Name Last Update
..
CVS Loading commit data...
README Loading commit data...
aes.h Loading commit data...
aes_api.h Loading commit data...
bbcert.h Loading commit data...
bbmetadata.h Loading commit data...
bbreg.h Loading commit data...
bbticket.h Loading commit data...
bbtoolsapi.h Loading commit data...
bbtypes.h Loading commit data...
libcryptoX86.a Loading commit data...
pkgbootrl Loading commit data...
ultratypes.h Loading commit data...
Use of the api in bbtoolsapi.c

Content Publisher: 
Use API:
int generateUnsignedContentMetaDataHead( 
                                    u32 contentRlVersion,
                                    u32 caCrlVersion,
                                    u32 cpCrlVersion,

                                    BbContentId contentId, 
                                    u32 contentSize, 
                                    u32 descFlags, /* is it common encryption
                                                    use BB_CMD_DESC_COMMON_KEY*/
                                    u8 * commonIv, /* if we want 
                                                      common encryption */
                                    u8 * commonKey, /* this is in virage*/

                                    u8 * contentKey, 
                                    u8 * contentHash,
                                    u8 * contentIv,
                                    /* make this opaque to the server:7 words */
                                    u32 * contentProperties,
                                    
                                    u32 bbid, /* optional to attach to one BB*/
                                    u8 *issuername,
                                    void *metadata);

Context:
Content publisher is a program that takes 
Inputs: content and a contentProperties file pair, whether or not it is
commonly encrypted (only for system app), a particular bbid for this content
(optional).
Outputs: the encrypted content and content meta data pair.

The API helps to create the content meta data output. 

Each field description:
From server/ server database:
contentRlVersion:  content revocation list version number
caCrlVersion: cert auth version number
cpCrlVersion: content publisher crl version number
content ID: unique each published content

issuername: from database, name of server example, 
Root-CPCA01020304-CP01020304
 
From program run:
contentSize
if input is common encryption,
set descFlags,
feed in commonKey: should the common key in virage
commonIv: any random

if input is not common encryption all above fields are zero
contentKey: generate random, use it to encrypt content
contentHash: compute before encryption
contentIv: generate random, use it to encrypt content

contentProperties: read these 7 32 bit words from a file and input
word array.

bbid: if a particular bbid is input to this program, pass here,
else zeros

metadata: output serialized word array.

POSTPROCESSING:
prepend contentDesc data
prepend (as first field) the size of contentDesc data + content meta data
head (TBD: this will be a constant defined in bbmetadata.h)

Sign entire content not including last 256 bytes, and write the sign 
in last 256 bytes of the returned metadata blob (look at example of
format in bbplayer/tools/mkCmd.c using charstring_to_bigint())

The contentProperties file contains the following fields set for
every content before it is ready to publish:
                                    
                                    u32 loadAddress, 
                                    u32 romOffset,
                                    u32 bootLength, 
                                    u32 execFlags, 
                                    u32 hwAccessRights, 
                                    u32 secureKernelRights,
                                    u32 sizeState, 


_____________________________________________________________________

Ticket server:

Use API
int generateUnsignedEncryptedTicket( void *metadata, 
                                     u32 bbid,
                                     u32 tsCrlVersion, 
                                     BbAesIv cmdIv, 
                                     BbEccPrivateKey serverprivateKey,
                                     BbEccPublicKey serverpublicKey,
                                     BbEccPublicKey bbpublicKey,
                                     u8 *issuername,
                                     void *ticketdata);
Input: metadata from prev result (signed)
bbid: requesting bbid
tsCrlVersion: from database, ticket server crl version number
cmdIv: is the random Iv to be used for encrypting the ticket portion
internal to the api
serverprivateKey: is the random key used for server key pair
serverpublicKey is the result of 
eccGenPublicKey(BbEccPublicKey publickey, BbEccPrivateKey privatekey);

(this can be done once and used throughout a session)

issuername is ticket server name like Root-TSCA01020304-TS01020304

ticketdata is output.


Postprocessing:
any variable length input is prepended, 
the size is prepended as first field (size = variable length 
blob size + entire content meta data + ticket head size (TBD constant).

The sign is overwritten in last 256 bytes.