Definition udif.h:252
UDIF_CRYPTO_HASH_SIZE
#define UDIF_CRYPTO_HASH_SIZE
The size of the certificate hash in bytes.
Definition udif.h:439
UDIF_ASYMMETRIC_PUBLIC_KEY_SIZE
#define UDIF_ASYMMETRIC_PUBLIC_KEY_SIZE
The byte size of the asymmetric cipher public-key array.
Definition udif.h:246
udif_configuration_sets
udif_configuration_sets
The UDIF algorithm configuration sets.
Definition udif.h:1161
udif_configuration_set_none
@ udif_configuration_set_none
Definition udif.h:1162
udif_configuration_set_sphincsplus5_mceliece7_rcs256_shake256
@ udif_configuration_set_sphincsplus5_mceliece7_rcs256_shake256
Definition udif.h:1171
udif_configuration_set_sphincsplus5_mceliece6_rcs256_shake256
@ udif_configuration_set_sphincsplus5_mceliece6_rcs256_shake256
Definition udif.h:1170
udif_configuration_set_dilithium1_kyber1_rcs256_shake256
@ udif_configuration_set_dilithium1_kyber1_rcs256_shake256
Definition udif.h:1163
udif_configuration_set_dilithium5_kyber5_rcs256_shake256
@ udif_configuration_set_dilithium5_kyber5_rcs256_shake256
Definition udif.h:1165
udif_configuration_set_dilithium5_kyber6_rcs512_shake256
@ udif_configuration_set_dilithium5_kyber6_rcs512_shake256
Definition udif.h:1166
udif_configuration_set_dilithium3_kyber3_rcs256_shake256
@ udif_configuration_set_dilithium3_kyber3_rcs256_shake256
Definition udif.h:1164
udif_configuration_set_sphincsplus3_mceliece3_rcs256_shake256
@ udif_configuration_set_sphincsplus3_mceliece3_rcs256_shake256
Definition udif.h:1168
udif_configuration_set_sphincsplus1_mceliece1_rcs256_shake256
@ udif_configuration_set_sphincsplus1_mceliece1_rcs256_shake256
Definition udif.h:1167
udif_configuration_set_sphincsplus5_mceliece5_rcs256_shake256
@ udif_configuration_set_sphincsplus5_mceliece5_rcs256_shake256
Definition udif.h:1169
UDIF_ASYMMETRIC_VERIFICATION_KEY_SIZE
#define UDIF_ASYMMETRIC_VERIFICATION_KEY_SIZE
The byte size of the asymmetric signature verification-key array.
Definition udif.h:264
udif_suite_is_valid
UDIF_EXPORT_API bool udif_suite_is_valid(uint8_t suiteid)
Check if the suite id valid.
Definition udif.c:7
udif_errors
udif_errors
UDIF error codes.
Definition udif.h:1210
udif_error_suite_mismatch
@ udif_error_suite_mismatch
Definition udif.h:1221
udif_error_auth_failure
@ udif_error_auth_failure
Definition udif.h:1214
udif_error_certificate_expired
@ udif_error_certificate_expired
Definition udif.h:1215
udif_error_file_create_failed
@ udif_error_file_create_failed
Definition udif.h:1234
udif_error_epoch_mismatch
@ udif_error_epoch_mismatch
Definition udif.h:1220
udif_error_registry_full
@ udif_error_registry_full
Definition udif.h:1228
udif_error_invalid_input
@ udif_error_invalid_input
Definition udif.h:1212
udif_error_invalid_request
@ udif_error_invalid_request
Definition udif.h:1232
udif_error_encode_failure
@ udif_error_encode_failure
Definition udif.h:1223
udif_error_internal
@ udif_error_internal
Definition udif.h:1233
udif_error_not_authorized
@ udif_error_not_authorized
Definition udif.h:1226
udif_error_anchor_invalid
@ udif_error_anchor_invalid
Definition udif.h:1230
udif_error_capability_revoked
@ udif_error_capability_revoked
Definition udif.h:1217
udif_error_mac_invalid
@ udif_error_mac_invalid
Definition udif.h:1225
udif_error_time_window
@ udif_error_time_window
Definition udif.h:1219
udif_error_invalid_state
@ udif_error_invalid_state
Definition udif.h:1213
udif_error_treaty_invalid
@ udif_error_treaty_invalid
Definition udif.h:1231
udif_error_decode_failure
@ udif_error_decode_failure
Definition udif.h:1222
udif_error_invalid_sequence
@ udif_error_invalid_sequence
Definition udif.h:1218
udif_error_file_not_found
@ udif_error_file_not_found
Definition udif.h:1235
udif_error_signature_invalid
@ udif_error_signature_invalid
Definition udif.h:1224
udif_error_certificate_revoked
@ udif_error_certificate_revoked
Definition udif.h:1216
udif_error_invalid_parameter
@ udif_error_invalid_parameter
Definition udif.h:1236
udif_error_object_not_found
@ udif_error_object_not_found
Definition udif.h:1227
udif_error_none
@ udif_error_none
Definition udif.h:1211
udif_error_logging_failure
@ udif_error_logging_failure
Definition udif.h:1229
UDIF_PERMISSION_MASK_SIZE
#define UDIF_PERMISSION_MASK_SIZE
The size of a permission mask in bytes.
Definition udif.h:489
udif_error_capability
udif_error_capability
Capability/permission evaluation errors.
Definition udif.h:1244
udif_ecap_denied
@ udif_ecap_denied
Definition udif.h:1246
udif_ecap_mask_conflict
@ udif_ecap_mask_conflict
Definition udif.h:1248
udif_ecap_mask_empty
@ udif_ecap_mask_empty
Definition udif.h:1247
udif_ecap_none
@ udif_ecap_none
Definition udif.h:1245
udif_error_claims
udif_error_claims
Claim/claim-set error codes.
Definition udif.h:1256
udif_ecl_value_invalid
@ udif_ecl_value_invalid
Definition udif.h:1262
udif_ecl_canonical_fail
@ udif_ecl_canonical_fail
Definition udif.h:1260
udif_ecl_anchor_bad
@ udif_ecl_anchor_bad
Definition udif.h:1261
udif_ecl_none
@ udif_ecl_none
Definition udif.h:1257
udif_ecl_encoding_bad
@ udif_ecl_encoding_bad
Definition udif.h:1259
udif_ecl_type_unknown
@ udif_ecl_type_unknown
Definition udif.h:1258
udif_error_to_string
UDIF_EXPORT_API const char * udif_error_to_string(udif_errors error)
Convert an error to a string.
Definition udif.c:12
udif_version_sets
udif_version_sets
The UDIF version sets.
Definition udif.h:1430
udif_version_set_none
@ udif_version_set_none
Definition udif.h:1431
udif_version_set_one_zero
@ udif_version_set_one_zero
Definition udif.h:1432
udifcommon.h
UDIF common definitions and constants.
UDIF_EXPORT_API
#define UDIF_EXPORT_API
The api export prefix.
Definition udifcommon.h:101