Google is committed to advancing racial equity for Black communities. See how.

nl::Weave::Profiles::Security::CertProvisioning::WeaveNodeMfrAttestDelegate

This is an abstract class.

#include <src/lib/profiles/security/WeaveCertProvisioning.h>

Abstract interface to which platform specific actions are delegated during Weave node manufacturer attestation.

Summary

Public functions

EncodeMAInfo(TLVWriter & writer)=0
virtual WEAVE_ERROR
Encode Weave manufacturer attestation information for the local node.
GenerateAndEncodeMASig(const uint8_t *data, uint16_t dataLen, TLVWriter & writer)=0
virtual WEAVE_ERROR
Generate and encode manufacturer attestation signature using local node's manufacturer attestation private key.

Public functions

EncodeMAInfo

virtual WEAVE_ERROR EncodeMAInfo(
  TLVWriter & writer
)=0

Encode Weave manufacturer attestation information for the local node.

When invoked, the implementation should write a structure containing information used for node's manufacturer attestation. The manufacturer attestation information should be written in the form of a TLV structure to the supplied TLV writer using the Security Profile specific tag.

GenerateAndEncodeMASig

virtual WEAVE_ERROR GenerateAndEncodeMASig(
  const uint8_t *data,
  uint16_t dataLen,
  TLVWriter & writer
)=0

Generate and encode manufacturer attestation signature using local node's manufacturer attestation private key.

When invoked, implementations must compute a signature on the given hash value using the node's manufacturer attestation private key.

First, the enumerated value identifying the manufacturer attestation signature algorithm should be written in the form of unsiged integer to the supplied TLV writer using the following tag: kTag_GetCertReqMsg_MfrAttestSigAlgo Legal enumerated values are taken from the kOID_SigAlgo_* constant namespace.

The generated signature should then be written in the form of a ECDSASignature, RSASignature, HMACSignature, or custom structure to the supplied TLV writer using one of the following tags: kTag_GetCertReqMsg_MfrAttestSig_ECDSA kTag_GetCertReqMsg_MfrAttestSig_RSA kTag_GetCertReqMsg_MfrAttestSig_HMAC custom security profile specific tag

Note: in cases where the node's corresponding Elliptic Curve private key is held in a local buffer, the GenerateAndEncodeWeaveECDSASignature() utility function can be useful for implementing this method.