From 7d315f0c34d097074bd89cb2722449abee5cc884 Mon Sep 17 00:00:00 2001 From: "Marc A. Valle" Date: Tue, 25 Jul 2017 16:11:02 -0700 Subject: Release SDK 4.0.0 Added * The member implementation now provides an internal interface that gives guidance on partitioning member operations between highly sensitive ones that use f value of the private key, and less sensitive operations that can be performed in a host environment. * New member API `EpidAssemblePrivKey` was added to help assemble and validate the new member private key that is created when a member either joins a group (using the join protocol) or switches to a new group (as the result of a performance rekey). Changed * Updated Intel(R) IPP Cryptography library to version 2017 (Update 2). * The mechanism to set the signature based revocation list (SigRL) used for signing was changed. `EpidMemberSetSigRl` must be used to set the SigRL. The SigRL is no longer a parameter to `EpidSign`. This better models typical use case where a device stores a revocation list and updates it independently of signing operations. Removed * Removed `EpidWritePreSigs` API. Serialization of pre-computed signatures is a risky capability to provide, and simply expanding the internal pool via `EpidAddPreSigs` still provides most of the optimization benefits. * The `EpidIsPrivKeyInGroup` API is no longer exposed to clients. It is no longer needed because the new member API `EpidAssemblePrivKey` performs this check. Fixed * When building with commercial version of the Intel(R) IPP Cryptography library, optimized functions are now properly invoked, making signing and verification operations ~2 times faster * SHA-512/256 hash algorithm is now supported. * README for compressed data now correctly documents the number of entries in revocation lists. * The `verifysig` sample now reports a more clear error message for mismatched SigRLs. * The default scons build will now build for a 32-bit target on a 32-bit platform. Known Issues * Scons build will not work natively on ARM. You can still build using `make` or cross compile. --- CHANGELOG.md | 83 +- LICENSE.txt | 44 +- Makefile.in | 100 +- NOTICE.txt | 17 +- README.md | 14 +- SConstruct | 209 +++- configure | 135 +- configure.ac | 18 +- doc/html/1_81_2file__parser_8h.html | 4 +- doc/html/1_81_2types_8h.html | 4 +- doc/html/Basenames.html | 4 +- doc/html/BuildToolsInstallation.html | 14 +- doc/html/BuildingSdk.html | 51 +- doc/html/ChangeLog.html | 50 +- doc/html/ChoosingiKGF.html | 4 +- doc/html/EpidOverview.html | 25 +- doc/html/Glossary.html | 4 +- doc/html/HowValidated.html | 123 ++ doc/html/ImplementationNotes.html | 9 +- doc/html/IssuerMaterial.html | 9 +- doc/html/LegalInformation.html | 4 +- doc/html/Revocation.html | 4 +- doc/html/SdkOverview.html | 27 +- doc/html/SignVerifyTutorial.html | 147 ++- doc/html/SignmsgWalkthru.html | 170 --- .../UserManual_GeneratingAnIntelEpidSignature.html | 181 +++ .../UserManual_VerifyingAnIntelEpidSignature.html | 203 +++ doc/html/VerifysigWalkthru.html | 190 --- doc/html/annotated.html | 35 +- doc/html/basenames_8dox.html | 4 +- doc/html/basicdoc.png | Bin 19922 -> 26874 bytes doc/html/bignum_8h.html | 16 +- doc/html/bitsupplier_8h.html | 4 +- doc/html/build__tools__installation_8dox.html | 4 +- doc/html/building__sdk_8dox.html | 4 +- doc/html/choosing__ikgf_8dox.html | 4 +- doc/html/classes.html | 49 +- doc/html/context_8h.html | 102 ++ doc/html/decompress_8h.html | 92 ++ doc/html/dir_02c945662023679b89476bd7126bc985.html | 4 +- doc/html/dir_12b90d9c027aaf878a834df729679a56.html | 4 +- doc/html/dir_512d3e62841a8535b716ec4cf8b9e950.html | 7 +- doc/html/dir_6048dbb18cb271412de4a010207fd345.html | 105 ++ doc/html/dir_a32be19bc88f3d7aac6b7249da379f26.html | 4 +- doc/html/dir_ef364879bae02db2684040178ed9b186.html | 4 +- doc/html/dir_f169ebf8da29290a918fa4b3f7151050.html | 4 +- doc/html/dir_f6bef457d5f671b6e774bfccc16651f6.html | 4 +- doc/html/ecdsa_8h.html | 16 +- doc/html/ecgroup_8h.html | 34 +- doc/html/epid__overview_8dox.html | 4 +- doc/html/epid_diagram_basic_interaction.png | Bin 0 -> 34688 bytes doc/html/epid_diagram_group.png | Bin 0 -> 25944 bytes doc/html/epid_diagram_high_level_interaction.png | Bin 25513 -> 0 bytes doc/html/epid_diagram_high_level_use_case.png | Bin 16041 -> 0 bytes doc/html/epid_diagram_issuer_functionality.png | Bin 0 -> 58672 bytes doc/html/epid_diagram_issuer_high_level.png | Bin 4857 -> 0 bytes doc/html/epid_diagram_member_functionality.png | Bin 0 -> 25610 bytes doc/html/epid_diagram_member_high_level.png | Bin 8319 -> 0 bytes doc/html/epid_diagram_roles_summary.png | Bin 0 -> 25980 bytes doc/html/epid_diagram_verifier_functionality.png | Bin 0 -> 36340 bytes doc/html/epid_diagram_verifier_high_level.png | Bin 8897 -> 0 bytes doc/html/errors_8h.html | 8 +- doc/html/examples.html | 8 +- doc/html/examples.js | 10 +- doc/html/examples_8dox.html | 4 +- doc/html/file__parser_8h.html | 4 +- doc/html/files.html | 23 +- doc/html/finitefield_8h.html | 22 +- doc/html/functions.html | 37 +- doc/html/functions_vars.html | 37 +- doc/html/globals.html | 4 +- doc/html/globals_b.html | 4 +- doc/html/globals_c.html | 79 ++ doc/html/globals_d.html | 4 +- doc/html/globals_defs.html | 4 +- doc/html/globals_e.html | 30 +- doc/html/globals_enum.html | 4 +- doc/html/globals_eval.html | 7 +- doc/html/globals_f.html | 6 +- doc/html/globals_func.html | 95 +- doc/html/globals_g.html | 4 +- doc/html/globals_h.html | 4 +- doc/html/globals_i.html | 4 +- doc/html/globals_k.html | 7 +- doc/html/globals_m.html | 4 +- doc/html/globals_n.html | 4 +- doc/html/globals_o.html | 79 ++ doc/html/globals_p.html | 6 +- doc/html/globals_r.html | 10 +- doc/html/globals_s.html | 4 +- doc/html/globals_t.html | 49 +- doc/html/globals_type.html | 10 +- doc/html/globals_v.html | 4 +- doc/html/globals_vars.html | 4 +- doc/html/globals_w.html | 10 +- doc/html/glossary_8dox.html | 4 +- doc/html/group___big_num_primitives.html | 24 +- doc/html/group___big_num_primitives.js | 4 +- doc/html/group___ec_group_primitives.html | 56 +- doc/html/group___ec_group_primitives.js | 10 +- doc/html/group___ecdsa_primitives.html | 28 +- doc/html/group___ecdsa_primitives.js | 4 +- doc/html/group___epid11_file_parser_module.html | 4 +- doc/html/group___epid11_pairing_primitives.html | 5 +- doc/html/group___epid11_types.html | 4 +- doc/html/group___epid11_verifier_module.html | 4 +- doc/html/group___epid_common.html | 17 +- doc/html/group___epid_math.html | 4 +- doc/html/group___epid_member_module.html | 324 ++--- doc/html/group___epid_member_module.js | 30 +- doc/html/group___epid_module.html | 4 +- doc/html/group___epid_print.html | 4 +- doc/html/group___epid_types.html | 15 +- doc/html/group___epid_types.js | 8 + doc/html/group___epid_verifier_module.html | 51 +- doc/html/group___error_codes.html | 11 +- doc/html/group___error_codes.js | 3 +- doc/html/group___file_parser.html | 23 +- doc/html/group___finite_field_primitives.html | 41 +- doc/html/group___finite_field_primitives.js | 6 +- doc/html/group___hash_primitives.html | 4 +- doc/html/group___pairing_primitives.html | 27 +- doc/html/group___pairing_primitives.js | 2 +- doc/html/group___tpm_module.html | 929 ++++++++++++++ doc/html/group___tpm_module.js | 30 + doc/html/hash_8h.html | 4 +- doc/html/how__validated_8dox.html | 82 ++ doc/html/implementation__notes_8dox.html | 4 +- doc/html/index.html | 16 +- doc/html/init_8h.html | 92 ++ doc/html/issuer__material_8dox.html | 4 +- doc/html/join_8h.html | 95 ++ doc/html/jquery.js | 14 +- doc/html/legal__information_8dox.html | 4 +- doc/html/mainpage_8dox.html | 4 +- doc/html/member_2api_8h.html | 38 +- doc/html/modules.html | 11 +- doc/html/navtreedata.js | 32 +- doc/html/navtreeindex0.js | 330 ++--- doc/html/navtreeindex1.js | 496 ++++---- doc/html/navtreeindex2.js | 146 ++- doc/html/nrprove_8h.html | 103 ++ doc/html/organization_8dox.html | 4 +- doc/html/pageorder_8dox.html | 4 +- doc/html/pages.html | 11 +- doc/html/pairing_8h.html | 10 +- doc/html/presig_8h.html | 96 ++ doc/html/printutils_8h.html | 4 +- doc/html/revocation_8dox.html | 4 +- doc/html/sdk__overview_8dox.html | 4 +- doc/html/sdk_block_diagram.png | Bin 12425 -> 16299 bytes doc/html/sign_8h.html | 103 ++ doc/html/sign__verify__tutorial_8dox.html | 4 +- doc/html/signmsg__walkthrough_8dox.html | 4 +- doc/html/stdtypes_8h.html | 4 +- doc/html/struct_basic_signature.html | 4 +- doc/html/struct_big_num_str.html | 4 +- doc/html/struct_compressed_priv_key.html | 4 +- doc/html/struct_ecdsa_private_key.html | 4 +- doc/html/struct_ecdsa_public_key.html | 4 +- doc/html/struct_ecdsa_signature.html | 4 +- doc/html/struct_epid11_basic_signature.html | 4 +- doc/html/struct_epid11_g2_elem_str.html | 4 +- doc/html/struct_epid11_group_pub_key.html | 4 +- doc/html/struct_epid11_group_rl.html | 4 +- doc/html/struct_epid11_gt_elem_str.html | 4 +- doc/html/struct_epid11_nr_proof.html | 4 +- doc/html/struct_epid11_params.html | 4 +- doc/html/struct_epid11_priv_rl.html | 4 +- doc/html/struct_epid11_sig_rl.html | 4 +- doc/html/struct_epid11_sig_rl_entry.html | 4 +- doc/html/struct_epid11_signature.html | 4 +- doc/html/struct_epid11_verifier_precomp.html | 4 +- doc/html/struct_epid2_params.html | 4 +- doc/html/struct_epid_ca_certificate.html | 4 +- doc/html/struct_epid_file_header.html | 4 +- doc/html/struct_epid_signature.html | 4 +- doc/html/struct_fp_elem_str.html | 4 +- doc/html/struct_fq12_elem_str.html | 4 +- doc/html/struct_fq2_elem_str.html | 4 +- doc/html/struct_fq3_elem_str.html | 4 +- doc/html/struct_fq6_elem_str.html | 4 +- doc/html/struct_fq_elem_str.html | 4 +- doc/html/struct_g1_elem_str.html | 4 +- doc/html/struct_g2_elem_str.html | 4 +- doc/html/struct_group_pub_key.html | 4 +- doc/html/struct_group_rl.html | 4 +- doc/html/struct_gt_elem_str.html | 4 +- doc/html/struct_i_priv_key.html | 4 +- doc/html/struct_join_request.html | 4 +- doc/html/struct_member_precomp.html | 10 +- doc/html/struct_membership_credential.html | 4 +- doc/html/struct_nr_proof.html | 4 +- doc/html/struct_nr_prove_commit_output.html | 105 ++ doc/html/struct_oct_str128.html | 4 +- doc/html/struct_oct_str16.html | 4 +- doc/html/struct_oct_str256.html | 4 +- doc/html/struct_oct_str32.html | 4 +- doc/html/struct_oct_str512.html | 4 +- doc/html/struct_oct_str600.html | 4 +- doc/html/struct_oct_str64.html | 4 +- doc/html/struct_oct_str768.html | 4 +- doc/html/struct_oct_str8.html | 4 +- doc/html/struct_oct_str80.html | 4 +- doc/html/struct_pre_computed_signature.html | 138 --- doc/html/struct_priv_key.html | 4 +- doc/html/struct_priv_rl.html | 4 +- doc/html/struct_sha256_digest.html | 4 +- doc/html/struct_sig_rl.html | 4 +- doc/html/struct_sig_rl_entry.html | 4 +- doc/html/struct_sign_commit_output.html | 113 ++ doc/html/struct_verifier_precomp.html | 4 +- doc/html/struct_verifier_rl.html | 4 +- doc/html/tatepairing_8h.html | 4 +- doc/html/types_8h.html | 15 +- doc/html/validatekey_8h.html | 93 ++ doc/html/verifier_21_81_2api_8h.html | 4 +- doc/html/verifier_2api_8h.html | 4 +- doc/html/verifysig__walkthrough_8dox.html | 4 +- .../1.1/testdata/grp_x/corrupted_privrl.inc | 35 + epid/common-testhelper/Makefile | 17 +- epid/common-testhelper/epid_gtest-testhelper.cc | 68 + epid/common-testhelper/epid_gtest-testhelper.h | 30 + epid/common-testhelper/octstr-testhelper.cc | 7 +- .../testdata/grp_x/corrupted_privrl.inc | 36 + .../grp_x/member0/sig_sha512_256_bsn0_msg0.inc | 100 ++ .../grp_x/member0/sig_sha512_256_rndbase_msg0.inc | 100 ++ .../sig_sha512_256_rndbase_msg0_no_sigrl.inc | 88 ++ ...ig_sha512_rndbase_msg0_revoked_middle_entry.inc | 77 ++ .../bsn0/sig_revoked0sha512_256bsn0msg0.inc | 100 ++ .../bsn0/sig_revoked1sha512_256bsn0msg0.inc | 100 ++ .../bsn0/sig_revoked2sha512_256bsn0msg0.inc | 100 ++ .../grp_x/verrevoked/bsn0/verrl_sha512_256.inc | 68 + .../unittests/bignum_wrapper-test.cc | 3 +- .../unittests/ecgroup_wrapper-test.cc | 3 +- .../unittests/ecpoint_wrapper-test.cc | 3 +- .../unittests/ffelement_wrapper-test.cc | 3 +- .../unittests/finite_field_wrapper-test.cc | 3 +- epid/common-testhelper/unittests/main-test.cc | 3 +- epid/common/1.1/src/file_parser.c | 2 +- epid/common/1.1/unittests/file_parser-test.cc | 11 +- epid/common/Makefile | 17 +- epid/common/bitsupplier.h | 28 +- epid/common/common.parts | 5 +- epid/common/errors.h | 3 +- epid/common/file_parser.h | 16 +- epid/common/math/bignum.h | 6 +- epid/common/math/ecdsa.h | 6 +- epid/common/math/ecgroup.h | 18 +- epid/common/math/finitefield.h | 17 +- epid/common/math/pairing.h | 13 +- epid/common/math/src/bignum-internal.h | 19 +- epid/common/math/src/bignum.c | 34 +- epid/common/math/src/ecdsa_sign.c | 4 +- epid/common/math/src/ecdsa_verify.c | 23 +- epid/common/math/src/ecgroup-internal.h | 15 +- epid/common/math/src/ecgroup.c | 387 +++--- epid/common/math/src/finitefield-internal.h | 36 +- epid/common/math/src/finitefield.c | 580 +++++---- epid/common/math/src/pairing-internal.h | 8 +- epid/common/math/src/pairing.c | 799 ++++++------ epid/common/math/src/printutils.c | 80 +- epid/common/math/src/sha256.c | 5 +- epid/common/math/src/tatepairing-internal.h | 6 +- epid/common/math/src/tatepairing.c | 417 +++---- epid/common/math/tatepairing.h | 5 +- epid/common/math/unittests/bignum-test.cc | 3 +- epid/common/math/unittests/ecdsa_sign-test.cc | 3 +- epid/common/math/unittests/ecdsa_verify-test.cc | 3 +- epid/common/math/unittests/ecgroup-test.cc | 190 +-- epid/common/math/unittests/ffelement-test.cc | 28 +- epid/common/math/unittests/finitefield-test.cc | 3 +- epid/common/math/unittests/hash-test.cc | 3 +- epid/common/math/unittests/main-test.cc | 3 +- epid/common/math/unittests/octstrconvert-test.cc | 3 +- epid/common/math/unittests/pairing-test.cc | 99 +- epid/common/math/unittests/printutils-test.cc | 3 +- epid/common/math/unittests/tatepairing-test.cc | 3 +- epid/common/src/commitment.c | 6 +- epid/common/src/commitment.h | 33 +- epid/common/src/file_parser.c | 2 +- epid/common/types.h | 22 +- epid/common/unittests/file_parser-test.cc | 11 +- epid/member/Makefile | 18 +- epid/member/api.h | 218 ++-- epid/member/member.parts | 29 +- epid/member/src/allowed_basenames.c | 117 ++ epid/member/src/allowed_basenames.h | 45 + epid/member/src/assemble_privkey.c | 123 ++ epid/member/src/context.c | 397 ++---- epid/member/src/context.h | 73 +- epid/member/src/decompress_privkey.c | 274 +--- epid/member/src/hash_basename.c | 53 + epid/member/src/hash_basename.h | 56 + epid/member/src/join.c | 92 ++ epid/member/src/join_commitment.c | 89 ++ epid/member/src/join_commitment.h | 67 + epid/member/src/nr_prove.c | 277 ----- epid/member/src/nrprove.c | 91 ++ epid/member/src/nrprove_commitment.c | 114 ++ epid/member/src/nrprove_commitment.h | 77 ++ epid/member/src/precomp.c | 91 ++ epid/member/src/precomp.h | 60 + epid/member/src/presig.c | 229 ---- epid/member/src/privkey.c | 84 -- epid/member/src/privkey.h | 67 - epid/member/src/request_join.c | 418 ------- epid/member/src/sign.c | 51 +- epid/member/src/sign_commitment.c | 72 ++ epid/member/src/sign_commitment.h | 64 + epid/member/src/signbasic.c | 250 +--- epid/member/tpm/context.h | 129 ++ epid/member/tpm/decompress.h | 78 ++ epid/member/tpm/init.h | 77 ++ epid/member/tpm/join.h | 82 ++ epid/member/tpm/nrprove.h | 106 ++ epid/member/tpm/presig.h | 65 + epid/member/tpm/sign.h | 107 ++ epid/member/tpm/src/context.c | 180 +++ epid/member/tpm/src/decompress.c | 271 ++++ epid/member/tpm/src/init.c | 115 ++ epid/member/tpm/src/join.c | 123 ++ epid/member/tpm/src/nrprove.c | 221 ++++ epid/member/tpm/src/presig-internal.h | 52 + epid/member/tpm/src/presig.c | 265 ++++ epid/member/tpm/src/sign.c | 204 +++ epid/member/tpm/src/types.h | 93 ++ epid/member/tpm/src/validatekey.c | 130 ++ epid/member/tpm/unittests/tpm-test.cc | 212 ++++ epid/member/tpm/unittests/tpm-testhelper.cc | 326 +++++ epid/member/tpm/unittests/tpm-testhelper.h | 116 ++ epid/member/tpm/validatekey.h | 73 ++ epid/member/unittests/compute_presig-test.cc | 93 -- epid/member/unittests/context-test.cc | 166 ++- epid/member/unittests/decompress_privkey-test.cc | 3 +- epid/member/unittests/get_sigsize-test.cc | 3 +- epid/member/unittests/main-test.cc | 3 +- epid/member/unittests/member-testhelper.cc | 185 +-- epid/member/unittests/member-testhelper.h | 16 +- epid/member/unittests/nr_prove-test.cc | 5 +- epid/member/unittests/presig-test.cc | 162 +-- epid/member/unittests/request_join-test.cc | 159 ++- epid/member/unittests/sign-test.cc | 370 ++---- epid/member/unittests/signbasic-test.cc | 41 +- epid/verifier/1.1/src/nrverify.c | 2 +- epid/verifier/1.1/src/verify.c | 12 +- .../1.1/unittests/check_privrl_entry-test.cc | 3 +- epid/verifier/1.1/unittests/context-test.cc | 3 +- epid/verifier/1.1/unittests/nrverify-test.cc | 3 +- epid/verifier/1.1/unittests/sigs_linked-test.cc | 3 +- epid/verifier/1.1/unittests/verifier-testhelper.cc | 5 +- epid/verifier/1.1/unittests/verifier-testhelper.h | 5 +- epid/verifier/1.1/unittests/verify-test.cc | 41 +- epid/verifier/1.1/unittests/verifybasic-test.cc | 3 +- epid/verifier/Makefile | 17 +- epid/verifier/api.h | 43 +- epid/verifier/src/check_privrl_entry.c | 15 +- epid/verifier/src/context.c | 13 +- epid/verifier/src/verify.c | 4 +- epid/verifier/src/verifybasic.c | 4 +- epid/verifier/unittests/check_privrl_entry-test.cc | 3 +- epid/verifier/unittests/context-test.cc | 17 +- epid/verifier/unittests/main-test.cc | 3 +- epid/verifier/unittests/nrverify-test.cc | 42 +- epid/verifier/unittests/sigs_linked-test.cc | 3 +- epid/verifier/unittests/verifier-testhelper.cc | 22 +- epid/verifier/unittests/verifier-testhelper.h | 13 +- epid/verifier/unittests/verify-test.cc | 50 +- epid/verifier/unittests/verifybasic-test.cc | 14 +- example/Makefile | 8 +- example/compressed_data/README.md | 24 +- example/data/README.md | 4 +- example/signmsg/src/main.c | 61 +- example/signmsg/src/signmsg.c | 93 +- example/util/Makefile | 2 +- example/verifysig/src/main.c | 136 +- example/verifysig/src/verifysig.c | 49 +- example/verifysig/src/verifysig.h | 13 +- example/verifysig/src/verifysig11.c | 42 +- example/verifysig/src/verifysig11.h | 12 +- ext/dropt/Makefile | 2 +- ext/dropt/src/dropt_string.c | 8 +- ext/gtest/Makefile | 6 +- ext/ipp/include/ippbase.h | 4 +- ext/ipp/include/ippcp.h | 290 ++++- ext/ipp/include/ippcpdefs.h | 78 +- ext/ipp/include/ippcpepid.h | 218 ---- ext/ipp/include/ippdefs.h | 17 +- ext/ipp/include/ipptypes.h | 75 +- ext/ipp/ippcommon.parts | 56 - ext/ipp/ippcp.parts | 52 +- ext/ipp/ippcpepid.parts | 105 -- ext/ipp/sources/include/owndefs.h | 166 ++- ext/ipp/sources/ippcp/Makefile | 6 +- ext/ipp/sources/ippcp/src/owncp.h | 44 +- ext/ipp/sources/ippcp/src/pcpbn.h | 9 +- ext/ipp/sources/ippcp/src/pcpbnca.c | 44 +- ext/ipp/sources/ippcp/src/pcpbnresource.h | 48 - ext/ipp/sources/ippcp/src/pcpbnresourceca.c | 87 -- ext/ipp/sources/ippcp/src/pcpbnsetca.c | 2 +- ext/ipp/sources/ippcp/src/pcpbnu32arith.c | 20 +- ext/ipp/sources/ippcp/src/pcpbnu32arith.h | 15 +- ext/ipp/sources/ippcp/src/pcpbnu32misc.c | 2 +- ext/ipp/sources/ippcp/src/pcpbnu32misc.h | 5 +- ext/ipp/sources/ippcp/src/pcpbnuarith.c | 103 +- ext/ipp/sources/ippcp/src/pcpbnuarith.h | 21 +- ext/ipp/sources/ippcp/src/pcpbnuimpl.h | 6 +- ext/ipp/sources/ippcp/src/pcpbnumisc.c | 2 +- ext/ipp/sources/ippcp/src/pcpbnumisc.h | 18 +- ext/ipp/sources/ippcp/src/pcpeccp.h | 400 +++--- ext/ipp/sources/ippcp/src/pcpeccp256r1dpca.c | 50 + ext/ipp/sources/ippcp/src/pcpeccpdpca.c | 698 ++--------- ext/ipp/sources/ippcp/src/pcpeccpgenkeyca.c | 58 +- ext/ipp/sources/ippcp/src/pcpeccpinitca.c | 297 +---- ext/ipp/sources/ippcp/src/pcpeccpmethod.h | 98 -- ext/ipp/sources/ippcp/src/pcpeccpmethod128.h | 118 -- ext/ipp/sources/ippcp/src/pcpeccpmethod128ca.c | 879 ------------- ext/ipp/sources/ippcp/src/pcpeccpmethod192.h | 117 -- ext/ipp/sources/ippcp/src/pcpeccpmethod192ca.c | 880 ------------- ext/ipp/sources/ippcp/src/pcpeccpmethod224.h | 118 -- ext/ipp/sources/ippcp/src/pcpeccpmethod224ca.c | 877 ------------- ext/ipp/sources/ippcp/src/pcpeccpmethod256.h | 118 -- ext/ipp/sources/ippcp/src/pcpeccpmethod256ca.c | 879 ------------- ext/ipp/sources/ippcp/src/pcpeccpmethod384.h | 118 -- ext/ipp/sources/ippcp/src/pcpeccpmethod384ca.c | 879 ------------- ext/ipp/sources/ippcp/src/pcpeccpmethod521.h | 118 -- ext/ipp/sources/ippcp/src/pcpeccpmethod521ca.c | 879 ------------- ext/ipp/sources/ippcp/src/pcpeccpmethodcom.h | 133 -- ext/ipp/sources/ippcp/src/pcpeccpmethodcomca.c | 1025 --------------- ext/ipp/sources/ippcp/src/pcpeccpmethodsm2.h | 120 -- ext/ipp/sources/ippcp/src/pcpeccpmethodsm2ca.c | 879 ------------- ext/ipp/sources/ippcp/src/pcpeccppoint.h | 54 - ext/ipp/sources/ippcp/src/pcpeccppointca.c | 53 +- ext/ipp/sources/ippcp/src/pcpeccppointopca.c | 271 ++-- ext/ipp/sources/ippcp/src/pcpeccppublickeyca.c | 87 -- ext/ipp/sources/ippcp/src/pcpeccpsetkeyca.c | 48 +- ext/ipp/sources/ippcp/src/pcpeccpsigndsaca.c | 149 ++- ext/ipp/sources/ippcp/src/pcpeccpsscm.c | 160 --- ext/ipp/sources/ippcp/src/pcpeccpsscm.h | 45 - ext/ipp/sources/ippcp/src/pcpeccpstdca.c | 586 +++++---- ext/ipp/sources/ippcp/src/pcpeccpverifydsaca.c | 184 +-- ext/ipp/sources/ippcp/src/pcpgfp.c | 922 ++++++++++++++ ext/ipp/sources/ippcp/src/pcpgfpec.c | 456 +++++++ ext/ipp/sources/ippcp/src/pcpgfpecpoint.c | 454 +++++++ ext/ipp/sources/ippcp/src/pcpgfpecpointstuff.c | 1149 +++++++++++++++++ ext/ipp/sources/ippcp/src/pcpgfpecstuff.h | 333 +++++ ext/ipp/sources/ippcp/src/pcpgfpmethod.h | 57 + ext/ipp/sources/ippcp/src/pcpgfpmethod_256r1.c | 153 +++ ext/ipp/sources/ippcp/src/pcpgfpmethod_com.c | 164 +++ ext/ipp/sources/ippcp/src/pcpgfpstuff.c | 311 +++++ ext/ipp/sources/ippcp/src/pcpgfpstuff.h | 260 ++++ ext/ipp/sources/ippcp/src/pcpgfpx.c | 175 +++ ext/ipp/sources/ippcp/src/pcpgfpxmethod_binom.c | 359 ++++++ .../sources/ippcp/src/pcpgfpxmethod_binom_epid2.c | 379 ++++++ ext/ipp/sources/ippcp/src/pcpgfpxmethod_com.c | 284 +++++ ext/ipp/sources/ippcp/src/pcpgfpxmethod_com.h | 42 + ext/ipp/sources/ippcp/src/pcpgfpxstuff.c | 687 ++++++++++ ext/ipp/sources/ippcp/src/pcpgfpxstuff.h | 179 +++ ext/ipp/sources/ippcp/src/pcphash.h | 174 ++- ext/ipp/sources/ippcp/src/pcphash_rmf.h | 51 + ext/ipp/sources/ippcp/src/pcphashca.c | 744 +++++++++++ ext/ipp/sources/ippcp/src/pcphashcnt.c | 4 +- ext/ipp/sources/ippcp/src/pcphashmd5px.c | 211 ---- ext/ipp/sources/ippcp/src/pcphashmethod_rmf.h | 44 + ext/ipp/sources/ippcp/src/pcphashsha1px.c | 14 +- ext/ipp/sources/ippcp/src/pcphashsha256px.c | 14 +- ext/ipp/sources/ippcp/src/pcphashsha512px.c | 14 +- ext/ipp/sources/ippcp/src/pcpmd5ca.c | 485 -------- ext/ipp/sources/ippcp/src/pcpmontexpbinca.c | 4 +- ext/ipp/sources/ippcp/src/pcpmontgomery.h | 15 +- ext/ipp/sources/ippcp/src/pcpmontgomeryca.c | 13 +- ext/ipp/sources/ippcp/src/pcpmontred.c | 16 +- ext/ipp/sources/ippcp/src/pcpmulbnukara.h | 9 +- ext/ipp/sources/ippcp/src/pcppma.h | 106 -- ext/ipp/sources/ippcp/src/pcppma128.c | 169 --- ext/ipp/sources/ippcp/src/pcppma128.h | 79 -- ext/ipp/sources/ippcp/src/pcppma192.c | 153 --- ext/ipp/sources/ippcp/src/pcppma192.h | 84 -- ext/ipp/sources/ippcp/src/pcppma224.c | 169 --- ext/ipp/sources/ippcp/src/pcppma224.h | 81 -- ext/ipp/sources/ippcp/src/pcppma256.c | 181 --- ext/ipp/sources/ippcp/src/pcppma256.h | 82 -- ext/ipp/sources/ippcp/src/pcppma384.c | 191 --- ext/ipp/sources/ippcp/src/pcppma384.h | 82 -- ext/ipp/sources/ippcp/src/pcppma521.c | 124 -- ext/ipp/sources/ippcp/src/pcppma521.h | 80 -- ext/ipp/sources/ippcp/src/pcppmasm2.c | 311 ----- ext/ipp/sources/ippcp/src/pcppmasm2.h | 121 -- ext/ipp/sources/ippcp/src/pcpprimeg.h | 72 -- ext/ipp/sources/ippcp/src/pcpprimeginitca.c | 158 --- ext/ipp/sources/ippcp/src/pcpprng.h | 3 +- ext/ipp/sources/ippcp/src/pcpprngenca.c | 20 +- ext/ipp/sources/ippcp/src/pcpprnginitca.c | 4 +- ext/ipp/sources/ippcp/src/pcpprngsetca.c | 4 +- ext/ipp/sources/ippcp/src/pcpsha1ca.c | 551 --------- ext/ipp/sources/ippcp/src/pcpsha256ca.c | 676 +++++----- ext/ipp/sources/ippcp/src/pcpsha512ca.c | 674 ---------- ext/ipp/sources/ippcp/src/pcptool.h | 40 +- ext/ipp/sources/ippcp/src/pcpvariant.h | 255 +++- ext/ipp/sources/ippcp/src/precomp.h | 22 - ext/ipp/sources/ippcpepid/Makefile | 32 - ext/ipp/sources/ippcpepid/src/owncpepid.h | 52 - ext/ipp/sources/ippcpepid/src/pcpgfp.c | 846 ------------- ext/ipp/sources/ippcpepid/src/pcpgfpec.c | 322 ----- ext/ipp/sources/ippcpepid/src/pcpgfpecpoint.c | 426 ------- ext/ipp/sources/ippcpepid/src/pcpgfpecpointstuff.c | 1227 ------------------ ext/ipp/sources/ippcpepid/src/pcpgfpecstuff.h | 320 ----- ext/ipp/sources/ippcpepid/src/pcpgfphashstuff.h | 117 -- ext/ipp/sources/ippcpepid/src/pcpgfpstuff.c | 486 -------- ext/ipp/sources/ippcpepid/src/pcpgfpstuff.h | 212 ---- ext/ipp/sources/ippcpepid/src/pcpgfpx.c | 202 --- ext/ipp/sources/ippcpepid/src/pcpgfpxstuff.c | 1307 -------------------- ext/ipp/sources/ippcpepid/src/pcpgfpxstuff.h | 174 --- parts-site/configurations/debug/g++.py | 2 +- parts-site/configurations/debug/gcc.py | 2 +- .../configurations/debug/intelc_posix-any.py | 2 +- .../configurations/instr_release/__init__.py | 20 + parts-site/configurations/instr_release/g++.py | 31 + parts-site/configurations/instr_release/gcc.py | 31 + .../instr_release/intelc_posix-any.py | 33 + .../instr_release/intelc_win32-any.py | 35 + .../configurations/instr_release/msvc_win32-any.py | 35 + .../instr_size_optimized_release/__init__.py | 20 + .../instr_size_optimized_release/g++.py | 31 + .../instr_size_optimized_release/gcc.py | 31 + .../intelc_posix-any.py | 33 + .../intelc_win32-any.py | 35 + .../instr_size_optimized_release/msvc_win32-any.py | 35 + parts-site/configurations/release/g++.py | 16 +- parts-site/configurations/release/gcc.py | 13 +- .../configurations/release/intelc_posix-any.py | 16 +- .../release/msvc_win32-any_win32-x86.py | 1 + .../release/msvc_win32-any_win32-x86_64.py | 1 + .../size_optimized_release/__init__.py | 20 + .../configurations/size_optimized_release/g++.py | 57 + .../configurations/size_optimized_release/gcc.py | 65 + .../intelc_posix-any_posix-x86.py | 58 + .../intelc_posix-any_posix-x86_64.py | 59 + .../intelc_win32-any_win32-x86.py | 59 + .../intelc_win32-any_win32-x86_64.py | 58 + .../msvc_win32-any_win32-x86.py | 65 + .../msvc_win32-any_win32-x86_64.py | 64 + parts-site/pieces/arm_support.py | 23 + parts-site/tools/g++.py | 74 ++ parts-site/tools/gcc.py | 73 ++ tools/Makefile | 14 +- tools/revokekey/src/main.c | 12 +- 547 files changed, 23907 insertions(+), 28085 deletions(-) create mode 100644 doc/html/HowValidated.html delete mode 100644 doc/html/SignmsgWalkthru.html create mode 100644 doc/html/UserManual_GeneratingAnIntelEpidSignature.html create mode 100644 doc/html/UserManual_VerifyingAnIntelEpidSignature.html delete mode 100644 doc/html/VerifysigWalkthru.html create mode 100644 doc/html/context_8h.html create mode 100644 doc/html/decompress_8h.html create mode 100644 doc/html/dir_6048dbb18cb271412de4a010207fd345.html create mode 100644 doc/html/epid_diagram_basic_interaction.png create mode 100644 doc/html/epid_diagram_group.png delete mode 100644 doc/html/epid_diagram_high_level_interaction.png delete mode 100644 doc/html/epid_diagram_high_level_use_case.png create mode 100644 doc/html/epid_diagram_issuer_functionality.png delete mode 100644 doc/html/epid_diagram_issuer_high_level.png create mode 100644 doc/html/epid_diagram_member_functionality.png delete mode 100644 doc/html/epid_diagram_member_high_level.png create mode 100644 doc/html/epid_diagram_roles_summary.png create mode 100644 doc/html/epid_diagram_verifier_functionality.png delete mode 100644 doc/html/epid_diagram_verifier_high_level.png create mode 100644 doc/html/globals_c.html create mode 100644 doc/html/globals_o.html create mode 100644 doc/html/group___tpm_module.html create mode 100644 doc/html/group___tpm_module.js create mode 100644 doc/html/how__validated_8dox.html create mode 100644 doc/html/init_8h.html create mode 100644 doc/html/join_8h.html create mode 100644 doc/html/nrprove_8h.html create mode 100644 doc/html/presig_8h.html create mode 100644 doc/html/sign_8h.html create mode 100644 doc/html/struct_nr_prove_commit_output.html delete mode 100644 doc/html/struct_pre_computed_signature.html create mode 100644 doc/html/struct_sign_commit_output.html create mode 100644 doc/html/validatekey_8h.html create mode 100644 epid/common-testhelper/1.1/testdata/grp_x/corrupted_privrl.inc create mode 100644 epid/common-testhelper/epid_gtest-testhelper.cc create mode 100644 epid/common-testhelper/epid_gtest-testhelper.h create mode 100644 epid/common-testhelper/testdata/grp_x/corrupted_privrl.inc create mode 100644 epid/common-testhelper/testdata/grp_x/member0/sig_sha512_256_bsn0_msg0.inc create mode 100644 epid/common-testhelper/testdata/grp_x/member0/sig_sha512_256_rndbase_msg0.inc create mode 100644 epid/common-testhelper/testdata/grp_x/member0/sig_sha512_256_rndbase_msg0_no_sigrl.inc create mode 100644 epid/common-testhelper/testdata/grp_x/sigrl_member0_sig_sha512_rndbase_msg0_revoked_middle_entry.inc create mode 100644 epid/common-testhelper/testdata/grp_x/verrevoked/bsn0/sig_revoked0sha512_256bsn0msg0.inc create mode 100644 epid/common-testhelper/testdata/grp_x/verrevoked/bsn0/sig_revoked1sha512_256bsn0msg0.inc create mode 100644 epid/common-testhelper/testdata/grp_x/verrevoked/bsn0/sig_revoked2sha512_256bsn0msg0.inc create mode 100644 epid/common-testhelper/testdata/grp_x/verrevoked/bsn0/verrl_sha512_256.inc create mode 100644 epid/member/src/allowed_basenames.c create mode 100644 epid/member/src/allowed_basenames.h create mode 100644 epid/member/src/assemble_privkey.c create mode 100644 epid/member/src/hash_basename.c create mode 100644 epid/member/src/hash_basename.h create mode 100644 epid/member/src/join.c create mode 100644 epid/member/src/join_commitment.c create mode 100644 epid/member/src/join_commitment.h delete mode 100644 epid/member/src/nr_prove.c create mode 100644 epid/member/src/nrprove.c create mode 100644 epid/member/src/nrprove_commitment.c create mode 100644 epid/member/src/nrprove_commitment.h create mode 100644 epid/member/src/precomp.c create mode 100644 epid/member/src/precomp.h delete mode 100644 epid/member/src/presig.c delete mode 100644 epid/member/src/privkey.c delete mode 100644 epid/member/src/privkey.h delete mode 100644 epid/member/src/request_join.c create mode 100644 epid/member/src/sign_commitment.c create mode 100644 epid/member/src/sign_commitment.h create mode 100644 epid/member/tpm/context.h create mode 100644 epid/member/tpm/decompress.h create mode 100644 epid/member/tpm/init.h create mode 100644 epid/member/tpm/join.h create mode 100644 epid/member/tpm/nrprove.h create mode 100644 epid/member/tpm/presig.h create mode 100644 epid/member/tpm/sign.h create mode 100644 epid/member/tpm/src/context.c create mode 100644 epid/member/tpm/src/decompress.c create mode 100644 epid/member/tpm/src/init.c create mode 100644 epid/member/tpm/src/join.c create mode 100644 epid/member/tpm/src/nrprove.c create mode 100644 epid/member/tpm/src/presig-internal.h create mode 100644 epid/member/tpm/src/presig.c create mode 100644 epid/member/tpm/src/sign.c create mode 100644 epid/member/tpm/src/types.h create mode 100644 epid/member/tpm/src/validatekey.c create mode 100644 epid/member/tpm/unittests/tpm-test.cc create mode 100644 epid/member/tpm/unittests/tpm-testhelper.cc create mode 100644 epid/member/tpm/unittests/tpm-testhelper.h create mode 100644 epid/member/tpm/validatekey.h delete mode 100644 epid/member/unittests/compute_presig-test.cc delete mode 100644 ext/ipp/include/ippcpepid.h delete mode 100644 ext/ipp/ippcommon.parts delete mode 100644 ext/ipp/ippcpepid.parts delete mode 100644 ext/ipp/sources/ippcp/src/pcpbnresource.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpbnresourceca.c create mode 100644 ext/ipp/sources/ippcp/src/pcpeccp256r1dpca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod128.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod128ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod192.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod192ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod224.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod224ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod256.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod256ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod384.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod384ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod521.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethod521ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethodcom.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethodcomca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethodsm2.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpmethodsm2ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccppoint.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccppublickeyca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpsscm.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpeccpsscm.h create mode 100644 ext/ipp/sources/ippcp/src/pcpgfp.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpec.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpecpoint.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpecpointstuff.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpecstuff.h create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpmethod.h create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpmethod_256r1.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpmethod_com.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpstuff.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpstuff.h create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpx.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpxmethod_binom.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpxmethod_binom_epid2.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpxmethod_com.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpxmethod_com.h create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpxstuff.c create mode 100644 ext/ipp/sources/ippcp/src/pcpgfpxstuff.h create mode 100644 ext/ipp/sources/ippcp/src/pcphash_rmf.h create mode 100644 ext/ipp/sources/ippcp/src/pcphashca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcphashmd5px.c create mode 100644 ext/ipp/sources/ippcp/src/pcphashmethod_rmf.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpmd5ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppma.h delete mode 100644 ext/ipp/sources/ippcp/src/pcppma128.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppma128.h delete mode 100644 ext/ipp/sources/ippcp/src/pcppma192.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppma192.h delete mode 100644 ext/ipp/sources/ippcp/src/pcppma224.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppma224.h delete mode 100644 ext/ipp/sources/ippcp/src/pcppma256.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppma256.h delete mode 100644 ext/ipp/sources/ippcp/src/pcppma384.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppma384.h delete mode 100644 ext/ipp/sources/ippcp/src/pcppma521.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppma521.h delete mode 100644 ext/ipp/sources/ippcp/src/pcppmasm2.c delete mode 100644 ext/ipp/sources/ippcp/src/pcppmasm2.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpprimeg.h delete mode 100644 ext/ipp/sources/ippcp/src/pcpprimeginitca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpsha1ca.c delete mode 100644 ext/ipp/sources/ippcp/src/pcpsha512ca.c delete mode 100644 ext/ipp/sources/ippcp/src/precomp.h delete mode 100644 ext/ipp/sources/ippcpepid/Makefile delete mode 100644 ext/ipp/sources/ippcpepid/src/owncpepid.h delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfp.c delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpec.c delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpecpoint.c delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpecpointstuff.c delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpecstuff.h delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfphashstuff.h delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpstuff.c delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpstuff.h delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpx.c delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpxstuff.c delete mode 100644 ext/ipp/sources/ippcpepid/src/pcpgfpxstuff.h create mode 100644 parts-site/configurations/instr_release/__init__.py create mode 100644 parts-site/configurations/instr_release/g++.py create mode 100644 parts-site/configurations/instr_release/gcc.py create mode 100644 parts-site/configurations/instr_release/intelc_posix-any.py create mode 100644 parts-site/configurations/instr_release/intelc_win32-any.py create mode 100644 parts-site/configurations/instr_release/msvc_win32-any.py create mode 100644 parts-site/configurations/instr_size_optimized_release/__init__.py create mode 100644 parts-site/configurations/instr_size_optimized_release/g++.py create mode 100644 parts-site/configurations/instr_size_optimized_release/gcc.py create mode 100644 parts-site/configurations/instr_size_optimized_release/intelc_posix-any.py create mode 100644 parts-site/configurations/instr_size_optimized_release/intelc_win32-any.py create mode 100644 parts-site/configurations/instr_size_optimized_release/msvc_win32-any.py create mode 100644 parts-site/configurations/size_optimized_release/__init__.py create mode 100644 parts-site/configurations/size_optimized_release/g++.py create mode 100644 parts-site/configurations/size_optimized_release/gcc.py create mode 100644 parts-site/configurations/size_optimized_release/intelc_posix-any_posix-x86.py create mode 100644 parts-site/configurations/size_optimized_release/intelc_posix-any_posix-x86_64.py create mode 100644 parts-site/configurations/size_optimized_release/intelc_win32-any_win32-x86.py create mode 100644 parts-site/configurations/size_optimized_release/intelc_win32-any_win32-x86_64.py create mode 100644 parts-site/configurations/size_optimized_release/msvc_win32-any_win32-x86.py create mode 100644 parts-site/configurations/size_optimized_release/msvc_win32-any_win32-x86_64.py create mode 100644 parts-site/pieces/arm_support.py create mode 100644 parts-site/tools/g++.py create mode 100644 parts-site/tools/gcc.py diff --git a/CHANGELOG.md b/CHANGELOG.md index 36657a3..3e68978 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,72 @@ # Intel(R) EPID SDK ChangeLog {#ChangeLog} -## [3.0.0] +## [4.0.0] - 2017-04-25 -### New in This Release +### Added -* Support for verification of EPID 1.1 members. +* The member implementation now provides an internal interface that + gives guidance on partitioning member operations between highly + sensitive ones that use f value of the private key, and less + sensitive operations that can be performed in a host environment. + +* New member API `EpidAssemblePrivKey` was added to help assemble and + validate the new member private key that is created when a member + either joins a group (using the join protocol) or switches to a new + group (as the result of a performance rekey). + + +### Changed + +* Updated Intel(R) IPP Cryptography library to version 2017 (Update 2). + +* The mechanism to set the signature based revocation list (SigRL) + used for signing was changed. `EpidMemberSetSigRl` must be used to + set the SigRL. The SigRL is no longer a parameter to `EpidSign`. + This better models typical use case where a device stores a + revocation list and updates it independently of signing operations. + + +### Removed + +* Removed `EpidWritePreSigs` API. Serialization of pre-computed + signatures is a risky capability to provide, and simply expanding + the internal pool via `EpidAddPreSigs` still provides most of the + optimization benefits. + +* The `EpidIsPrivKeyInGroup` API is no longer exposed to clients. It + is no longer needed because the new member API `EpidAssemblePrivKey` + performs this check. + + +### Fixed + +* When building with commercial version of the Intel(R) IPP + Cryptography library, optimized functions are now properly invoked, + making signing and verification operations ~2 times faster + +* SHA-512/256 hash algorithm is now supported. + +* README for compressed data now correctly documents the number of + entries in revocation lists. + +* The `verifysig` sample now reports a more clear error message for + mismatched SigRLs. + +* The default scons build will now build for a 32-bit target on a + 32-bit platform. + + +### Known Issues + +* Scons build will not work natively on ARM. You can still build using + `make` or cross compile. + + +## [3.0.0] - 2016-11-22 + +### Added + +* Support for verification of Intel(R) EPID 1.1 members. * Make-based build system support. @@ -23,12 +85,13 @@ ### Changes * A new verifier API has been added to set the basename to be used for - verification. Verifier APIs that used to accept basenames now use - the basename set via EpidVerifierSetBasename. + verification. Verifier APIs that used to accept basenames now use + the basename set via `EpidVerifierSetBasename`. * The verifier pre-computation structure has been changed to include the group ID to allow detection of errors that result from providing - a pre-computation blob from a different group to EpidVerifierCreate. + a pre-computation blob from a different group to + `EpidVerifierCreate`. ### Fixes @@ -44,7 +107,7 @@ ## [2.0.0] - 2016-07-20 -### New in This Release +### Added * Signed binary issuer material support. @@ -63,7 +126,7 @@ - WindRiver IDP -### Changes +### Changed * The default hash algorithm has changed. It is now SHA-512. @@ -71,14 +134,14 @@ instead. -### Fixes +### Fixed * Updated build flags to work around GCC 4.8.5 defect. ## [1.0.0] - 2016-03-03 -### New in This Release +### Added * Basic sign and verify functionality diff --git a/LICENSE.txt b/LICENSE.txt index 38f89e4..cdce082 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -203,19 +203,20 @@ ======================================================================= -EPID SDK Subcomponents: +SDK Subcomponents: -The EPID SDK contains subcomponents with separate copyright notices -and license terms. Your use of the source code for these subcomponents -is subject to the terms and conditions of the following licenses. +The Intel(R) EPID SDK contains subcomponents with separate copyright +notices and license terms. Your use of the source code for these +subcomponents is subject to the terms and conditions of the following +licenses. ----------------------------------------------------------------------- The BSD 3-Clause License ----------------------------------------------------------------------- -The EPID SDK bundles portions of the following under the BSD 3-Clause -License: +The Intel(R) EPID SDK bundles portions of the following under the BSD +3-Clause License: - Google Test (https://github.com/google/googletest) Copyright 2008, Google Inc. @@ -247,3 +248,34 @@ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +----------------------------------------------------------------------- +zlib License +----------------------------------------------------------------------- + +The Intel(R) EPID SDK bundles portions of the following under the zlib +License: + +dropt +Copyright (c) 2006-2012 James D. Lin + +This software is provided 'as-is', without any express or implied +warranty. In no event will the authors be held liable for any damages +arising from the use of this software. + +Permission is granted to anyone to use this software for any purpose, +including commercial applications, and to alter it and redistribute it +freely, subject to the following restrictions: + +1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + +2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + +3. This notice may not be removed or altered from any source distribution. + + diff --git a/Makefile.in b/Makefile.in index b4a7a81..c27ec1c 100644 --- a/Makefile.in +++ b/Makefile.in @@ -7,53 +7,92 @@ epidinstalldir = $(installdir)/epid-sdk CC = @CC@ CXX = @CXX@ CFLAGS = @CFLAGS@ +LDFLAGS = @LDFLAGS@ +RANLIB = @RANLIB@ +CONFIG = @CONFIG@ + +#set performance affecting flags +ifeq ($(CONFIG),release) + SIZE_CFLAGS := -O2 +else + SIZE_CFLAGS := -Os + ifeq ($(findstring icc,$(CC)),icc) + ifeq ($(findstring -m32,$(CFLAGS)),-m32) + SIZE_CFLAGS := -O2 + endif + endif + SIZE_CFLAGS += -fdata-sections -ffunction-sections + LDFLAGS += -Xlinker --gc-sections +endif -#g++ flags -CXX_FLAGS := $(CFLAGS) -O2 -Werror -Wall -Wextra -Wno-missing-braces \ - -Wno-missing-field-initializers -Wno-unknown-pragmas -Wno-unused-function \ - -fno-strict-aliasing -Wno-unused-but-set-variable -Wno-comment -DNDEBUG #gcc flags -CC_FLAGS := $(CXX_FLAGS) -D_IPP_v50_ -D_IPP_DEBUG +CC_FLAGS := $(CFLAGS) $(SIZE_CFLAGS) -Werror -Wall -Wextra -Wno-missing-braces \ + -Wno-missing-field-initializers -Wno-unknown-pragmas -Wno-unused-function \ + -fno-strict-aliasing -Wno-unused-but-set-variable -Wno-comment -Wformat \ + -Wformat-security -fstack-protector -fPIC -DNDEBUG -D_FORTIFY_SOURCE=2 +#g++ flags +CXX_FLAGS := $(CC_FLAGS) -std=c++0x -#intel c++ compiler flags -ICPC_FLAGS := $(CFLAGS) -O2 -Werror -Wall -Wextra -DNDEBUG #intel c compiler flags -ICC_FLAGS := $(ICPC_FLAGS) -D_IPP_v50_ -D_IPP_DEBUG +ICC_FLAGS := $(CFLAGS) $(SIZE_CFLAGS) -Werror -Wall -Wextra -DNDEBUG \ + -fstack-protector -fPIC -D_FORTIFY_SOURCE=2 \ + -Wformat -Wformat-security +#intel c++ compiler flags +ICPC_FLAGS := $(ICC_FLAGS) -std=c++0x #check if architecture was specified #or take it by shell command ifeq ($(findstring -m32,$(CFLAGS)),-m32) ARCH = x86 CXXFLAGS += -m32 + LDFLAGS += -m32 else ifeq ($(findstring -m64,$(CFLAGS)),-m64) ARCH = x86_64 CXXFLAGS += -m64 + LDFLAGS += -m64 else - ARCH := $(shell uname -m) + ifeq ($(findstring arm-,$(CC)),arm-) + ARCH = arm + + ifneq (,$(findstring gnueabihf,$(CC))) + ARCH := $(addsuffix hf,$(ARCH)) + endif + + else + ARCH := $(shell uname -m) + endif endif +#set ippflags +IPP_FLAGS := -Wno-misleading-indentation -D_IPP_v50_ -D_IPP_DEBUG \ + -D_DISABLE_ALG_MD5_ -D_DISABLE_ALG_SM3_ + #set tools and flags depending on specified compiler -ifeq ($(CC),icc) +ifeq ($(findstring icc,$(CC)),icc) CFLAGS := $(ICC_FLAGS) CXXFLAGS := $(ICPC_FLAGS) - AR = xiar + AR = $(subst icc,xiar,$(CC)) else CFLAGS := $(CC_FLAGS) CXXFLAGS := $(CXX_FLAGS) endif -#set c++11 for all c++ compilers -CXXFLAGS += -std=c++0x +# ld flags +LDFLAGS += -fstack-protector -z noexecstack -z relro -z now -pie + +#gtest defines +GTEST_DEFINES := -DGTEST_HAS_PTHREAD=0 -D_VARIADIC_MAX=10 #set flags for unit tests executables GTEST_FLAGS = --gtest_color=yes \ --gtest_print_time=1 \ --gtest_output=xml -export CC AR LDFLAGS ARCH CFLAGS +export CC LDFLAGS ARCH CFLAGS export CXX CXXFLAGS +export AR RANLIB export epidinstalldir -export GTEST_FLAGS +export GTEST_FLAGS GTEST_DEFINES IPP_FLAGS #just output $(info $$ccompiler is [${CC}]) @@ -65,7 +104,6 @@ all: ipp common member verifier dropt examples_util examples epid_tools clean: $(MAKE) -C ./ext/ipp/sources/ippcp clean - $(MAKE) -C ./ext/ipp/sources/ippcpepid clean $(MAKE) -C ./epid/common/ clean $(MAKE) -C ./epid/member/ clean $(MAKE) -C ./epid/verifier/ clean @@ -75,10 +113,12 @@ clean: $(MAKE) -C ./ext/gtest/ clean $(MAKE) -C ./epid/common-testhelper/ clean $(MAKE) -C ./ext/dropt/ clean +ifneq ("$(wildcard ./ext/google_benchmark)","") + $(MAKE) -C ./ext/google_benchmark/ clean +endif install: $(MAKE) -C ./ext/ipp/sources/ippcp install - $(MAKE) -C ./ext/ipp/sources/ippcpepid install $(MAKE) -C ./epid/common/ install $(MAKE) -C ./epid/member/ install $(MAKE) -C ./epid/verifier/ install @@ -91,7 +131,6 @@ uninstall: ipp: $(MAKE) -C ./ext/ipp/sources/ippcp all - $(MAKE) -C ./ext/ipp/sources/ippcpepid all common: $(MAKE) -C ./epid/common/ all @@ -108,13 +147,21 @@ dropt: examples_util: $(MAKE) -C ./example/util/ all -check: +utest: $(MAKE) -C ./ext/gtest/ all $(MAKE) -C ./epid/common-testhelper/ all - $(MAKE) -C ./epid/common-testhelper/ check - $(MAKE) -C ./epid/common/ check - $(MAKE) -C ./epid/member/ check - $(MAKE) -C ./epid/verifier/ check + $(MAKE) -C ./epid/common-testhelper/ utest + $(MAKE) -C ./epid/common/ utest + $(MAKE) -C ./epid/member/ utest + $(MAKE) -C ./epid/verifier/ utest + +run_utest: + $(MAKE) -C ./epid/common-testhelper/ run_utest + $(MAKE) -C ./epid/common/ run_utest + $(MAKE) -C ./epid/member/ run_utest + $(MAKE) -C ./epid/verifier/ run_utest + +check: utest run_utest examples: $(MAKE) -C ./example/ all @@ -122,4 +169,11 @@ examples: epid_tools: $(MAKE) -C ./tools/ all +perf: +ifneq ("$(wildcard ./ext/google_benchmark/)","") + $(MAKE) -C ./ext/google_benchmark/ all + $(MAKE) -C ./ext/google_benchmark/ utest + $(MAKE) -C ./ext/google_benchmark/ run_utest +endif + build: all check install diff --git a/NOTICE.txt b/NOTICE.txt index fc0c420..51a62a2 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -1,22 +1,21 @@ Intel(R) EPID SDK -Copyright 2016 Intel Corporation +Copyright 2016-2017 Intel Corporation ========== -The Intel(R) EPID SDK contains subcomponents with separate copyright notices -and license terms. +The Intel(R) EPID SDK contains subcomponents with separate copyright +notices and license terms. Your use of the source code for the these subcomponents is subject to the terms and conditions of their respective licenses. -See the LICENSE.txt file for a list of subcomponents and dependencies and -their respective licenses. +See the LICENSE.txt file for a list of subcomponents and dependencies +and their respective licenses. ---------- The source code used for math primitives in the Intel(R) EPID SDK is a -subset of the Intel(R) IPP Cryptography library (v9.0.3) written in -C. For higher performance, you can use the commercial version of the -IPP Cryptography libraries, which are available at +subset of Intel(R) IPP Cryptography 2017 Update 2 written in C. For +higher performance, you can use the commercial version of the IPP +Cryptography libraries, which are available at https://software.intel.com/articles/download-ipp-cryptography-libraries. - diff --git a/README.md b/README.md index 5cb5c5f..2c201e0 100644 --- a/README.md +++ b/README.md @@ -51,7 +51,13 @@ See [LICENSE.txt](LICENSE.txt). ## Math Primitives The source code used for math primitives in the Intel(R) EPID SDK is a -subset of the Intel(R) IPP Cryptography library (v9.0.3) written in -C. For higher performance, you can use the commercial version of the -IPP Cryptography libraries, which are available at -https://software.intel.com/articles/download-ipp-cryptography-libraries. +subset of the Intel(R) IPP Cryptography library (version 2017 Update +2) written in pure C and not optimized for performance. For higher +performance, you can use the commercial version of the IPP +Cryptography library, which is available at +[https://software.intel.com/articles/download-ipp-cryptography-libraries](https://software.intel.com/articles/download-ipp-cryptography-libraries). + +More information on the optimized versions of Intel(R) IPP +Cryptography library, including mitigations for a potential +side-channel issue are available at +[https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00060&languageid=en-fr](https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00060&languageid=en-fr). diff --git a/SConstruct b/SConstruct index 195222d..7aacd89 100644 --- a/SConstruct +++ b/SConstruct @@ -1,5 +1,5 @@ ############################################################################ -# Copyright 2016 Intel Corporation +# Copyright 2016-2017 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,40 +20,119 @@ import string import sys import SCons.Script import os.path +import subprocess +from subprocess import Popen, PIPE from parts import * +import re +import tempfile +import shutil +from collections import OrderedDict -print "**************** TOOLS ****************" -print '* Python Version:', string.split(sys.version, " ", 1)[0] -print '* SCons Version:', SCons.__version__ -print '* Parts Version:', PartsExtensionVersion() -print "***************************************" -def PrintCompilerVersion(env): - """ - Function to print version of compilers used for build +def get_parts_versions(env): + """Get Parts related versions given SCons environment env""" + return OrderedDict({'python': string.split(sys.version, " ", 1)[0], + 'scons': str(SCons.__version__), + 'parts': str(PartsExtensionVersion())}) + + +def get_toolchain_versions(env): + """Get version of compilation toolchain given SCons environment env""" + versions = OrderedDict() + if 'MSVC_VERSION' in env: + versions['compiler'] = 'MSVC ' + env['MSVC_VERSION'] + cmd = env.subst('echo int main(){return 0;} > a.cpp' + ' | $CXX $CCFLAGS a.cpp /link /verbose') + defaultlib_regexp = r'.*Searching (.*\.lib).*' + elif 'GCC_VERSION' in env: + versions['compiler'] = 'GCC ' + env['GCC_VERSION'] + if 'GXX_VERSION' in env: + versions['compiler'] += ' and GXX ' + env['GXX_VERSION'] + cmd = env.subst('echo "int main(){return 0;}"' + ' | $CXX $CCFLAGS -xc++ -Wl,--verbose -') + else: + cmd = env.subst('echo "int main(){return 0;}"' + ' | $CC $CCFLAGS -xc -Wl,--verbose -') + defaultlib_regexp = r'[\n(](/.*\.so[-.\da-fA-F]*).*' + + # Intel C compiler always depends from base toolchain + if 'INTELC_VERSION' in env: + versions['compiler'] = 'INTELC {0} with {1}'.format(env['INTELC_VERSION'], + versions['compiler']) + + temp_dir = tempfile.mkdtemp() + try: + proc = subprocess.Popen(cmd, + cwd=temp_dir, + env=env['ENV'], shell=True, + stdout=subprocess.PIPE, stderr=subprocess.PIPE) + stdout, _ = proc.communicate() + if proc.returncode != 0: + versions['default_libs'] = 'failure executing: "{0}"'.format(cmd) + else: + default_libs = list( + set(re.findall(defaultlib_regexp, stdout, re.M))) + if 'MSVC_VERSION' in env: + # for windows additionally report versions of Windows Kit used + runtime_version_set = set() + for lib_path in default_libs: + path_components = os.path.realpath(lib_path).split(os.sep) + if 'Windows Kits' in path_components: + i = path_components.index('Windows Kits') + runtime_version_set.add( + 'Windows Kits {0} {1}'.format(path_components[i + 1], + path_components[i + 3])) + versions['sdk_or_libc'] = '; '.join(list(runtime_version_set)) + else: + # for posix additionally report versions of libc used + versions['sdk_or_libc'] = os.path.split(os.path.realpath( + next((lib for lib in default_libs if + 'libc' in lib.lower() and 'libcilk' not in lib.lower()), None)))[1] + versions['default_libs'] = default_libs + finally: + shutil.rmtree(temp_dir) + + return versions + + +def log_versions(env, include_toolchain=True): + """Log tools and libraries versions given SCons environment env + Args: - env: Environment to get compilers version + env: Scons environment. + include_toolchain: Log version of compilation toolchain if True. """ - res = '' - if 'INTELC_VERSION' in env: - res += 'ICC ' + env['INTELC_VERSION'] + ';' - if 'MSVC_VERSION' in env: - res += 'MS ' + env['MSVC_VERSION'] + ';' - if 'GXX_VERSION' in env: - res += 'GXX ' + env['GXX_VERSION'] + ';' - if 'GCC_VERSION' in env: - res += 'GCC ' + env['GCC_VERSION'] + ';' - print 'Compiler Version: ', res + + versions = get_parts_versions(env) + if include_toolchain: + versions.update(get_toolchain_versions(env)) + + print "**************** VERSIONS *************" + long_names = { + 'python': 'Python Version', + 'scons': 'SCons Version', + 'parts': 'Parts Version', + 'compiler': 'Compiler Version', + 'sdk_or_libc': 'Libc/SDK', + 'default_libs': 'Default Libs' + } + for name, value in versions.iteritems(): + if not isinstance(value, list): + print '* {0}: {1}'.format(long_names.get(name, name), value) + else: + print '* {0}:\n* \t{1}'.format(long_names.get(name, name), + '\n* \t'.join(sorted(value))) + print "***************************************" + def include_parts(part_list, **kwargs): for parts_file in part_list: if os.path.isfile(DefaultEnvironment().subst(parts_file)): Part(parts_file=parts_file, **kwargs) + ######## Part groups #################################################### -ipp_parts = ['ext/ipp/ippcp.parts', - 'ext/ipp/ippcpepid.parts', - 'ext/ipp/ippcommon.parts'] +ipp_parts = ['ext/ipp/ippcp.parts'] utest_parts = ['ext/gtest/gtest.parts', 'epid/common-testhelper/common-testhelper.parts'] common_parts = ['epid/common/common.parts'] @@ -65,6 +144,11 @@ example_parts = ['ext/dropt/dropt.parts', 'example/signmsg/signmsg.parts', 'example/data/data.parts', 'example/compressed_data/compressed_data.parts'] +sizing_parts = ['example/signmsg/signmsg_shared.parts', + 'example/verifysig/verifysig_shared.parts', + 'example/verifysig/verifysig11_shared.parts'] +example_static_parts = ['example/signmsg/signmsg_static.parts', + 'example/verifysig/verifysig_static.parts'] tools_parts = ['tools/revokegrp/revokegrp.parts', 'tools/revokekey/revokekey.parts', 'tools/revokesig/revokesig.parts', @@ -79,40 +163,60 @@ testbot_test_parts = ['test/testbot/testbot.parts', 'test/testbot/revokekey/revokekey_testbot.parts', 'test/testbot/revokesig/revokesig_testbot.parts', 'test/testbot/extractkeys/extractkeys_testbot.parts', - 'test/testbot/extractgrps/extractgrps_testbot.parts'] + 'test/testbot/extractgrps/extractgrps_testbot.parts', + 'tools/reports/reports.parts'] package_parts = ['ext/gtest/gtest.parts', - 'ext/ipp/ippcommon.parts', 'ext/ipp/ippcp.parts', - 'ext/ipp/ippcpepid.parts', 'package.parts'] +memory_profiler_parts = ['tools/memory_profiler/memory_profiler.parts'] internal_tools_parts = ['ext/dropt/dropt.parts', 'tools/ikgfwrapper/ikgfwrapper.parts'] +epid_data = ['test/epid_data/epid_data.parts'] +perf_benchmark_parts = ['ext/google_benchmark/google_benchmark.parts', + 'test/performance/performance.parts'] +memory_benchmark_parts = ['test/dynamic_memory/dynamic_memory.parts'] ######## End Part groups ############################################### ######## Commandline option setup ####################################### product_variants = [ 'production', 'internal-test', 'package-epid-sdk', - 'internal-tools' + 'internal-tools', + 'benchmark' ] default_variant = 'production' + def is_production(): return GetOption("product-variant") == 'production' + def is_internal_test(): return GetOption("product-variant") == 'internal-test' + def is_internal_tools(): return GetOption("product-variant") == 'internal-tools' + def is_package(): return GetOption("product-variant") == 'package-epid-sdk' + +def is_benchmark(): + return GetOption("product-variant") == 'benchmark' + + def use_commercial_ipp(): return GetOption("use-commercial-ipp") + +def config_has_instrumentation(): + return any(DefaultEnvironment().isConfigBasedOn(config_name) + for config_name in ['instr_release', 'instr_size_optimized_release']) + + def variant_dirname(): s = GetOption("product-variant") if s == 'production': @@ -122,6 +226,7 @@ def variant_dirname(): else: return s + AddOption("--product-variant", "--prod-var", nargs=1, help=("Select product variant to build. Possible " "options are: {0}. The default is {1} if no option " @@ -136,6 +241,11 @@ AddOption("--use-commercial-ipp", action='store_true', dest='use-commercial-ipp', default=False) +AddOption("--ipp-shared", + help=("Build /ext/ipp as shared library."), + action='store_true', dest='ipp-shared', + default=False) + SetOptionDefault("PRODUCT_VARIANT", variant_dirname()) ######## End Commandline option setup ################################### @@ -144,8 +254,8 @@ SetOptionDefault("PRODUCT_VARIANT", variant_dirname()) # fix for parts 0.10.8 until we get better logic to extract ${CC} SetOptionDefault('PARTS_USE_SHORT_TOOL_NAMES', 1) + def set_default_production_options(): - SetOptionDefault('TARGET_PLATFORM', 'x86_64') SetOptionDefault('CONFIG', 'release') SetOptionDefault('TARGET_VARIANT', '${TARGET_OS}-${TARGET_ARCH}') @@ -189,11 +299,14 @@ def set_default_production_options(): SetOptionDefault('PACKAGE_NAME', '{PRODUCT_VARIANT}') + if is_production(): set_default_production_options() ipp_mode = ['install_lib'] if use_commercial_ipp(): ipp_mode.append('use_commercial_ipp') + if GetOption('ipp-shared'): + ipp_mode.append('build_ipp_shared') include_parts(ipp_parts, mode=ipp_mode, INSTALL_INCLUDE='${INSTALL_IPP_INCLUDE}') include_parts(utest_parts + common_parts + @@ -207,7 +320,6 @@ if is_production(): include_parts(tools_parts, INSTALL_BIN='${INSTALL_TOOLS_BIN}', INSTALL_DATA='${INSTALL_TOOLS_DATA}') - PrintCompilerVersion(DefaultEnvironment()) Default('all') Default('run_utest::') @@ -219,6 +331,8 @@ if is_internal_test(): include_parts(util_parts + example_parts, INSTALL_BIN='${INSTALL_SAMPLE_BIN}', INSTALL_DATA='${INSTALL_SAMPLE_DATA}') + include_parts(sizing_parts, + INSTALL_BIN='${INSTALL_SAMPLE_BIN}') include_parts(tools_parts, INSTALL_BIN='${INSTALL_TOOLS_BIN}') include_parts(testbot_test_parts) Default('all') @@ -226,8 +340,39 @@ if is_internal_test(): if is_internal_tools(): set_default_production_options() include_parts(ipp_parts + utest_parts + common_parts + util_parts) - include_parts(internal_tools_parts, INSTALL_BIN='${INSTALL_TOOLS_BIN}') - Default('ikgfwrapper') + include_parts(internal_tools_parts + memory_profiler_parts, + INSTALL_BIN='${INSTALL_TOOLS_BIN}') + Default('ikgfwrapper', 'memory_profiler') + Default('run_utest::memory_profiler::') + +if is_benchmark(): + set_default_production_options() + MODE = [] + if config_has_instrumentation(): + MODE.append('use_memory_profiler') + ipp_mode = [] + if use_commercial_ipp(): + ipp_mode.append('use_commercial_ipp') + + # install ipp static and ipp shared builds into separate locations + if GetOption('ipp-shared'): + ipp_mode.append('build_ipp_shared') + SetOptionDefault('INSTALL_TEST_BIN', + '$INSTALL_ROOT/test_ipp_shared') + # do not allow file links to keep previous builds intact + SetOptionDefault('CCOPY_LOGIC', 'copy') + + include_parts(ipp_parts, mode=MODE+ipp_mode, INSTALL_BIN='${INSTALL_TEST_BIN}') + include_parts(example_static_parts + utest_parts + perf_benchmark_parts + + common_parts + member_parts + verifier_parts + + sizing_parts + epid_data, + mode=MODE, + INSTALL_BIN='${INSTALL_TEST_BIN}') + if 'use_memory_profiler' in MODE: + include_parts(memory_benchmark_parts + memory_profiler_parts, + mode=MODE, + INSTALL_BIN='${INSTALL_TEST_BIN}') + Default('build::') if is_package(): set_default_production_options() @@ -235,3 +380,5 @@ if is_package(): mode=['install_package'], INSTALL_TOP_LEVEL='${PACKAGE_ROOT}') Default('package') + +log_versions(DefaultEnvironment(), not is_package()) diff --git a/configure b/configure index 02a6d41..b098aea 100644 --- a/configure +++ b/configure @@ -584,6 +584,8 @@ PACKAGE_URL='' ac_default_prefix=`pwd`/_install ac_subst_vars='LTLIBOBJS LIBOBJS +CONFIG +RANLIB ac_ct_CXX CXXFLAGS CXX @@ -613,6 +615,7 @@ infodir docdir oldincludedir includedir +runstatedir localstatedir sharedstatedir sysconfdir @@ -635,6 +638,7 @@ SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking +with_config ' ac_precious_vars='build_alias host_alias @@ -685,6 +689,7 @@ datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -937,6 +942,15 @@ do | -silent | --silent | --silen | --sile | --sil) silent=yes ;; + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -1074,7 +1088,7 @@ fi for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir + libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -1227,6 +1241,7 @@ Fine tuning of the installation directories: --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -1253,6 +1268,14 @@ if test -n "$ac_init_help"; then esac cat <<\_ACEOF +Optional Packages: + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --with-config=type Choose config type. Possible options are: + --with-config=release, + --with-config=size_optimized_release. Default is + 'release' if no option is specified. + Some influential environment variables: CC C compiler command CFLAGS C compiler flags @@ -2632,11 +2655,121 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu +#define ranlib +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_RANLIB+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +RANLIB=$ac_cv_prog_RANLIB +if test -n "$RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +$as_echo "$RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_RANLIB"; then + ac_ct_RANLIB=$RANLIB + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_RANLIB"; then + ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB +if test -n "$ac_ct_RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +$as_echo "$ac_ct_RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_RANLIB" = x; then + RANLIB=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + RANLIB=$ac_ct_RANLIB + fi +else + RANLIB="$ac_cv_prog_RANLIB" +fi # restore flags CFLAGS="$CFLAGS_OLD" CPPFLAGS="$CPPFLAGS_OLD" + +# Check whether --with-config was given. +if test "${with_config+set}" = set; then : + withval=$with_config; +else + with_config=release + +fi + + +CONFIG="release" + +if test "x$with_config" != "xrelease"; then : + + CONFIG=size_optimized_release + +fi + # default install path is current directory ac_config_files="$ac_config_files Makefile" diff --git a/configure.ac b/configure.ac index c5d3082..55a113e 100644 --- a/configure.ac +++ b/configure.ac @@ -8,11 +8,27 @@ CPPFLAGS_OLD="$CPPFLAGS" AC_PROG_CC([gcc icc cc]) #c++ compiler priority AC_PROG_CXX([g++ icpc c++]) - +#define ranlib +AC_PROG_RANLIB() # restore flags CFLAGS="$CFLAGS_OLD" CPPFLAGS="$CPPFLAGS_OLD" +AC_ARG_WITH([config], + AS_HELP_STRING([--with-config=type], + [Choose config type. Possible options are: + --with-config=release, + --with-config=size_optimized_release. + Default is 'release' if no option is specified.]), + [], + [with_config=release] +) + +AC_SUBST([CONFIG], ["release"]) +AS_IF([test "x$with_config" != "xrelease"], [ + [CONFIG=size_optimized_release] +]) + # default install path is current directory AC_PREFIX_DEFAULT([`pwd`/_install]) AC_CONFIG_FILES([Makefile]) diff --git a/doc/html/1_81_2file__parser_8h.html b/doc/html/1_81_2file__parser_8h.html index 5019855..6b012c3 100644 --- a/doc/html/1_81_2file__parser_8h.html +++ b/doc/html/1_81_2file__parser_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -96,7 +96,7 @@ Functions diff --git a/doc/html/1_81_2types_8h.html b/doc/html/1_81_2types_8h.html index c5d3fb2..6e51db7 100644 --- a/doc/html/1_81_2types_8h.html +++ b/doc/html/1_81_2types_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -143,7 +143,7 @@ typedef OctStr32 
  • epid
  • common
  • 1.1
  • types.h
  • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
    • diff --git a/doc/html/Basenames.html b/doc/html/Basenames.html index 91d749d..6a7c031 100644 --- a/doc/html/Basenames.html +++ b/doc/html/Basenames.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -85,7 +85,7 @@ Name Based Signatures diff --git a/doc/html/BuildToolsInstallation.html b/doc/html/BuildToolsInstallation.html index aa4a477..e65f91c 100644 --- a/doc/html/BuildToolsInstallation.html +++ b/doc/html/BuildToolsInstallation.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -70,13 +70,13 @@ $(document).ready(function(){initNavTree('BuildToolsInstallation.html','');});

    Building SDK code out of the box requires a number of tools. This section explains how to install the following tools:

    - + - + - + - +
    Prerequisite Download Link
    Prerequisite URL Downloads
    Python python 2.7.12 installers
    Python 2.7 https://www.python.org python 2.7.12 installers
    SCons scons-2.4.1.zip
    SCons 2.4 http://www.scons.org scons-2.4.1.zip
    Parts parts-0.11.0.zip
    Parts 0.11 https://bitbucket.org/sconsparts/parts/downloads parts-0.11.0.zip


    @@ -112,6 +112,8 @@ Installing Parts
    Note
    You may need administrative privileges to execute this command.


    + To verify that Parts installed correctly, run: 

        > python -c "import pkgutil; print 'Parts is installed' if 'parts' in [str(n) for _, n, _ in pkgutil.iter_modules()] else 'Parts module is not found'"
+


    @@ -120,7 +122,7 @@ Installing Parts diff --git a/doc/html/BuildingSdk.html b/doc/html/BuildingSdk.html index fcb2c1e..eed8ffa 100644 --- a/doc/html/BuildingSdk.html +++ b/doc/html/BuildingSdk.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -66,6 +66,7 @@ $(document).ready(function(){initNavTree('BuildingSdk.html','');});
  • Building SDK with SCons
  • Alternate Makefile/Autoconf Based Build Approach
  • Improving Performance with Commercial IPP
    • +
  • Optimizing Code Size over Performance
  • Example Programs
  • Building with Other Build Systems
    • @@ -75,24 +76,27 @@ $(document).ready(function(){initNavTree('BuildingSdk.html','');}); Prerequisites

    Building SDK code out of the box requires a number of tools. This section lists the tools used to build the SDK.

    For more information on how to install these tools, refer to Guide to Installing Build Tools.

    +

    For a list of compilers and libraries that the SDK was validated on, refer to Tested Libraries and Compilers.

    - + - +
    Prerequisite Notes
    A C/C++ compiler Core code in C. Unit tests need C++11 support.
    Python Validated with v2.7.10
    Python Validated with v2.7.12
    SCons Validated with v2.4.1
    Parts 0.10.9.2 or later
    Parts 0.11.0 or later

    Building SDK with SCons

    To use the SDK, you need to build it to generate libraries compatible with your build environment.

    To build based on the default SConstruct file in the root directory of the SDK, invoke scons with no arguments. 

    cd <path/to/sdk-root>
 scons
-

    By default, this performs a 64 bit release build.

    +

    By default, this performs a release build of the SDK with unit tests for the current platform and runs unit tests.

    +

    To skip unit test execution when doing cross platfrom build use: 

    scons build:: utest::
+

    Built components appear in the _install directory of the SDK root.

    Potentially useful command line options:

    @@ -102,15 +106,25 @@ scons - + - + + + + + + + + + - + + + @@ -120,7 +134,6 @@ scons
    --cfg=release Build in release mode
    --target=x86 Target x86
    --cfg=size_optimized_release Build in release mode optimized for code size
    --target=x86_64 Target x86_64
    --target=x86 Target x86 (i386) architecture
    --target=x86_64 Target x86-64 architecture
    --target=arm Target 32-bit ARM architecture
    --target=arm_hf Target 32-bit ARM architecture with hard float ABI
    --target=aarch64 Target AArch64 (64-bit ARM) architecture
    --tc=cl Use MSVC to compile (Microsoft®* C/C++ Optimizing Compiler)
    --tc=gcc Use GCC to compile (GNU* Compiler Collection)
    --tc=icl,mstools Use Intel® C++ compiler
    --tc=icl,mstools Use Intel® C++ compiler for Windows
    --tc=icc,gnutools Use Intel® C++ compiler for Linux
    build:: Build the SDK (does not build unit tests)
    -c Clean the build
    -

    Built components appear in the _install directory of the SDK root.

    Alternate Makefile/Autoconf Based Build Approach

    You can build with the make command on platforms that support Make/Autoconf.

    @@ -132,18 +145,28 @@ make install
    • The default compilers are GCC/G++. You can specify compilers via the CC and CXX variables. For example, ./configure CC=/opt/intel/bin/icc CXX=/opt/intel/bin/icpc
    • The default installation directory is ./_install. You can specify the installation directory by using ./configure --prefix=/usr/local/epid_install
      • -
    • To change OS bit version, use CFLAGS parameter -m32 and -m64. For example, ./configure CFLAGS=-m32
      • +
    • The default target matches the current environment. You may change it with the CFLAGS parameter. For example, ./configure CFLAGS=-m32 when run on x86_64 environment configures compilation to target x86.

    make check is optional. It builds and runs the unit tests.

    Alternatively, you can use make build as a shortcut to replace make all, make check, and make install.

    To clean the build, run make clean.

    To remove the install directory, run make uninstall.

    -

    +

    To configure cross compilation use --host option. For example, ./configure --host=arm-linux-gnueabi configures cross compilation build targeting ARM architecture. Cross compiled tests will not run on the build machine so make check should be replaced to make utest. A typical build sequence for cross compilation is as follows: 

    ./configure --host=<target system>
+make all
+make utest
+make install
+

    Improving Performance with Commercial IPP

    For higher performance, you can use the commercial version of Cryptography for Intel® Integrated Performance Primitives, available at https://software.intel.com/articles/download-ipp-cryptography-libraries.

    -
    Note
    The SDK has been validated with v9.0.3 of the cryptography library.
    -

    To build the SDK using a commercial Intel® IPP installation, the IPPROOT environment variable must be properly configured to point to the IPP installation directory, as described in Setting Environment Variables* in the Intel® IPP User's Guide (PDF link).

    +
    Note
    The SDK has been validated with version 2017 (Update 2) of the cryptography library.
    +

    To build the SDK using a commercial Intel® IPP installation, the IPPROOT environment variable must be properly configured to point to the IPP installation directory, as described in Setting Environment Variables* in the Intel® IPP Developer Guide (PDF link).

    Once the environment is configured, you can build using commercial IPP by specifying --use-commercial-ipp as a command line option.

    +

    +Optimizing Code Size over Performance

    +

    To build the SDK with optimization for size you should specify size_optimized_release configuration.

    +

    If you use scons to build the SDK use the command line option config=size_optimized_release.

    +

    If you use a make build system, use ./configure --with-config=size_optimized_release.

    +

    This configuration will enable size reducing compiler options and other necessary optimizations that reduce the size needed to run the SDK, but may impact performance.

    Example Programs

    The SDK includes several examples that show you different aspects of how the Intel® EPID scheme works. In the SDK build, these examples are located in _install/epid-sdk/example.

    @@ -163,7 +186,7 @@ Building with Other Build Systems


    -

    Other names and brands may be claimed as the property of others.

    +

    *Other names and brands may be claimed as the property of others.

    @@ -171,7 +194,7 @@ Building with Other Build Systems diff --git a/doc/html/ChangeLog.html b/doc/html/ChangeLog.html index 0e48d4f..73c3f3a 100644 --- a/doc/html/ChangeLog.html +++ b/doc/html/ChangeLog.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -61,10 +61,38 @@ $(document).ready(function(){initNavTree('ChangeLog.html','');});
    What's New
    -

    [3.0.0]

    -

    New in This Release

    +

    [4.0.0] - 2017-04-25

    +

    Added

      -
    • Support for verification of EPID 1.1 members.
      • +
    • The member implementation now provides an internal interface that gives guidance on partitioning member operations between highly sensitive ones that use f value of the private key, and less sensitive operations that can be performed in a host environment.
      • +
    • New member API EpidAssemblePrivKey was added to help assemble and validate the new member private key that is created when a member either joins a group (using the join protocol) or switches to a new group (as the result of a performance rekey).
      • +
    +

    Changed

    +
      +
    • Updated Intel(R) IPP Cryptography library to version 2017 (Update 2).
      • +
    • The mechanism to set the signature based revocation list (SigRL) used for signing was changed. EpidMemberSetSigRl must be used to set the SigRL. The SigRL is no longer a parameter to EpidSign. This better models typical use case where a device stores a revocation list and updates it independently of signing operations.
      • +
    +

    Removed

    +
      +
    • Removed EpidWritePreSigs API. Serialization of pre-computed signatures is a risky capability to provide, and simply expanding the internal pool via EpidAddPreSigs still provides most of the optimization benefits.
      • +
    • The EpidIsPrivKeyInGroup API is no longer exposed to clients. It is no longer needed because the new member API EpidAssemblePrivKey performs this check.
      • +
    +

    Fixed

    +
      +
    • When building with commercial version of the Intel(R) IPP Cryptography library, optimized functions are now properly invoked, making signing and verification operations ~2 times faster
      • +
    • SHA-512/256 hash algorithm is now supported.
      • +
    • README for compressed data now correctly documents the number of entries in revocation lists.
      • +
    • The verifysig sample now reports a more clear error message for mismatched SigRLs.
      • +
    • The default scons build will now build for a 32-bit target on a 32-bit platform.
      • +
    +

    Known Issues

    +
      +
    • Scons build will not work natively on ARM. You can still build using make or cross compile.
      • +
    +

    [3.0.0] - 2016-11-22

    +

    Added

    +
      +
    • Support for verification of Intel(R) EPID 1.1 members.
    • Make-based build system support.
    • Sample material includes compressed keys.
    • Enhanced documentation, including step-by-step walkthroughs of example applications.
      • @@ -76,8 +104,8 @@ $(document).ready(function(){initNavTree('ChangeLog.html','');});

    Changes

      -
    • A new verifier API has been added to set the basename to be used for verification. Verifier APIs that used to accept basenames now use the basename set via EpidVerifierSetBasename.
      • -
    • The verifier pre-computation structure has been changed to include the group ID to allow detection of errors that result from providing a pre-computation blob from a different group to EpidVerifierCreate.
      • +
    • A new verifier API has been added to set the basename to be used for verification. Verifier APIs that used to accept basenames now use the basename set via EpidVerifierSetBasename.
      • +
    • The verifier pre-computation structure has been changed to include the group ID to allow detection of errors that result from providing a pre-computation blob from a different group to EpidVerifierCreate.

    Fixes

      @@ -88,7 +116,7 @@ $(document).ready(function(){initNavTree('ChangeLog.html','');});
    • SHA-512/256 hash algorithm is not supported.

    [2.0.0] - 2016-07-20

    -

    New in This Release

    +

    Added

    • Signed binary issuer material support.
      • Binary issuer material validation APIs.
        • @@ -103,17 +131,17 @@ $(document).ready(function(){initNavTree('ChangeLog.html','');});
    -

    Changes

    +

    Changed

    • The default hash algorithm has changed. It is now SHA-512.
    • Functions that returned EpidNullPtrErr now return EpidBadArgErr instead.
    -

    Fixes

    +

    Fixed

    • Updated build flags to work around GCC 4.8.5 defect.

    [1.0.0] - 2016-03-03

    -

    New in This Release

    +

    Added

    • Basic sign and verify functionality
    • Dynamic join support for member
      • @@ -126,7 +154,7 @@ $(document).ready(function(){initNavTree('ChangeLog.html','');}); diff --git a/doc/html/ChoosingiKGF.html b/doc/html/ChoosingiKGF.html index 42c9de9..f1598d1 100644 --- a/doc/html/ChoosingiKGF.html +++ b/doc/html/ChoosingiKGF.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0
    @@ -223,7 +223,7 @@ Options: diff --git a/doc/html/EpidOverview.html b/doc/html/EpidOverview.html index f720905..64a02c8 100644 --- a/doc/html/EpidOverview.html +++ b/doc/html/EpidOverview.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0
    @@ -82,7 +82,7 @@ Roles

    In the Intel® EPID scheme, there are three roles: issuers, members, and verifiers.

    The entities in these roles interact with each other in such a way that a member can prove to a verifier that it is a trusted member of a group without disclosing the identity of the member. Groups are created and managed by the issuer.

    -epid_diagram_high_level_use_case.png +epid_diagram_roles_summary.png

    Issuers

    @@ -92,12 +92,12 @@ Issuers
  • Creates groups by generating one issuing private key and one group certificate for each group. The group certificate contains the group public key.
  • Creates group members by generating unique Intel® EPID member private keys through bulk provisioning. Member private keys are created from the issuing private key for the group.
  • Manages requests from prospective members to join existing groups by using the join protocol.
    • -
  • Creates and maintains signature based revocation lists and private key based revocation lists. These lists of members no longer in good standing allow members to be dropped from a group.
    • +
  • Creates and maintains signature revocation lists and member private key revocation lists. These lists of members no longer in good standing allow members to be dropped from a group.
  • Creates and maintains group revocation lists.
  • Makes group public keys and revocation lists available to verifiers.
    • -epid_diagram_issuer_high_level.png +epid_diagram_issuer_functionality.png

    Members

    @@ -108,7 +108,7 @@ Members
  • The member uses its member private key to sign a message to prove group membership to the verifier without revealing the identity of the member.
    • -epid_diagram_member_high_level.png +epid_diagram_member_functionality.png

    Verifiers

    @@ -122,7 +122,7 @@ Verifiers
  • Manage a private list of revoked members, also called the verifier blacklist.
    • -epid_diagram_verifier_high_level.png +epid_diagram_verifier_functionality.png

    Groups

    @@ -130,11 +130,14 @@ Groups

    All groups have the following:

    • Group public key, which corresponds to the issuing private key kept by the issuer
      • -
    • Signature based revocation list
      • -
    • Private key based revocation list
      • +
    • Signature revocation list
      • +
    • Member private key revocation list
    • Member private keys, generated from the issuing private key
    -

    If a signature based revocation list or private key based revocation list does not exist, it is assumed to be empty.

    +

    If a signature revocation list or member private key revocation list does not exist, it is assumed to be empty.

    +
    +epid_diagram_group.png +

    Keys

    The Intel® EPID scheme works with three types of keys: the group public key, the issuing private key, and the member private key. A group public key corresponds to the unique member private keys that are part of the group. Member private keys are generated from the issuing private key.

    @@ -156,7 +159,7 @@ Member and Verifier Interaction

    The Intel® EPID verifier uses the group public key to verify the correctness of an Intel® EPID signature, i.e., to verify that the signature was indeed created by a member with a valid Intel® EPID private key.

    However, the Intel® EPID signature does not convey any information about which unique private key was used to create the signature.

    -epid_diagram_high_level_interaction.png +epid_diagram_basic_interaction.png
    @@ -165,7 +168,7 @@ Member and Verifier Interaction diff --git a/doc/html/Glossary.html b/doc/html/Glossary.html index f4c563b..6f43609 100644 --- a/doc/html/Glossary.html +++ b/doc/html/Glossary.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -166,7 +166,7 @@ Verifier diff --git a/doc/html/HowValidated.html b/doc/html/HowValidated.html new file mode 100644 index 0000000..0349ed4 --- /dev/null +++ b/doc/html/HowValidated.html @@ -0,0 +1,123 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: Tested Libraries and Compilers + + + + + + + + + + + + +
    +
    + + + + + + +
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    +
    +
    Tested Libraries and Compilers
    +
    +
    +

    +Tested Libraries and Compilers

    +

    The Intel® SDK was validated with the following compilers:

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Runtime Library Compiler
    GNU* C Library (glibc) 2.23 GNU* Compiler Collection version (GCC) 6.2.0
    glibc 2.23 GCC 5.4.0
    glibc 2.20 GCC 4.9.1
    glibc 2.23 GCC 4.8.5
    glibc 2.23 Intel® C++ Compiler for Linux* (ICC) 17.0.1 with GCC 4.8.5
    glibc 2.23 ICC 17.0.1 with GCC 5.4.0
    glibc 2.23 ICC 17.0.1 with GCC 6.2.0
    glibc 2.23 ICC 16.0.3 with GCC 4.8.5
    glibc 2.23 ICC 16.0.3 with GCC 5.4.0
    glibc 2.23 ICC 16.0.3 with GCC 6.2.0
    glibc 2.23 ICC 15.0.7 with GCC 5.4.0
    glibc 2.23 ICC 14.0.4 with GCC 4.8.5
    Microsoft* Windows* Kit 10 Microsoft* Visual Studio*(VS) 2015
    Microsoft* Windows* Kit 8.1 VS 2015
    Microsoft* Windows* Kit 8.1 Intel® C++ Compiler for Windows* (ICL) 16.0.207 with VS 2013
    Microsoft* Windows* Kit 10 ICL 16.0.207 with VS 2015
    Microsoft* Windows* Kit 8.1 ICL 15.0.287 with VS 2013
    Microsoft* Windows* Kit 10 ICL 15.0.287 with VS 2015
    Microsoft* Windows* Kit 8.1 ICL 14.0.241 with VS 2013
    +


    + *Other names and brands may be claimed as the property of others.

    +
    +
    + + + + + diff --git a/doc/html/ImplementationNotes.html b/doc/html/ImplementationNotes.html index 6aa26d7..cee7f88 100644 --- a/doc/html/ImplementationNotes.html +++ b/doc/html/ImplementationNotes.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -69,13 +69,14 @@ $(document).ready(function(){initNavTree('ImplementationNotes.html','');});
  • Flexible Arrays
    • -

    +

    This section is intended to provide additional guidance for users who want to modify the underlying code of the SDK. If you only want to call the SDK APIs without modifying them, you can safely ignore this section.

    +

    Random Number Generation

    Some SDK APIs require a random number data source. A BitSupplier provides a source of random data. This function should be a cryptographically secure random number generator.

    Warning
    The pseudo-random number generator provided with the examples is for sample use only and is not suitable for cryptographically secure applications.

    Protecting Secrets

    -

    Member code works with private keys, so member code must be run in a trusted environment.

    +

    Member code works with private keys, so member code must be run in a trusted environment. The member component contains a TPM subcomponent which contains the most sensitive operations performed by the member.

    Warning
    If member memory is available to an untrusted source, the member private key could be exposed.

    The EpidZeroMemory function is used by the memory allocation routines EpidAlloc, EpidRealloc and EpidFree to wipe the memory as memory is freed.

    Warning
    The EpidZeroMemory function may be optimized away by some compilers. If it is, you should consider using a compiler or operating system specific memory sanitization function (e.g. memcpy_s or SecureZeroMemory).
    @@ -102,7 +103,7 @@ Flexible Arrays

    diff --git a/doc/html/IssuerMaterial.html b/doc/html/IssuerMaterial.html index 8a9012a..8cc6a8f 100644 --- a/doc/html/IssuerMaterial.html +++ b/doc/html/IssuerMaterial.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0
    @@ -67,7 +67,7 @@ $(document).ready(function(){initNavTree('IssuerMaterial.html','');});
  • Group Based Revocation Lists
    • -
  • Compressed Member Private Key
    • Compressed Sample Group A
      • +
    • Compressed Sample Groups
      • @@ -181,8 +181,7 @@ Group Based Revocation Lists grprl.bin One entry in which groupb is revoked

      -Compressed Member Private Key

      -

      Sample Groups

      +Compressed Sample Groups

      Intel® EPID SDK supports use of compressed member private keys. The groups described here use compressed compressed member private keys but structuarlly corospond to groups described above.

      Compressed Sample Group A

      @@ -285,7 +284,7 @@ Compressed Group Based Revocation Lists diff --git a/doc/html/LegalInformation.html b/doc/html/LegalInformation.html index e86d60f..3ee8118 100644 --- a/doc/html/LegalInformation.html +++ b/doc/html/LegalInformation.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -76,7 +76,7 @@ $(document).ready(function(){initNavTree('LegalInformation.html','');}); diff --git a/doc/html/Revocation.html b/doc/html/Revocation.html index 7191f2d..0cea37f 100644 --- a/doc/html/Revocation.html +++ b/doc/html/Revocation.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -134,7 +134,7 @@ Reasons the Verifier Might Revoke an Intel® EPID Signature diff --git a/doc/html/SdkOverview.html b/doc/html/SdkOverview.html index 0cc6124..8bac140 100644 --- a/doc/html/SdkOverview.html +++ b/doc/html/SdkOverview.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -105,7 +105,7 @@ SDK Components Sample Issuer Material Sample keys and revocation lists -

      Tools implement utility code to interact with Intel® EPID related services such as the Intel® Key GenerationFacility (iKGF)".

      +

      Tools to interact with Intel® EPID related services such those offered by the Intel® Key Generation Facility.

      @@ -128,6 +128,8 @@ SDK Components + +
      Component Description
      gtest gtest unit test framework
      Build Scripts Scripts to configure and build the SDK
      dropt Library for parsing command line

      Math primitives are implemented in the math sub-component of common. The reference math primitive implementation is based on a non-optimized Vanilla C subset of the Intel® Performance Primitives. Math is designed so that you can replace its implementation to call custom hardware IP blocks or optimized libraries.

      Intel® EPID 1.1 Compatibility

      @@ -166,18 +168,19 @@ Source Layout | |__ verifysig/ Source for signature validation signing example | |__ ext/ -| |__ gtest/ Third party gtest library -| |__ ipp/ IPP library +| |__ dropt/ Third party library for parsing command-line options +| |__ gtest/ Third party gtest library +| |__ ipp/ IPP library | -|__ parts-site/ Parts platform config scripts +|__ parts-site/ Parts platform config scripts | |__ tools/ - |__ extractgrps/ Tool to extract groups - |__ extractkeys/ Tool to extract keys - |__ revokegrp/ Tool to create group revocation request - |__ revokekey/ Tool to create a member key revocation request - |__ revokesig/ Tool to create a signature based revocation - request + |__ extractgrps/ Tool to extract groups + |__ extractkeys/ Tool to extract keys + |__ revokegrp/ Tool to create group revocation request + |__ revokekey/ Tool to create a member key revocation request + |__ revokesig/ Tool to create a signature based revocation + request

      Install Layout

      The Install Layout contains the data developers need to develop and build their applications using the Intel® EPID SDK. Once built, the Install Layout has no dependency on the Source Layout, allowing developers to build the SDK once and reuse the built files in other locations or on other computers. 

      _install/
@@ -195,7 +198,7 @@ Install Layout
 
diff --git a/doc/html/SignVerifyTutorial.html b/doc/html/SignVerifyTutorial.html
index 5fc86a4..1afa84e 100644
--- a/doc/html/SignVerifyTutorial.html
+++ b/doc/html/SignVerifyTutorial.html
@@ -32,7 +32,7 @@
                             id="projectlink" 
                             class="index.html" 
                             href="index.html">Intel® Enhanced Privacy ID SDK
- 3.0.04.0.0
 
   
  
@@ -62,10 +62,20 @@ $(document).ready(function(){initNavTree('SignVerifyTutorial.html','');});
 
 
      
 
      Table of Contents
      
-
      
-
      The Intel® EPID SDK provides example tools to show you how to use the Intel® EPID SDK APIs. These examples are called signmsg and verifysig.
      
-
      You can build these examples using the instructions in Building from Source. The tutorial assumes _install/epid-sdk/example is the current directory.
      
+
      The Intel® EPID SDK provides example tools to show you how to use the Intel® EPID SDK APIs. These examples are called signmsg and verifysig.
      
+
      These examples use the pre-generated data described in Sample Issuer Material. After you build the SDK, the data is in the _install/epid-sdk/example/data directory. If you don't have genuine issuer material, you can use this data for validation purposes.
      
+
      You can follow along with the commands used in this tutorial if you first build these examples using the instructions in Building from Source. The tutorial assumes _install/epid-sdk/example is the current directory.
      
 
      All command lines in this tutorial use posix command line conventions; for other systems, adjust accordingly.
      
-
      For the code used in this tutorial, refer to Walkthroughs of Examples Showing API Usage.
      
-
      Note
      The data for running this tutorial is pre-generated. Once the samples are built, the data is in the _install/epid-sdk/example/data directory. See Sample Issuer Material.
      
-
      
+
      For detailed walkthroughs of the code used in signmsg and verifysig, refer to Walkthroughs of Examples Showing API Usage.
      
+
      
 Creating an Intel® EPID Signature of a Given Message
      
-
      The example application signmsg shows you how to create an Intel® EPID signature of a given message. 
      $ ./signmsg -h
+
      The example application signmsg shows you how to create an Intel® EPID signature of a given message.
      
+
      
+What Do You Need to Create a Signature?
      
+
      To generate a signature, you need the following items:
      
+
        
+
      • Group public key: You need the group public key to specify which group the member belongs to.
        • 
+
      • Member private key: You need the member private key so that the member can create a signature that corresponds with the group public key.
        • 
+
      • Message: You need the message because the member needs something to sign.
        • 
+
      • Hash algorithm: You need the hash algorithm to encrypt the signature. If you don't specify a hash algorithm, a default hash algorithm is used.
        • 
+
      • Signature based revocation list (SigRL): You need the SigRL so that the member can create non-revoked proofs for each entry on the list. For more information, see In-Depth Explanation of Revocation.
        • 
+
      • Member precomputation blob: The precomputation blob is an optional parameter that you can use to improve performance when generating signatures repeatedly with the same member private key.
        • 
+
      • Basename: A basename is a parameter that is only provided when the member is generating a name based signature. If no basename is specified, a random value is chosen as the basename. For more information, see In-Depth Explanation of Basenames.
        • 
+
      • Random number generator: You need a cryptographically secure random number generator to ensure that signatures generated by the same member with the same message are different. The SDK provides the BitSupplier function prototype that specifies the interface for your random number generator implementation.
        • 
+
      
+
      
+Signing Example
      
+
      The signmsg command can be passed a number of options: 
      $ ./signmsg -h
 Usage: signmsg [OPTION]...
 Create Intel(R) EPID signature of message
 
@@ -91,9 +117,15 @@ Options:
   --msg=MESSAGE
       MESSAGE to sign
 
+  --msgfile=FILE
+      FILE containing message to sign
+
   --bsn=BASENAME
       BASENAME to sign with (default: random)
 
+  --bsnfile=FILE
+      FILE containing basename to sign with
+
   --sigrl=FILE
       load signature based revocation list from FILE
 
@@ -112,7 +144,7 @@ Options:
   --capubkey=FILE
       load IoT Issuing CA public key from FILE (default: cacert.bin)
 
-  --hashalg={SHA-256 | SHA-384 | SHA-512}
+  --hashalg={SHA-256 | SHA-384 | SHA-512 | SHA-512/256}
       use specified hash algorithm (default: SHA-512)
 
   -h, --help
@@ -121,10 +153,30 @@ Options:
   -v, --verbose
       print status messages to stdout
 
      To sign a message, a group member in good standing uses the following command: 
      $ ./signmsg --msg="test0"
-
      The above command signs a message "test0". signmsg uses default options for the group public key, member private key, hash algorithm and IoT Issuing CA public key. All other parameters that are not given are ignored. The command produces a signature file: sig.dat
      
-
      
+
      The above command signs a message "test0". signmsg uses default options for the group public key, member private key, hash algorithm and IoT Issuing CA public key. All other parameters that are not given are ignored. The command produces a signature file: sig.dat
      
+
      
 Verifying an Intel® EPID Signature
      
-
      The example application verifysig shows you how to verify that a given Intel® EPID signature is produced by a member in good standing. 
      $ ./verifysig -h
+
      The example application verifysig shows you how to verify that a given Intel® EPID signature is produced by a member in good standing.
      
+
      
+What Do You Need to Verify a Signature?
      
+
      To verify a signature, you need the following items:
      
+
        
+
      • Signature: You need the signature that you want to verify.
        • 
+
      • CA certificate: You need the CA certificate to verify the authenticity of the issuer material before you use it. Depending on how your issuer protects its data, you may not need a CA certificate. For more information on issuer material, refer to If You Choose iKGF as Your Issuer and Sample Issuer Material.
        • 
+
      • Group certificate: The group certificate comes from the issuer and contains the group public key. You need the group public key to determine if the signature came from a member of this group. The group public key corresponds to the member private key used to generate the signature.
        • 
+
      • Message: In order for verification to succeed, you need to specify the message that was signed.
        • 
+
      • Hash algorithm: In order for verification to succeed, you need to specify the hash algorithm that was used to sign the message. If you don't specify a hash algorithm, a default hash algorithm is used.
        • 
+
      • Group based revocation list (GroupRL): You need the GroupRL to ensure the member does not belong to a revoked group. The GroupRL comes from the issuer.
        • 
+
      • Private key based revocation list (PrivRL): You need the PrivRL to ensure that the member private key has not been revoked. The PrivRL comes from the issuer.
        • 
+
      • Signature based revocation list (SigRL): You need to compare the SigRL with non-revoked proofs from the member to ensure that the member did not create any revoked signaures. The SigRL comes from the issuer.
        • 
+
      • Verifier revocation list: The VerRL is optional. The verifier uses the VerRL to ensure that the member did not create any signatures that were revoked by the verifier. You can only use the VerRL if the signature is a name based signature. The VerRL comes from the verifier. For more information, refer to In-Depth Explanation of Revocation and In-Depth Explanation of Basenames.
        • 
+
      • Verifier precomputation blob: The verifier precomputation blob is optional. You can use the precomputation blob to increase performance when verifying signatures repeatedly with the same group public key.
        • 
+
      • Basename: A basename is a parameter that is only provided in instances where Intel® EPID uses name based signatures. If a basename is used, the member and verifier have to use the same basename. If a basename is not specified, a random number is chosen as the basename. Because name-based signatures decrease the member's privacy, they must only be used with the knowledge and consent of the member. For more information, refer to In-Depth Explanation of Basenames.
        • 
+
      • Precomputation blob: You can optionally provide a precomputation blob to greatly speed up EpidVerifierCreate. If you don't use one, the precomputation blob can be stored for use in a future session to verify membership in the same group using EpidVerifierWritePrecomp.
        • 
+
      
+
      
+Verification Example
      
+
      The verifysig command can be passed a number of options: 
      $ ./verifysig -h
 Usage: verifysig [OPTION]...
 Verify signature was created by group member in good standing
 
@@ -135,9 +187,15 @@ Options:
   --msg=MESSAGE
       MESSAGE that was signed (default: empty)
 
+  --msgfile=FILE
+      FILE containing message that was signed
+
   --bsn=BASENAME
       BASENAME used in signature (default: random)
 
+  --bsnfile=FILE
+      FILE containing basename to sign with
+
   --privrl=FILE
       load private key revocation list from FILE
 
@@ -164,7 +222,7 @@ Options:
       load IoT Issuing CA public key from FILE
    (default: cacert.bin)
 
-  --hashalg={SHA-256 | SHA-384 | SHA-512}
+  --hashalg={SHA-256 | SHA-384 | SHA-512 | SHA-512/256}
       use specified hash algorithm for 2.0 groups (default: SHA-512)
 
   -h, --help
@@ -174,32 +232,45 @@ Options:
       print status messages to stdout
 
      To verify that a signature is from a member in good standing, the verifier uses the following command: 
      $ ./verifysig --msg="test0"
 signature verified successfully
-
      This verifies that the default signature file sig.dat is generated for the message "test0" by a member in good standing. verifysig uses default inputs for group public key, hash algorithm and IoT Issuing CA public key. All other parameters are ignored. The output verifysig: signature verified successfully denotes that the verification is successful.
      
-
      
-Linking Intel® EPID Signatures from the Same Member
      
-
      A name based signature is created using the additional parameter of a basename. If the member uses the same basename, the verifier can mathematically link signatures generated by the member, showing that the signatures are from the same member.
      
-
      To validate a signature with a basename, you need to use the same basename for signing and verification. The mechanism for ensuring that the member and verifier use the same basename is outside the scope of the SDK.
      
-
      If a basename is not provided, then the member uses a random basename and the signature generated by the member is anonymous.
      
-
      For more general information on why you might want to use a basename, refer to Name Based Signatures.
      
-
      Warning
      The use of a name-based signature creates a platform unique pseudonymous identifier. Because it reduces the member's privacy, the user should be notified when it is used and should have control over its use.
      
+
      This verifies that the default signature file sig.dat is generated for the message "test0" by a member in good standing. The verifysig example uses default inputs for group public key, hash algorithm, and IoT Issuing CA public key. All other parameters are ignored. The output verifysig: signature verified successfully denotes that the verification is successful.
      
+
      
+Parameter Matching Requirements
      
+
      To successfully create and verify a signature, the member and verifier have to use the same message, hash algorithm, signature revocation list, and basename.
      
+
      The signature verification process fails if there is a parameter mismatch between sign and verify operations. The mechanism for avoiding a parameter mismatch is outside the scope of the SDK.
      
+
      
+Message
      
+
      The member needs the message to generate the signature using the member private key. In order for verification to succeed, the verifier needs to use the same message that the member used.
      
+
      This comparison allows the verifier to determine if the signature fulfills the verifier's basic expectations of what a signature from a valid member should look like, given the original message and the group public key.
      
+
      Verification fails if the signing and verification operations don't use the same message: 
      $ ./signmsg --msg="test0"
+$ ./verifysig --msg="test1"
+verifysig: signature verification failed: invalid signature
+
      
+Hash Algorithm
      
+
      The member needs to encrypt the signature with the hash algorithm. The verifier needs to use the same hash algorithm that the member used.
      
+
      If you don't specify a hash algorithm, a default hash algorithm is used.
      
+
      The Intel® EPID SDK supports the following hash algorithms: SHA-256, SHA-384, SHA-512.
      
+
      Verification fails if the signing and verification operations don't use the same hash algorithm: 
      $ ./signmsg --msg="test0" --hashalg=SHA-256
+$ ./verifysig --msg="test0" --hashalg=SHA-384
+verifysig: signature verification failed: invalid signature
+
      
+Signature Revocation List
      
+
      The member needs the signature based revocation list (SigRL) to create non-revoked proofs for each entry on the SigRL. The verifier needs to use the same SigRL to check the proofs.
      
+
      Verification fails if the signing and verification operations don't use the same SigRL. 
      $ ./signmsg --msg="test0" --sigrl=data\groupa\sigrl.bin
+$ ./verifysig --msg="test0" --sigrl=sigrl.bin
+verifysig: signature verification failed: bad arguments
+
      
+Basenames
      
+
      For a verifier to be able to know that multiple signatures were generated by the same member, the verifier has to use the same basename that the member used for each name based signature. For more information, refer to In-Depth Explanation of Basenames.
      
+
      If a basename is not provided to the member, then the member uses a random basename and the signature generated by the member is anonymous.
      
+
      If a basename is not provided to the verifier, then the verifier does not check for a basename and it will verify the signature successfully without linking it to other signatures.
      
 
      To sign message "test0" with a basename "base0": 
      $ ./signmsg --msg="test0" --bsn="base0"
 
      To verify the signature: 
      $ ./verifysig --msg="test0" --bsn="base0"
 verifysig: signature verified successfully
-
      To validate a signature, you need to use the same message for signing and verification. The mechanism for ensuring that the member and verifier use the same message is outside the scope of the SDK.
      
-
      Member and verifier must also use the same hash algorithm and basename, if applicable.
      
-
      
-Expected Failures
      
-
      The signature verification process fails if there is a parameter mismatch between sign and verify operations. Here are some examples.
      
-
      Verification fails if there is a mismatch in the message: 
      $ ./signmsg --msg="test0"
-$ ./verifysig --msg="test1"
-verifysig: signature verification failed: invalid signature
-
      Verification fails if there is a mismatch in the basename: 
      $ ./signmsg --msg="test0" --bsn="base0"
+
      Verification fails if the signing and verification operations use different basenames: 
      $ ./signmsg --msg="test0" --bsn="base0"
 $ ./verifysig --msg="test0" --bsn="base1"
 verifysig: signature verification failed: invalid signature
-
      The Intel® EPID SDK supports the following hash algorithms: SHA-256, SHA-384, SHA-512. The selected hash algorithm must be the same for both sign and verify. Mismatch in hash algorithm results in verification failure: 
      $ ./signmsg --msg="test0" --hashalg=SHA-256
-$ ./verifysig --msg="test0" --hashalg=SHA-384
-verifysig: signature verification failed: invalid signature
-
      
+
      Warning
      The use of a name-based signature creates a platform unique pseudonymous identifier. Because it reduces the member's privacy, the user should be notified when it is used and should have control over its use.
      +

      Revocation

      Revocation lists are data structures used by the verifier to identify members that are no longer approved members of the group.

      The verifier obtains the member private key based revocation list (PrivRL), signature based revocation list (SigRL), and group based revocation list (GroupRL) from the issuer. The verifier can also maintain its own verifier blacklist (VerifierRL).

      @@ -231,7 +302,7 @@ verifysig: signature verification failed: signature revoked in SigRl diff --git a/doc/html/SignmsgWalkthru.html b/doc/html/SignmsgWalkthru.html deleted file mode 100644 index f41b6bd..0000000 --- a/doc/html/SignmsgWalkthru.html +++ /dev/null @@ -1,170 +0,0 @@ - - - - - - - -Intel® Enhanced Privacy ID SDK: Generating an Intel® EPID Signature - - - - - - - - - - - - -
      -
      - - - - - - -
      - -
      -
      - - -
      -
      - -
      -
      -
      - -
      -
      -
      -
      Generating an Intel® EPID Signature
      -
      -
      -

      This walkthrough of the signmsg example shows you how to use SDK APIs to generate an Intel® EPID signature. Signmsg is built during the SDK build.

      -


      -

      -

      First, we include headers so we have access to needed declarations.

      -

      #include <stdlib.h>
      #include <string.h>
      #include "src/signmsg.h"
      #include "src/prng.h"
      #include "util/envutil.h"
      #include "util/stdtypes.h"
      #include "util/buffutil.h"
      #include "epid/member/api.h"
      #include "epid/common/file_parser.h"

      -

      The prng.h header provides access to a pseudo-random number generator needed for signing, while the utility headers are used by signmsg for logging and buffer management. The epid/member/api.h header provides access to the core member APIs. The epid/common/file_parser.h header provides an API for parsing buffers formatted according to the various IoT Intel® EPID binary file formats.

      -


      -

      -

      We define a stub function responsible for checking that the CA certificate is authorized by the root CA.

      -

      bool IsCaCertAuthorizedByRootCa(void const* data, size_t size) {
      (void)data;
      (void)size;
      return true;
      }

      -

      IsCaCertAuthorizedByRootCa is called from main.c to validate the CA certificate before calling SignMsg. In an actual implementation, you need to provide an implementation to validate the issuing CA certificate with the CA root certificate before using it in parse functions.

      -


      -

      -

      The core signing functionality is contained in SignMsg.

      -

      EpidStatus SignMsg(void const* msg, size_t msg_len, void const* basename,
      size_t basename_len, unsigned char const* signed_sig_rl,
      size_t signed_sig_rl_size,
      unsigned char const* signed_pubkey,
      size_t signed_pubkey_size, unsigned char const* priv_key_ptr,
      size_t privkey_size, HashAlg hash_alg,
      MemberPrecomp* member_precomp, bool member_precomp_is_input,
      EpidSignature** sig, size_t* sig_len,
      EpidCaCertificate const* cacert) {

      -

      The SignMsg parameters are either received by the member, or they are part of the member's configuration. The exceptions are the sig and sig_len parameters, which are used to output the signature.

      -

      The verifier might send the message to the member or there may be another mechanism to choose the message, but the way the message is communicated is outside the scope of the Intel® EPID scheme.

      -

      We use the parameters member_precomp and member_precomp_is_input to pass in a pre-computation blob if provided. We can use the pre-computation blob to increase performance when verifying signatures repeatedly with the same group public key.

      -

      The member knows the group public key and the member private key.

      -

      The member and the verifier agree on the message, basename, hash algorithm, and SigRL that the member uses for signing.

      -


      -

      -

      Next we do basic variable setup and argument checking.

      -

      EpidStatus sts = kEpidErr;
      void* prng = NULL;
      MemberCtx* member = NULL;
      SigRl* sig_rl = NULL;
      do {
      GroupPubKey pub_key = {0};
      PrivKey priv_key = {0};
      size_t sig_rl_size = 0;
      if (!sig) {
      sts = kEpidBadArgErr;
      break;
      }

      -

      We create pointers to resources to be allocated and use the do {} while(0) idiom so that we can reliably free resources on return from SignMsg.

      -

      We create variables on the stack to hold the group public key and member private key.

      -

      Finally we check to make sure that sig is a vaild pointer.

      -


      -

      -

      Next, we authenticate and extract the group public key using EpidParseGroupPubKeyFile.

      -

      sts = EpidParseGroupPubKeyFile(signed_pubkey, signed_pubkey_size, cacert,
      &pub_key);
      if (kEpidNoErr != sts) {
      break;
      }

      -

      EpidParseGroupPubKeyFile takes a buffer containing a group public key in issuer binary format and validates that the public key is signed by the private key that corresponds to the provided CA certificate, extracting the key in the process.

      -


      -

      -

      We authenticate and extract the signed SigRL using EpidParseSigRlFile.

      -

      if (signed_sig_rl) {
      // authenticate and determine space needed for SigRl
      sts = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert, NULL,
      &sig_rl_size);
      if (kEpidSigInvalid == sts) {
      // authentication failure
      break;
      }
      if (kEpidNoErr != sts) {
      break;
      }
      sig_rl = AllocBuffer(sig_rl_size);
      if (!sig_rl) {
      sts = kEpidMemAllocErr;
      break;
      }
      // fill the SigRl
      sts = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert,
      sig_rl, &sig_rl_size);
      if (kEpidSigInvalid == sts) {
      // authentication failure
      break;
      }
      if (kEpidNoErr != sts) {
      break;
      }
      } // if (signed_sig_rl)

      -

      We use EpidParseSigRlFile to:

      -
        -
      • extract the signature based revocation list
        • -
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • -
      • validate that the size of the input buffer is correct
        • -
      • determine the required size of the revocation list output buffer
        • -
      -

      To determine the required sig_rl output buffer size, we provide a null pointer for the output buffer when calling EpidParseSigRlFile. This updates sig_rl_size with the required size of the output buffer.

      -

      After we find out the required size of the sig_rl, we allocate a buffer for the sig_rl. Then we fill the buffer using EpidParseSigRlFile.

      -


      -

      -

      Next, we fill the member private key.

      -

      if (privkey_size == sizeof(PrivKey)) {
      priv_key = *(PrivKey*)priv_key_ptr;
      } else if (privkey_size == sizeof(CompressedPrivKey)) {
      sts = EpidDecompressPrivKey(&pub_key, (CompressedPrivKey*)priv_key_ptr,
      &priv_key);
      if (kEpidNoErr != sts) {
      break;
      }
      } else {
      sts = kEpidErr;
      break;
      } // if (privkey_size == sizeof(PrivKey))

      -

      If the member private key is compressed, then we decompress it using EpidDecompressPrivKey before it can be passed to the member APIs. To determine if the member private key is compressed, we check if it is the known size of a compressed key.

      -

      If the key size is not the size of a known format, we return an error.

      -


      -

      -

      Next, we create a pseudo-random number generator.

      -

      sts = PrngCreate(&prng);
      if (kEpidNoErr != sts) {
      break;
      }

      -
      Warning
      This pseudo-random number generator is included only for demonstration, and should not be used in production code as a source of secure random data. For security, prng should be a cryptographically secure random number generator.
      -


      -

      -

      Now that the inputs have been prepared, we create a member context using EpidMemberCreate.

      -

      sts = EpidMemberCreate(&pub_key, &priv_key,
      member_precomp_is_input ? member_precomp : NULL,
      PrngGen, prng, &member);
      if (kEpidNoErr != sts) {
      break;
      }

      -

      If a pre-computation blob is provided to the top level application, we use it. Otherwise, we pass in NULL.

      -


      -

      -

      We serialize pre-computed member data using EpidMemberWritePrecomp.

      -

      sts = EpidMemberWritePrecomp(member, member_precomp);
      if (kEpidNoErr != sts) {
      break;
      }

      -

      The serialized member pre-computation blob can be used to greatly increase performance of EpidMemberCreate in future sessions if the same member private key is used.

      -


      -

      -

      Next, if a basename is specified, we register it with EpidRegisterBaseName so that the member can use it.

      -

      if (0 != basename_len) {
      sts = EpidRegisterBaseName(member, basename, basename_len);
      if (kEpidNoErr != sts) {
      break;
      }
      }

      -

      In a typical use case, to prevent loss of privacy, the member keeps a list of basenames that correspond to authorized verifiers. The member signs a message with a basename only if the basename is in the member's basename list.

      -
      Warning
      The use of a name-based signature creates a platform unique pseudonymous identifier. Because it reduces the member's privacy, the user should be notified when it is used and should have control over its use.
      -


      -

      -

      Then we set the hash algorithm to be used by the member using EpidMemberSetHashAlg.

      -

      sts = EpidMemberSetHashAlg(member, hash_alg);
      if (kEpidNoErr != sts) {
      break;
      }

      -

      After the hash algorithm is set, future calls to EpidSign will use the same algorithm.

      -


      -

      -

      Next, we sign the message, generating an Intel® EPID signature.

      -

      *sig_len = EpidGetSigSize(sig_rl);
      *sig = AllocBuffer(*sig_len);
      if (!*sig) {
      sts = kEpidMemAllocErr;
      break;
      }
      // sign message
      sts = EpidSign(member, msg, msg_len, basename, basename_len, sig_rl,
      sig_rl_size, *sig, *sig_len);
      if (kEpidNoErr != sts) {
      break;
      }

      -

      To create a signature, first we find out the required size of the signature using EpidGetSigSize. Then we allocate a buffer for the signature and fill the buffer using EpidSign.

      -

      It is important to compute signature size after loading sig_rl because the signature size varies with the size of the SigRL.

      -


      -

      -

      Finally, we clean up and exit.

      -

      sts = kEpidNoErr;
      } while (0);
      PrngDelete(&prng);
      EpidMemberDelete(&member);
      if (sig_rl) free(sig_rl);
      return sts;
      }

      -

      If we made it past signing without an error, we set the return code appropriately and fall out of the do-while loop. If there was an error earlier, all breaks in the do-while loop bring us to this point with an error status.

      -

      Next, we free the allocated resources. EpidMemberDelete deletes an existing member context.

      -

      We return from SignMsg with the success or error status.

      -


      -

      -

      This concludes the signmsg walkthrough. Now you should be able to generate an Intel® EPID signature that proves a member's group membership to a verifier without revealing the member's identity.

      -

      To learn more about the SDK APIs see the API Reference. To learn more about the Intel® EPID scheme see Introduction to the Intel® EPID Scheme in the documentation.

      -
      -
      - - - - - diff --git a/doc/html/UserManual_GeneratingAnIntelEpidSignature.html b/doc/html/UserManual_GeneratingAnIntelEpidSignature.html new file mode 100644 index 0000000..7ea42f4 --- /dev/null +++ b/doc/html/UserManual_GeneratingAnIntelEpidSignature.html @@ -0,0 +1,181 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: Generating an Intel® EPID Signature + + + + + + + + + + + + +
      +
      + + + + + + +
      + +
      +
      + + +
      +
      + +
      +
      +
      + +
      +
      +
      +
      Generating an Intel® EPID Signature
      +
      +
      +

      This walkthrough of the signmsg example shows you how to use SDK APIs to generate an Intel® EPID signature. signmsg is built during the SDK build.

      +

      +Summary

      +

      In the code example below, we take this approach:

      +
        +
      • Extract and authenticate issuer provided material
        • +
      • Create the member context to allow us to call other member APIs
        • +
      • Generate the signature
        • +
      • Clean up
        • +
      +

      +Signmsg Walkthrough

      +


      +

      +

      First, we include headers so we have access to needed declarations.

      +

      #include <stdlib.h>
      #include <string.h>
      #include "src/signmsg.h"
      #include "src/prng.h"
      #include "epid/member/api.h"
      #include "epid/common/file_parser.h"

      +

      The prng.h header provides access to a pseudo-random number generator needed for signing, while the utility headers are used by signmsg for logging and buffer management. The epid/member/api.h header provides access to the core member APIs. The epid/common/file_parser.h header provides an API for parsing buffers formatted according to the various IoT Intel® EPID binary file formats.

      +


      +

      +

      We define a stub function responsible for checking that the CA certificate is authorized by the root CA.

      +

      In main.c, we define a stub function, IsCaCertAuthorizedByRootCa, which is responsible for checking that the CA certificate is authorized by the root CA. Before calling signmsg, we call this function, IsCaCertAuthorizedByRootCa. In an actual implementation, you need to provide an implementation to validate the issuing CA certificate with the CA root certificate before using it in parse functions.

      +


      +

      +

      The core signing functionality is contained in SignMsg.

      +

      EpidStatus SignMsg(void const* msg, size_t msg_len, void const* basename,
      size_t basename_len, unsigned char const* signed_sig_rl,
      size_t signed_sig_rl_size,
      unsigned char const* signed_pubkey,
      size_t signed_pubkey_size, unsigned char const* priv_key_ptr,
      size_t privkey_size, HashAlg hash_alg,
      MemberPrecomp* member_precomp, bool member_precomp_is_input,
      EpidSignature** sig, size_t* sig_len,
      EpidCaCertificate const* cacert) {

      +

      The SignMsg parameters are either received by the member, or they are part of the member's configuration. The exceptions are the sig and sig_len parameters, which are used to output the signature.

      +

      The verifier might send the message to the member or there may be another mechanism to choose the message, but the way the message is communicated is outside the scope of the Intel® EPID scheme.

      +

      We use the parameters member_precomp and member_precomp_is_input to pass in a pre-computation blob if provided. We can use the pre-computation blob to increase performance when verifying signatures repeatedly with the same group public key.

      +

      The member knows the group public key and the member private key.

      +

      The member and the verifier agree on the message, basename, hash algorithm, and SigRL that the member uses for signing.

      +


      +

      +

      Next we do basic variable setup and argument checking.

      +

      EpidStatus sts = kEpidErr;
      void* prng = NULL;
      MemberCtx* member = NULL;
      SigRl* sig_rl = NULL;
      do {
      GroupPubKey pub_key = {0};
      PrivKey priv_key = {0};
      size_t sig_rl_size = 0;
      if (!sig) {
      sts = kEpidBadArgErr;
      break;
      }

      +

      We create pointers to resources to be allocated and use the do {} while(0) idiom so that we can reliably free resources on return from SignMsg.

      +

      We create variables on the stack to hold the group public key and member private key.

      +

      Finally we check to make sure that sig is a vaild pointer.

      +


      +

      +

      Next, we authenticate and extract the group public key using EpidParseGroupPubKeyFile.

      +

      sts = EpidParseGroupPubKeyFile(signed_pubkey, signed_pubkey_size, cacert,
      &pub_key);
      if (kEpidNoErr != sts) {
      break;
      }

      +

      EpidParseGroupPubKeyFile takes a buffer containing a group public key in issuer binary format and validates that the public key is signed by the private key that corresponds to the provided CA certificate, extracting the key in the process.

      +


      +

      +

      Next, we fill the member private key.

      +

      if (privkey_size == sizeof(PrivKey)) {
      priv_key = *(PrivKey*)priv_key_ptr;
      } else if (privkey_size == sizeof(CompressedPrivKey)) {
      sts = EpidDecompressPrivKey(&pub_key, (CompressedPrivKey*)priv_key_ptr,
      &priv_key);
      if (kEpidNoErr != sts) {
      break;
      }
      } else {
      sts = kEpidErr;
      break;
      } // if (privkey_size == sizeof(PrivKey))

      +

      If the member private key is compressed, then we decompress it using EpidDecompressPrivKey before it can be passed to the member APIs. To determine if the member private key is compressed, we check if it is the known size of a compressed key.

      +

      If the key size is not the size of a known format, we return an error.

      +


      +

      +

      Next, we create a pseudo-random number generator.

      +

      sts = PrngCreate(&prng);
      if (kEpidNoErr != sts) {
      break;
      }

      +
      Warning
      This pseudo-random number generator is included only for demonstration, and should not be used in production code as a source of secure random data. For security, prng should be a cryptographically secure random number generator.
      +


      +

      +

      Now that the inputs have been prepared, we create a member context using EpidMemberCreate.

      +

      sts = EpidMemberCreate(&pub_key, &priv_key,
      member_precomp_is_input ? member_precomp : NULL,
      PrngGen, prng, &member);
      if (kEpidNoErr != sts) {
      break;
      }

      +

      If a pre-computation blob is provided to the top level application, we use it. Otherwise, we pass in NULL.

      +


      +

      +

      Next, we serialize pre-computed member data using EpidMemberWritePrecomp.

      +

      if (!member_precomp_is_input && member_precomp) {
      // return member pre-computation blob if requested
      sts = EpidMemberWritePrecomp(member, member_precomp);
      if (kEpidNoErr != sts) {
      break;
      }

      +

      The serialized member pre-computation blob can be used to greatly increase performance of EpidMemberCreate in future sessions if the same member private key is used.

      +


      +

      +

      Next, if a basename is specified, we register it with EpidRegisterBaseName so that the member can use it.

      +

      if (0 != basename_len) {
      sts = EpidRegisterBaseName(member, basename, basename_len);
      if (kEpidNoErr != sts) {
      break;
      }
      }

      +

      In a typical use case, to prevent loss of privacy, the member keeps a list of basenames that correspond to authorized verifiers. The member signs a message with a basename only if the basename is in the member's basename list.

      +
      Warning
      The use of a name-based signature creates a platform unique pseudonymous identifier. Because it reduces the member's privacy, the user should be notified when it is used and should have control over its use.
      +


      +

      +

      We authenticate and extract the signed SigRL using EpidParseSigRlFile.

      +

      if (signed_sig_rl) {
      // authenticate and determine space needed for SigRl
      sts = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert, NULL,
      &sig_rl_size);
      if (kEpidSigInvalid == sts) {
      // authentication failure
      break;
      }
      if (kEpidNoErr != sts) {
      break;
      }
      sig_rl = calloc(1, sig_rl_size);
      if (!sig_rl) {
      sts = kEpidMemAllocErr;
      break;
      }
      // fill the SigRl
      sts = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert,
      sig_rl, &sig_rl_size);
      if (kEpidSigInvalid == sts) {
      // authentication failure
      break;
      }
      if (kEpidNoErr != sts) {
      break;
      }
      sts = EpidMemberSetSigRl(member, sig_rl, sig_rl_size);
      if (kEpidNoErr != sts) {
      break;
      }
      } // if (signed_sig_rl)

      +

      We use EpidParseSigRlFile to:

      +
        +
      • extract the signature based revocation list
        • +
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • +
      • validate that the size of the input buffer is correct
        • +
      • determine the required size of the revocation list output buffer
        • +
      +

      To determine the required sig_rl output buffer size, we provide a null pointer for the output buffer when calling EpidParseSigRlFile. This updates sig_rl_size with the required size of the output buffer.

      +

      After we find out the required size of the sig_rl, we allocate a buffer for the sig_rl. Then we fill the buffer using EpidParseSigRlFile.

      +

      After we extracted the signature based revocation list we should assign it to the member context using EpidMemberSetSigRl.

      +


      +

      +

      Then we set the hash algorithm to be used by the member using EpidMemberSetHashAlg.

      +

      sts = EpidMemberSetHashAlg(member, hash_alg);
      if (kEpidNoErr != sts) {
      break;
      }

      +

      After the hash algorithm is set, future calls to EpidSign will use the same algorithm.

      +


      +

      +

      Next, we sign the message, generating an Intel® EPID signature.

      +

      *sig_len = EpidGetSigSize(sig_rl);
      *sig = calloc(1, *sig_len);
      if (!*sig) {
      sts = kEpidMemAllocErr;
      break;
      }
      // sign message
      sts =
      EpidSign(member, msg, msg_len, basename, basename_len, *sig, *sig_len);
      if (kEpidNoErr != sts) {
      break;
      }

      +

      To create a signature, first we find out the required size of the signature using EpidGetSigSize. Then we allocate a buffer for the signature and fill the buffer using EpidSign.

      +

      It is important to compute signature size after loading sig_rl because the signature size varies with the size of the SigRL.

      +


      +

      +

      Finally, we clean up and exit.

      +

      sts = kEpidNoErr;
      } while (0);
      PrngDelete(&prng);
      EpidMemberDelete(&member);
      if (sig_rl) free(sig_rl);
      return sts;
      }

      +

      If we made it past signing without an error, we set the return code appropriately and fall out of the do-while loop. If there was an error earlier, all breaks in the do-while loop bring us to this point with an error status.

      +

      Next, we free the allocated resources. EpidMemberDelete deletes an existing member context.

      +

      We return from SignMsg with the success or error status.

      +


      +

      +

      This concludes the signmsg walkthrough. Now you should be able to generate an Intel® EPID signature that proves a member's group membership to a verifier without revealing the member's identity.

      +

      To learn more about the SDK APIs see the API Reference. To learn more about the Intel® EPID scheme see Introduction to the Intel® EPID Scheme in the documentation.

      +
      +
      + + + + + diff --git a/doc/html/UserManual_VerifyingAnIntelEpidSignature.html b/doc/html/UserManual_VerifyingAnIntelEpidSignature.html new file mode 100644 index 0000000..da840a4 --- /dev/null +++ b/doc/html/UserManual_VerifyingAnIntelEpidSignature.html @@ -0,0 +1,203 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: Verifying an Intel® EPID Signature + + + + + + + + + + + + +
      +
      + + + + + + +
      + +
      +
      + + +
      +
      + +
      +
      +
      + +
      +
      +
      +
      Verifying an Intel® EPID Signature
      +
      +
      +

      This walkthrough of the verifysig example shows you how to use SDK APIs to verify an Intel® EPID 2.0 signature. verifysig is built during the SDK build.

      +

      To verify an Intel® EPID 1.1 signature see the example code in verifysig11.c. For information on Intel® EPID 1.1 speciifc APIs see EPID 1.1 support.

      +


      +

      +

      +Summary

      +

      In the code example below, we take this approach:

      +
        +
      • Extract and authenticate issuer provided material
        • +
      • Create the verifier context to allow us to call other verifier APIs
        • +
      • Verify signature
        • +
      • Clean up
        • +
      +


      +

      +

      +Verifysig Walkthrough

      +

      First, we include headers so we have access to needed declarations.

      +

      #include "src/verifysig.h"
      #include <stdlib.h>
      #include "epid/verifier/api.h"
      #include "epid/common/file_parser.h"

      +

      The utility headers are used by verifysig for logging and buffer management. The epid/verifier/api.h header provides access to the core verifier APIs, and the epid/common/file_parser.h header provides an API for parsing buffers formatted according to the various IoT Intel® EPID binary file formats.

      +


      +

      +

      In main.c, we define a stub function, IsCaCertAuthorizedByRootCa, which is responsible for checking that the CA certificate is authorized by the root CA. Before calling verify, we call this function, IsCaCertAuthorizedByRootCa. In an actual implementation, you need to provide an implementation to validate the issuing CA certificate with the CA root certificate before using it in parse functions.

      +


      +

      +

      We use Verify to verify an Intel® EPID signature. Verify is a wrapper function that isolates SDK API functionality for the purpose of this walkthrough.

      +

      EpidStatus Verify(EpidSignature const* sig, size_t sig_len, void const* msg,
      size_t msg_len, void const* basename, size_t basename_len,
      void const* signed_priv_rl, size_t signed_priv_rl_size,
      void const* signed_sig_rl, size_t signed_sig_rl_size,
      void const* signed_grp_rl, size_t signed_grp_rl_size,
      VerifierRl const* ver_rl, size_t ver_rl_size,
      void const* signed_pub_key, size_t signed_pub_key_size,
      EpidCaCertificate const* cacert, HashAlg hash_alg,
      void** verifier_precomp, size_t* verifier_precomp_size) {

      +

      The Verify parameters were either sent by the verifier to the member, or they were part of the member's configuration. The exceptions are the sig and sig_len parameters, which we use to input the signature to be verified.

      +

      The verifier might send the message to the member or there may be another mechanism to choose the message, but the way the message is communicated is outside the scope of the Intel® EPID scheme.

      +

      We use the parameters verifier_precomp and verifier_precomp_is_input to pass in a pre-computation blob if provided. We can use the pre-computation blob to increase performance when verifying signatures repeatedly with the same group public key.

      +

      The member and the verifier agree on the message, basename, hash algorithm, and SigRL that the verifier uses for verification.

      +
      Warning
      The use of a name-based signature creates a platform unique pseudonymous identifier. Because it reduces the member's privacy, the user should be notified when it is used and should have control over its use.
      +


      +

      +

      Next we do basic variable setup.

      +

      EpidStatus result = kEpidErr;
      VerifierCtx* ctx = NULL;
      PrivRl* priv_rl = NULL;
      SigRl* sig_rl = NULL;
      GroupRl* grp_rl = NULL;
      do {
      GroupPubKey pub_key = {0};

      +

      We create pointers to resources to be allocated and we use the do {} while(0) idiom so that we can reliably free resources on return from Verify. We also allocate the group public key on the stack.

      +


      +

      +

      Next, we authenticate and extract the group public key using EpidParseGroupPubKeyFile.

      +

      result = EpidParseGroupPubKeyFile(signed_pub_key, signed_pub_key_size,
      cacert, &pub_key);
      if (kEpidNoErr != result) {
      break;
      }

      +

      EpidParseGroupPubKeyFile takes a buffer containing a group public key in issuer binary format and validates that the public key is signed by the private key that corresponds to the provided CA certificate, reading the key into pub_key in the process.

      +

      Next, if a pre-computation blob is being used, we make sure that it is not in a legacy format.

      +

      if (*verifier_precomp &&
      *verifier_precomp_size != sizeof(VerifierPrecomp)) {
      result = kEpidBadArgErr;
      break;
      }
      *verifier_precomp_size = sizeof(VerifierPrecomp);

      +


      +

      +

      Next, we create a verifier context using EpidVerifierCreate.

      +

      result = EpidVerifierCreate(&pub_key, *verifier_precomp, &ctx);
      if (kEpidNoErr != result) {
      break;
      }

      +

      If a pre-computation blob is provided to the top level application, we use it. Otherwise, we pass in NULL.

      +


      +

      +

      Then we serialize pre-computed verifier data using EpidVerifierWritePrecomp.

      +

      if (!*verifier_precomp) {
      *verifier_precomp = calloc(1, *verifier_precomp_size);
      }
      result = EpidVerifierWritePrecomp(ctx, *verifier_precomp);
      if (kEpidNoErr != result) {
      break;
      }

      +

      The serialized verifier pre-computation blob can be used to greatly increase performance of EpidVerifierCreate in future sessions if the same group public key is used.

      +


      +

      +

      We use EpidVerifierSetHashAlg to indicate the hash algorithm used for verification, which should be the same algorithm that the member used when signing.

      +

      result = EpidVerifierSetHashAlg(ctx, hash_alg);
      if (kEpidNoErr != result) {
      break;
      }

      +

      After the hash algorithm is set, future calls to EpidVerify will use the same algorithm.

      +


      +

      +

      We use EpidVerifierSetBasename to indicate the basename used for verification, which should be the same one that the member used when signing.

      +

      result = EpidVerifierSetBasename(ctx, basename, basename_len);
      if (kEpidNoErr != result) {
      break;
      }

      +

      After the basename is set, future calls to EpidVerify will use the same basename.

      +


      +

      +

      Before we verify a signature, we have to configure revocation lists so that we can check to see if a signer's group membership has been revoked.

      +
      Note
      Configured revocation lists are referenced directly by the verifier until a new revocation list is set or the verifier is destroyed. Until the verifier is destroyed, we do not modify the revocation lists.
      +


      +

      +

      We set the private key revocation list using EpidVerifierSetPrivRl.

      +

      if (signed_priv_rl) {
      // authenticate and determine space needed for RL
      size_t priv_rl_size = 0;
      result = EpidParsePrivRlFile(signed_priv_rl, signed_priv_rl_size, cacert,
      NULL, &priv_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      priv_rl = calloc(1, priv_rl_size);
      if (!priv_rl) {
      result = kEpidMemAllocErr;
      break;
      }
      // fill the rl
      result = EpidParsePrivRlFile(signed_priv_rl, signed_priv_rl_size, cacert,
      priv_rl, &priv_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      // set private key based revocation list
      result = EpidVerifierSetPrivRl(ctx, priv_rl, priv_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      } // if (signed_priv_rl)

      +

      We use EpidParsePrivRlFile to:

      +
        +
      • extract the private key revocation list
        • +
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • +
      • validate that the size of the input buffer is correct
        • +
      • determine the required size of the revocation list output buffer
        • +
      +

      To determine the required priv_rl buffer size, we provide a null pointer for the output buffer when calling EpidParsePrivRlFile.

      +

      After we find out the required size of the priv_rl buffer, we allocate memory for it. Then we fill the buffer using EpidParsePrivRlFile.

      +


      +

      +

      Next, we set the signature revocation list using EpidVerifierSetSigRl.

      +

      if (signed_sig_rl) {
      // authenticate and determine space needed for RL
      size_t sig_rl_size = 0;
      result = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert,
      NULL, &sig_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      sig_rl = calloc(1, sig_rl_size);
      if (!sig_rl) {
      result = kEpidMemAllocErr;
      break;
      }
      // fill the rl
      result = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert,
      sig_rl, &sig_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      // set signature based revocation list
      result = EpidVerifierSetSigRl(ctx, sig_rl, sig_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      } // if (signed_sig_rl)

      +

      We use EpidParseSigRlFile to:

      +
        +
      • extract the signature revocation list
        • +
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • +
      • validate that the size of the input buffer is correct
        • +
      • determine the required size of the revocation list output buffer
        • +
      +

      To determine the required sig_rl buffer size, we provide a null pointer for the output buffer when calling EpidParseSigRlFile.

      +

      After we find out the required size of the sig_rl buffer, we allocate memory for it. Then we fill the buffer using EpidParseSigRlFile.

      +


      +

      +

      Next, we set the group revocation list using EpidVerifierSetGroupRl.

      +

      if (signed_grp_rl) {
      // authenticate and determine space needed for RL
      size_t grp_rl_size = 0;
      result = EpidParseGroupRlFile(signed_grp_rl, signed_grp_rl_size, cacert,
      NULL, &grp_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      grp_rl = calloc(1, grp_rl_size);
      if (!grp_rl) {
      result = kEpidMemAllocErr;
      break;
      }
      // fill the rl
      result = EpidParseGroupRlFile(signed_grp_rl, signed_grp_rl_size, cacert,
      grp_rl, &grp_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      // set group revocation list
      result = EpidVerifierSetGroupRl(ctx, grp_rl, grp_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      } // if (signed_grp_rl)

      +

      We use EpidParseGroupRlFile to:

      +
        +
      • extract the group revocation list
        • +
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • +
      • validate that the size of the input buffer is correct
        • +
      • determine the required size of the revocation list output buffer
        • +
      +

      To determine the required grp_rl buffer size, we provide a null pointer for the output buffer when calling EpidParseGroupRlFile.

      +

      After we find out the required size of the grp_rl buffer, we allocate memory for it. Then we fill the buffer using EpidParseGroupRlFile.

      +


      +

      +

      Next, we set the verifier blacklist using EpidVerifierSetVerifierRl.

      +

      if (ver_rl) {
      // set verifier based revocation list
      result = EpidVerifierSetVerifierRl(ctx, ver_rl, ver_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      }

      +

      The verifier is responsible for ensuring that the verifier revocation list is authorized. Validating it is outside the scope of this example.

      +


      +

      +

      Next, we use EpidVerify to verify that the Intel® EPID signature was created by a valid member of a group in good standing.

      +

      result = EpidVerify(ctx, sig, sig_len, msg, msg_len);
      if (kEpidNoErr != result) {
      break;
      }

      +

      +

      Finally, we clean up and exit.

      +

      } while (0);
      // delete verifier
      EpidVerifierDelete(&ctx);
      if (priv_rl) free(priv_rl);
      if (sig_rl) free(sig_rl);
      if (grp_rl) free(grp_rl);
      return result;
      }

      +

      If we made it past verification without an error, we set the return code appropriately and fall out of the do-while loop. If there was an error earlier, all breaks in the do-while loop bring us to this point with an error status.

      +

      Then we free the allocated resources. EpidVerifierDelete deletes the verifier context.

      +

      After deleting the verifier context, we can also delete the revocation lists.

      +

      We return from Verify with the success or error status.

      +


      +

      +

      This concludes the verifysig walkthrough. Now you should be able to verify an Intel® EPID signature using the SDK APIs.

      +

      To learn more about the SDK APIs see the API Reference. To learn more about the Intel® EPID Scheme see Introduction to the Intel® EPID Scheme in the documentation.

      +
      +
      + + + + + diff --git a/doc/html/VerifysigWalkthru.html b/doc/html/VerifysigWalkthru.html deleted file mode 100644 index c66ada5..0000000 --- a/doc/html/VerifysigWalkthru.html +++ /dev/null @@ -1,190 +0,0 @@ - - - - - - - -Intel® Enhanced Privacy ID SDK: Verifying an Intel® EPID Signature - - - - - - - - - - - - -
      -
      - - - - - - -
      - -
      -
      - - -
      -
      - -
      -
      -
      - -
      -
      -
      -
      Verifying an Intel® EPID Signature
      -
      -
      -

      This walkthrough of the verifysig example shows you how to use SDK APIs to verify an Intel® EPID 2.0 signature. Verifysig is built during the SDK build.

      -

      To verify an Intel® EPID 1.1 signature see the example code in verifysig11.c. For information on Intel® EPID 1.1 speciifc APIs see EPID 1.1 support.

      -


      -

      -

      First, we include headers so we have access to needed declarations.

      -

      #include "src/verifysig.h"
      #include <stdlib.h>
      #include "util/buffutil.h"
      #include "util/envutil.h"
      #include "epid/verifier/api.h"
      #include "epid/common/file_parser.h"

      -

      The utility headers are used by verifysig for logging and buffer management. The epid/verifier/api.h header provides access to the core verifier APIs, and the epid/common/file_parser.h header provides an API for parsing buffers formatted according to the various IoT Intel® EPID binary file formats.

      -


      -

      -

      We define a stub function responsible for checking that the CA certificate is authorized by the root CA.

      -

      bool IsCaCertAuthorizedByRootCa(void const* data, size_t size) {
      (void)data;
      (void)size;
      return true;
      }

      -

      IsCaCertAuthorizedByRootCa is called from main.c to validate the CA certificate before calling Verify. In an actual implementation, you need to provide an implementation to validate the issuing CA certificate with the CA root certificate before using it in parse functions.

      -


      -

      -

      We use Verify to verify an Intel® EPID signature. Verify is a wrapper function that isolates SDK API functionality for the purpose of this walkthrough.

      -

      EpidStatus Verify(EpidSignature const* sig, size_t sig_len, void const* msg,
      size_t msg_len, void const* basename, size_t basename_len,
      void const* signed_priv_rl, size_t signed_priv_rl_size,
      void const* signed_sig_rl, size_t signed_sig_rl_size,
      void const* signed_grp_rl, size_t signed_grp_rl_size,
      VerifierRl const* ver_rl, size_t ver_rl_size,
      void const* signed_pub_key, size_t signed_pub_key_size,
      EpidCaCertificate const* cacert, HashAlg hash_alg,
      VerifierPrecomp* verifier_precomp,
      bool verifier_precomp_is_input) {

      -

      The Verify parameters were either sent by the verifier to the member, or they were part of the member's configuration. The exceptions are the sig and sig_len parameters, which we use to input the signature to be verified.

      -

      The verifier might send the message to the member or there may be another mechanism to choose the message, but the way the message is communicated is outside the scope of the Intel® EPID scheme.

      -

      We use the parameters verifier_precomp and verifier_precomp_is_input to pass in a pre-computation blob if provided. We can use the pre-computation blob to increase performance when verifying signatures repeatedly with the same group public key.

      -

      The member and the verifier agree on the message, basename, hash algorithm, and SigRL that the verifier uses for verification.

      -
      Warning
      The use of a name-based signature creates a platform unique pseudonymous identifier. Because it reduces the member's privacy, the user should be notified when it is used and should have control over its use.
      -


      -

      -

      Next we do basic variable setup.

      -

      EpidStatus result = kEpidErr;
      VerifierCtx* ctx = NULL;
      PrivRl* priv_rl = NULL;
      SigRl* sig_rl = NULL;
      GroupRl* grp_rl = NULL;
      do {
      GroupPubKey pub_key = {0};

      -

      We create pointers to resources to be allocated and we use the do {} while(0) idiom so that we can reliably free resources on return from Verify. We also allocate the group public key on the stack.

      -


      -

      -

      Next, we authenticate and extract the group public key using EpidParseGroupPubKeyFile.

      -

      result = EpidParseGroupPubKeyFile(signed_pub_key, signed_pub_key_size,
      cacert, &pub_key);
      if (kEpidNoErr != result) {
      break;
      }

      -

      EpidParseGroupPubKeyFile takes a buffer containing a group public key in issuer binary format and validates that the public key is signed by the private key that corresponds to the provided CA certificate, reading the key into pub_key in the process.

      -


      -

      -

      Next, we create a verifier context using EpidVerifierCreate.

      -

      result = EpidVerifierCreate(
      &pub_key, verifier_precomp_is_input ? verifier_precomp : NULL, &ctx);
      if (kEpidNoErr != result) {
      break;
      }

      -

      If a pre-computation blob is provided to the top level application, we use it. Otherwise, we pass in NULL.

      -


      -

      -

      Then we serialize pre-computed verifier data using EpidVerifierWritePrecomp.

      -

      result = EpidVerifierWritePrecomp(ctx, verifier_precomp);
      if (kEpidNoErr != result) {
      break;
      }

      -

      The serialized verifier pre-computation blob can be used to greatly increase performance of EpidVerifierCreate in future sessions if the same group public key is used.

      -


      -

      -

      We use EpidVerifierSetHashAlg to indicate the hash algorithm used for verification, which should be the same algorithm that the member used when signing.

      -

      result = EpidVerifierSetHashAlg(ctx, hash_alg);
      if (kEpidNoErr != result) {
      break;
      }

      -

      After the hash algorithm is set, future calls to EpidVerify will use the same algorithm.

      -


      -

      -

      We use EpidVerifierSetBasename to indicate the basename used for verification, which should be the same one that the member used when signing.

      -

      result = EpidVerifierSetBasename(ctx, basename, basename_len);
      if (kEpidNoErr != result) {
      break;
      }

      -

      After the basename is set, future calls to EpidVerify will use the same basename.

      -


      -

      -

      Before we verify a signature, we have to configure revocation lists so that we can check to see if a signer's group membership has been revoked.

      -
      Note
      Configured revocation lists are referenced directly by the verifier until a new revocation list is set or the verifier is destroyed. Until the verifier is destroyed, we do not modify the revocation lists.
      -


      -

      -

      We set the private key based revocation list using EpidVerifierSetPrivRl.

      -

      if (signed_priv_rl) {
      // authenticate and determine space needed for RL
      size_t priv_rl_size = 0;
      result = EpidParsePrivRlFile(signed_priv_rl, signed_priv_rl_size, cacert,
      NULL, &priv_rl_size);
      if (kEpidSigInvalid == result) {
      // authentication failure
      break;
      }
      if (kEpidNoErr != result) {
      break;
      }
      priv_rl = AllocBuffer(priv_rl_size);
      if (!priv_rl) {
      result = kEpidMemAllocErr;
      break;
      }
      // fill the rl
      result = EpidParsePrivRlFile(signed_priv_rl, signed_priv_rl_size, cacert,
      priv_rl, &priv_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      // set private key based revocation list
      result = EpidVerifierSetPrivRl(ctx, priv_rl, priv_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      } // if (signed_priv_rl)

      -

      We use EpidParsePrivRlFile to:

      -
        -
      • extract the private key based revocation list
        • -
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • -
      • validate that the size of the input buffer is correct
        • -
      • determine the required size of the revocation list output buffer
        • -
      -

      To determine the required priv_rl buffer size, we provide a null pointer for the output buffer when calling EpidParsePrivRlFile.

      -

      After we find out the required size of the priv_rl buffer, we allocate memory for it. Then we fill the buffer using EpidParsePrivRlFile.

      -


      -

      -

      Next, we set the signature based revocation list using EpidVerifierSetSigRl.

      -

      if (signed_sig_rl) {
      // authenticate and determine space needed for RL
      size_t sig_rl_size = 0;
      result = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert,
      NULL, &sig_rl_size);
      if (kEpidSigInvalid == result) {
      // authentication failure
      break;
      }
      if (kEpidNoErr != result) {
      break;
      }
      sig_rl = AllocBuffer(sig_rl_size);
      if (!sig_rl) {
      result = kEpidMemAllocErr;
      break;
      }
      // fill the rl
      result = EpidParseSigRlFile(signed_sig_rl, signed_sig_rl_size, cacert,
      sig_rl, &sig_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      // set signature based revocation list
      result = EpidVerifierSetSigRl(ctx, sig_rl, sig_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      } // if (signed_sig_rl)

      -

      We use EpidParseSigRlFile to:

      -
        -
      • extract the signature based revocation list
        • -
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • -
      • validate that the size of the input buffer is correct
        • -
      • determine the required size of the revocation list output buffer
        • -
      -

      To determine the required sig_rl buffer size, we provide a null pointer for the output buffer when calling EpidParseSigRlFile.

      -

      After we find out the required size of the sig_rl buffer, we allocate memory for it. Then we fill the buffer using EpidParseSigRlFile.

      -


      -

      -

      Next, we set the group based revocation list using EpidVerifierSetGroupRl.

      -

      if (signed_grp_rl) {
      // authenticate and determine space needed for RL
      size_t grp_rl_size = 0;
      result = EpidParseGroupRlFile(signed_grp_rl, signed_grp_rl_size, cacert,
      NULL, &grp_rl_size);
      if (kEpidSigInvalid == result) {
      // authentication failure
      break;
      }
      if (kEpidNoErr != result) {
      break;
      }
      grp_rl = AllocBuffer(grp_rl_size);
      if (!grp_rl) {
      result = kEpidMemAllocErr;
      break;
      }
      // fill the rl
      result = EpidParseGroupRlFile(signed_grp_rl, signed_grp_rl_size, cacert,
      grp_rl, &grp_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      // set group revocation list
      result = EpidVerifierSetGroupRl(ctx, grp_rl, grp_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      } // if (signed_grp_rl)

      -

      We use EpidParseGroupRlFile to:

      -
        -
      • extract the group based revocation list
        • -
      • validate that the revocation list was signed by the private key corresponding to the provided CA certificate
        • -
      • validate that the size of the input buffer is correct
        • -
      • determine the required size of the revocation list output buffer
        • -
      -

      To determine the required grp_rl buffer size, we provide a null pointer for the output buffer when calling EpidParseGroupRlFile.

      -

      After we find out the required size of the grp_rl buffer, we allocate memory for it. Then we fill the buffer using EpidParseGroupRlFile.

      -


      -

      -

      Next, we set the verifier blacklist using EpidVerifierSetVerifierRl.

      -

      if (ver_rl) {
      // set verifier based revocation list
      result = EpidVerifierSetVerifierRl(ctx, ver_rl, ver_rl_size);
      if (kEpidNoErr != result) {
      break;
      }
      }

      -

      The verifier is responsible for ensuring that the verifier revocation list is authorized. Validating it is outside the scope of this example.

      -


      -

      -

      Next, we use EpidVerify to verify that the Intel® EPID signature was created by a valid member of a group in good standing.

      -

      result = EpidVerify(ctx, sig, sig_len, msg, msg_len);
      if (kEpidNoErr != result) {
      break;
      }

      -

      -

      Finally, we clean up and exit.

      -

      } while (0);
      // delete verifier
      EpidVerifierDelete(&ctx);
      if (priv_rl) free(priv_rl);
      if (sig_rl) free(sig_rl);
      if (grp_rl) free(grp_rl);
      return result;
      }

      -

      If we made it past verification without an error, we set the return code appropriately and fall out of the do-while loop. If there was an error earlier, all breaks in the do-while loop bring us to this point with an error status.

      -

      Then we free the allocated resources. EpidVerifierDelete deletes the verifier context.

      -

      After deleting the verifier context, we can also delete the revocation lists.

      -

      We return from Verify with the success or error status.

      -


      -

      -

      This concludes the verifysig walkthrough. Now you should be able to verify an Intel® EPID signature using the SDK APIs.

      -

      To learn more about the SDK APIs see the API Reference. To learn more about the Intel® EPID Scheme see Introduction to the Intel® EPID Scheme in the documentation.

      -
      -
      - - - - - diff --git a/doc/html/annotated.html b/doc/html/annotated.html index e60838c..e4f28a2 100644 --- a/doc/html/annotated.html +++ b/doc/html/annotated.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -101,24 +101,25 @@ $(document).ready(function(){initNavTree('annotated.html','');});  CMemberPrecompPre-computed member settings  CMembershipCredentialMembership credential  CNrProofNon-revoked Proof - COctStr128128 bit octet string - COctStr1616 bit octet string - COctStr256256 bit octet string - COctStr3232 bit octet string - COctStr512512 bit octet string - COctStr600600 bit octet string - COctStr6464 bit octet string - COctStr768768 bit octet string - COctStr88 bit octet string - COctStr8080 bit octet string - CPreComputedSignaturePre-computed signature + CNrProveCommitOutputResult of NrProve Commit + COctStr128128 bit octet string + COctStr1616 bit octet string + COctStr256256 bit octet string + COctStr3232 bit octet string + COctStr512512 bit octet string + COctStr600600 bit octet string + COctStr6464 bit octet string + COctStr768768 bit octet string + COctStr88 bit octet string + COctStr8080 bit octet string  CPrivKeyIntel(R) EPID 2.0 private key  CPrivRlPrivate-key based revocation list  CSha256DigestSHA256 digest - CSigRlSignature based revocation list - CSigRlEntryEntry in SigRL (B,K) - CVerifierPrecompPre-computed verifier settings - CVerifierRl + CSignCommitOutputResult of Sign Commit + CSigRlSignature based revocation list + CSigRlEntryEntry in SigRL (B,K) + CVerifierPrecompPre-computed verifier settings + CVerifierRl @@ -128,7 +129,7 @@ $(document).ready(function(){initNavTree('annotated.html','');}); diff --git a/doc/html/basenames_8dox.html b/doc/html/basenames_8dox.html index 459857a..2ecf9e7 100644 --- a/doc/html/basenames_8dox.html +++ b/doc/html/basenames_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('basenames_8dox.html','');});
      • basenames.dox
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/basicdoc.png b/doc/html/basicdoc.png index e092eb6..7464933 100644 Binary files a/doc/html/basicdoc.png and b/doc/html/basicdoc.png differ diff --git a/doc/html/bignum_8h.html b/doc/html/bignum_8h.html index da25593..f3099d4 100644 --- a/doc/html/bignum_8h.html +++ b/doc/html/bignum_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -88,12 +88,12 @@ Functions void DeleteBigNum (BigNum **bignum)  Deletes a previously allocated BigNum. More...
        -EpidStatus ReadBigNum (void const *bn_str, size_t strlen, BigNum *bn) - Deserializes a BigNum from a string. More...
      -  -EpidStatus WriteBigNum (BigNum const *bn, size_t strlen, void *bn_str) - Serializes a BigNum to a string. More...
      -  +EpidStatus ReadBigNum (ConstOctStr bn_str, size_t strlen, BigNum *bn) + Deserializes a BigNum from a string. More...
      +  +EpidStatus WriteBigNum (BigNum const *bn, size_t strlen, OctStr bn_str) + Serializes a BigNum to a string. More...
      EpidStatus BigNumAdd (BigNum const *a, BigNum const *b, BigNum *r)  Adds two BigNum values. More...
        @@ -129,7 +129,7 @@ Functions diff --git a/doc/html/bitsupplier_8h.html b/doc/html/bitsupplier_8h.html index 24d6444..0e21810 100644 --- a/doc/html/bitsupplier_8h.html +++ b/doc/html/bitsupplier_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -84,7 +84,7 @@ Typedefs diff --git a/doc/html/build__tools__installation_8dox.html b/doc/html/build__tools__installation_8dox.html index 52c1f0b..804dde0 100644 --- a/doc/html/build__tools__installation_8dox.html +++ b/doc/html/build__tools__installation_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('build__tools__installation_8dox.html', diff --git a/doc/html/building__sdk_8dox.html b/doc/html/building__sdk_8dox.html index 0b63f2c..6f39e23 100644 --- a/doc/html/building__sdk_8dox.html +++ b/doc/html/building__sdk_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('building__sdk_8dox.html','');}); diff --git a/doc/html/choosing__ikgf_8dox.html b/doc/html/choosing__ikgf_8dox.html index d63d34a..1bf416c 100644 --- a/doc/html/choosing__ikgf_8dox.html +++ b/doc/html/choosing__ikgf_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('choosing__ikgf_8dox.html','');}); diff --git a/doc/html/classes.html b/doc/html/classes.html index 6329f92..e7786a3 100644 --- a/doc/html/classes.html +++ b/doc/html/classes.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -64,37 +64,36 @@ $(document).ready(function(){initNavTree('classes.html','');});
      B | C | E | F | G | I | J | M | N | O | P | S | V
      + - - + + - - - - + + + + - + + + - - + + + - - - + + +
        B  
      -      		Epid11NrProof   Fq6ElemStr   MembershipCredential   PrivKey   
      Epid11NrProof   Fq6ElemStr   MembershipCredential   
        P  
      +
      Epid11Params   FqElemStr   
        N  
      -      		PrivRl   
      BasicSignature   Epid11PrivRl   
        G  
      -
        S  
      BigNumStr   Epid11Signature   NrProof   
      BasicSignature   Epid11PrivRl   
        G  
      +      		PrivKey   
      BigNumStr   Epid11Signature   NrProof   PrivRl   
        C  
      -      		Epid11SigRl   G1ElemStr   
        O  
      -      		Sha256Digest   
      Epid11SigRlEntry   G2ElemStr   SigRl   
      CompressedPrivKey   Epid11VerifierPrecomp   GroupPubKey   OctStr128   SigRlEntry   
        E  
      -      		Epid2Params   GroupRl   OctStr16   
        V  
      +      		Epid11SigRl   G1ElemStr   NrProveCommitOutput   
        S  
      EpidCaCertificate   GtElemStr   OctStr256   
      Epid11SigRlEntry   G2ElemStr   
        O  
      +
      CompressedPrivKey   Epid11VerifierPrecomp   GroupPubKey   Sha256Digest   
        E  
      +      		Epid2Params   GroupRl   OctStr128   SignCommitOutput   
      EpidCaCertificate   GtElemStr   OctStr16   SigRl   
      EcdsaPrivateKey   EpidFileHeader   
        I  
      -      		OctStr32   VerifierPrecomp   
      EcdsaPublicKey   EpidSignature   OctStr512   VerifierRl   
      OctStr256   SigRlEntry   
      EcdsaPublicKey   EpidSignature   OctStr32   
        V  
      +
      EcdsaSignature   
        F  
      -      		IPrivKey   OctStr600   
      IPrivKey   OctStr512   
      Epid11BasicSignature   
        J  
      -      		OctStr64   
      Epid11G2ElemStr   FpElemStr   OctStr768   
      Epid11GroupPubKey   Fq12ElemStr   JoinRequest   OctStr8   
      OctStr600   VerifierPrecomp   
      Epid11G2ElemStr   FpElemStr   OctStr64   VerifierRl   
      Epid11GroupPubKey   Fq12ElemStr   JoinRequest   OctStr768   
      Epid11GroupRl   Fq2ElemStr   
        M  
      -      		OctStr80   
      Epid11GtElemStr   Fq3ElemStr   
        P  
      -
      MemberPrecomp   
      PreComputedSignature   
      OctStr8   
      Epid11GtElemStr   Fq3ElemStr   OctStr80   
      MemberPrecomp   
      B | C | E | F | G | I | J | M | N | O | P | S | V
      @@ -105,7 +104,7 @@ $(document).ready(function(){initNavTree('classes.html','');}); diff --git a/doc/html/context_8h.html b/doc/html/context_8h.html new file mode 100644 index 0000000..2b34549 --- /dev/null +++ b/doc/html/context_8h.html @@ -0,0 +1,102 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: epid/member/tpm/context.h File Reference + + + + + + + + + + + + +
      +
      + + + + + + +
      + +
      +
      + + +
      +
      + +
      +
      +
      + +
      +
      +
      +Functions
      +
      +
      context.h File Reference
      +
      +
      + +

      Sensitive member context APIs. +More...

      +
      #include "epid/common/errors.h"
      +#include "epid/common/bitsupplier.h"
      +
      + + + + + + + + + + + + + +

      +Functions

      EpidStatus TpmCreate (BitSupplier rnd_func, void *rnd_param, Epid2Params_ const *epid2_params, TpmCtx **ctx)
       Creates a new Tpm context. More...
       
      void TpmDelete (TpmCtx **ctx)
       Deletes an existing Tpm context. More...
       
      EpidStatus TpmProvision (TpmCtx *ctx, FpElemStr const *f_str)
       Provisions Tpm with sensitive parameters. More...
       
      EpidStatus TpmProvisionCompressed (TpmCtx *ctx, OctStr256 const *seed)
       Provisions Tpm with compressed key seed. More...
       
      +

      Detailed Description

      +

      Sensitive member context APIs.

      +
      +
      + + + + + diff --git a/doc/html/decompress_8h.html b/doc/html/decompress_8h.html new file mode 100644 index 0000000..9f5c1ca --- /dev/null +++ b/doc/html/decompress_8h.html @@ -0,0 +1,92 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: epid/member/tpm/decompress.h File Reference + + + + + + + + + + + + +
      +
      + + + + + + +
      + +
      +
      + + +
      +
      + +
      +
      +
      + +
      +
      +
      +Functions
      +
      +
      decompress.h File Reference
      +
      +
      + +

      TPM key decompression APIs. +More...

      +
      #include "epid/common/errors.h"
      +
      + + + + +

      +Functions

      EpidStatus TpmDecompressKey (TpmCtx *ctx, G1ElemStr const *h1_str, G2ElemStr const *w_str, FqElemStr const *Ax_str, G1ElemStr *A_str, FpElemStr *x_str)
       Decompresses provisioned key. More...
       
      +

      Detailed Description

      +

      TPM key decompression APIs.

      +
      +
      + + + + + diff --git a/doc/html/dir_02c945662023679b89476bd7126bc985.html b/doc/html/dir_02c945662023679b89476bd7126bc985.html index 2da5253..fa564fd 100644 --- a/doc/html/dir_02c945662023679b89476bd7126bc985.html +++ b/doc/html/dir_02c945662023679b89476bd7126bc985.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -85,7 +85,7 @@ Files
      • epid
      • verifier
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/dir_12b90d9c027aaf878a834df729679a56.html b/doc/html/dir_12b90d9c027aaf878a834df729679a56.html index 3b6b938..7a4c933 100644 --- a/doc/html/dir_12b90d9c027aaf878a834df729679a56.html +++ b/doc/html/dir_12b90d9c027aaf878a834df729679a56.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -88,7 +88,7 @@ Directories
      • epid
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/dir_512d3e62841a8535b716ec4cf8b9e950.html b/doc/html/dir_512d3e62841a8535b716ec4cf8b9e950.html index c2d5b41..5e26711 100644 --- a/doc/html/dir_512d3e62841a8535b716ec4cf8b9e950.html +++ b/doc/html/dir_512d3e62841a8535b716ec4cf8b9e950.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -66,6 +66,9 @@ $(document).ready(function(){initNavTree('dir_512d3e62841a8535b716ec4cf8b9e950.h More...

      + +

      +Directories

      @@ -82,7 +85,7 @@ Files
      • epid
      • member
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/dir_6048dbb18cb271412de4a010207fd345.html b/doc/html/dir_6048dbb18cb271412de4a010207fd345.html new file mode 100644 index 0000000..7b7bb58 --- /dev/null +++ b/doc/html/dir_6048dbb18cb271412de4a010207fd345.html @@ -0,0 +1,105 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: epid/member/tpm Directory Reference + + + + + + + + + + + + +
      +
      +

      Files

      file  api.h
      + + + + + +
      + +
      + + + + +
      + +
      +
      +
      + +
      +
      +
      +
      tpm Directory Reference
      +
      +
      + + + + + + + + + + + + + + + + + + + + + + + + + + +

      +Files

      file  context.h
       Sensitive member context APIs.
       
      file  decompress.h
       TPM key decompression APIs.
       
      file  init.h
       Non-sensitive member context APIs.
       
      file  join.h
       TPM join APIs.
       
      file  nrprove.h
       TPM NrProve APIs.
       
      file  presig.h
       Sensitive pre-computed signature APIs.
       
      file  sign.h
       TPM signing APIs.
       
      file  validatekey.h
       Non-sensitive member context APIs.
       
      +
      +
      + + + + + diff --git a/doc/html/dir_a32be19bc88f3d7aac6b7249da379f26.html b/doc/html/dir_a32be19bc88f3d7aac6b7249da379f26.html index 446b40e..d5579b0 100644 --- a/doc/html/dir_a32be19bc88f3d7aac6b7249da379f26.html +++ b/doc/html/dir_a32be19bc88f3d7aac6b7249da379f26.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -79,7 +79,7 @@ Files
      • epid
      • common
      • 1.1
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/dir_ef364879bae02db2684040178ed9b186.html b/doc/html/dir_ef364879bae02db2684040178ed9b186.html index 5a8f5eb..037ebae 100644 --- a/doc/html/dir_ef364879bae02db2684040178ed9b186.html +++ b/doc/html/dir_ef364879bae02db2684040178ed9b186.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -76,7 +76,7 @@ Files
      • epid
      • verifier
      • 1.1
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/dir_f169ebf8da29290a918fa4b3f7151050.html b/doc/html/dir_f169ebf8da29290a918fa4b3f7151050.html index 3a07fce..5c36c0c 100644 --- a/doc/html/dir_f169ebf8da29290a918fa4b3f7151050.html +++ b/doc/html/dir_f169ebf8da29290a918fa4b3f7151050.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -103,7 +103,7 @@ Files
      • epid
      • common
      • math
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/dir_f6bef457d5f671b6e774bfccc16651f6.html b/doc/html/dir_f6bef457d5f671b6e774bfccc16651f6.html index b454780..4ab2133 100644 --- a/doc/html/dir_f6bef457d5f671b6e774bfccc16651f6.html +++ b/doc/html/dir_f6bef457d5f671b6e774bfccc16651f6.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -100,7 +100,7 @@ Files
      • epid
      • common
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/ecdsa_8h.html b/doc/html/ecdsa_8h.html index 1612334..33ced6d 100644 --- a/doc/html/ecdsa_8h.html +++ b/doc/html/ecdsa_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -73,12 +73,12 @@ $(document).ready(function(){initNavTree('ecdsa_8h.html','');}); - - - - - - + + + + + +

      Functions

      EpidStatus EcdsaVerifyBuffer (void const *buf, size_t buf_len, EcdsaPublicKey const *pubkey, EcdsaSignature const *sig)
       Verifies authenticity of a digital signature over a buffer. More...
       
      EpidStatus EcdsaSignBuffer (void const *buf, size_t buf_len, EcdsaPrivateKey const *privkey, BitSupplier rnd_func, void *rnd_param, EcdsaSignature *sig)
       Creates ECDSA signature of buffer. More...
       
      EpidStatus EcdsaVerifyBuffer (ConstOctStr buf, size_t buf_len, EcdsaPublicKey const *pubkey, EcdsaSignature const *sig)
       Verifies authenticity of a digital signature over a buffer. More...
       
      EpidStatus EcdsaSignBuffer (ConstOctStr buf, size_t buf_len, EcdsaPrivateKey const *privkey, BitSupplier rnd_func, void *rnd_param, EcdsaSignature *sig)
       Creates ECDSA signature of buffer. More...
       

      Detailed Description

      Ecdsa interface.

      @@ -90,7 +90,7 @@ Functions
      diff --git a/doc/html/ecgroup_8h.html b/doc/html/ecgroup_8h.html index adf8f29..21003e0 100644 --- a/doc/html/ecgroup_8h.html +++ b/doc/html/ecgroup_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -98,12 +98,12 @@ Functions void DeleteEcPoint (EcPoint **p)  Deletes a previously allocated EcPoint. More...
        -EpidStatus ReadEcPoint (EcGroup *g, void const *p_str, size_t strlen, EcPoint *p) - Deserializes an EcPoint from a string. More...
      -  -EpidStatus WriteEcPoint (EcGroup *g, EcPoint const *p, void *p_str, size_t strlen) - Serializes an EcPoint to a string. More...
      -  +EpidStatus ReadEcPoint (EcGroup *g, ConstOctStr p_str, size_t strlen, EcPoint *p) + Deserializes an EcPoint from a string. More...
      +  +EpidStatus WriteEcPoint (EcGroup *g, EcPoint const *p, OctStr p_str, size_t strlen) + Serializes an EcPoint to a string. More...
      EpidStatus EcMul (EcGroup *g, EcPoint const *a, EcPoint const *b, EcPoint *r)  Multiplies two elements in an elliptic curve group. More...
        @@ -125,15 +125,15 @@ Functions EpidStatus EcGetRandom (EcGroup *g, BitSupplier rnd_func, void *rnd_func_param, EcPoint *r)  Generates a random element from an elliptic curve group. More...
        -EpidStatus EcInGroup (EcGroup *g, void const *p_str, size_t strlen, bool *in_group) - Checks if a point is in an elliptic curve group. More...
      -  -EpidStatus Epid11EcHash (EcGroup *g, void const *msg, size_t msg_len, EcPoint *r) - Hashes an arbitrary message to an Intel(R) EPID 1.1 element in an elliptic curve group. More...
      -  -EpidStatus EcHash (EcGroup *g, void const *msg, size_t msg_len, HashAlg hash_alg, EcPoint *r) - Hashes an arbitrary message to an element in an elliptic curve group. More...
      -  +EpidStatus EcInGroup (EcGroup *g, ConstOctStr p_str, size_t strlen, bool *in_group) + Checks if a point is in an elliptic curve group. More...
      +  +EpidStatus Epid11EcHash (EcGroup *g, ConstOctStr msg, size_t msg_len, EcPoint *r) + Hashes an arbitrary message to an Intel(R) EPID 1.1 element in an elliptic curve group. More...
      +  +EpidStatus EcHash (EcGroup *g, ConstOctStr msg, size_t msg_len, HashAlg hash_alg, EcPoint *r) + Hashes an arbitrary message to an element in an elliptic curve group. More...
      EpidStatus EcMakePoint (EcGroup *g, FfElement const *x, EcPoint *r)  Sets an EcPoint variable to a point on a curve. More...
        @@ -157,7 +157,7 @@ Functions diff --git a/doc/html/epid__overview_8dox.html b/doc/html/epid__overview_8dox.html index 1aae71e..ee5b8d1 100644 --- a/doc/html/epid__overview_8dox.html +++ b/doc/html/epid__overview_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('epid__overview_8dox.html','');}); diff --git a/doc/html/epid_diagram_basic_interaction.png b/doc/html/epid_diagram_basic_interaction.png new file mode 100644 index 0000000..2c0f236 Binary files /dev/null and b/doc/html/epid_diagram_basic_interaction.png differ diff --git a/doc/html/epid_diagram_group.png b/doc/html/epid_diagram_group.png new file mode 100644 index 0000000..2caf441 Binary files /dev/null and b/doc/html/epid_diagram_group.png differ diff --git a/doc/html/epid_diagram_high_level_interaction.png b/doc/html/epid_diagram_high_level_interaction.png deleted file mode 100644 index 1013eb0..0000000 Binary files a/doc/html/epid_diagram_high_level_interaction.png and /dev/null differ diff --git a/doc/html/epid_diagram_high_level_use_case.png b/doc/html/epid_diagram_high_level_use_case.png deleted file mode 100644 index acc6374..0000000 Binary files a/doc/html/epid_diagram_high_level_use_case.png and /dev/null differ diff --git a/doc/html/epid_diagram_issuer_functionality.png b/doc/html/epid_diagram_issuer_functionality.png new file mode 100644 index 0000000..7614b56 Binary files /dev/null and b/doc/html/epid_diagram_issuer_functionality.png differ diff --git a/doc/html/epid_diagram_issuer_high_level.png b/doc/html/epid_diagram_issuer_high_level.png deleted file mode 100644 index d03d6b9..0000000 Binary files a/doc/html/epid_diagram_issuer_high_level.png and /dev/null differ diff --git a/doc/html/epid_diagram_member_functionality.png b/doc/html/epid_diagram_member_functionality.png new file mode 100644 index 0000000..3b0a41a Binary files /dev/null and b/doc/html/epid_diagram_member_functionality.png differ diff --git a/doc/html/epid_diagram_member_high_level.png b/doc/html/epid_diagram_member_high_level.png deleted file mode 100644 index 58d784f..0000000 Binary files a/doc/html/epid_diagram_member_high_level.png and /dev/null differ diff --git a/doc/html/epid_diagram_roles_summary.png b/doc/html/epid_diagram_roles_summary.png new file mode 100644 index 0000000..4c6f422 Binary files /dev/null and b/doc/html/epid_diagram_roles_summary.png differ diff --git a/doc/html/epid_diagram_verifier_functionality.png b/doc/html/epid_diagram_verifier_functionality.png new file mode 100644 index 0000000..c065129 Binary files /dev/null and b/doc/html/epid_diagram_verifier_functionality.png differ diff --git a/doc/html/epid_diagram_verifier_high_level.png b/doc/html/epid_diagram_verifier_high_level.png deleted file mode 100644 index bb92560..0000000 Binary files a/doc/html/epid_diagram_verifier_high_level.png and /dev/null differ diff --git a/doc/html/errors_8h.html b/doc/html/errors_8h.html index ecda4e4..cec6edb 100644 --- a/doc/html/errors_8h.html +++ b/doc/html/errors_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -94,7 +94,9 @@ Enumerations   kEpidRandMaxIterErr, kEpidDuplicateErr, kEpidInconsistentBasenameSetErr, -kEpidMathQuadraticNonResidueError +kEpidMathQuadraticNonResidueError, +
      +  kEpidOutOfSequenceError
      } Return status for SDK functions. More...
      @@ -116,7 +118,7 @@ Functions diff --git a/doc/html/examples.html b/doc/html/examples.html index a69755f..241bb40 100644 --- a/doc/html/examples.html +++ b/doc/html/examples.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -66,9 +66,9 @@ $(document).ready(function(){initNavTree('Examples.html','');}); Example Application Concept Demonstrated -signmsg Generating an Intel® EPID Signature +signmsg Generating an Intel® EPID Signature -verifysig Verifying an Intel® EPID Signature +verifysig Verifying an Intel® EPID Signature @@ -77,7 +77,7 @@ $(document).ready(function(){initNavTree('Examples.html','');}); diff --git a/doc/html/examples.js b/doc/html/examples.js index 35ebbda..450d9d9 100644 --- a/doc/html/examples.js +++ b/doc/html/examples.js @@ -1,5 +1,11 @@ var Examples = [ - [ "Generating an Intel® EPID Signature", "SignmsgWalkthru.html", null ], - [ "Verifying an Intel® EPID Signature", "VerifysigWalkthru.html", null ] + [ "Generating an Intel® EPID Signature", "UserManual_GeneratingAnIntelEpidSignature.html", [ + [ "Summary", "UserManual_GeneratingAnIntelEpidSignature.html#signmsgWalktrhu_overview", null ], + [ "Signmsg Walkthrough", "UserManual_GeneratingAnIntelEpidSignature.html#signmsgWalkthru_", null ] + ] ], + [ "Verifying an Intel® EPID Signature", "UserManual_VerifyingAnIntelEpidSignature.html", [ + [ "Summary", "UserManual_VerifyingAnIntelEpidSignature.html#verifysigWalktrhu_overview", null ], + [ "Verifysig Walkthrough", "UserManual_VerifyingAnIntelEpidSignature.html#verifysigWalkthrough_main", null ] + ] ] ]; \ No newline at end of file diff --git a/doc/html/examples_8dox.html b/doc/html/examples_8dox.html index 0114afb..34cfc3d 100644 --- a/doc/html/examples_8dox.html +++ b/doc/html/examples_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('examples_8dox.html','');});
      • examples.dox
      • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
      diff --git a/doc/html/file__parser_8h.html b/doc/html/file__parser_8h.html index 5b29071..0165205 100644 --- a/doc/html/file__parser_8h.html +++ b/doc/html/file__parser_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -146,7 +146,7 @@ const OctStr16 
    • epid
    • common
    • file_parser.h
    • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
    diff --git a/doc/html/files.html b/doc/html/files.html index ab34f5b..28117fc 100644 --- a/doc/html/files.html +++ b/doc/html/files.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -83,11 +83,20 @@ $(document).ready(function(){initNavTree('files.html','');});  stdtypes.hC99 standard data types  types.hSDK data types   memberMember functionality - api.hIntel(R) EPID SDK member API -  verifierVerifier functionality -  1.1 - api.hIntel(R) EPID SDK verifier Intel(R) EPID 1.1 API - api.hIntel(R) EPID SDK verifier API +  tpm + context.hSensitive member context APIs + decompress.hTPM key decompression APIs + init.hNon-sensitive member context APIs + join.hTPM join APIs + nrprove.hTPM NrProve APIs + presig.hSensitive pre-computed signature APIs + sign.hTPM signing APIs + validatekey.hNon-sensitive member context APIs + api.hIntel(R) EPID SDK member API +  verifierVerifier functionality +  1.1 + api.hIntel(R) EPID SDK verifier Intel(R) EPID 1.1 API + api.hIntel(R) EPID SDK verifier API @@ -97,7 +106,7 @@ $(document).ready(function(){initNavTree('files.html','');}); diff --git a/doc/html/finitefield_8h.html b/doc/html/finitefield_8h.html index ca7b07f..d89d041 100644 --- a/doc/html/finitefield_8h.html +++ b/doc/html/finitefield_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -104,15 +104,15 @@ Functions void DeleteFfElement (FfElement **ff_elem)  Frees a previously allocated FfElement. More...
      -EpidStatus ReadFfElement (FiniteField *ff, void const *ff_elem_str, size_t strlen, FfElement *ff_elem) - Deserializes a FfElement from a string. More...
    -  +EpidStatus ReadFfElement (FiniteField *ff, ConstOctStr ff_elem_str, size_t strlen, FfElement *ff_elem) + Deserializes a FfElement from a string. More...
    EpidStatus InitFfElementFromBn (FiniteField *ff, BigNum *bn, FfElement *ff_elem)  Initializes an existing FfElement from a BigNum. More...
      -EpidStatus WriteFfElement (FiniteField *ff, FfElement const *ff_elem, void *ff_elem_str, size_t strlen) - Serializes a finite field element to a string. More...
    -  +EpidStatus WriteFfElement (FiniteField *ff, FfElement const *ff_elem, OctStr ff_elem_str, size_t strlen) + Serializes a finite field element to a string. More...
    EpidStatus FfNeg (FiniteField *ff, FfElement const *a, FfElement *r)  Calculates the additive inverse of a finite field element. More...
      @@ -146,9 +146,9 @@ Functions EpidStatus FfIsEqual (FiniteField *ff, FfElement const *a, FfElement const *b, bool *is_equal)  Checks if two finite field elements are equal. More...
      -EpidStatus FfHash (FiniteField *ff, void const *msg, size_t msg_len, HashAlg hash_alg, FfElement *r) - Hashes an arbitrary message to an element in a finite field. More...
    -  +EpidStatus FfHash (FiniteField *ff, ConstOctStr msg, size_t msg_len, HashAlg hash_alg, FfElement *r) + Hashes an arbitrary message to an element in a finite field. More...
    EpidStatus FfGetRandom (FiniteField *ff, BigNumStr const *low_bound, BitSupplier rnd_func, void *rnd_param, FfElement *r)  Generate random finite field element. More...
      @@ -166,7 +166,7 @@ Functions diff --git a/doc/html/functions.html b/doc/html/functions.html index ee04435..248ebab 100644 --- a/doc/html/functions.html +++ b/doc/html/functions.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -71,12 +71,7 @@ $(document).ready(function(){initNavTree('functions.html','');});
  • A : MembershipCredential -
    • -
  • a -: PreComputedSignature -
    • -
  • A -: PrivKey +, PrivKey
  • a_tick : Epid11Params @@ -97,10 +92,9 @@ $(document).ready(function(){initNavTree('functions.html','');}); , Epid11SigRlEntry , Epid2Params , EpidCaCertificate -, PreComputedSignature
  • B -: PreComputedSignature +: SignCommitOutput
  • b : SigRlEntry @@ -266,7 +260,7 @@ $(document).ready(function(){initNavTree('functions.html','');}); : Epid11SigRlEntry
  • K -: PreComputedSignature +: SignCommitOutput
  • k : SigRlEntry @@ -347,27 +341,17 @@ $(document).ready(function(){initNavTree('functions.html','');}); : EpidCaCertificate
  • R1 -: PreComputedSignature +: NrProveCommitOutput +, SignCommitOutput
  • R2 -: PreComputedSignature -
    • -
  • ra -: PreComputedSignature -
    • -
  • rb -: PreComputedSignature -
    • -
  • rf -: PreComputedSignature +: NrProveCommitOutput +, SignCommitOutput
  • rl_ver : Epid11Signature , EpidSignature
    • -
  • rx -: PreComputedSignature -
    • @@ -435,7 +419,8 @@ $(document).ready(function(){initNavTree('functions.html','');});
  • T : NrProof -, PreComputedSignature +, NrProveCommitOutput +, SignCommitOutput
  • T1 : Epid11BasicSignature @@ -502,7 +487,7 @@ $(document).ready(function(){initNavTree('functions.html','');}); diff --git a/doc/html/functions_vars.html b/doc/html/functions_vars.html index 056b9bc..071a59c 100644 --- a/doc/html/functions_vars.html +++ b/doc/html/functions_vars.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -71,12 +71,7 @@ $(document).ready(function(){initNavTree('functions_vars.html','');});
  • A : MembershipCredential -
    • -
  • a -: PreComputedSignature -
    • -
  • A -: PrivKey +, PrivKey
  • a_tick : Epid11Params @@ -97,10 +92,9 @@ $(document).ready(function(){initNavTree('functions_vars.html','');}); , Epid11SigRlEntry , Epid2Params , EpidCaCertificate -, PreComputedSignature
  • B -: PreComputedSignature +: SignCommitOutput
  • b : SigRlEntry @@ -266,7 +260,7 @@ $(document).ready(function(){initNavTree('functions_vars.html','');}); : Epid11SigRlEntry
  • K -: PreComputedSignature +: SignCommitOutput
  • k : SigRlEntry @@ -347,27 +341,17 @@ $(document).ready(function(){initNavTree('functions_vars.html','');}); : EpidCaCertificate
  • R1 -: PreComputedSignature +: NrProveCommitOutput +, SignCommitOutput
  • R2 -: PreComputedSignature -
    • -
  • ra -: PreComputedSignature -
    • -
  • rb -: PreComputedSignature -
    • -
  • rf -: PreComputedSignature +: NrProveCommitOutput +, SignCommitOutput
  • rl_ver : Epid11Signature , EpidSignature
    • -
  • rx -: PreComputedSignature -
    • @@ -435,7 +419,8 @@ $(document).ready(function(){initNavTree('functions_vars.html','');});
  • T : NrProof -, PreComputedSignature +, NrProveCommitOutput +, SignCommitOutput
  • T1 : Epid11BasicSignature @@ -502,7 +487,7 @@ $(document).ready(function(){initNavTree('functions_vars.html','');}); diff --git a/doc/html/globals.html b/doc/html/globals.html index bc81e4f..c24a588 100644 --- a/doc/html/globals.html +++ b/doc/html/globals.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -71,7 +71,7 @@ $(document).ready(function(){initNavTree('globals.html','');}); diff --git a/doc/html/globals_b.html b/doc/html/globals_b.html index 32e6596..14e995f 100644 --- a/doc/html/globals_b.html +++ b/doc/html/globals_b.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -101,7 +101,7 @@ $(document).ready(function(){initNavTree('globals_b.html','');}); diff --git a/doc/html/globals_c.html b/doc/html/globals_c.html new file mode 100644 index 0000000..a8ecc88 --- /dev/null +++ b/doc/html/globals_c.html @@ -0,0 +1,79 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: Globals + + + + + + + + + + + + +
    +
    + + + + + + +
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    +
    Here is a list of all documented functions, variables, defines, enums, and typedefs with links to the documentation:
    + +

    - c -

    +
    +
    + + + + + diff --git a/doc/html/globals_d.html b/doc/html/globals_d.html index 5a581ac..820f0cc 100644 --- a/doc/html/globals_d.html +++ b/doc/html/globals_d.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -89,7 +89,7 @@ $(document).ready(function(){initNavTree('globals_d.html','');}); diff --git a/doc/html/globals_defs.html b/doc/html/globals_defs.html index 32be0f5..61272c2 100644 --- a/doc/html/globals_defs.html +++ b/doc/html/globals_defs.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -75,7 +75,7 @@ $(document).ready(function(){initNavTree('globals_defs.html','');}); diff --git a/doc/html/globals_e.html b/doc/html/globals_e.html index 4d01760..25ed4b1 100644 --- a/doc/html/globals_e.html +++ b/doc/html/globals_e.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -61,10 +61,10 @@ $(document).ready(function(){initNavTree('globals_e.html','');});

    - e -

    • EcdsaSignBuffer() -: ecdsa.h +: ecdsa.h
    • EcdsaVerifyBuffer() -: ecdsa.h +: ecdsa.h
    • EcExp() : ecgroup.h @@ -76,10 +76,10 @@ $(document).ready(function(){initNavTree('globals_e.html','');}); : ecgroup.h
    • EcHash() -: ecgroup.h +: ecgroup.h
    • EcInGroup() -: ecgroup.h +: ecgroup.h
    • EcInverse() : ecgroup.h @@ -118,7 +118,7 @@ $(document).ready(function(){initNavTree('globals_e.html','');}); : api.h
    • Epid11EcHash() -: ecgroup.h +: ecgroup.h
    • Epid11G1ElemStr : types.h @@ -181,11 +181,14 @@ $(document).ready(function(){initNavTree('globals_e.html','');}); : api.h
    • EpidAddPreSigs() -: api.h +: api.h
    • EpidAreSigsLinked() : api.h
      • +
    • EpidAssemblePrivKey() +: api.h +
    • EpidBlacklistSig() : api.h
      • @@ -207,9 +210,6 @@ $(document).ready(function(){initNavTree('globals_e.html','');});
    • EpidGetVerifierRlSize() : api.h
      • -
    • EpidIsPrivKeyInGroup() -: api.h -
    • EpidMemberCreate() : api.h
      • @@ -219,6 +219,9 @@ $(document).ready(function(){initNavTree('globals_e.html','');});
    • EpidMemberSetHashAlg() : api.h
      • +
    • EpidMemberSetSigRl() +: api.h +
    • EpidMemberWritePrecomp() : api.h
      • @@ -250,7 +253,7 @@ $(document).ready(function(){initNavTree('globals_e.html','');}); : api.h
    • EpidSign() -: api.h +: api.h
    • EpidSignBasic() : api.h @@ -297,9 +300,6 @@ $(document).ready(function(){initNavTree('globals_e.html','');});
    • EpidVersion : file_parser.h
      • -
    • EpidWritePreSigs() -: api.h -
    • EpidWriteVerifierRl() : api.h
      • @@ -311,7 +311,7 @@ $(document).ready(function(){initNavTree('globals_e.html','');}); diff --git a/doc/html/globals_enum.html b/doc/html/globals_enum.html index e5d8f31..64619c7 100644 --- a/doc/html/globals_enum.html +++ b/doc/html/globals_enum.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -81,7 +81,7 @@ $(document).ready(function(){initNavTree('globals_enum.html','');}); diff --git a/doc/html/globals_eval.html b/doc/html/globals_eval.html index d509456..d838e67 100644 --- a/doc/html/globals_eval.html +++ b/doc/html/globals_eval.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -102,6 +102,9 @@ $(document).ready(function(){initNavTree('globals_eval.html','');});
    • kEpidNotImpl : errors.h
      • +
    • kEpidOutOfSequenceError +: errors.h +
    • kEpidRandMaxIterErr : errors.h
      • @@ -197,7 +200,7 @@ $(document).ready(function(){initNavTree('globals_eval.html','');}); diff --git a/doc/html/globals_f.html b/doc/html/globals_f.html index a7623e4..74ccfe8 100644 --- a/doc/html/globals_f.html +++ b/doc/html/globals_f.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -76,7 +76,7 @@ $(document).ready(function(){initNavTree('globals_f.html','');}); : finitefield.h
    • FfHash() -: finitefield.h +: finitefield.h
    • FfInv() : finitefield.h @@ -119,7 +119,7 @@ $(document).ready(function(){initNavTree('globals_f.html','');}); diff --git a/doc/html/globals_func.html b/doc/html/globals_func.html index e172435..1236d09 100644 --- a/doc/html/globals_func.html +++ b/doc/html/globals_func.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -114,10 +114,10 @@ $(document).ready(function(){initNavTree('globals_func.html','');});

      - e -

      • EcdsaSignBuffer() -: ecdsa.h +: ecdsa.h
      • EcdsaVerifyBuffer() -: ecdsa.h +: ecdsa.h
      • EcExp() : ecgroup.h @@ -126,10 +126,10 @@ $(document).ready(function(){initNavTree('globals_func.html','');}); : ecgroup.h
      • EcHash() -: ecgroup.h +: ecgroup.h
      • EcInGroup() -: ecgroup.h +: ecgroup.h
      • EcInverse() : ecgroup.h @@ -165,7 +165,7 @@ $(document).ready(function(){initNavTree('globals_func.html','');}); : api.h
      • Epid11EcHash() -: ecgroup.h +: ecgroup.h
      • Epid11NrVerify() : api.h @@ -213,11 +213,14 @@ $(document).ready(function(){initNavTree('globals_func.html','');}); : api.h
      • EpidAddPreSigs() -: api.h +: api.h
      • EpidAreSigsLinked() : api.h
        • +
      • EpidAssemblePrivKey() +: api.h +
      • EpidBlacklistSig() : api.h
        • @@ -236,9 +239,6 @@ $(document).ready(function(){initNavTree('globals_func.html','');});
      • EpidGetVerifierRlSize() : api.h
        • -
      • EpidIsPrivKeyInGroup() -: api.h -
      • EpidMemberCreate() : api.h
        • @@ -248,6 +248,9 @@ $(document).ready(function(){initNavTree('globals_func.html','');});
      • EpidMemberSetHashAlg() : api.h
        • +
      • EpidMemberSetSigRl() +: api.h +
      • EpidMemberWritePrecomp() : api.h
        • @@ -279,7 +282,7 @@ $(document).ready(function(){initNavTree('globals_func.html','');}); : api.h
      • EpidSign() -: api.h +: api.h
      • EpidSignBasic() : api.h @@ -320,9 +323,6 @@ $(document).ready(function(){initNavTree('globals_func.html','');});
      • EpidVerifyBasicSig() : api.h
        • -
      • EpidWritePreSigs() -: api.h -
      • EpidWriteVerifierRl() : api.h
        • @@ -340,7 +340,7 @@ $(document).ready(function(){initNavTree('globals_func.html','');}); : finitefield.h
      • FfHash() -: finitefield.h +: finitefield.h
      • FfInv() : finitefield.h @@ -415,7 +415,7 @@ $(document).ready(function(){initNavTree('globals_func.html','');});

        - p -

        +

        - t -

        + +

        - w -

        @@ -494,7 +543,7 @@ $(document).ready(function(){initNavTree('globals_func.html','');}); diff --git a/doc/html/globals_g.html b/doc/html/globals_g.html index 73f98a5..acabe7c 100644 --- a/doc/html/globals_g.html +++ b/doc/html/globals_g.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -71,7 +71,7 @@ $(document).ready(function(){initNavTree('globals_g.html','');}); diff --git a/doc/html/globals_h.html b/doc/html/globals_h.html index 227a488..5e4ebc2 100644 --- a/doc/html/globals_h.html +++ b/doc/html/globals_h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -71,7 +71,7 @@ $(document).ready(function(){initNavTree('globals_h.html','');}); diff --git a/doc/html/globals_i.html b/doc/html/globals_i.html index cd8c032..9168758 100644 --- a/doc/html/globals_i.html +++ b/doc/html/globals_i.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('globals_i.html','');}); diff --git a/doc/html/globals_k.html b/doc/html/globals_k.html index b403cac..56eef29 100644 --- a/doc/html/globals_k.html +++ b/doc/html/globals_k.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -105,6 +105,9 @@ $(document).ready(function(){initNavTree('globals_k.html','');});
      • kEpidNotImpl : errors.h
        • +
      • kEpidOutOfSequenceError +: errors.h +
      • kEpidRandMaxIterErr : errors.h
        • @@ -203,7 +206,7 @@ $(document).ready(function(){initNavTree('globals_k.html','');}); diff --git a/doc/html/globals_m.html b/doc/html/globals_m.html index 4e74e83..1176e0e 100644 --- a/doc/html/globals_m.html +++ b/doc/html/globals_m.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -71,7 +71,7 @@ $(document).ready(function(){initNavTree('globals_m.html','');}); diff --git a/doc/html/globals_n.html b/doc/html/globals_n.html index 2edd5a5..2985516 100644 --- a/doc/html/globals_n.html +++ b/doc/html/globals_n.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -95,7 +95,7 @@ $(document).ready(function(){initNavTree('globals_n.html','');}); diff --git a/doc/html/globals_o.html b/doc/html/globals_o.html new file mode 100644 index 0000000..bbb1e5b --- /dev/null +++ b/doc/html/globals_o.html @@ -0,0 +1,79 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: Globals + + + + + + + + + + + + +
        +
        + + + + + + +
        + +
        +
        + + +
        +
        + +
        +
        +
        + +
        +
        +
        Here is a list of all documented functions, variables, defines, enums, and typedefs with links to the documentation:
        + +

        - o -

        +
        +
        + + + + + diff --git a/doc/html/globals_p.html b/doc/html/globals_p.html index 45b4ea4..454ff90 100644 --- a/doc/html/globals_p.html +++ b/doc/html/globals_p.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -61,7 +61,7 @@ $(document).ready(function(){initNavTree('globals_p.html','');});

        - p -

        • Pairing() -: pairing.h +: pairing.h
        • PairingState : pairing.h @@ -113,7 +113,7 @@ $(document).ready(function(){initNavTree('globals_p.html','');}); diff --git a/doc/html/globals_r.html b/doc/html/globals_r.html index 9d6af06..9cdf1b8 100644 --- a/doc/html/globals_r.html +++ b/doc/html/globals_r.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -61,13 +61,13 @@ $(document).ready(function(){initNavTree('globals_r.html','');});

          - r -

          • ReadBigNum() -: bignum.h +: bignum.h
          • ReadEcPoint() -: ecgroup.h +: ecgroup.h
          • ReadFfElement() -: finitefield.h +: finitefield.h
          • ReKeySeed : types.h @@ -80,7 +80,7 @@ $(document).ready(function(){initNavTree('globals_r.html','');}); diff --git a/doc/html/globals_s.html b/doc/html/globals_s.html index ffba267..df4e600 100644 --- a/doc/html/globals_s.html +++ b/doc/html/globals_s.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('globals_s.html','');}); diff --git a/doc/html/globals_t.html b/doc/html/globals_t.html index 7e7f3e8..777151a 100644 --- a/doc/html/globals_t.html +++ b/doc/html/globals_t.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -60,6 +60,51 @@ $(document).ready(function(){initNavTree('globals_t.html','');});
            Here is a list of all documented functions, variables, defines, enums, and typedefs with links to the documentation:

            - t -

              +
            • TpmAddPreSigs() +: presig.h +
              • +
            • TpmCreate() +: context.h +
              • +
            • TpmDecompressKey() +: decompress.h +
              • +
            • TpmDelete() +: context.h +
              • +
            • TpmGetNumPreSigs() +: presig.h +
              • +
            • TpmInit() +: init.h +
              • +
            • TpmIsKeyValid() +: validatekey.h +
              • +
            • TpmJoin() +: join.h +
              • +
            • TpmJoinCommit() +: join.h +
              • +
            • TpmNrProve() +: nrprove.h +
              • +
            • TpmNrProveCommit() +: nrprove.h +
              • +
            • TpmProvision() +: context.h +
              • +
            • TpmProvisionCompressed() +: context.h +
              • +
            • TpmSign() +: sign.h +
              • +
            • TpmSignCommit() +: sign.h +
            • true : stdtypes.h
              • @@ -71,7 +116,7 @@ $(document).ready(function(){initNavTree('globals_t.html','');}); diff --git a/doc/html/globals_type.html b/doc/html/globals_type.html index 1dfada3..7abeba3 100644 --- a/doc/html/globals_type.html +++ b/doc/html/globals_type.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -67,6 +67,9 @@ $(document).ready(function(){initNavTree('globals_type.html','');});
            • bool : stdtypes.h
              • +
            • ConstOctStr +: types.h +
            • EcGroup : ecgroup.h
              • @@ -103,6 +106,9 @@ $(document).ready(function(){initNavTree('globals_type.html','');});
            • MemberCtx : api.h
              • +
            • OctStr +: types.h +
            • PairingState : pairing.h
              • @@ -123,7 +129,7 @@ $(document).ready(function(){initNavTree('globals_type.html','');}); diff --git a/doc/html/globals_v.html b/doc/html/globals_v.html index dfd3098..0b44c14 100644 --- a/doc/html/globals_v.html +++ b/doc/html/globals_v.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -71,7 +71,7 @@ $(document).ready(function(){initNavTree('globals_v.html','');}); diff --git a/doc/html/globals_vars.html b/doc/html/globals_vars.html index ea821a9..e6fcc1d 100644 --- a/doc/html/globals_vars.html +++ b/doc/html/globals_vars.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -72,7 +72,7 @@ $(document).ready(function(){initNavTree('globals_vars.html','');}); diff --git a/doc/html/globals_w.html b/doc/html/globals_w.html index 4907342..009cdb6 100644 --- a/doc/html/globals_w.html +++ b/doc/html/globals_w.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -61,13 +61,13 @@ $(document).ready(function(){initNavTree('globals_w.html','');});

              - w -

              @@ -77,7 +77,7 @@ $(document).ready(function(){initNavTree('globals_w.html','');}); diff --git a/doc/html/glossary_8dox.html b/doc/html/glossary_8dox.html index e8cf60a..8f3c01d 100644 --- a/doc/html/glossary_8dox.html +++ b/doc/html/glossary_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('glossary_8dox.html','');});
              • glossary.dox
              • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
              diff --git a/doc/html/group___big_num_primitives.html b/doc/html/group___big_num_primitives.html index b71ca76..5a88775 100644 --- a/doc/html/group___big_num_primitives.html +++ b/doc/html/group___big_num_primitives.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -83,12 +83,12 @@ Functions void DeleteBigNum (BigNum **bignum)  Deletes a previously allocated BigNum. More...
                -EpidStatus ReadBigNum (void const *bn_str, size_t strlen, BigNum *bn) - Deserializes a BigNum from a string. More...
              -  -EpidStatus WriteBigNum (BigNum const *bn, size_t strlen, void *bn_str) - Serializes a BigNum to a string. More...
              -  +EpidStatus ReadBigNum (ConstOctStr bn_str, size_t strlen, BigNum *bn) + Deserializes a BigNum from a string. More...
              +  +EpidStatus WriteBigNum (BigNum const *bn, size_t strlen, OctStr bn_str) + Serializes a BigNum to a string. More...
              EpidStatus BigNumAdd (BigNum const *a, BigNum const *b, BigNum *r)  Adds two BigNum values. More...
                @@ -515,14 +515,14 @@ Functions - +
              - + @@ -558,7 +558,7 @@ Functions - +
              EpidStatus ReadBigNum (void const * ConstOctStr  bn_str,
              @@ -577,7 +577,7 @@ Functions - + @@ -608,7 +608,7 @@ Functions diff --git a/doc/html/group___big_num_primitives.js b/doc/html/group___big_num_primitives.js index ccdcec2..63bda6f 100644 --- a/doc/html/group___big_num_primitives.js +++ b/doc/html/group___big_num_primitives.js @@ -11,6 +11,6 @@ var group___big_num_primitives = [ "BigNumSub", "group___big_num_primitives.html#gacbec9669ab0fe768e2be74dcaca397ea", null ], [ "DeleteBigNum", "group___big_num_primitives.html#ga2d17600068b1d94000635c6644258a03", null ], [ "NewBigNum", "group___big_num_primitives.html#gad5f6f262bfd780fed3678bcee16f0aed", null ], - [ "ReadBigNum", "group___big_num_primitives.html#ga808cf477b70ed06358b11756bfe36024", null ], - [ "WriteBigNum", "group___big_num_primitives.html#ga79d86c872fe8da0f217e3ba069f98d38", null ] + [ "ReadBigNum", "group___big_num_primitives.html#gabe8e39d5788423f41770a71a4c911fbe", null ], + [ "WriteBigNum", "group___big_num_primitives.html#ga904c16cc020e7196f22ac9abdc31b41f", null ] ]; \ No newline at end of file diff --git a/doc/html/group___ec_group_primitives.html b/doc/html/group___ec_group_primitives.html index 8c143ca..5501a99 100644 --- a/doc/html/group___ec_group_primitives.html +++ b/doc/html/group___ec_group_primitives.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -93,12 +93,12 @@ Functions - - - - - - + + + + + + @@ -120,15 +120,15 @@ Functions - - - - - - - - - + + + + + + + + + @@ -306,7 +306,7 @@ Functions - +
              void * OctStr  bn_str 
              void DeleteEcPoint (EcPoint **p)
               Deletes a previously allocated EcPoint. More...
               
              EpidStatus ReadEcPoint (EcGroup *g, void const *p_str, size_t strlen, EcPoint *p)
               Deserializes an EcPoint from a string. More...
               
              EpidStatus WriteEcPoint (EcGroup *g, EcPoint const *p, void *p_str, size_t strlen)
               Serializes an EcPoint to a string. More...
               
              EpidStatus ReadEcPoint (EcGroup *g, ConstOctStr p_str, size_t strlen, EcPoint *p)
               Deserializes an EcPoint from a string. More...
               
              EpidStatus WriteEcPoint (EcGroup *g, EcPoint const *p, OctStr p_str, size_t strlen)
               Serializes an EcPoint to a string. More...
               
              EpidStatus EcMul (EcGroup *g, EcPoint const *a, EcPoint const *b, EcPoint *r)
               Multiplies two elements in an elliptic curve group. More...
               
              EpidStatus EcGetRandom (EcGroup *g, BitSupplier rnd_func, void *rnd_func_param, EcPoint *r)
               Generates a random element from an elliptic curve group. More...
               
              EpidStatus EcInGroup (EcGroup *g, void const *p_str, size_t strlen, bool *in_group)
               Checks if a point is in an elliptic curve group. More...
               
              EpidStatus Epid11EcHash (EcGroup *g, void const *msg, size_t msg_len, EcPoint *r)
               Hashes an arbitrary message to an Intel(R) EPID 1.1 element in an elliptic curve group. More...
               
              EpidStatus EcHash (EcGroup *g, void const *msg, size_t msg_len, HashAlg hash_alg, EcPoint *r)
               Hashes an arbitrary message to an element in an elliptic curve group. More...
               
              EpidStatus EcInGroup (EcGroup *g, ConstOctStr p_str, size_t strlen, bool *in_group)
               Checks if a point is in an elliptic curve group. More...
               
              EpidStatus Epid11EcHash (EcGroup *g, ConstOctStr msg, size_t msg_len, EcPoint *r)
               Hashes an arbitrary message to an Intel(R) EPID 1.1 element in an elliptic curve group. More...
               
              EpidStatus EcHash (EcGroup *g, ConstOctStr msg, size_t msg_len, HashAlg hash_alg, EcPoint *r)
               Hashes an arbitrary message to an element in an elliptic curve group. More...
               
              EpidStatus EcMakePoint (EcGroup *g, FfElement const *x, EcPoint *r)
               Sets an EcPoint variable to a point on a curve. More...
               
              @@ -319,7 +319,7 @@ Functions - + @@ -366,7 +366,7 @@ Functions - +
              void const * ConstOctStr  msg,
              @@ -379,7 +379,7 @@ Functions - + @@ -906,7 +906,7 @@ Functions - +
              void const * ConstOctStr  p_str,
              @@ -919,7 +919,7 @@ Functions - + @@ -1036,6 +1036,7 @@ Functions
              Returns
              EpidStatus
              +
              Attention
              It is the responsibility of the caller to ensure that ff exists for the entire lifetime of the new EcGroup.
              See also
              DeleteEcGroup
              @@ -1075,13 +1076,14 @@ Functions
              Returns
              EpidStatus
              +
              Attention
              It is the responsibility of the caller to ensure that g exists for the entire lifetime of the new EcPoint.
              See also
              NewEcGroup
              DeleteEcPoint
              - +
              void const * ConstOctStr  msg,
              @@ -1094,7 +1096,7 @@ Functions - + @@ -1132,7 +1134,7 @@ Functions - +
              void const * ConstOctStr  p_str,
              @@ -1151,7 +1153,7 @@ Functions - + @@ -1190,7 +1192,7 @@ Functions diff --git a/doc/html/group___ec_group_primitives.js b/doc/html/group___ec_group_primitives.js index af74b1c..c57ea10 100644 --- a/doc/html/group___ec_group_primitives.js +++ b/doc/html/group___ec_group_primitives.js @@ -6,8 +6,8 @@ var group___ec_group_primitives = [ "DeleteEcPoint", "group___ec_group_primitives.html#ga8cb086d792bffb79b3ca07e6ca4ce0e7", null ], [ "EcExp", "group___ec_group_primitives.html#ga01bf8d6fa60a2e445490966b3a06c270", null ], [ "EcGetRandom", "group___ec_group_primitives.html#ga3f96c43d14d24de0f7a5e214aef64196", null ], - [ "EcHash", "group___ec_group_primitives.html#gadc22ee07864a7ee681a881029b69d76a", null ], - [ "EcInGroup", "group___ec_group_primitives.html#ga4d0f32aede3066eae500241b387bd970", null ], + [ "EcHash", "group___ec_group_primitives.html#gab647ccc031063807ff3860f51d0f6919", null ], + [ "EcInGroup", "group___ec_group_primitives.html#ga48ec5ae951c9f49d8d7d983234eea921", null ], [ "EcInverse", "group___ec_group_primitives.html#ga0b6d7a3398251e9352fb29ef4abef466", null ], [ "EcIsEqual", "group___ec_group_primitives.html#gad3b3c63c48fa24e8dea07837b05bc061", null ], [ "EcIsIdentity", "group___ec_group_primitives.html#ga9cf15b34bc4ff12e58b169dd989d8210", null ], @@ -17,9 +17,9 @@ var group___ec_group_primitives = [ "EcMultiExpBn", "group___ec_group_primitives.html#ga76d24378455eb96a3257fe8045c0993a", null ], [ "EcSscmExp", "group___ec_group_primitives.html#gaf3b6a548aa6f0d4f028a14feca251f57", null ], [ "EcSscmMultiExp", "group___ec_group_primitives.html#ga40e3431d3dbe8cf7a65ada7b7811cba4", null ], - [ "Epid11EcHash", "group___ec_group_primitives.html#gadf83fa559585375faad9a8b1559249bc", null ], + [ "Epid11EcHash", "group___ec_group_primitives.html#gaad96a1498b85d28f71514b8f7b154d82", null ], [ "NewEcGroup", "group___ec_group_primitives.html#gaf4e23677dd378ef2e0cf55df79cbdb62", null ], [ "NewEcPoint", "group___ec_group_primitives.html#ga6417b0ce72ba96de00c329e322fec7fb", null ], - [ "ReadEcPoint", "group___ec_group_primitives.html#ga2d433f567fa2419465a49604f4da21ad", null ], - [ "WriteEcPoint", "group___ec_group_primitives.html#ga4bb7d6691ffbb6e947c1068453e27fbd", null ] + [ "ReadEcPoint", "group___ec_group_primitives.html#gad495a9f91b79984f7533c8ea4f92b3cb", null ], + [ "WriteEcPoint", "group___ec_group_primitives.html#ga7a8bdb9782d065bc32fd102e0ae73ccb", null ] ]; \ No newline at end of file diff --git a/doc/html/group___ecdsa_primitives.html b/doc/html/group___ecdsa_primitives.html index 50d135d..41626d2 100644 --- a/doc/html/group___ecdsa_primitives.html +++ b/doc/html/group___ecdsa_primitives.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -69,25 +69,25 @@ $(document).ready(function(){initNavTree('group___ecdsa_primitives.html','');});
              void * OctStr  p_str,
              - - - - - - + + + + + +

              Functions

              EpidStatus EcdsaVerifyBuffer (void const *buf, size_t buf_len, EcdsaPublicKey const *pubkey, EcdsaSignature const *sig)
               Verifies authenticity of a digital signature over a buffer. More...
               
              EpidStatus EcdsaSignBuffer (void const *buf, size_t buf_len, EcdsaPrivateKey const *privkey, BitSupplier rnd_func, void *rnd_param, EcdsaSignature *sig)
               Creates ECDSA signature of buffer. More...
               
              EpidStatus EcdsaVerifyBuffer (ConstOctStr buf, size_t buf_len, EcdsaPublicKey const *pubkey, EcdsaSignature const *sig)
               Verifies authenticity of a digital signature over a buffer. More...
               
              EpidStatus EcdsaSignBuffer (ConstOctStr buf, size_t buf_len, EcdsaPrivateKey const *privkey, BitSupplier rnd_func, void *rnd_param, EcdsaSignature *sig)
               Creates ECDSA signature of buffer. More...
               

              Detailed Description

              Elliptic Curve Digital Signature Algorithm Primitives.

              Provides APIs for computing and checking buffer signatures using the Elliptic Curve Digital Signature Algorithm.

              Function Documentation

              - +
              - + @@ -149,18 +149,18 @@ Functions
              EpidStatus EcdsaSignBuffer (void const * ConstOctStr  buf,
              -
              See also
              EcdsaSignBuffer
              +
              See also
              EcdsaSignBuffer
              - +
              - + @@ -210,7 +210,7 @@ Functions
              EpidStatus EcdsaVerifyBuffer (void const * ConstOctStr  buf,
              -
              See also
              EcdsaSignBuffer
              +
              See also
              EcdsaSignBuffer
              @@ -221,7 +221,7 @@ Functions diff --git a/doc/html/group___ecdsa_primitives.js b/doc/html/group___ecdsa_primitives.js index 37f85bf..e901408 100644 --- a/doc/html/group___ecdsa_primitives.js +++ b/doc/html/group___ecdsa_primitives.js @@ -1,5 +1,5 @@ var group___ecdsa_primitives = [ - [ "EcdsaSignBuffer", "group___ecdsa_primitives.html#ga67091ecae643c1b8a0b0a4946eda7afe", null ], - [ "EcdsaVerifyBuffer", "group___ecdsa_primitives.html#gaab68de7291db6e42a01e99c2fa40057f", null ] + [ "EcdsaSignBuffer", "group___ecdsa_primitives.html#gaef0e8a31e830fe9285b43a0969e6611a", null ], + [ "EcdsaVerifyBuffer", "group___ecdsa_primitives.html#ga07e4ebd3423e1f6f9ae35f0608dde7c0", null ] ]; \ No newline at end of file diff --git a/doc/html/group___epid11_file_parser_module.html b/doc/html/group___epid11_file_parser_module.html index 4f3dc04..9db82aa 100644 --- a/doc/html/group___epid11_file_parser_module.html +++ b/doc/html/group___epid11_file_parser_module.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0
              @@ -354,7 +354,7 @@ Functions diff --git a/doc/html/group___epid11_pairing_primitives.html b/doc/html/group___epid11_pairing_primitives.html index 0d60502..2cbe069 100644 --- a/doc/html/group___epid11_pairing_primitives.html +++ b/doc/html/group___epid11_pairing_primitives.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0
              @@ -224,6 +224,7 @@ Functions
              Returns
              EpidStatus
              +
              Attention
              It is the responsibility of the caller to ensure that ga, gb, and ff exist for the entire lifetime of the new Epid11PairingState.
              See also
              DeleteEpid11PairingState
              EPID 1.1 support
              @@ -237,7 +238,7 @@ Functions diff --git a/doc/html/group___epid11_types.html b/doc/html/group___epid11_types.html index 8b4241f..7438064 100644 --- a/doc/html/group___epid11_types.html +++ b/doc/html/group___epid11_types.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -142,7 +142,7 @@ typedef OctStr32 
              • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
              diff --git a/doc/html/group___epid11_verifier_module.html b/doc/html/group___epid11_verifier_module.html index 8b383c3..29c5acb 100644 --- a/doc/html/group___epid11_verifier_module.html +++ b/doc/html/group___epid11_verifier_module.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -772,7 +772,7 @@ If the result is not
              • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
              diff --git a/doc/html/group___epid_common.html b/doc/html/group___epid_common.html index 83665db..702e601 100644 --- a/doc/html/group___epid_common.html +++ b/doc/html/group___epid_common.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK              3.0.04.0.0 @@ -107,16 +107,19 @@ Typedefs

              Generates random data.

              -

              It is the responsibility of the caller of the SDK interfaces to implement a function of this prototype and to then pass a pointer to this function into methods that require it.

              +

              The SDK provides the BitSupplier as a function prototype so that you will know the requirements for your own implementation of a random number generator.

              +

              You need to pass a pointer to your implementation of the random number generator into methods that require it, such as EpidMemberCreate.

              +

              For an example of how a BitSupplier is created, see the signmsg example.

              Parameters
              - - - + + +
              [out]rand_datadestination buffer
              [in]num_bitssize of rand_data in bits
              [in]user_datauser data passed through from api call.
              [out]rand_datadestination buffer for random data generated by BitSupplier. The buffer will receive num_bits of random data.
              [in]num_bitsspecifies the size of the random data, in bits, to be generated.
              [in]user_datauser data that will be passed to the random number generator. The usage of this data is specific to the implementation of the BitSupplier. For example, this could be used to pass a pointer to a data structure that maintains state across calls to your BitSupplier.
              -
              Returns
              zero on success and non-zero value on error.
              +
              Returns
              zero on success and non-zero value on error.
              +
              See also
              EpidMemberCreate
              @@ -127,7 +130,7 @@ Typedefs diff --git a/doc/html/group___epid_math.html b/doc/html/group___epid_math.html index 8ced37b..b5a5158 100644 --- a/doc/html/group___epid_math.html +++ b/doc/html/group___epid_math.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -98,7 +98,7 @@ Modules diff --git a/doc/html/group___epid_member_module.html b/doc/html/group___epid_member_module.html index 156ea0b..771ded4 100644 --- a/doc/html/group___epid_member_module.html +++ b/doc/html/group___epid_member_module.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -58,7 +58,7 @@ $(document).ready(function(){initNavTree('group___epid_member_module.html','');}
              -Data Structures | +Modules | Typedefs | Functions
              @@ -69,13 +69,10 @@ $(document).ready(function(){initNavTree('group___epid_member_module.html','');}

              Member functionality. More...

              - - - - - - + + +

              -Data Structures

              struct  MemberPrecomp
               Pre-computed member settings. More...
               
              struct  PreComputedSignature
               Pre-computed signature. More...

              +Modules

               tpm
               Internal interface that models sensitive member functionality.
               
              + + + - - - + + + - - - + + + - - - @@ -126,18 +123,19 @@ Functions - - - + + +

              @@ -99,24 +96,24 @@ Functions

              EpidStatus EpidMemberSetHashAlg (MemberCtx *ctx, HashAlg hash_alg)
               Sets the hash algorithm to be used by a member. More...
               
              EpidStatus EpidMemberSetSigRl (MemberCtx *ctx, SigRl const *sig_rl, size_t sig_rl_size)
               Sets the signature based revocation list to be used by a member. More...
               
              size_t EpidGetSigSize (SigRl const *sig_rl)
               Computes the size in bytes required for an Intel(R) EPID signature. More...
               
              EpidStatus EpidSign (MemberCtx const *ctx, void const *msg, size_t msg_len, void const *basename, size_t basename_len, SigRl const *sig_rl, size_t sig_rl_size, EpidSignature *sig, size_t sig_len)
               Writes an Intel(R) EPID signature. More...
               
              EpidStatus EpidSign (MemberCtx const *ctx, void const *msg, size_t msg_len, void const *basename, size_t basename_len, EpidSignature *sig, size_t sig_len)
               Writes an Intel(R) EPID signature. More...
               
              EpidStatus EpidRegisterBaseName (MemberCtx *ctx, void const *basename, size_t basename_len)
               Registers a basename with a member. More...
               
              EpidStatus EpidAddPreSigs (MemberCtx *ctx, size_t number_presigs, PreComputedSignature *presigs)
               Extends the member's pool of pre-computed signatures. More...
               
              EpidStatus EpidAddPreSigs (MemberCtx *ctx, size_t number_presigs)
               Extends the member's pool of pre-computed signatures. More...
               
              size_t EpidGetNumPreSigs (MemberCtx const *ctx)
               Gets the number of pre-computed signatures in the member's pool. More...
               
              EpidStatus EpidWritePreSigs (MemberCtx *ctx, PreComputedSignature *presigs, size_t number_presigs)
               Serializes pre-computed signatures from the member's pool. More...
               
              EpidStatus EpidRequestJoin (GroupPubKey const *pub_key, IssuerNonce const *ni, FpElemStr const *f, BitSupplier rnd_func, void *rnd_param, HashAlg hash_alg, JoinRequest *join_request)
               Creates a request to join a group. More...
               
              EpidStatus EpidNrProve (MemberCtx const *ctx, void const *msg, size_t msg_len, BasicSignature const *sig, SigRlEntry const *sigrl_entry, NrProof *proof)
               Calculates a non-revoked proof for a single signature based revocation list entry. More...
               
              bool EpidIsPrivKeyInGroup (GroupPubKey const *pub_key, PrivKey const *priv_key)
               Tests if a member private key is valid without checking revocation. More...
               
              EpidStatus EpidAssemblePrivKey (MembershipCredential const *credential, FpElemStr const *f, GroupPubKey const *pub_key, PrivKey *priv_key)
               Assembles member private key from membership credential and f value. More...
               
              EpidStatus EpidDecompressPrivKey (GroupPubKey const *pub_key, CompressedPrivKey const *compressed_privkey, PrivKey *priv_key)
               Decompresses compressed member private key. More...
               

              Detailed Description

              Member functionality.

              -

              Defines the APIs needed by Intel(R) EPID members. Each member context (MemberCtx) represents membership in a single group.

              +

              Defines the APIs needed by Intel(R) EPID members. Each member context (MemberCtx) represents membership in a single group.

              +

              To use this module, include the header epid/member/api.h.

              Function Documentation

              - +
              @@ -151,13 +149,57 @@ Functions - + + + + + + + +
              size_t number_presigs, number_presigs 
              )
              +
              + +

              Extends the member's pool of pre-computed signatures.

              +

              Generate new pre-computed signatures and add them to the internal pool.

              +
              Parameters
              + + + +
              [in]ctxThe member context.
              [in]number_presigsThe number of pre-computed signatures to add to the internal pool.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              EpidMemberCreate
              + +
              +
              + +
              +
              + + + + + + - - + + + + + + + + + + + + + + @@ -167,23 +209,20 @@ Functions
              EpidStatus EpidAssemblePrivKey (MembershipCredential const * credential,
              PreComputedSignaturepresigs FpElemStr const * f,
              GroupPubKey const * pub_key,
              PrivKeypriv_key 
              -

              Extends the member's pool of pre-computed signatures.

              -

              Can either generate new pre-computed signatures or import existing ones. EpidWritePreSigs can be used to export pre-computed signatures.

              +

              Assembles member private key from membership credential and f value.

              +

              Combines membership credential obtained from the issuer in response to a successful join request with the f value chosen by the member to create a complete member private key.

              +

              The assembled private key is sanity checked to confirm it is a possible key in the group. If it is not kEpidBadArgErr is returned.

              Parameters
              - - - + + + +
              [in]ctxThe member context.
              [in]number_presigsThe number of pre-computed signatures to add to the internal pool.
              [in,out]presigsOptional array of valid pre-computed signatures to import. If presigs is not NULL it most contain at least number_presigs pre-computed signatures.
              [in]credentialMembership credential received.
              [in]fThe f value used to generate the join request associated with the membership credential.
              [in]pub_keyThe public key of the group.
              [out]priv_keyThe private key.
              Returns
              EpidStatus
              -
              Note
              presigs buffer is zeroed out before return to prevent pre-computed signatures from being reused.
              -
              -If the result is not kEpidNoErr the state of the pre-computed signature pool, and of presigs, is undefined.
              -
              See also
              EpidMemberCreate
              -
              -EpidWritePreSigs
              +
              See also
              EpidRequestJoin
              @@ -227,7 +266,9 @@ If the result is not
              Returns
              EpidStatus
              +
              Returns
              EpidStatus
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -253,9 +294,7 @@ If the result is not
              Returns
              Number of remaining pre-computed signatures. Returns 0 if ctx is NULL.
              -
              See also
              EpidMemberCreate
              -
              -EpidWritePreSigs
              +
              See also
              EpidMemberCreate
              @@ -281,52 +320,9 @@ If the result is not
              Returns
              Size in bytes of an Intel(R) EPID signature including proofs for each entry in the signature based revocation list.
              -
              See also
              SigRl
              - - - - -
              -
              - - - - - - - - - - - - - - - - - - -
              bool EpidIsPrivKeyInGroup (GroupPubKey const * pub_key,
              PrivKey const * priv_key 
              )
              -
              - -

              Tests if a member private key is valid without checking revocation.

              -

              Used to check that a member private key is a valid key for a group. This is useful as a cross check when creating a new member private key as part of the join process

              -
              Parameters
              - - - -
              [in]pub_keyThe public key of the group.
              [in]priv_keyThe private key to check.
              -
              -
              -
              Returns
              bool
              -
              Return values
              - - - -
              trueif the private key is valid for the group of the public key
              falseif the private key is not valid for the group of the public key
              -
              -
              -
              See also
              EpidRequestJoin
              +
              See also
              SigRl
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -382,13 +378,14 @@ If the result is not

              Allocates memory for the context, then initializes it.

              EpidMemberDelete() must be called to safely release the member context.

              +

              You need to use a cryptographically secure random number generator to create a member context using EpidMemberCreate. The BitSupplier is provided as a function prototype for your own implementation of the random number generator.

              Parameters
              - +
              [in]pub_keyThe group certificate.
              [in]priv_keyThe member private key.
              [in]precompOptional pre-computed data. If NULL the value is computed internally and is readable using EpidMemberWritePrecomp().
              [in]rnd_funcRandom number generator.
              [in]rnd_paramPass through context data for rnd_func.
              [in]rnd_paramPass through user data that will be passed to the user_data parameter of the random number generator.
              [out]ctxNewly constructed member context.
              @@ -398,7 +395,11 @@ If the result is not
              Note
              If the result is not kEpidNoErr the content of ctx is undefined.
              See also
              EpidMemberDelete
              -EpidMemberWritePrecomp
              +EpidMemberWritePrecomp +
              +BitSupplier
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -425,7 +426,9 @@ If the result is not
              See also
              EpidMemberCreate
              +
              See also
              EpidMemberCreate
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -465,7 +468,60 @@ If the result is not
              Note
              If the result is not kEpidNoErr, the hash algorithm used by the member is undefined.
              See also
              EpidMemberCreate
              -HashAlg
              +HashAlg +

              Example

              +

              Generating an Intel® EPID Signature

              + + + + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus EpidMemberSetSigRl (MemberCtxctx,
              SigRl const * sig_rl,
              size_t sig_rl_size 
              )
              +
              + +

              Sets the signature based revocation list to be used by a member.

              +

              The caller is responsible for ensuring the revocation list is authorized, e.g. signed by the issuer. The caller is also responsible checking the version of the revocation list. The call fails if trying to set an older version of the revocation list than was last set.

              +
              Attention
              The memory pointed to by sig_rl is accessed directly by the member until a new list is set or the member is destroyed. Do not modify the contents of this memory. The behavior of subsequent operations that rely on the revocation list is undefined if the memory is modified.
              +
              +It is the responsibility of the caller to free the memory pointed to by sig_rl after the member is no longer using it.
              +
              Parameters
              + + + + +
              [in]ctxThe member context.
              [in]sig_rlThe signature based revocation list.
              [in]sig_rl_sizeThe size of the signature based revocation list in bytes.
              +
              +
              +
              Returns
              EpidStatus
              +
              Note
              If the result is not kEpidNoErr the signature based revocation list pointed to by the member is not changed.
              +
              See also
              EpidMemberCreate
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -502,7 +558,9 @@ If the result is not
              Returns
              EpidStatus
              -
              Note
              If the result is not kEpidNoErr, the content of precomp is undefined.
              +
              Note
              If the result is not kEpidNoErr, the content of precomp is undefined.
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -625,7 +683,9 @@ If the result is not
              Note
              If the result is not kEpidNoErr or kEpidDuplicateErr it is undefined if the basename is registered.
              +
              Note
              If the result is not kEpidNoErr or kEpidDuplicateErr it is undefined if the basename is registered.
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -706,7 +766,7 @@ If the result is not +
              @@ -740,18 +800,6 @@ If the result is not size_t  - - - - - - - - - - - - @@ -779,9 +827,7 @@ If the result is not [in] - - - +
              basename_len,
              SigRl const * sig_rl,
              size_t sig_rl_size,
              msgThe message to sign.
              [in]msg_lenThe length in bytes of message.
              [in]basenameOptional basename. If basename is NULL a random basename is used. Signatures generated using random basenames are anonymous. Signatures generated using the same basename are linkable by the verifier. If a basename is provided, it must already be registered, or kEpidBadArgErr is returned.
              [in]basename_lenThe size of basename in bytes. Must be 0 basename is NULL.
              [in]sig_rlThe signature based revocation list.
              [in]sig_rl_sizeThe size in bytes of the signature based revocation list.
              [in]basename_lenThe size of basename in bytes. Must be 0 if basename is NULL.
              [out]sigThe generated signature
              [in]sig_lenThe size of signature in bytes. Must be equal to value returned by EpidGetSigSize().
              @@ -793,7 +839,11 @@ If the result is not EpidMemberSetHashAlg
              -EpidGetSigSize
              +EpidMemberSetSigRl +
              +EpidGetSigSize
              +

              Example

              +

              Generating an Intel® EPID Signature

              @@ -853,7 +903,7 @@ If the result is not [in]msgThe message. [in]msg_lenThe length of message in bytes. [in]basenameOptional basename. If basename is NULL a random basename is used. Signatures generated using random basenames are anonymous. Signatures generated using the same basename are linkable by the verifier. If a basename is provided it must already be registered or kEpidBadArgErr is returned. - [in]basename_lenThe size of basename in bytes. Must be 0 basename is NULL. + [in]basename_lenThe size of basename in bytes. Must be 0 if basename is NULL. [out]sigThe generated basic signature @@ -866,56 +916,6 @@ If the result is not EpidNrProve - - - -
              -
              - - - - - - - - - - - - - - - - - - - - - - - - -
              EpidStatus EpidWritePreSigs (MemberCtxctx,
              PreComputedSignaturepresigs,
              size_t number_presigs 
              )
              -
              - -

              Serializes pre-computed signatures from the member's pool.

              -

              Removes requested number of pre-computed signatures from member's pool and stores them in presigs array. Use EpidAddPreSigs to add pre-computed signatures to the pool.

              -
              Parameters
              - - - - -
              [in]ctxThe member context.
              [out]presigsAn existing buffer of pre-computed signatures.
              [in]number_presigsNumber of pre-computed signatures to read. Number_presigs must not be greater than the value returned by EpidGetNumPreSigs.
              -
              -
              -
              Returns
              EpidStatus
              -
              Note
              If the result is not kEpidNoErr the state of the pre-computed signature pool, and of presigs, is undefined.
              -
              See also
              EpidMemberCreate
              -
              -EpidGetNumPreSigs
              -
              -EpidAddPreSigs
              -
              @@ -925,7 +925,7 @@ If the result is not
              • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
              diff --git a/doc/html/group___epid_member_module.js b/doc/html/group___epid_member_module.js index cb9d1c7..373485f 100644 --- a/doc/html/group___epid_member_module.js +++ b/doc/html/group___epid_member_module.js @@ -1,38 +1,20 @@ var group___epid_member_module = [ - [ "MemberPrecomp", "struct_member_precomp.html", [ - [ "e12", "struct_member_precomp.html#a55e5c4b25c8f0f426969a8d745260fe5", null ], - [ "e22", "struct_member_precomp.html#a4e7412969bed3964f813b093b948e7b4", null ], - [ "e2w", "struct_member_precomp.html#a879d5a7b0c30088b23f6e5c5fc62f834", null ], - [ "ea2", "struct_member_precomp.html#a573551f6494e372f44fd3bdf5b02aeda", null ] - ] ], - [ "PreComputedSignature", "struct_pre_computed_signature.html", [ - [ "a", "struct_pre_computed_signature.html#af23f3f9693857a33fe8564644612ea37", null ], - [ "B", "struct_pre_computed_signature.html#a9cc2eb61572a1aca9e6bc3d5e6f4c1fe", null ], - [ "b", "struct_pre_computed_signature.html#a666710432d9d54ca896647a976892c4f", null ], - [ "K", "struct_pre_computed_signature.html#a2a4eaffe2717bd9c8c360599612adbe6", null ], - [ "R1", "struct_pre_computed_signature.html#a72be597624957e3d668c95ff6f445f94", null ], - [ "R2", "struct_pre_computed_signature.html#a79f06fb57842597372e00dd34c1a804a", null ], - [ "ra", "struct_pre_computed_signature.html#a54462643b8a2b4f2741bf8d2e6909d11", null ], - [ "rb", "struct_pre_computed_signature.html#a6a1db672c609943fe7af84320dc68ba3", null ], - [ "rf", "struct_pre_computed_signature.html#ac244bd559a96812bcee7671abc299b66", null ], - [ "rx", "struct_pre_computed_signature.html#acd0674d5b5e96244645e9abef7bdbddc", null ], - [ "T", "struct_pre_computed_signature.html#a73471643dc757115701833ca2e831a72", null ] - ] ], + [ "tpm", "group___tpm_module.html", "group___tpm_module" ], [ "MemberCtx", "group___epid_member_module.html#gadfb10d5dfdadb0694792c7b06718e817", null ], - [ "EpidAddPreSigs", "group___epid_member_module.html#gad2e3de5c6ce641a318f8a46b61e75236", null ], + [ "EpidAddPreSigs", "group___epid_member_module.html#gacb0547ec085a9ed324d323416bce4a78", null ], + [ "EpidAssemblePrivKey", "group___epid_member_module.html#ga4ccaa8337931523c77567f5b846ef188", null ], [ "EpidDecompressPrivKey", "group___epid_member_module.html#gaf8cd05388f017486f14da2ee48d067ef", null ], [ "EpidGetNumPreSigs", "group___epid_member_module.html#gad78ca056dfea2565bbacd5734d9dc075", null ], [ "EpidGetSigSize", "group___epid_member_module.html#ga76e535722467af7c16809b5b521e0000", null ], - [ "EpidIsPrivKeyInGroup", "group___epid_member_module.html#ga8e3f201d1e9dc668659e08a3bdf543b6", null ], [ "EpidMemberCreate", "group___epid_member_module.html#ga561c4d544a78ee1bf59c3f4f919aa7bb", null ], [ "EpidMemberDelete", "group___epid_member_module.html#ga3824589c683c5e0e59d483462fce65d6", null ], [ "EpidMemberSetHashAlg", "group___epid_member_module.html#ga9998eb454838ff5d232ff22ecbab31bf", null ], + [ "EpidMemberSetSigRl", "group___epid_member_module.html#gaaae6f21f58c22fce58076f10d68159f4", null ], [ "EpidMemberWritePrecomp", "group___epid_member_module.html#ga5c35798d62cf81c4ca62b22c38809721", null ], [ "EpidNrProve", "group___epid_member_module.html#gac8e2c6c1fead8030785a40427905a2cc", null ], [ "EpidRegisterBaseName", "group___epid_member_module.html#gad92d3c3266ae1833ffb1dba9ad76035d", null ], [ "EpidRequestJoin", "group___epid_member_module.html#ga13dd0d72be9babf8194d472d7712a361", null ], - [ "EpidSign", "group___epid_member_module.html#ga759155a719254f734157722716dac640", null ], - [ "EpidSignBasic", "group___epid_member_module.html#gae04a250d5981fcf9bd6f9f57e0468faa", null ], - [ "EpidWritePreSigs", "group___epid_member_module.html#ga9e12c7cec8d0c4e07b12c0e26a278c9d", null ] + [ "EpidSign", "group___epid_member_module.html#ga74d1409a816cb52633564b793072da5f", null ], + [ "EpidSignBasic", "group___epid_member_module.html#gae04a250d5981fcf9bd6f9f57e0468faa", null ] ]; \ No newline at end of file diff --git a/doc/html/group___epid_module.html b/doc/html/group___epid_module.html index 300aed1..01d5c8e 100644 --- a/doc/html/group___epid_module.html +++ b/doc/html/group___epid_module.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK              3.0.04.0.0 @@ -89,7 +89,7 @@ Modules diff --git a/doc/html/group___epid_print.html b/doc/html/group___epid_print.html index 0e1a1b3..7f78db2 100644 --- a/doc/html/group___epid_print.html +++ b/doc/html/group___epid_print.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -656,7 +656,7 @@ Functions diff --git a/doc/html/group___epid_types.html b/doc/html/group___epid_types.html index 6a65d8e..9d5e80f 100644 --- a/doc/html/group___epid_types.html +++ b/doc/html/group___epid_types.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -161,6 +161,9 @@ Data Structures   struct  VerifierRl   +struct  MemberPrecomp + Pre-computed member settings. More...
              +  struct  Fq2ElemStr  Serialized Fq2 element. More...
                @@ -182,6 +185,14 @@ Data Structures + + + + + + @@ -269,7 +280,7 @@ Enumerations diff --git a/doc/html/group___epid_types.js b/doc/html/group___epid_types.js index e83078b..3cd8a41 100644 --- a/doc/html/group___epid_types.js +++ b/doc/html/group___epid_types.js @@ -134,6 +134,12 @@ var group___epid_types = [ "n4", "struct_verifier_rl.html#a1e3f84b873bccc0c882aa6432c42d2f7", null ], [ "version", "struct_verifier_rl.html#afa44ab69ffff5a3508366aeb2131fdaa", null ] ] ], + [ "MemberPrecomp", "struct_member_precomp.html", [ + [ "e12", "struct_member_precomp.html#a55e5c4b25c8f0f426969a8d745260fe5", null ], + [ "e22", "struct_member_precomp.html#a4e7412969bed3964f813b093b948e7b4", null ], + [ "e2w", "struct_member_precomp.html#a879d5a7b0c30088b23f6e5c5fc62f834", null ], + [ "ea2", "struct_member_precomp.html#a573551f6494e372f44fd3bdf5b02aeda", null ] + ] ], [ "Fq2ElemStr", "struct_fq2_elem_str.html", [ [ "a", "struct_fq2_elem_str.html#ab1d253eb24ba30eaf516ac429daab915", null ] ] ], @@ -154,8 +160,10 @@ var group___epid_types = [ "EcdsaPrivateKey", "struct_ecdsa_private_key.html", [ [ "data", "struct_ecdsa_private_key.html#a97efee9b4079f95d94a104f9a6d8c96d", null ] ] ], + [ "ConstOctStr", "group___epid_types.html#gace6876a045f2c2694444b35ccb0844e2", null ], [ "GroupId", "group___epid_types.html#gada666b48d0cbc301985405fde896f1de", null ], [ "IssuerNonce", "group___epid_types.html#ga55eb2193045bde31af3f551565126042", null ], + [ "OctStr", "group___epid_types.html#ga3315fb24f4c5783b6d6eb107933390b0", null ], [ "ReKeySeed", "group___epid_types.html#ga54bd22670f2e348593db7ab631131d10", null ], [ "Seed", "group___epid_types.html#ga888541b8148df69c634a92c64ed51317", null ], [ "HashAlg", "group___epid_types.html#ga5e450438f6f9a5eacd0cf5ce354ec890", [ diff --git a/doc/html/group___epid_verifier_module.html b/doc/html/group___epid_verifier_module.html index 2e07e21..88ff90b 100644 --- a/doc/html/group___epid_verifier_module.html +++ b/doc/html/group___epid_verifier_module.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -145,7 +145,8 @@ Functions

              Typedefs

              +typedef void * OctStr
               Generic Octet String Style Number.
               
              +typedef void const * ConstOctStr
               Generic Const Octet String Style Number.
               
              typedef OctStr128 GroupId
               group ID

              Detailed Description

              Verifier functionality.

              -

              Defines the APIs needed by Intel(R) EPID verifiers. Each verifier context (VerifierCtx) represents a verifier for a single group.

              +

              Defines the APIs needed by Intel(R) EPID verifiers. Each verifier context (VerifierCtx) represents a verifier for a single group.

              +

              To use this module, include the header epid/verifier/api.h.

              Function Documentation

              @@ -193,7 +194,7 @@ Functions
              EpidSignBasic
              -EpidSign
              +EpidSign
              @@ -468,7 +469,9 @@ If the result is not
              Note
              If the result is not kEpidNoErr the content of ctx is undefined.
              See also
              EpidVerifierDelete
              -EpidVerifierWritePrecomp
              +EpidVerifierWritePrecomp +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -495,7 +498,9 @@ If the result is not
              See also
              EpidVerifierCreate
              +
              See also
              EpidVerifierCreate
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -540,7 +545,9 @@ If the result is not
              Returns
              EpidStatus
              -
              See also
              EpidVerifierCreate
              +
              See also
              EpidVerifierCreate
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -589,7 +596,9 @@ It is the responsibility of the caller to free the memory pointed to by grp_rl a
              Returns
              EpidStatus
              Note
              If the result is not kEpidNoErr the group based revocation list pointed to by the verifier is undefined.
              -
              See also
              EpidVerifierCreate
              +
              See also
              EpidVerifierCreate
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -629,7 +638,9 @@ It is the responsibility of the caller to free the memory pointed to by grp_rl a
              Note
              If the result is not kEpidNoErr, the hash algorithm used by the verifier is undefined.
              See also
              EpidVerifierCreate
              -HashAlg
              +HashAlg +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -678,7 +689,9 @@ It is the responsibility of the caller to free the memory pointed to by priv_rl
              Returns
              EpidStatus
              Note
              If the result is not kEpidNoErr the private key based revocation list pointed to by the verifier is undefined.
              -
              See also
              EpidVerifierCreate
              +
              See also
              EpidVerifierCreate
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -727,7 +740,9 @@ It is the responsibility of the caller to free the memory pointed to by sig_rl a
              Returns
              EpidStatus
              Note
              If the result is not kEpidNoErr the signature based revocation list pointed to by the verifier is undefined.
              -
              See also
              EpidVerifierCreate
              +
              See also
              EpidVerifierCreate
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -778,7 +793,9 @@ It is the responsibility of the caller to free the memory pointed to by sig_rl a
              EpidBlacklistSig
              -EpidWriteVerifierRl
              +EpidWriteVerifierRl +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -815,7 +832,9 @@ It is the responsibility of the caller to free the memory pointed to by sig_rl a
              Returns
              EpidStatus
              -
              Note
              If the result is not kEpidNoErr the content of precomp is undefined.
              +
              Note
              If the result is not kEpidNoErr the content of precomp is undefined.
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -889,7 +908,9 @@ It is the responsibility of the caller to free the memory pointed to by sig_rl a
              EpidSignBasic
              -EpidSign
              +EpidSign +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -948,7 +969,7 @@ If the result is not EpidSignBasic
              -EpidSign
              +EpidSign @@ -1011,7 +1032,7 @@ If the result is not
              • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
              diff --git a/doc/html/group___error_codes.html b/doc/html/group___error_codes.html index 74b35b3..cdf7ec2 100644 --- a/doc/html/group___error_codes.html +++ b/doc/html/group___error_codes.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK              3.0.04.0.0 @@ -94,7 +94,9 @@ Enumerations   kEpidRandMaxIterErr, kEpidDuplicateErr, kEpidInconsistentBasenameSetErr, -kEpidMathQuadraticNonResidueError +kEpidMathQuadraticNonResidueError, +
              +  kEpidOutOfSequenceError
              } Return status for SDK functions. More...
              @@ -187,6 +189,9 @@ Functions kEpidMathQuadraticNonResidueError 

              quadratic Non-Residue Error

              +kEpidOutOfSequenceError  +

              operation was performed out of sequence

              + @@ -224,7 +229,7 @@ Functions diff --git a/doc/html/group___error_codes.js b/doc/html/group___error_codes.js index 5f02463..84205b4 100644 --- a/doc/html/group___error_codes.js +++ b/doc/html/group___error_codes.js @@ -20,7 +20,8 @@ var group___error_codes = [ "kEpidRandMaxIterErr", "group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a61234ad9610406da6bf7977afd72a357", null ], [ "kEpidDuplicateErr", "group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a3706f895a660260033b5b91890516c0f", null ], [ "kEpidInconsistentBasenameSetErr", "group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a94ae9c9b9337afd2fefd3b4f9c3160df", null ], - [ "kEpidMathQuadraticNonResidueError", "group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360ab2768a1a5c4374cb1ac6175c09c73129", null ] + [ "kEpidMathQuadraticNonResidueError", "group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360ab2768a1a5c4374cb1ac6175c09c73129", null ], + [ "kEpidOutOfSequenceError", "group___error_codes.html#ggafdb27c77c2c4b32c807e326a8a0da360a700953ded1af35781948e8ada6dedf43", null ] ] ], [ "EpidStatusToString", "group___error_codes.html#ga59e8680ce52509302fd58a987e45004d", null ] ]; \ No newline at end of file diff --git a/doc/html/group___file_parser.html b/doc/html/group___file_parser.html index e6445ef..e69716c 100644 --- a/doc/html/group___file_parser.html +++ b/doc/html/group___file_parser.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -142,7 +142,8 @@ const OctStr16 

              Detailed Description

              Parser for issuer material.

              -

              Provides an API for parsing buffers formatted according to the various IoT Intel(R) EPID binary file formats.

              +

              Provides an API for parsing buffers formatted according to the various IoT Intel(R) EPID binary file formats.

              +

              To use this module, include the header epid/common/file_parser.h.

              Enumeration Type Documentation

              @@ -314,10 +315,12 @@ const OctStr16 
              Returns
              EpidStatus
              Return values
              - +
              kEpidSigInvalidParsing failed due to data authentication failure.
              kEpidSigInvalidParsing failed due to data authentication failure.
              +

              Examples

              +

              Generating an Intel® EPID Signature

              @@ -380,10 +383,12 @@ const OctStr16 
              Returns
              EpidStatus
              Return values
              - +
              kEpidSigInvalidParsing failed due to data authentication failure.
              kEpidSigInvalidParsing failed due to data authentication failure.
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -446,10 +451,12 @@ const OctStr16 
              Returns
              EpidStatus
              Return values
              - +
              kEpidSigInvalidParsing failed due to data authentication failure.
              kEpidSigInvalidParsing failed due to data authentication failure.
              +

              Example

              +

              Verifying an Intel® EPID Signature

              @@ -512,10 +519,12 @@ const OctStr16 
              Returns
              EpidStatus
              Return values
              - +
              kEpidSigInvalidParsing failed due to data authentication failure.
              kEpidSigInvalidParsing failed due to data authentication failure.
              +

              Examples

              +

              Generating an Intel® EPID Signature

              @@ -526,7 +535,7 @@ const OctStr16 
              • - © 2016 Intel Corporation + © 2016-2017 Intel Corporation
              diff --git a/doc/html/group___finite_field_primitives.html b/doc/html/group___finite_field_primitives.html index 4d20c6c..e8ae94e 100644 --- a/doc/html/group___finite_field_primitives.html +++ b/doc/html/group___finite_field_primitives.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -99,15 +99,15 @@ Functions void DeleteFfElement (FfElement **ff_elem)  Frees a previously allocated FfElement. More...
                -EpidStatus ReadFfElement (FiniteField *ff, void const *ff_elem_str, size_t strlen, FfElement *ff_elem) - Deserializes a FfElement from a string. More...
              -  +EpidStatus ReadFfElement (FiniteField *ff, ConstOctStr ff_elem_str, size_t strlen, FfElement *ff_elem) + Deserializes a FfElement from a string. More...
              EpidStatus InitFfElementFromBn (FiniteField *ff, BigNum *bn, FfElement *ff_elem)  Initializes an existing FfElement from a BigNum. More...
                -EpidStatus WriteFfElement (FiniteField *ff, FfElement const *ff_elem, void *ff_elem_str, size_t strlen) - Serializes a finite field element to a string. More...
              -  +EpidStatus WriteFfElement (FiniteField *ff, FfElement const *ff_elem, OctStr ff_elem_str, size_t strlen) + Serializes a finite field element to a string. More...
              EpidStatus FfNeg (FiniteField *ff, FfElement const *a, FfElement *r)  Calculates the additive inverse of a finite field element. More...
                @@ -141,9 +141,9 @@ Functions EpidStatus FfIsEqual (FiniteField *ff, FfElement const *a, FfElement const *b, bool *is_equal)  Checks if two finite field elements are equal. More...
                -EpidStatus FfHash (FiniteField *ff, void const *msg, size_t msg_len, HashAlg hash_alg, FfElement *r) - Hashes an arbitrary message to an element in a finite field. More...
              -  +EpidStatus FfHash (FiniteField *ff, ConstOctStr msg, size_t msg_len, HashAlg hash_alg, FfElement *r) + Hashes an arbitrary message to an element in a finite field. More...
              EpidStatus FfGetRandom (FiniteField *ff, BigNumStr const *low_bound, BitSupplier rnd_func, void *rnd_param, FfElement *r)  Generate random finite field element. More...
                @@ -378,7 +378,7 @@ Functions - +
              @@ -391,7 +391,7 @@ Functions - + @@ -1012,7 +1012,7 @@ Functions
              Returns
              EpidStatus
              See also
              NewFfElement
              -WriteFfElement
              +WriteFfElement @@ -1051,6 +1051,7 @@ Functions
              Returns
              EpidStatus
              +
              Attention
              It is the responsibility of the caller to ensure that ff exists for the entire lifetime of the new FfElement.
              See also
              NewFiniteField
              DeleteFfElement
              @@ -1145,6 +1146,7 @@ Functions
              Returns
              EpidStatus
              +
              Attention
              It is the responsibility of the caller to ensure that ground_field exists for the entire lifetime of the new FiniteField.
              See also
              DeleteFiniteField
              @@ -1199,11 +1201,12 @@ Functions
              Returns
              EpidStatus
              +
              Attention
              It is the responsibility of the caller to ensure that ground_field exists for the entire lifetime of the new FiniteField.
              See also
              DeleteFiniteField
              - +
              void const * ConstOctStr  msg,
              @@ -1216,7 +1219,7 @@ Functions - + @@ -1252,11 +1255,11 @@ Functions
              Returns
              EpidStatus
              See also
              NewFfElement
              -WriteFfElement
              +WriteFfElement - +
              void const * ConstOctStr  ff_elem_str,
              @@ -1275,7 +1278,7 @@ Functions - + @@ -1320,7 +1323,7 @@ Functions diff --git a/doc/html/group___finite_field_primitives.js b/doc/html/group___finite_field_primitives.js index 5d2ad45..e199c19 100644 --- a/doc/html/group___finite_field_primitives.js +++ b/doc/html/group___finite_field_primitives.js @@ -7,7 +7,7 @@ var group___finite_field_primitives = [ "FfAdd", "group___finite_field_primitives.html#ga1a6e6d3c2319bb24eae8670b021e223b", null ], [ "FfExp", "group___finite_field_primitives.html#gaf0ddbc1bad048d67771cba119eb44a6c", null ], [ "FfGetRandom", "group___finite_field_primitives.html#ga6622db072782fd9e53b4d59dd3dbd8e8", null ], - [ "FfHash", "group___finite_field_primitives.html#ga18a952cebb4a1274c73e6cb0c19e8aea", null ], + [ "FfHash", "group___finite_field_primitives.html#gabd511d79d9cbd1899e59258f149102c5", null ], [ "FfInv", "group___finite_field_primitives.html#ga26069d035d0f6ade33af2b5d5c14949a", null ], [ "FfIsEqual", "group___finite_field_primitives.html#gaed2acb8583e9c9f6b49fdb660c672625", null ], [ "FfIsZero", "group___finite_field_primitives.html#ga20d9140e5670d679ef8183d9b5115f53", null ], @@ -23,6 +23,6 @@ var group___finite_field_primitives = [ "NewFiniteField", "group___finite_field_primitives.html#ga7d99fdc5e4573668a5744e49df7ab67c", null ], [ "NewFiniteFieldViaBinomalExtension", "group___finite_field_primitives.html#ga83041e3be9984a4bd8f1021934bfa3a2", null ], [ "NewFiniteFieldViaPolynomialExtension", "group___finite_field_primitives.html#gae69af62a03179718cac81b004549c598", null ], - [ "ReadFfElement", "group___finite_field_primitives.html#ga884d9e1baadf29a410244a735853e3c7", null ], - [ "WriteFfElement", "group___finite_field_primitives.html#ga678694636708463b078d842d5c58a900", null ] + [ "ReadFfElement", "group___finite_field_primitives.html#ga8a143a5a815a62f4947be2de1653c50f", null ], + [ "WriteFfElement", "group___finite_field_primitives.html#gaa3c1f7515dd823ddad8764091ebc665f", null ] ]; \ No newline at end of file diff --git a/doc/html/group___hash_primitives.html b/doc/html/group___hash_primitives.html index 4a31fcb..240969d 100644 --- a/doc/html/group___hash_primitives.html +++ b/doc/html/group___hash_primitives.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -134,7 +134,7 @@ Functions diff --git a/doc/html/group___pairing_primitives.html b/doc/html/group___pairing_primitives.html index 0ca3e2a..bc5801f 100644 --- a/doc/html/group___pairing_primitives.html +++ b/doc/html/group___pairing_primitives.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -90,9 +90,9 @@ Functions - - - + + +
              void * OctStr  ff_elem_str,
              void DeletePairingState (PairingState **ps)
               Frees a previously allocated by PairingState. More...
               
              EpidStatus Pairing (PairingState *ps, FfElement *d, EcPoint const *a, EcPoint const *b)
               Computes an Optimal Ate Pairing for two parameters. More...
               
              EpidStatus Pairing (PairingState *ps, EcPoint const *a, EcPoint const *b, FfElement *d)
               Computes an Optimal Ate Pairing for two parameters. More...
               

              Detailed Description

              Pairing operations.

              @@ -187,11 +187,12 @@ Functions
              Returns
              EpidStatus
              +
              Attention
              It is the responsibility of the caller to ensure that ga, gb, and ff exist for the entire lifetime of the new PairingState.
              See also
              DeletePairingState
              - +
              @@ -204,20 +205,20 @@ Functions - - + + - + - - + + @@ -231,9 +232,9 @@ Functions
              Parameters
              FfElementd, EcPoint const * a,
              EcPoint const * a, b,
              EcPoint const * b FfElementd 
              - - + +
              [in]psThe pairing state.
              [out]dThe result of the pairing. Will be in ff used to create the pairing state.
              [in]aThe first value to pair. Must be in ga used to create ps.
              [in]bThe second value to pair. Must be in gb used to create ps
              [in]bThe second value to pair. Must be in gb used to create ps
              [out]dThe result of the pairing. Will be in ff used to create the pairing state.
              @@ -248,7 +249,7 @@ Functions diff --git a/doc/html/group___pairing_primitives.js b/doc/html/group___pairing_primitives.js index a594ea7..f66ceb1 100644 --- a/doc/html/group___pairing_primitives.js +++ b/doc/html/group___pairing_primitives.js @@ -4,5 +4,5 @@ var group___pairing_primitives = [ "PairingState", "group___pairing_primitives.html#ga3f1fa61d25487f96dfb0ffef4ad35607", null ], [ "DeletePairingState", "group___pairing_primitives.html#gad54aebdc331d39b73000fdca9e04f94d", null ], [ "NewPairingState", "group___pairing_primitives.html#ga29f79a645871830754d396b9b4a2a0cc", null ], - [ "Pairing", "group___pairing_primitives.html#ga5dd07d13536e27c37eaeee285297066c", null ] + [ "Pairing", "group___pairing_primitives.html#ga58a9d3cb6129274a04c72a35a52f768d", null ] ]; \ No newline at end of file diff --git a/doc/html/group___tpm_module.html b/doc/html/group___tpm_module.html new file mode 100644 index 0000000..41a6f92 --- /dev/null +++ b/doc/html/group___tpm_module.html @@ -0,0 +1,929 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: tpm + + + + + + + + + + + + +
              +
              + + + + + + +
              + +
              +
              + + +
              +
              + +
              +
              +
              + +
              +
              +
              +Data Structures | +Functions
              +
              +
              tpm
              epid » member
              +
              +
              + +

              Internal interface that models sensitive member functionality. +More...

              + + + + + + + + +

              +Data Structures

              struct  NrProveCommitOutput
               Result of NrProve Commit. More...
               
              struct  SignCommitOutput
               Result of Sign Commit. More...
               
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

              +Functions

              EpidStatus TpmCreate (BitSupplier rnd_func, void *rnd_param, Epid2Params_ const *epid2_params, TpmCtx **ctx)
               Creates a new Tpm context. More...
               
              void TpmDelete (TpmCtx **ctx)
               Deletes an existing Tpm context. More...
               
              EpidStatus TpmProvision (TpmCtx *ctx, FpElemStr const *f_str)
               Provisions Tpm with sensitive parameters. More...
               
              EpidStatus TpmProvisionCompressed (TpmCtx *ctx, OctStr256 const *seed)
               Provisions Tpm with compressed key seed. More...
               
              EpidStatus TpmDecompressKey (TpmCtx *ctx, G1ElemStr const *h1_str, G2ElemStr const *w_str, FqElemStr const *Ax_str, G1ElemStr *A_str, FpElemStr *x_str)
               Decompresses provisioned key. More...
               
              EpidStatus TpmInit (TpmCtx *ctx, G1ElemStr const *A_str, FpElemStr const *x_str, G1ElemStr const *h1_str, G1ElemStr const *h2_str, G2ElemStr const *w_str, MemberPrecomp const *precomp_str)
               Initializes Tpm with non-sensitive parameters. More...
               
              EpidStatus TpmJoinCommit (TpmCtx *ctx, G1ElemStr *F_str, G1ElemStr *R_str)
               Performs the first part of the join operation. More...
               
              EpidStatus TpmJoin (TpmCtx *ctx, FpElemStr const *c_str, FpElemStr *s_str)
               Performs the last part of the join operation. More...
               
              EpidStatus TpmNrProveCommit (TpmCtx *ctx, G1ElemStr const *B_str, G1ElemStr const *K_str, SigRlEntry const *sigrl_entry, NrProveCommitOutput *commit_out)
               Performs the first part of the NrProve operation. More...
               
              EpidStatus TpmNrProve (TpmCtx *ctx, FpElemStr const *c_str, FpElemStr *smu_str, FpElemStr *snu_str)
               Performs the last part of the NrProve operation. More...
               
              EpidStatus TpmAddPreSigs (TpmCtx *ctx, size_t number_presigs)
               Extends the TPM's pool of pre-computed signatures. More...
               
              size_t TpmGetNumPreSigs (TpmCtx const *ctx)
               Gets the number of pre-computed signatures in the TPM's pool. More...
               
              EpidStatus TpmSignCommit (TpmCtx *ctx, G1ElemStr const *B_in_str, SignCommitOutput *commit_out)
               Performs the first part of the sign operation. More...
               
              EpidStatus TpmSign (TpmCtx *ctx, FpElemStr const *c_str, FpElemStr *sx_str, FpElemStr *sf_str, FpElemStr *sa_str, FpElemStr *sb_str)
               Performs the last part of the sign operation. More...
               
              bool TpmIsKeyValid (TpmCtx *ctx, G1ElemStr const *A_str, FpElemStr const *x_str, G1ElemStr const *h1_str, G2ElemStr const *w_str)
               Checks if provided parameters result in a valid key. More...
               
              +

              Detailed Description

              +

              Internal interface that models sensitive member functionality.

              +

              Provides an interface that gives guidance on partitioning member operations between highly sensitive ones that use f value of the private key and the random engine, and less sensitive operations that can be performed in a host environment.

              +

              The TPM set-up operations are intended to model phases in the provisioning of a device.

              +

              TpmCreate represents hardware and firmware that is intrinsic to the device and is key independent.

              +

              TpmProvision and TpmProvisionCompressed represent the provisioning of the f portion of the secret key into the device. This is usually done by blowing of fuses or other one time programmable storage, and is not an operation that is typically done as part of normal member operation.

              +

              TpmInit represents joining the device to a group. This may be called more than once in the event of a re-key or join event. TpmIsKeyValid can be called to validate the parameters to TpmInit.

              +

              The core member functionality of generating signatures, non-revoked proofs, and join requests is implemented using split operations. The host needs to call the commit portion of the split operation first, then it does some work on the output, and completes the operation by calling the second half of the split operation.

              +

              Function Documentation

              + +
              +
              + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmAddPreSigs (TpmCtx * ctx,
              size_t number_presigs 
              )
              +
              + +

              Extends the TPM's pool of pre-computed signatures.

              +
              Parameters
              + + + +
              [in,out]ctxThe TPM context.
              [in]number_presigsThe number of pre-computed signatures to add to the pool.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmGetNumPreSigs
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmCreate (BitSupplier rnd_func,
              void * rnd_param,
              Epid2Params_ const * epid2_params,
              TpmCtx ** ctx 
              )
              +
              + +

              Creates a new Tpm context.

              +

              Must be called to create the TPM context that is used by other TPM APIs.

              +

              TpmDelete must be called to safely release the TPM context.

              +

              You need to use a cryptographically secure random number generator to create a TPM context using TpmCreate. The BitSupplier is provided as a function prototype for your own implementation of the random number generator.

              +
              Parameters
              + + + + + +
              [in]rnd_funcRandom number generator.
              [in]rnd_paramPass through user data that will be passed to the user_data parameter of the random number generator.
              [in]epid2_paramsThe field and group parameters.
              [out]ctxNewly constructed TPM context.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmDelete
              +
              +TpmProvision
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmDecompressKey (TpmCtx * ctx,
              G1ElemStr const * h1_str,
              G2ElemStr const * w_str,
              FqElemStr const * Ax_str,
              G1ElemStrA_str,
              FpElemStrx_str 
              )
              +
              + +

              Decompresses provisioned key.

              +

              If you provision a compressed key using TpmProvisionCompressed, you must call TpmDecompressKey before performing any other operations that use the TPM context. Once decompressed, the context will maintain the decompressed key for the lifetime of the context.

              +
              Note
              If the compressed private key has not been provisioned, the result of the decompression is undefined.
              +
              Parameters
              + + + + + + + +
              [in,out]ctxThe TPM context.
              [in]h1_strThe h1 value of the group public key.
              [in]w_strThe w value of the group public key.
              [in]Ax_strThe Ax value of the compressed member private key.
              [out]A_strThe A value of the member private key.
              [out]x_strThe x value of the member private key.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmProvisionCompressed
              + +
              +
              + +
              +
              + + + + + + + + +
              void TpmDelete (TpmCtx ** ctx)
              +
              + +

              Deletes an existing Tpm context.

              +

              Must be called to safely release a TPM context created using TpmCreate.

              +

              De-initializes the context, frees memory used by the context, and sets the context pointer to NULL.

              +
              Parameters
              + + +
              [in,out]ctxThe TPM context. Can be NULL.
              +
              +
              +
              See also
              TpmCreate
              + +
              +
              + +
              +
              + + + + + + + + +
              size_t TpmGetNumPreSigs (TpmCtx const * ctx)
              +
              + +

              Gets the number of pre-computed signatures in the TPM's pool.

              +
              Parameters
              + + +
              [in,out]ctxThe TPM context.
              +
              +
              +
              Returns
              Number of pre-computed signatures in TPM's pool
              +
              See also
              TpmAddPreSigs
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmInit (TpmCtx * ctx,
              G1ElemStr const * A_str,
              FpElemStr const * x_str,
              G1ElemStr const * h1_str,
              G1ElemStr const * h2_str,
              G2ElemStr const * w_str,
              MemberPrecomp const * precomp_str 
              )
              +
              + +

              Initializes Tpm with non-sensitive parameters.

              +
              Note
              Does not check consistency with the provisioned f value. Use TpmIsKeyValid to check that the parameters will result in a valid key pair.
              +
              Parameters
              + + + + + + + + +
              [in,out]ctxThe TPM context.
              [in]A_strThe A value of the member private key.
              [in]x_strThe x value of the member private key.
              [in]h1_strThe h1 value of the group public key.
              [in]h2_strThe h2 value of the group public key.
              [in]w_strThe w value of the group public key.
              [in]precomp_strThe member pre-computed data.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmIsKeyValid
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
              bool TpmIsKeyValid (TpmCtx * ctx,
              G1ElemStr const * A_str,
              FpElemStr const * x_str,
              G1ElemStr const * h1_str,
              G2ElemStr const * w_str 
              )
              +
              + +

              Checks if provided parameters result in a valid key.

              +
              Parameters
              + + + + + + +
              [in,out]ctxThe TPM context.
              [in]A_strThe A value of the member private key.
              [in]x_strThe x value of the member private key.
              [in]h1_strThe h1 value of the group public key.
              [in]w_strThe w value of the group public key.
              +
              +
              +
              Return values
              + + + +
              trueif the input values would result in a valid member private key
              falseif the input values would result in an invalid member private key
              +
              +
              +
              See also
              TpmCreate
              +
              +TpmInit
              +
              +TpmProvision
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmJoin (TpmCtx * ctx,
              FpElemStr const * c_str,
              FpElemStrs_str 
              )
              +
              + +

              Performs the last part of the join operation.

              +
              Note
              TpmJoin must be preceded by a call to TpmJoinCommit. Two sequential calls to TpmJoin will fail with kEpidOutOfSequenceError.
              +
              Parameters
              + + + + +
              [in]ctxThe TPM context.
              [in]c_strThe join commitment hash.
              [out]s_strThe s value of the join request.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmProvision
              +
              +TpmJoinCommit
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmJoinCommit (TpmCtx * ctx,
              G1ElemStrF_str,
              G1ElemStrR_str 
              )
              +
              + +

              Performs the first part of the join operation.

              +
              Parameters
              + + + + +
              [in,out]ctxThe TPM context.
              [out]F_strThe F value of the join commit.
              [out]R_strThe R value of the join commit.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmProvision
              +
              +TpmJoin
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmNrProve (TpmCtx * ctx,
              FpElemStr const * c_str,
              FpElemStrsmu_str,
              FpElemStrsnu_str 
              )
              +
              + +

              Performs the last part of the NrProve operation.

              +
              Note
              TpmNrProve must be preceded by a call to TpmNrProveCommit. Two sequential calls to TpmNrProve will fail with kEpidOutOfSequenceError.
              +
              Parameters
              + + + + + +
              [in,out]ctxThe TPM context.
              [in]c_strThe non-revoked proof commitment hash.
              [out]smu_strThe smu value in the non-revoked proof.
              [out]snu_strThe snu value in the non-revoked proof.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmProvision
              +
              +TpmInit
              +
              +TpmNrProveCommit
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmNrProveCommit (TpmCtx * ctx,
              G1ElemStr const * B_str,
              G1ElemStr const * K_str,
              SigRlEntry const * sigrl_entry,
              NrProveCommitOutputcommit_out 
              )
              +
              + +

              Performs the first part of the NrProve operation.

              +
              Parameters
              + + + + + + +
              [in,out]ctxThe TPM context.
              [in]B_strThe B value from the BasicSignature.
              [in]K_strThe K value from the BasicSignature.
              [in]sigrl_entryThe signature based revocation list entry corresponding to this proof.
              [out]commit_outThe resulting commitment value.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmProvision
              +
              +TpmInit
              +
              +TpmNrProve
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmProvision (TpmCtx * ctx,
              FpElemStr const * f_str 
              )
              +
              + +

              Provisions Tpm with sensitive parameters.

              +
              Parameters
              + + + +
              [in,out]ctxThe TPM context.
              f_strThe f value of the member private key.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmInit
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmProvisionCompressed (TpmCtx * ctx,
              OctStr256 const * seed 
              )
              +
              + +

              Provisions Tpm with compressed key seed.

              +

              You must call TpmDecompressKey before performing any other operations that use the TPM context.

              +
              Parameters
              + + + +
              [in,out]ctxThe TPM context.
              [in]seedThe seed value of the compressed key.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmInit
              +
              +TpmDecompressKey
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmSign (TpmCtx * ctx,
              FpElemStr const * c_str,
              FpElemStrsx_str,
              FpElemStrsf_str,
              FpElemStrsa_str,
              FpElemStrsb_str 
              )
              +
              + +

              Performs the last part of the sign operation.

              +
              Note
              TpmSign must be preceded by a call to TpmSignCommit. Two sequential calls to TpmSign will fail with kEpidOutOfSequenceError.
              +
              Parameters
              + + + + + + + +
              [in]ctxThe TPM context.
              [in]c_strThe sign commitment hash.
              [out]sx_strThe BasicSignature sx value.
              [out]sf_strThe BasicSignature sf value.
              [out]sa_strThe BasicSignature sa value.
              [out]sb_strThe BasicSignature sb value.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmProvision
              +
              +TpmInit
              +
              +TpmSignCommit
              + +
              +
              + +
              +
              + + + + + + + + + + + + + + + + + + + + + + + + +
              EpidStatus TpmSignCommit (TpmCtx * ctx,
              G1ElemStr const * B_in_str,
              SignCommitOutputcommit_out 
              )
              +
              + +

              Performs the first part of the sign operation.

              +
              Parameters
              + + + + +
              [in,out]ctxThe TPM context.
              [in]B_in_strAn optional serialized hash of basename. If NULL a random basename is used.
              [out]commit_outThe resulting commitment value.
              +
              +
              +
              Returns
              EpidStatus
              +
              See also
              TpmCreate
              +
              +TpmProvision
              +
              +TpmInit
              +
              +TpmSign
              + +
              +
              +
              +
              + + + + + diff --git a/doc/html/group___tpm_module.js b/doc/html/group___tpm_module.js new file mode 100644 index 0000000..3e0b437 --- /dev/null +++ b/doc/html/group___tpm_module.js @@ -0,0 +1,30 @@ +var group___tpm_module = +[ + [ "NrProveCommitOutput", "struct_nr_prove_commit_output.html", [ + [ "R1", "struct_nr_prove_commit_output.html#af9c605d560f83ccd69e35d8b9cfe51b3", null ], + [ "R2", "struct_nr_prove_commit_output.html#aab0f11e55d3b8d838e472242e27a1a43", null ], + [ "T", "struct_nr_prove_commit_output.html#a00234dfa2443d49f5a294c58fdacb064", null ] + ] ], + [ "SignCommitOutput", "struct_sign_commit_output.html", [ + [ "B", "struct_sign_commit_output.html#ae2ebcc07395e60187d9ccca373665dba", null ], + [ "K", "struct_sign_commit_output.html#a496bdc4d14fb73b1e85dfff3bc9fd3ba", null ], + [ "R1", "struct_sign_commit_output.html#ad01513f153f51f7ce211cf323a224499", null ], + [ "R2", "struct_sign_commit_output.html#a0f35f1d619ea972acbdf9d45af630de0", null ], + [ "T", "struct_sign_commit_output.html#a9ce3b28916094f5fa108d5f5c86631b0", null ] + ] ], + [ "TpmAddPreSigs", "group___tpm_module.html#ga2335ec4eb78b542cf87df9b0cd15358c", null ], + [ "TpmCreate", "group___tpm_module.html#ga901cad19eb14a6a6a02e85f9d710d287", null ], + [ "TpmDecompressKey", "group___tpm_module.html#gaeb9bfaa9288263af9feccd0d0543c9bc", null ], + [ "TpmDelete", "group___tpm_module.html#ga95bc18225c1d87803be7965978e37449", null ], + [ "TpmGetNumPreSigs", "group___tpm_module.html#gaa53a6bd52e22808bac21596a964bdece", null ], + [ "TpmInit", "group___tpm_module.html#ga5e62323b94837b847f3e869cf2ff3615", null ], + [ "TpmIsKeyValid", "group___tpm_module.html#ga3318f97e4d1763815dace3779ae6564f", null ], + [ "TpmJoin", "group___tpm_module.html#gab80c411f070858fbe019d93f5ac6a6ec", null ], + [ "TpmJoinCommit", "group___tpm_module.html#gae69218c9cba6a19d3ae1199c59772efc", null ], + [ "TpmNrProve", "group___tpm_module.html#ga4346d22fb9fed6a161cb1ea178b50ed2", null ], + [ "TpmNrProveCommit", "group___tpm_module.html#gace6002b520db41d8e781b02c6f538dc0", null ], + [ "TpmProvision", "group___tpm_module.html#ga42b80d485cff39fe9ec14a0b5a81426d", null ], + [ "TpmProvisionCompressed", "group___tpm_module.html#ga688441f78f68aa53c41fcae4d31c6f50", null ], + [ "TpmSign", "group___tpm_module.html#gaa667fb3295e4533334bb32afcd43890f", null ], + [ "TpmSignCommit", "group___tpm_module.html#gaf9004ce8832c1acae497604d1deb49cd", null ] +]; \ No newline at end of file diff --git a/doc/html/hash_8h.html b/doc/html/hash_8h.html index 1e6252a..6166734 100644 --- a/doc/html/hash_8h.html +++ b/doc/html/hash_8h.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0
              @@ -94,7 +94,7 @@ Functions
              diff --git a/doc/html/how__validated_8dox.html b/doc/html/how__validated_8dox.html new file mode 100644 index 0000000..e5cf885 --- /dev/null +++ b/doc/html/how__validated_8dox.html @@ -0,0 +1,82 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: doc/docsrc/how_validated.dox File Reference + + + + + + + + + + + + +
              +
              + + + + + + +
              + +
              +
              + + +
              +
              + +
              +
              +
              + +
              +
              +
              +
              doc/docsrc/how_validated.dox File Reference
              +
              +
              + +

              This file is used by Doxygen to generate documentation. +More...

              +

              Detailed Description

              +

              This file is used by Doxygen to generate documentation.

              +
              +
              + + + + + diff --git a/doc/html/implementation__notes_8dox.html b/doc/html/implementation__notes_8dox.html index a07d4bc..e81f729 100644 --- a/doc/html/implementation__notes_8dox.html +++ b/doc/html/implementation__notes_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('implementation__notes_8dox.html','');} diff --git a/doc/html/index.html b/doc/html/index.html index 7b34b80..5afffbe 100644 --- a/doc/html/index.html +++ b/doc/html/index.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -62,7 +62,17 @@ $(document).ready(function(){initNavTree('index.html','');});

              Intel® EPID is a cryptographic protocol which enables the remote authentication of a trusted platform whilst preserving the user's privacy.

              -

              The Intel® EPID Software Development Kit provides an implementation of the Intel® EPID specification that developers can use when developing their own applications using Intel® EPID technology.

              +

              The Intel® EPID Software Development Kit provides an implementation of the Intel® EPID specification that developers can use when developing their own applications using Intel® EPID technology.

              +

              +Getting Started

              +

              If you are learning to use the SDK, we recommend the following approach:

              +
                +
              1. Get the Big Picture The Introduction to the Intel® EPID Scheme provides a non-implementation-specific overview of the interactions between the issuer, member, and verifier.
                2. +
              2. Build the SDK For instructions, refer to Building from Source. For help installing the prerequisite build tools, refer to Guide to Installing Build Tools.
                3. +
              3. Run the SDK Samples with Test Data After you build the SDK, you can follow along with the commands in the implementation specific Signing and Verification Tutorial, using the provided samples and the test data from Sample Issuer Material.
                4. +
              4. Check out the Code Examples Refer to Generating an Intel® EPID Signature and Verifying an Intel® EPID Signature to see how SDK APIs are used by the code examples signmsg and verifysig.
                5. +
              5. Check out the API Reference The API reference shows you how to use all APIs included in the SDK.
                6. +
              @@ -70,7 +80,7 @@ $(document).ready(function(){initNavTree('index.html','');}); diff --git a/doc/html/init_8h.html b/doc/html/init_8h.html new file mode 100644 index 0000000..9de3ced --- /dev/null +++ b/doc/html/init_8h.html @@ -0,0 +1,92 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: epid/member/tpm/init.h File Reference + + + + + + + + + + + + +
              +
              + + + + + + +
              + +
              +
              + + +
              +
              + +
              +
              +
              + +
              +
              +
              +Functions
              +
              +
              init.h File Reference
              +
              +
              + +

              Non-sensitive member context APIs. +More...

              +
              #include "epid/common/errors.h"
              +
              + + + + +

              +Functions

              EpidStatus TpmInit (TpmCtx *ctx, G1ElemStr const *A_str, FpElemStr const *x_str, G1ElemStr const *h1_str, G1ElemStr const *h2_str, G2ElemStr const *w_str, MemberPrecomp const *precomp_str)
               Initializes Tpm with non-sensitive parameters. More...
               
              +

              Detailed Description

              +

              Non-sensitive member context APIs.

              +
              +
              + + + + + diff --git a/doc/html/issuer__material_8dox.html b/doc/html/issuer__material_8dox.html index 5a3a47e..3e5dad5 100644 --- a/doc/html/issuer__material_8dox.html +++ b/doc/html/issuer__material_8dox.html @@ -32,7 +32,7 @@ id="projectlink" class="index.html" href="index.html">Intel® Enhanced Privacy ID SDK - 3.0.04.0.0 @@ -74,7 +74,7 @@ $(document).ready(function(){initNavTree('issuer__material_8dox.html','');}); diff --git a/doc/html/join_8h.html b/doc/html/join_8h.html new file mode 100644 index 0000000..0281f2d --- /dev/null +++ b/doc/html/join_8h.html @@ -0,0 +1,95 @@ + + + + + + + +Intel® Enhanced Privacy ID SDK: epid/member/tpm/join.h File Reference + + + + + + + + + + + + +
              +
              + + + + + + +
              + +
              +
              + + +
              +
              + +
              +
              +
              + +
              +
              +
              +Functions
              +
              +
              join.h File Reference
              +
              +
              + +

              TPM join APIs. +More...

              +
              #include "epid/common/errors.h"
              +
              + + + + + + + +

              +Functions

              EpidStatus TpmJoinCommit (TpmCtx *ctx, G1ElemStr *F_str, G1ElemStr *R_str)
               Performs the first part of the join operation. More...
               
              EpidStatus TpmJoin (TpmCtx *ctx, FpElemStr const *c_str, FpElemStr *s_str)
               Performs the last part of the join operation. More...
               
              +

              Detailed Description

              +

              TPM join APIs.

              +
              +
              + + + + + diff --git a/doc/html/jquery.js b/doc/html/jquery.js index 1f4d0b4..d52a1c7 100644 --- a/doc/html/jquery.js +++ b/doc/html/jquery.js @@ -1,4 +1,4 @@ -/*! +/* * jQuery JavaScript Library v1.7.1 * http://jquery.com/ * @@ -14,13 +14,13 @@ * Date: Mon Nov 21 21:11:03 2011 -0500 */ (function(bb,L){var av=bb.document,bu=bb.navigator,bl=bb.location;var b=(function(){var bF=function(b0,b1){return new bF.fn.init(b0,b1,bD)},bU=bb.jQuery,bH=bb.$,bD,bY=/^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/,bM=/\S/,bI=/^\s+/,bE=/\s+$/,bA=/^<(\w+)\s*\/?>(?:<\/\1>)?$/,bN=/^[\],:{}\s]*$/,bW=/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g,bP=/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g,bJ=/(?:^|:|,)(?:\s*\[)+/g,by=/(webkit)[ \/]([\w.]+)/,bR=/(opera)(?:.*version)?[ \/]([\w.]+)/,bQ=/(msie) ([\w.]+)/,bS=/(mozilla)(?:.*? rv:([\w.]+))?/,bB=/-([a-z]|[0-9])/ig,bZ=/^-ms-/,bT=function(b0,b1){return(b1+"").toUpperCase()},bX=bu.userAgent,bV,bC,e,bL=Object.prototype.toString,bG=Object.prototype.hasOwnProperty,bz=Array.prototype.push,bK=Array.prototype.slice,bO=String.prototype.trim,bv=Array.prototype.indexOf,bx={};bF.fn=bF.prototype={constructor:bF,init:function(b0,b4,b3){var b2,b5,b1,b6;if(!b0){return this}if(b0.nodeType){this.context=this[0]=b0;this.length=1;return this}if(b0==="body"&&!b4&&av.body){this.context=av;this[0]=av.body;this.selector=b0;this.length=1;return this}if(typeof b0==="string"){if(b0.charAt(0)==="<"&&b0.charAt(b0.length-1)===">"&&b0.length>=3){b2=[null,b0,null]}else{b2=bY.exec(b0)}if(b2&&(b2[1]||!b4)){if(b2[1]){b4=b4 instanceof bF?b4[0]:b4;b6=(b4?b4.ownerDocument||b4:av);b1=bA.exec(b0);if(b1){if(bF.isPlainObject(b4)){b0=[av.createElement(b1[1])];bF.fn.attr.call(b0,b4,true)}else{b0=[b6.createElement(b1[1])]}}else{b1=bF.buildFragment([b2[1]],[b6]);b0=(b1.cacheable?bF.clone(b1.fragment):b1.fragment).childNodes}return bF.merge(this,b0)}else{b5=av.getElementById(b2[2]);if(b5&&b5.parentNode){if(b5.id!==b2[2]){return b3.find(b0)}this.length=1;this[0]=b5}this.context=av;this.selector=b0;return this}}else{if(!b4||b4.jquery){return(b4||b3).find(b0)}else{return this.constructor(b4).find(b0)}}}else{if(bF.isFunction(b0)){return b3.ready(b0)}}if(b0.selector!==L){this.selector=b0.selector;this.context=b0.context}return bF.makeArray(b0,this)},selector:"",jquery:"1.7.1",length:0,size:function(){return this.length},toArray:function(){return bK.call(this,0)},get:function(b0){return b0==null?this.toArray():(b0<0?this[this.length+b0]:this[b0])},pushStack:function(b1,b3,b0){var b2=this.constructor();if(bF.isArray(b1)){bz.apply(b2,b1)}else{bF.merge(b2,b1)}b2.prevObject=this;b2.context=this.context;if(b3==="find"){b2.selector=this.selector+(this.selector?" ":"")+b0}else{if(b3){b2.selector=this.selector+"."+b3+"("+b0+")"}}return b2},each:function(b1,b0){return bF.each(this,b1,b0)},ready:function(b0){bF.bindReady();bC.add(b0);return this},eq:function(b0){b0=+b0;return b0===-1?this.slice(b0):this.slice(b0,b0+1)},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},slice:function(){return this.pushStack(bK.apply(this,arguments),"slice",bK.call(arguments).join(","))},map:function(b0){return this.pushStack(bF.map(this,function(b2,b1){return b0.call(b2,b1,b2)}))},end:function(){return this.prevObject||this.constructor(null)},push:bz,sort:[].sort,splice:[].splice};bF.fn.init.prototype=bF.fn;bF.extend=bF.fn.extend=function(){var b9,b2,b0,b1,b6,b7,b5=arguments[0]||{},b4=1,b3=arguments.length,b8=false;if(typeof b5==="boolean"){b8=b5;b5=arguments[1]||{};b4=2}if(typeof b5!=="object"&&!bF.isFunction(b5)){b5={}}if(b3===b4){b5=this;--b4}for(;b40){return}bC.fireWith(av,[bF]);if(bF.fn.trigger){bF(av).trigger("ready").off("ready")}}},bindReady:function(){if(bC){return}bC=bF.Callbacks("once memory");if(av.readyState==="complete"){return setTimeout(bF.ready,1)}if(av.addEventListener){av.addEventListener("DOMContentLoaded",e,false);bb.addEventListener("load",bF.ready,false)}else{if(av.attachEvent){av.attachEvent("onreadystatechange",e);bb.attachEvent("onload",bF.ready);var b0=false;try{b0=bb.frameElement==null}catch(b1){}if(av.documentElement.doScroll&&b0){bw()}}}},isFunction:function(b0){return bF.type(b0)==="function"},isArray:Array.isArray||function(b0){return bF.type(b0)==="array"},isWindow:function(b0){return b0&&typeof b0==="object"&&"setInterval" in b0},isNumeric:function(b0){return !isNaN(parseFloat(b0))&&isFinite(b0)},type:function(b0){return b0==null?String(b0):bx[bL.call(b0)]||"object"},isPlainObject:function(b2){if(!b2||bF.type(b2)!=="object"||b2.nodeType||bF.isWindow(b2)){return false}try{if(b2.constructor&&!bG.call(b2,"constructor")&&!bG.call(b2.constructor.prototype,"isPrototypeOf")){return false}}catch(b1){return false}var b0;for(b0 in b2){}return b0===L||bG.call(b2,b0)},isEmptyObject:function(b1){for(var b0 in b1){return false}return true},error:function(b0){throw new Error(b0)},parseJSON:function(b0){if(typeof b0!=="string"||!b0){return null}b0=bF.trim(b0);if(bb.JSON&&bb.JSON.parse){return bb.JSON.parse(b0)}if(bN.test(b0.replace(bW,"@").replace(bP,"]").replace(bJ,""))){return(new Function("return "+b0))()}bF.error("Invalid JSON: "+b0)},parseXML:function(b2){var b0,b1;try{if(bb.DOMParser){b1=new DOMParser();b0=b1.parseFromString(b2,"text/xml")}else{b0=new ActiveXObject("Microsoft.XMLDOM");b0.async="false";b0.loadXML(b2)}}catch(b3){b0=L}if(!b0||!b0.documentElement||b0.getElementsByTagName("parsererror").length){bF.error("Invalid XML: "+b2)}return b0},noop:function(){},globalEval:function(b0){if(b0&&bM.test(b0)){(bb.execScript||function(b1){bb["eval"].call(bb,b1)})(b0)}},camelCase:function(b0){return b0.replace(bZ,"ms-").replace(bB,bT)},nodeName:function(b1,b0){return b1.nodeName&&b1.nodeName.toUpperCase()===b0.toUpperCase()},each:function(b3,b6,b2){var b1,b4=0,b5=b3.length,b0=b5===L||bF.isFunction(b3);if(b2){if(b0){for(b1 in b3){if(b6.apply(b3[b1],b2)===false){break}}}else{for(;b40&&b0[0]&&b0[b1-1])||b1===0||bF.isArray(b0));if(b3){for(;b21?aJ.call(arguments,0):bG;if(!(--bw)){bC.resolveWith(bC,bx)}}}function bz(bF){return function(bG){bB[bF]=arguments.length>1?aJ.call(arguments,0):bG;bC.notifyWith(bE,bB)}}if(e>1){for(;bv
              a";bI=bv.getElementsByTagName("*");bF=bv.getElementsByTagName("a")[0];if(!bI||!bI.length||!bF){return{}}bG=av.createElement("select");bx=bG.appendChild(av.createElement("option"));bE=bv.getElementsByTagName("input")[0];bJ={leadingWhitespace:(bv.firstChild.nodeType===3),tbody:!bv.getElementsByTagName("tbody").length,htmlSerialize:!!bv.getElementsByTagName("link").length,style:/top/.test(bF.getAttribute("style")),hrefNormalized:(bF.getAttribute("href")==="/a"),opacity:/^0.55/.test(bF.style.opacity),cssFloat:!!bF.style.cssFloat,checkOn:(bE.value==="on"),optSelected:bx.selected,getSetAttribute:bv.className!=="t",enctype:!!av.createElement("form").enctype,html5Clone:av.createElement("nav").cloneNode(true).outerHTML!=="<:nav>",submitBubbles:true,changeBubbles:true,focusinBubbles:false,deleteExpando:true,noCloneEvent:true,inlineBlockNeedsLayout:false,shrinkWrapBlocks:false,reliableMarginRight:true};bE.checked=true;bJ.noCloneChecked=bE.cloneNode(true).checked;bG.disabled=true;bJ.optDisabled=!bx.disabled;try{delete bv.test}catch(bC){bJ.deleteExpando=false}if(!bv.addEventListener&&bv.attachEvent&&bv.fireEvent){bv.attachEvent("onclick",function(){bJ.noCloneEvent=false});bv.cloneNode(true).fireEvent("onclick")}bE=av.createElement("input");bE.value="t";bE.setAttribute("type","radio");bJ.radioValue=bE.value==="t";bE.setAttribute("checked","checked");bv.appendChild(bE);bD=av.createDocumentFragment();bD.appendChild(bv.lastChild);bJ.checkClone=bD.cloneNode(true).cloneNode(true).lastChild.checked;bJ.appendChecked=bE.checked;bD.removeChild(bE);bD.appendChild(bv);bv.innerHTML="";if(bb.getComputedStyle){bA=av.createElement("div");bA.style.width="0";bA.style.marginRight="0";bv.style.width="2px";bv.appendChild(bA);bJ.reliableMarginRight=(parseInt((bb.getComputedStyle(bA,null)||{marginRight:0}).marginRight,10)||0)===0}if(bv.attachEvent){for(by in {submit:1,change:1,focusin:1}){bB="on"+by;bw=(bB in bv);if(!bw){bv.setAttribute(bB,"return;");bw=(typeof bv[bB]==="function")}bJ[by+"Bubbles"]=bw}}bD.removeChild(bv);bD=bG=bx=bA=bv=bE=null;b(function(){var bM,bU,bV,bT,bN,bO,bL,bS,bR,e,bP,bQ=av.getElementsByTagName("body")[0];if(!bQ){return}bL=1;bS="position:absolute;top:0;left:0;width:1px;height:1px;margin:0;";bR="visibility:hidden;border:0;";e="style='"+bS+"border:5px solid #000;padding:0;'";bP="
              ";bM=av.createElement("div");bM.style.cssText=bR+"width:0;height:0;position:static;top:0;margin-top:"+bL+"px";bQ.insertBefore(bM,bQ.firstChild);bv=av.createElement("div");bM.appendChild(bv);bv.innerHTML="
              t
              ";bz=bv.getElementsByTagName("td");bw=(bz[0].offsetHeight===0);bz[0].style.display="";bz[1].style.display="none";bJ.reliableHiddenOffsets=bw&&(bz[0].offsetHeight===0);bv.innerHTML="";bv.style.width=bv.style.paddingLeft="1px";b.boxModel=bJ.boxModel=bv.offsetWidth===2;if(typeof bv.style.zoom!=="undefined"){bv.style.display="inline";bv.style.zoom=1;bJ.inlineBlockNeedsLayout=(bv.offsetWidth===2);bv.style.display="";bv.innerHTML="
              ";bJ.shrinkWrapBlocks=(bv.offsetWidth!==2)}bv.style.cssText=bS+bR;bv.innerHTML=bP;bU=bv.firstChild;bV=bU.firstChild;bN=bU.nextSibling.firstChild.firstChild;bO={doesNotAddBorder:(bV.offsetTop!==5),doesAddBorderForTableAndCells:(bN.offsetTop===5)};bV.style.position="fixed";bV.style.top="20px";bO.fixedPosition=(bV.offsetTop===20||bV.offsetTop===15);bV.style.position=bV.style.top="";bU.style.overflow="hidden";bU.style.position="relative";bO.subtractsBorderForOverflowNotVisible=(bV.offsetTop===-5);bO.doesNotIncludeMarginInBodyOffset=(bQ.offsetTop!==bL);bQ.removeChild(bM);bv=bM=null;b.extend(bJ,bO)});return bJ})();var aS=/^(?:\{.*\}|\[.*\])$/,aA=/([A-Z])/g;b.extend({cache:{},uuid:0,expando:"jQuery"+(b.fn.jquery+Math.random()).replace(/\D/g,""),noData:{embed:true,object:"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000",applet:true},hasData:function(e){e=e.nodeType?b.cache[e[b.expando]]:e[b.expando];return !!e&&!S(e)},data:function(bx,bv,bz,by){if(!b.acceptData(bx)){return}var bG,bA,bD,bE=b.expando,bC=typeof bv==="string",bF=bx.nodeType,e=bF?b.cache:bx,bw=bF?bx[bE]:bx[bE]&&bE,bB=bv==="events";if((!bw||!e[bw]||(!bB&&!by&&!e[bw].data))&&bC&&bz===L){return}if(!bw){if(bF){bx[bE]=bw=++b.uuid}else{bw=bE}}if(!e[bw]){e[bw]={};if(!bF){e[bw].toJSON=b.noop}}if(typeof bv==="object"||typeof bv==="function"){if(by){e[bw]=b.extend(e[bw],bv)}else{e[bw].data=b.extend(e[bw].data,bv)}}bG=bA=e[bw];if(!by){if(!bA.data){bA.data={}}bA=bA.data}if(bz!==L){bA[b.camelCase(bv)]=bz}if(bB&&!bA[bv]){return bG.events}if(bC){bD=bA[bv];if(bD==null){bD=bA[b.camelCase(bv)]}}else{bD=bA}return bD},removeData:function(bx,bv,by){if(!b.acceptData(bx)){return}var bB,bA,bz,bC=b.expando,bD=bx.nodeType,e=bD?b.cache:bx,bw=bD?bx[bC]:bC;if(!e[bw]){return}if(bv){bB=by?e[bw]:e[bw].data;if(bB){if(!b.isArray(bv)){if(bv in bB){bv=[bv]}else{bv=b.camelCase(bv);if(bv in bB){bv=[bv]}else{bv=bv.split(" ")}}}for(bA=0,bz=bv.length;bA-1){return true}}return false},val:function(bx){var e,bv,by,bw=this[0];if(!arguments.length){if(bw){e=b.valHooks[bw.nodeName.toLowerCase()]||b.valHooks[bw.type];if(e&&"get" in e&&(bv=e.get(bw,"value"))!==L){return bv}bv=bw.value;return typeof bv==="string"?bv.replace(aU,""):bv==null?"":bv}return}by=b.isFunction(bx);return this.each(function(bA){var bz=b(this),bB;if(this.nodeType!==1){return}if(by){bB=bx.call(this,bA,bz.val())}else{bB=bx}if(bB==null){bB=""}else{if(typeof bB==="number"){bB+=""}else{if(b.isArray(bB)){bB=b.map(bB,function(bC){return bC==null?"":bC+""})}}}e=b.valHooks[this.nodeName.toLowerCase()]||b.valHooks[this.type];if(!e||!("set" in e)||e.set(this,bB,"value")===L){this.value=bB}})}});b.extend({valHooks:{option:{get:function(e){var bv=e.attributes.value;return !bv||bv.specified?e.value:e.text}},select:{get:function(e){var bA,bv,bz,bx,by=e.selectedIndex,bB=[],bC=e.options,bw=e.type==="select-one";if(by<0){return null}bv=bw?by:0;bz=bw?by+1:bC.length;for(;bv=0});if(!e.length){bv.selectedIndex=-1}return e}}},attrFn:{val:true,css:true,html:true,text:true,data:true,width:true,height:true,offset:true},attr:function(bA,bx,bB,bz){var bw,e,by,bv=bA.nodeType;if(!bA||bv===3||bv===8||bv===2){return}if(bz&&bx in b.attrFn){return b(bA)[bx](bB)}if(typeof bA.getAttribute==="undefined"){return b.prop(bA,bx,bB)}by=bv!==1||!b.isXMLDoc(bA);if(by){bx=bx.toLowerCase();e=b.attrHooks[bx]||(ao.test(bx)?aY:be)}if(bB!==L){if(bB===null){b.removeAttr(bA,bx);return}else{if(e&&"set" in e&&by&&(bw=e.set(bA,bB,bx))!==L){return bw}else{bA.setAttribute(bx,""+bB);return bB}}}else{if(e&&"get" in e&&by&&(bw=e.get(bA,bx))!==null){return bw}else{bw=bA.getAttribute(bx);return bw===null?L:bw}}},removeAttr:function(bx,bz){var by,bA,bv,e,bw=0;if(bz&&bx.nodeType===1){bA=bz.toLowerCase().split(af);e=bA.length;for(;bw=0)}}})});var bd=/^(?:textarea|input|select)$/i,n=/^([^\.]*)?(?:\.(.+))?$/,J=/\bhover(\.\S+)?\b/,aO=/^key/,bf=/^(?:mouse|contextmenu)|click/,T=/^(?:focusinfocus|focusoutblur)$/,U=/^(\w*)(?:#([\w\-]+))?(?:\.([\w\-]+))?$/,Y=function(e){var bv=U.exec(e);if(bv){bv[1]=(bv[1]||"").toLowerCase();bv[3]=bv[3]&&new RegExp("(?:^|\\s)"+bv[3]+"(?:\\s|$)")}return bv},j=function(bw,e){var bv=bw.attributes||{};return((!e[1]||bw.nodeName.toLowerCase()===e[1])&&(!e[2]||(bv.id||{}).value===e[2])&&(!e[3]||e[3].test((bv["class"]||{}).value)))},bt=function(e){return b.event.special.hover?e:e.replace(J,"mouseenter$1 mouseleave$1")};b.event={add:function(bx,bC,bJ,bA,by){var bD,bB,bK,bI,bH,bF,e,bG,bv,bz,bw,bE;if(bx.nodeType===3||bx.nodeType===8||!bC||!bJ||!(bD=b._data(bx))){return}if(bJ.handler){bv=bJ;bJ=bv.handler}if(!bJ.guid){bJ.guid=b.guid++}bK=bD.events;if(!bK){bD.events=bK={}}bB=bD.handle;if(!bB){bD.handle=bB=function(bL){return typeof b!=="undefined"&&(!bL||b.event.triggered!==bL.type)?b.event.dispatch.apply(bB.elem,arguments):L};bB.elem=bx}bC=b.trim(bt(bC)).split(" ");for(bI=0;bI=0){bG=bG.slice(0,-1);bw=true}if(bG.indexOf(".")>=0){bx=bG.split(".");bG=bx.shift();bx.sort()}if((!bA||b.event.customEvent[bG])&&!b.event.global[bG]){return}bv=typeof bv==="object"?bv[b.expando]?bv:new b.Event(bG,bv):new b.Event(bG);bv.type=bG;bv.isTrigger=true;bv.exclusive=bw;bv.namespace=bx.join(".");bv.namespace_re=bv.namespace?new RegExp("(^|\\.)"+bx.join("\\.(?:.*\\.)?")+"(\\.|$)"):null;by=bG.indexOf(":")<0?"on"+bG:"";if(!bA){e=b.cache;for(bC in e){if(e[bC].events&&e[bC].events[bG]){b.event.trigger(bv,bD,e[bC].handle.elem,true)}}return}bv.result=L;if(!bv.target){bv.target=bA}bD=bD!=null?b.makeArray(bD):[];bD.unshift(bv);bF=b.event.special[bG]||{};if(bF.trigger&&bF.trigger.apply(bA,bD)===false){return}bB=[[bA,bF.bindType||bG]];if(!bJ&&!bF.noBubble&&!b.isWindow(bA)){bI=bF.delegateType||bG;bH=T.test(bI+bG)?bA:bA.parentNode;bz=null;for(;bH;bH=bH.parentNode){bB.push([bH,bI]);bz=bH}if(bz&&bz===bA.ownerDocument){bB.push([bz.defaultView||bz.parentWindow||bb,bI])}}for(bC=0;bCbA){bH.push({elem:this,matches:bz.slice(bA)})}for(bC=0;bC0?this.on(e,null,bx,bw):this.trigger(e)};if(b.attrFn){b.attrFn[e]=true}if(aO.test(e)){b.event.fixHooks[e]=b.event.keyHooks}if(bf.test(e)){b.event.fixHooks[e]=b.event.mouseHooks}}); -/*! +/* * Sizzle CSS Selector Engine * Copyright 2011, The Dojo Foundation * Released under the MIT, BSD, and GPL Licenses. * More information: http://sizzlejs.com/ */ -(function(){var bH=/((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^\[\]]*\]|['"][^'"]*['"]|[^\[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,bC="sizcache"+(Math.random()+"").replace(".",""),bI=0,bL=Object.prototype.toString,bB=false,bA=true,bK=/\\/g,bO=/\r\n/g,bQ=/\W/;[0,0].sort(function(){bA=false;return 0});var by=function(bV,e,bY,bZ){bY=bY||[];e=e||av;var b1=e;if(e.nodeType!==1&&e.nodeType!==9){return[]}if(!bV||typeof bV!=="string"){return bY}var bS,b3,b6,bR,b2,b5,b4,bX,bU=true,bT=by.isXML(e),bW=[],b0=bV;do{bH.exec("");bS=bH.exec(b0);if(bS){b0=bS[3];bW.push(bS[1]);if(bS[2]){bR=bS[3];break}}}while(bS);if(bW.length>1&&bD.exec(bV)){if(bW.length===2&&bE.relative[bW[0]]){b3=bM(bW[0]+bW[1],e,bZ)}else{b3=bE.relative[bW[0]]?[e]:by(bW.shift(),e);while(bW.length){bV=bW.shift();if(bE.relative[bV]){bV+=bW.shift()}b3=bM(bV,b3,bZ)}}}else{if(!bZ&&bW.length>1&&e.nodeType===9&&!bT&&bE.match.ID.test(bW[0])&&!bE.match.ID.test(bW[bW.length-1])){b2=by.find(bW.shift(),e,bT);e=b2.expr?by.filter(b2.expr,b2.set)[0]:b2.set[0]}if(e){b2=bZ?{expr:bW.pop(),set:bF(bZ)}:by.find(bW.pop(),bW.length===1&&(bW[0]==="~"||bW[0]==="+")&&e.parentNode?e.parentNode:e,bT);b3=b2.expr?by.filter(b2.expr,b2.set):b2.set;if(bW.length>0){b6=bF(b3)}else{bU=false}while(bW.length){b5=bW.pop();b4=b5;if(!bE.relative[b5]){b5=""}else{b4=bW.pop()}if(b4==null){b4=e}bE.relative[b5](b6,b4,bT)}}else{b6=bW=[]}}if(!b6){b6=b3}if(!b6){by.error(b5||bV)}if(bL.call(b6)==="[object Array]"){if(!bU){bY.push.apply(bY,b6)}else{if(e&&e.nodeType===1){for(bX=0;b6[bX]!=null;bX++){if(b6[bX]&&(b6[bX]===true||b6[bX].nodeType===1&&by.contains(e,b6[bX]))){bY.push(b3[bX])}}}else{for(bX=0;b6[bX]!=null;bX++){if(b6[bX]&&b6[bX].nodeType===1){bY.push(b3[bX])}}}}}else{bF(b6,bY)}if(bR){by(bR,b1,bY,bZ);by.uniqueSort(bY)}return bY};by.uniqueSort=function(bR){if(bJ){bB=bA;bR.sort(bJ);if(bB){for(var e=1;e0};by.find=function(bX,e,bY){var bW,bS,bU,bT,bV,bR;if(!bX){return[]}for(bS=0,bU=bE.order.length;bS":function(bW,bR){var bV,bU=typeof bR==="string",bS=0,e=bW.length;if(bU&&!bQ.test(bR)){bR=bR.toLowerCase();for(;bS=0)){if(!bS){e.push(bV)}}else{if(bS){bR[bU]=false}}}}return false},ID:function(e){return e[1].replace(bK,"")},TAG:function(bR,e){return bR[1].replace(bK,"").toLowerCase()},CHILD:function(e){if(e[1]==="nth"){if(!e[2]){by.error(e[0])}e[2]=e[2].replace(/^\+|\s*/g,"");var bR=/(-?)(\d*)(?:n([+\-]?\d*))?/.exec(e[2]==="even"&&"2n"||e[2]==="odd"&&"2n+1"||!/\D/.test(e[2])&&"0n+"+e[2]||e[2]);e[2]=(bR[1]+(bR[2]||1))-0;e[3]=bR[3]-0}else{if(e[2]){by.error(e[0])}}e[0]=bI++;return e},ATTR:function(bU,bR,bS,e,bV,bW){var bT=bU[1]=bU[1].replace(bK,"");if(!bW&&bE.attrMap[bT]){bU[1]=bE.attrMap[bT]}bU[4]=(bU[4]||bU[5]||"").replace(bK,"");if(bU[2]==="~="){bU[4]=" "+bU[4]+" "}return bU},PSEUDO:function(bU,bR,bS,e,bV){if(bU[1]==="not"){if((bH.exec(bU[3])||"").length>1||/^\w/.test(bU[3])){bU[3]=by(bU[3],null,null,bR)}else{var bT=by.filter(bU[3],bR,bS,true^bV);if(!bS){e.push.apply(e,bT)}return false}}else{if(bE.match.POS.test(bU[0])||bE.match.CHILD.test(bU[0])){return true}}return bU},POS:function(e){e.unshift(true);return e}},filters:{enabled:function(e){return e.disabled===false&&e.type!=="hidden"},disabled:function(e){return e.disabled===true},checked:function(e){return e.checked===true},selected:function(e){if(e.parentNode){e.parentNode.selectedIndex}return e.selected===true},parent:function(e){return !!e.firstChild},empty:function(e){return !e.firstChild},has:function(bS,bR,e){return !!by(e[3],bS).length},header:function(e){return(/h\d/i).test(e.nodeName)},text:function(bS){var e=bS.getAttribute("type"),bR=bS.type;return bS.nodeName.toLowerCase()==="input"&&"text"===bR&&(e===bR||e===null)},radio:function(e){return e.nodeName.toLowerCase()==="input"&&"radio"===e.type},checkbox:function(e){return e.nodeName.toLowerCase()==="input"&&"checkbox"===e.type},file:function(e){return e.nodeName.toLowerCase()==="input"&&"file"===e.type},password:function(e){return e.nodeName.toLowerCase()==="input"&&"password"===e.type},submit:function(bR){var e=bR.nodeName.toLowerCase();return(e==="input"||e==="button")&&"submit"===bR.type},image:function(e){return e.nodeName.toLowerCase()==="input"&&"image"===e.type},reset:function(bR){var e=bR.nodeName.toLowerCase();return(e==="input"||e==="button")&&"reset"===bR.type},button:function(bR){var e=bR.nodeName.toLowerCase();return e==="input"&&"button"===bR.type||e==="button"},input:function(e){return(/input|select|textarea|button/i).test(e.nodeName)},focus:function(e){return e===e.ownerDocument.activeElement}},setFilters:{first:function(bR,e){return e===0},last:function(bS,bR,e,bT){return bR===bT.length-1},even:function(bR,e){return e%2===0},odd:function(bR,e){return e%2===1},lt:function(bS,bR,e){return bRe[3]-0},nth:function(bS,bR,e){return e[3]-0===bR},eq:function(bS,bR,e){return e[3]-0===bR}},filter:{PSEUDO:function(bS,bX,bW,bY){var e=bX[1],bR=bE.filters[e];if(bR){return bR(bS,bW,bX,bY)}else{if(e==="contains"){return(bS.textContent||bS.innerText||bw([bS])||"").indexOf(bX[3])>=0}else{if(e==="not"){var bT=bX[3];for(var bV=0,bU=bT.length;bV=0)}}},ID:function(bR,e){return bR.nodeType===1&&bR.getAttribute("id")===e},TAG:function(bR,e){return(e==="*"&&bR.nodeType===1)||!!bR.nodeName&&bR.nodeName.toLowerCase()===e},CLASS:function(bR,e){return(" "+(bR.className||bR.getAttribute("class"))+" ").indexOf(e)>-1},ATTR:function(bV,bT){var bS=bT[1],e=by.attr?by.attr(bV,bS):bE.attrHandle[bS]?bE.attrHandle[bS](bV):bV[bS]!=null?bV[bS]:bV.getAttribute(bS),bW=e+"",bU=bT[2],bR=bT[4];return e==null?bU==="!=":!bU&&by.attr?e!=null:bU==="="?bW===bR:bU==="*="?bW.indexOf(bR)>=0:bU==="~="?(" "+bW+" ").indexOf(bR)>=0:!bR?bW&&e!==false:bU==="!="?bW!==bR:bU==="^="?bW.indexOf(bR)===0:bU==="$="?bW.substr(bW.length-bR.length)===bR:bU==="|="?bW===bR||bW.substr(0,bR.length+1)===bR+"-":false},POS:function(bU,bR,bS,bV){var e=bR[2],bT=bE.setFilters[e];if(bT){return bT(bU,bS,bR,bV)}}}};var bD=bE.match.POS,bx=function(bR,e){return"\\"+(e-0+1)};for(var bz in bE.match){bE.match[bz]=new RegExp(bE.match[bz].source+(/(?![^\[]*\])(?![^\(]*\))/.source));bE.leftMatch[bz]=new RegExp(/(^(?:.|\r|\n)*?)/.source+bE.match[bz].source.replace(/\\(\d+)/g,bx))}var bF=function(bR,e){bR=Array.prototype.slice.call(bR,0);if(e){e.push.apply(e,bR);return e}return bR};try{Array.prototype.slice.call(av.documentElement.childNodes,0)[0].nodeType}catch(bP){bF=function(bU,bT){var bS=0,bR=bT||[];if(bL.call(bU)==="[object Array]"){Array.prototype.push.apply(bR,bU)}else{if(typeof bU.length==="number"){for(var e=bU.length;bS";e.insertBefore(bR,e.firstChild);if(av.getElementById(bS)){bE.find.ID=function(bU,bV,bW){if(typeof bV.getElementById!=="undefined"&&!bW){var bT=bV.getElementById(bU[1]);return bT?bT.id===bU[1]||typeof bT.getAttributeNode!=="undefined"&&bT.getAttributeNode("id").nodeValue===bU[1]?[bT]:L:[]}};bE.filter.ID=function(bV,bT){var bU=typeof bV.getAttributeNode!=="undefined"&&bV.getAttributeNode("id");return bV.nodeType===1&&bU&&bU.nodeValue===bT}}e.removeChild(bR);e=bR=null})();(function(){var e=av.createElement("div");e.appendChild(av.createComment(""));if(e.getElementsByTagName("*").length>0){bE.find.TAG=function(bR,bV){var bU=bV.getElementsByTagName(bR[1]);if(bR[1]==="*"){var bT=[];for(var bS=0;bU[bS];bS++){if(bU[bS].nodeType===1){bT.push(bU[bS])}}bU=bT}return bU}}e.innerHTML="";if(e.firstChild&&typeof e.firstChild.getAttribute!=="undefined"&&e.firstChild.getAttribute("href")!=="#"){bE.attrHandle.href=function(bR){return bR.getAttribute("href",2)}}e=null})();if(av.querySelectorAll){(function(){var e=by,bT=av.createElement("div"),bS="__sizzle__";bT.innerHTML="

              ";if(bT.querySelectorAll&&bT.querySelectorAll(".TEST").length===0){return}by=function(b4,bV,bZ,b3){bV=bV||av;if(!b3&&!by.isXML(bV)){var b2=/^(\w+$)|^\.([\w\-]+$)|^#([\w\-]+$)/.exec(b4);if(b2&&(bV.nodeType===1||bV.nodeType===9)){if(b2[1]){return bF(bV.getElementsByTagName(b4),bZ)}else{if(b2[2]&&bE.find.CLASS&&bV.getElementsByClassName){return bF(bV.getElementsByClassName(b2[2]),bZ)}}}if(bV.nodeType===9){if(b4==="body"&&bV.body){return bF([bV.body],bZ)}else{if(b2&&b2[3]){var bY=bV.getElementById(b2[3]);if(bY&&bY.parentNode){if(bY.id===b2[3]){return bF([bY],bZ)}}else{return bF([],bZ)}}}try{return bF(bV.querySelectorAll(b4),bZ)}catch(b0){}}else{if(bV.nodeType===1&&bV.nodeName.toLowerCase()!=="object"){var bW=bV,bX=bV.getAttribute("id"),bU=bX||bS,b6=bV.parentNode,b5=/^\s*[+~]/.test(b4);if(!bX){bV.setAttribute("id",bU)}else{bU=bU.replace(/'/g,"\\$&")}if(b5&&b6){bV=bV.parentNode}try{if(!b5||b6){return bF(bV.querySelectorAll("[id='"+bU+"'] "+b4),bZ)}}catch(b1){}finally{if(!bX){bW.removeAttribute("id")}}}}}return e(b4,bV,bZ,b3)};for(var bR in e){by[bR]=e[bR]}bT=null})()}(function(){var e=av.documentElement,bS=e.matchesSelector||e.mozMatchesSelector||e.webkitMatchesSelector||e.msMatchesSelector;if(bS){var bU=!bS.call(av.createElement("div"),"div"),bR=false;try{bS.call(av.documentElement,"[test!='']:sizzle")}catch(bT){bR=true}by.matchesSelector=function(bW,bY){bY=bY.replace(/\=\s*([^'"\]]*)\s*\]/g,"='$1']");if(!by.isXML(bW)){try{if(bR||!bE.match.PSEUDO.test(bY)&&!/!=/.test(bY)){var bV=bS.call(bW,bY);if(bV||!bU||bW.document&&bW.document.nodeType!==11){return bV}}}catch(bX){}}return by(bY,null,null,[bW]).length>0}}})();(function(){var e=av.createElement("div");e.innerHTML="
              ";if(!e.getElementsByClassName||e.getElementsByClassName("e").length===0){return}e.lastChild.className="e";if(e.getElementsByClassName("e").length===1){return}bE.order.splice(1,0,"CLASS");bE.find.CLASS=function(bR,bS,bT){if(typeof bS.getElementsByClassName!=="undefined"&&!bT){return bS.getElementsByClassName(bR[1])}};e=null})();function bv(bR,bW,bV,bZ,bX,bY){for(var bT=0,bS=bZ.length;bT0){bU=e;break}}}e=e[bR]}bZ[bT]=bU}}}if(av.documentElement.contains){by.contains=function(bR,e){return bR!==e&&(bR.contains?bR.contains(e):true)}}else{if(av.documentElement.compareDocumentPosition){by.contains=function(bR,e){return !!(bR.compareDocumentPosition(e)&16)}}else{by.contains=function(){return false}}}by.isXML=function(e){var bR=(e?e.ownerDocument||e:0).documentElement;return bR?bR.nodeName!=="HTML":false};var bM=function(bS,e,bW){var bV,bX=[],bU="",bY=e.nodeType?[e]:e;while((bV=bE.match.PSEUDO.exec(bS))){bU+=bV[0];bS=bS.replace(bE.match.PSEUDO,"")}bS=bE.relative[bS]?bS+"*":bS;for(var bT=0,bR=bY.length;bT0){for(bB=bA;bB=0:b.filter(e,this).length>0:this.filter(e).length>0)},closest:function(by,bx){var bv=[],bw,e,bz=this[0];if(b.isArray(by)){var bB=1;while(bz&&bz.ownerDocument&&bz!==bx){for(bw=0;bw-1:b.find.matchesSelector(bz,by)){bv.push(bz);break}else{bz=bz.parentNode;if(!bz||!bz.ownerDocument||bz===bx||bz.nodeType===11){break}}}}bv=bv.length>1?b.unique(bv):bv;return this.pushStack(bv,"closest",by)},index:function(e){if(!e){return(this[0]&&this[0].parentNode)?this.prevAll().length:-1}if(typeof e==="string"){return b.inArray(this[0],b(e))}return b.inArray(e.jquery?e[0]:e,this)},add:function(e,bv){var bx=typeof e==="string"?b(e,bv):b.makeArray(e&&e.nodeType?[e]:e),bw=b.merge(this.get(),bx);return this.pushStack(C(bx[0])||C(bw[0])?bw:b.unique(bw))},andSelf:function(){return this.add(this.prevObject)}});function C(e){return !e||!e.parentNode||e.parentNode.nodeType===11}b.each({parent:function(bv){var e=bv.parentNode;return e&&e.nodeType!==11?e:null},parents:function(e){return b.dir(e,"parentNode")},parentsUntil:function(bv,e,bw){return b.dir(bv,"parentNode",bw)},next:function(e){return b.nth(e,2,"nextSibling")},prev:function(e){return b.nth(e,2,"previousSibling")},nextAll:function(e){return b.dir(e,"nextSibling")},prevAll:function(e){return b.dir(e,"previousSibling")},nextUntil:function(bv,e,bw){return b.dir(bv,"nextSibling",bw)},prevUntil:function(bv,e,bw){return b.dir(bv,"previousSibling",bw)},siblings:function(e){return b.sibling(e.parentNode.firstChild,e)},children:function(e){return b.sibling(e.firstChild)},contents:function(e){return b.nodeName(e,"iframe")?e.contentDocument||e.contentWindow.document:b.makeArray(e.childNodes)}},function(e,bv){b.fn[e]=function(by,bw){var bx=b.map(this,bv,by);if(!ab.test(e)){bw=by}if(bw&&typeof bw==="string"){bx=b.filter(bw,bx)}bx=this.length>1&&!ay[e]?b.unique(bx):bx;if((this.length>1||a9.test(bw))&&aq.test(e)){bx=bx.reverse()}return this.pushStack(bx,e,P.call(arguments).join(","))}});b.extend({filter:function(bw,e,bv){if(bv){bw=":not("+bw+")"}return e.length===1?b.find.matchesSelector(e[0],bw)?[e[0]]:[]:b.find.matches(bw,e)},dir:function(bw,bv,by){var e=[],bx=bw[bv];while(bx&&bx.nodeType!==9&&(by===L||bx.nodeType!==1||!b(bx).is(by))){if(bx.nodeType===1){e.push(bx)}bx=bx[bv]}return e},nth:function(by,e,bw,bx){e=e||1;var bv=0;for(;by;by=by[bw]){if(by.nodeType===1&&++bv===e){break}}return by},sibling:function(bw,bv){var e=[];for(;bw;bw=bw.nextSibling){if(bw.nodeType===1&&bw!==bv){e.push(bw)}}return e}});function aG(bx,bw,e){bw=bw||0;if(b.isFunction(bw)){return b.grep(bx,function(bz,by){var bA=!!bw.call(bz,by,bz);return bA===e})}else{if(bw.nodeType){return b.grep(bx,function(bz,by){return(bz===bw)===e})}else{if(typeof bw==="string"){var bv=b.grep(bx,function(by){return by.nodeType===1});if(bp.test(bw)){return b.filter(bw,bv,!e)}else{bw=b.filter(bw,bv)}}}}return b.grep(bx,function(bz,by){return(b.inArray(bz,bw)>=0)===e})}function a(e){var bw=aR.split("|"),bv=e.createDocumentFragment();if(bv.createElement){while(bw.length){bv.createElement(bw.pop())}}return bv}var aR="abbr|article|aside|audio|canvas|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",ag=/ jQuery\d+="(?:\d+|null)"/g,ar=/^\s+/,R=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/ig,d=/<([\w:]+)/,w=/",""],legend:[1,"
              ","
              "],thead:[1,"","
              "],tr:[2,"","
              "],td:[3,"","
              "],col:[2,"","
              "],area:[1,"",""],_default:[0,"",""]},ac=a(av);ax.optgroup=ax.option;ax.tbody=ax.tfoot=ax.colgroup=ax.caption=ax.thead;ax.th=ax.td;if(!b.support.htmlSerialize){ax._default=[1,"div
              ","
              "]}b.fn.extend({text:function(e){if(b.isFunction(e)){return this.each(function(bw){var bv=b(this);bv.text(e.call(this,bw,bv.text()))})}if(typeof e!=="object"&&e!==L){return this.empty().append((this[0]&&this[0].ownerDocument||av).createTextNode(e))}return b.text(this)},wrapAll:function(e){if(b.isFunction(e)){return this.each(function(bw){b(this).wrapAll(e.call(this,bw))})}if(this[0]){var bv=b(e,this[0].ownerDocument).eq(0).clone(true);if(this[0].parentNode){bv.insertBefore(this[0])}bv.map(function(){var bw=this;while(bw.firstChild&&bw.firstChild.nodeType===1){bw=bw.firstChild}return bw}).append(this)}return this},wrapInner:function(e){if(b.isFunction(e)){return this.each(function(bv){b(this).wrapInner(e.call(this,bv))})}return this.each(function(){var bv=b(this),bw=bv.contents();if(bw.length){bw.wrapAll(e)}else{bv.append(e)}})},wrap:function(e){var bv=b.isFunction(e);return this.each(function(bw){b(this).wrapAll(bv?e.call(this,bw):e)})},unwrap:function(){return this.parent().each(function(){if(!b.nodeName(this,"body")){b(this).replaceWith(this.childNodes)}}).end()},append:function(){return this.domManip(arguments,true,function(e){if(this.nodeType===1){this.appendChild(e)}})},prepend:function(){return this.domManip(arguments,true,function(e){if(this.nodeType===1){this.insertBefore(e,this.firstChild)}})},before:function(){if(this[0]&&this[0].parentNode){return this.domManip(arguments,false,function(bv){this.parentNode.insertBefore(bv,this)})}else{if(arguments.length){var e=b.clean(arguments);e.push.apply(e,this.toArray());return this.pushStack(e,"before",arguments)}}},after:function(){if(this[0]&&this[0].parentNode){return this.domManip(arguments,false,function(bv){this.parentNode.insertBefore(bv,this.nextSibling)})}else{if(arguments.length){var e=this.pushStack(this,"after",arguments);e.push.apply(e,b.clean(arguments));return e}}},remove:function(e,bx){for(var bv=0,bw;(bw=this[bv])!=null;bv++){if(!e||b.filter(e,[bw]).length){if(!bx&&bw.nodeType===1){b.cleanData(bw.getElementsByTagName("*"));b.cleanData([bw])}if(bw.parentNode){bw.parentNode.removeChild(bw)}}}return this},empty:function(){for(var e=0,bv;(bv=this[e])!=null;e++){if(bv.nodeType===1){b.cleanData(bv.getElementsByTagName("*"))}while(bv.firstChild){bv.removeChild(bv.firstChild)}}return this},clone:function(bv,e){bv=bv==null?false:bv;e=e==null?bv:e;return this.map(function(){return b.clone(this,bv,e)})},html:function(bx){if(bx===L){return this[0]&&this[0].nodeType===1?this[0].innerHTML.replace(ag,""):null}else{if(typeof bx==="string"&&!ae.test(bx)&&(b.support.leadingWhitespace||!ar.test(bx))&&!ax[(d.exec(bx)||["",""])[1].toLowerCase()]){bx=bx.replace(R,"<$1>");try{for(var bw=0,bv=this.length;bw1&&bw0?this.clone(true):this).get();b(bC[bA])[bv](by);bz=bz.concat(by)}return this.pushStack(bz,e,bC.selector)}}});function bg(e){if(typeof e.getElementsByTagName!=="undefined"){return e.getElementsByTagName("*")}else{if(typeof e.querySelectorAll!=="undefined"){return e.querySelectorAll("*")}else{return[]}}}function az(e){if(e.type==="checkbox"||e.type==="radio"){e.defaultChecked=e.checked}}function E(e){var bv=(e.nodeName||"").toLowerCase();if(bv==="input"){az(e)}else{if(bv!=="script"&&typeof e.getElementsByTagName!=="undefined"){b.grep(e.getElementsByTagName("input"),az)}}}function al(e){var bv=av.createElement("div");ac.appendChild(bv);bv.innerHTML=e.outerHTML;return bv.firstChild}b.extend({clone:function(by,bA,bw){var e,bv,bx,bz=b.support.html5Clone||!ah.test("<"+by.nodeName)?by.cloneNode(true):al(by);if((!b.support.noCloneEvent||!b.support.noCloneChecked)&&(by.nodeType===1||by.nodeType===11)&&!b.isXMLDoc(by)){ai(by,bz);e=bg(by);bv=bg(bz);for(bx=0;e[bx];++bx){if(bv[bx]){ai(e[bx],bv[bx])}}}if(bA){t(by,bz);if(bw){e=bg(by);bv=bg(bz);for(bx=0;e[bx];++bx){t(e[bx],bv[bx])}}}e=bv=null;return bz},clean:function(bw,by,bH,bA){var bF;by=by||av;if(typeof by.createElement==="undefined"){by=by.ownerDocument||by[0]&&by[0].ownerDocument||av}var bI=[],bB;for(var bE=0,bz;(bz=bw[bE])!=null;bE++){if(typeof bz==="number"){bz+=""}if(!bz){continue}if(typeof bz==="string"){if(!W.test(bz)){bz=by.createTextNode(bz)}else{bz=bz.replace(R,"<$1>");var bK=(d.exec(bz)||["",""])[1].toLowerCase(),bx=ax[bK]||ax._default,bD=bx[0],bv=by.createElement("div");if(by===av){ac.appendChild(bv)}else{a(by).appendChild(bv)}bv.innerHTML=bx[1]+bz+bx[2];while(bD--){bv=bv.lastChild}if(!b.support.tbody){var e=w.test(bz),bC=bK==="table"&&!e?bv.firstChild&&bv.firstChild.childNodes:bx[1]===""&&!e?bv.childNodes:[];for(bB=bC.length-1;bB>=0;--bB){if(b.nodeName(bC[bB],"tbody")&&!bC[bB].childNodes.length){bC[bB].parentNode.removeChild(bC[bB])}}}if(!b.support.leadingWhitespace&&ar.test(bz)){bv.insertBefore(by.createTextNode(ar.exec(bz)[0]),bv.firstChild)}bz=bv.childNodes}}var bG;if(!b.support.appendChecked){if(bz[0]&&typeof(bG=bz.length)==="number"){for(bB=0;bB=0){return bx+"px"}}else{return bx}}}});if(!b.support.opacity){b.cssHooks.opacity={get:function(bv,e){return au.test((e&&bv.currentStyle?bv.currentStyle.filter:bv.style.filter)||"")?(parseFloat(RegExp.$1)/100)+"":e?"1":""},set:function(by,bz){var bx=by.style,bv=by.currentStyle,e=b.isNumeric(bz)?"alpha(opacity="+bz*100+")":"",bw=bv&&bv.filter||bx.filter||"";bx.zoom=1;if(bz>=1&&b.trim(bw.replace(ak,""))===""){bx.removeAttribute("filter");if(bv&&!bv.filter){return}}bx.filter=ak.test(bw)?bw.replace(ak,e):bw+" "+e}}}b(function(){if(!b.support.reliableMarginRight){b.cssHooks.marginRight={get:function(bw,bv){var e;b.swap(bw,{display:"inline-block"},function(){if(bv){e=Z(bw,"margin-right","marginRight")}else{e=bw.style.marginRight}});return e}}}});if(av.defaultView&&av.defaultView.getComputedStyle){aI=function(by,bw){var bv,bx,e;bw=bw.replace(z,"-$1").toLowerCase();if((bx=by.ownerDocument.defaultView)&&(e=bx.getComputedStyle(by,null))){bv=e.getPropertyValue(bw);if(bv===""&&!b.contains(by.ownerDocument.documentElement,by)){bv=b.style(by,bw)}}return bv}}if(av.documentElement.currentStyle){aX=function(bz,bw){var bA,e,by,bv=bz.currentStyle&&bz.currentStyle[bw],bx=bz.style;if(bv===null&&bx&&(by=bx[bw])){bv=by}if(!bc.test(bv)&&bn.test(bv)){bA=bx.left;e=bz.runtimeStyle&&bz.runtimeStyle.left;if(e){bz.runtimeStyle.left=bz.currentStyle.left}bx.left=bw==="fontSize"?"1em":(bv||0);bv=bx.pixelLeft+"px";bx.left=bA;if(e){bz.runtimeStyle.left=e}}return bv===""?"auto":bv}}Z=aI||aX;function p(by,bw,bv){var bA=bw==="width"?by.offsetWidth:by.offsetHeight,bz=bw==="width"?an:a1,bx=0,e=bz.length;if(bA>0){if(bv!=="border"){for(;bx)<[^<]*)*<\/script>/gi,q=/^(?:select|textarea)/i,h=/\s+/,br=/([?&])_=[^&]*/,K=/^([\w\+\.\-]+:)(?:\/\/([^\/?#:]*)(?::(\d+))?)?/,A=b.fn.load,aa={},r={},aE,s,aV=["*/"]+["*"];try{aE=bl.href}catch(aw){aE=av.createElement("a");aE.href="";aE=aE.href}s=K.exec(aE.toLowerCase())||[];function f(e){return function(by,bA){if(typeof by!=="string"){bA=by;by="*"}if(b.isFunction(bA)){var bx=by.toLowerCase().split(h),bw=0,bz=bx.length,bv,bB,bC;for(;bw=0){var e=bw.slice(by,bw.length);bw=bw.slice(0,by)}var bx="GET";if(bz){if(b.isFunction(bz)){bA=bz;bz=L}else{if(typeof bz==="object"){bz=b.param(bz,b.ajaxSettings.traditional);bx="POST"}}}var bv=this;b.ajax({url:bw,type:bx,dataType:"html",data:bz,complete:function(bC,bB,bD){bD=bC.responseText;if(bC.isResolved()){bC.done(function(bE){bD=bE});bv.html(e?b("
              ").append(bD.replace(a6,"")).find(e):bD)}if(bA){bv.each(bA,[bD,bB,bC])}}});return this},serialize:function(){return b.param(this.serializeArray())},serializeArray:function(){return this.map(function(){return this.elements?b.makeArray(this.elements):this}).filter(function(){return this.name&&!this.disabled&&(this.checked||q.test(this.nodeName)||aZ.test(this.type))}).map(function(e,bv){var bw=b(this).val();return bw==null?null:b.isArray(bw)?b.map(bw,function(by,bx){return{name:bv.name,value:by.replace(bs,"\r\n")}}):{name:bv.name,value:bw.replace(bs,"\r\n")}}).get()}});b.each("ajaxStart ajaxStop ajaxComplete ajaxError ajaxSuccess ajaxSend".split(" "),function(e,bv){b.fn[bv]=function(bw){return this.on(bv,bw)}});b.each(["get","post"],function(e,bv){b[bv]=function(bw,by,bz,bx){if(b.isFunction(by)){bx=bx||bz;bz=by;by=L}return b.ajax({type:bv,url:bw,data:by,success:bz,dataType:bx})}});b.extend({getScript:function(e,bv){return b.get(e,L,bv,"script")},getJSON:function(e,bv,bw){return b.get(e,bv,bw,"json")},ajaxSetup:function(bv,e){if(e){am(bv,b.ajaxSettings)}else{e=bv;bv=b.ajaxSettings}am(bv,e);return bv},ajaxSettings:{url:aE,isLocal:aM.test(s[1]),global:true,type:"GET",contentType:"application/x-www-form-urlencoded",processData:true,async:true,accepts:{xml:"application/xml, text/xml",html:"text/html",text:"text/plain",json:"application/json, text/javascript","*":aV},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText"},converters:{"* text":bb.String,"text html":true,"text json":b.parseJSON,"text xml":b.parseXML},flatOptions:{context:true,url:true}},ajaxPrefilter:f(aa),ajaxTransport:f(r),ajax:function(bz,bx){if(typeof bz==="object"){bx=bz;bz=L}bx=bx||{};var bD=b.ajaxSetup({},bx),bS=bD.context||bD,bG=bS!==bD&&(bS.nodeType||bS instanceof b)?b(bS):b.event,bR=b.Deferred(),bN=b.Callbacks("once memory"),bB=bD.statusCode||{},bC,bH={},bO={},bQ,by,bL,bE,bI,bA=0,bw,bK,bJ={readyState:0,setRequestHeader:function(bT,bU){if(!bA){var e=bT.toLowerCase();bT=bO[e]=bO[e]||bT;bH[bT]=bU}return this},getAllResponseHeaders:function(){return bA===2?bQ:null},getResponseHeader:function(bT){var e;if(bA===2){if(!by){by={};while((e=aD.exec(bQ))){by[e[1].toLowerCase()]=e[2]}}e=by[bT.toLowerCase()]}return e===L?null:e},overrideMimeType:function(e){if(!bA){bD.mimeType=e}return this},abort:function(e){e=e||"abort";if(bL){bL.abort(e)}bF(0,e);return this}};function bF(bZ,bU,b0,bW){if(bA===2){return}bA=2;if(bE){clearTimeout(bE)}bL=L;bQ=bW||"";bJ.readyState=bZ>0?4:0;var bT,b4,b3,bX=bU,bY=b0?bj(bD,bJ,b0):L,bV,b2;if(bZ>=200&&bZ<300||bZ===304){if(bD.ifModified){if((bV=bJ.getResponseHeader("Last-Modified"))){b.lastModified[bC]=bV}if((b2=bJ.getResponseHeader("Etag"))){b.etag[bC]=b2}}if(bZ===304){bX="notmodified";bT=true}else{try{b4=G(bD,bY);bX="success";bT=true}catch(b1){bX="parsererror";b3=b1}}}else{b3=bX;if(!bX||bZ){bX="error";if(bZ<0){bZ=0}}}bJ.status=bZ;bJ.statusText=""+(bU||bX);if(bT){bR.resolveWith(bS,[b4,bX,bJ])}else{bR.rejectWith(bS,[bJ,bX,b3])}bJ.statusCode(bB);bB=L;if(bw){bG.trigger("ajax"+(bT?"Success":"Error"),[bJ,bD,bT?b4:b3])}bN.fireWith(bS,[bJ,bX]);if(bw){bG.trigger("ajaxComplete",[bJ,bD]);if(!(--b.active)){b.event.trigger("ajaxStop")}}}bR.promise(bJ);bJ.success=bJ.done;bJ.error=bJ.fail;bJ.complete=bN.add;bJ.statusCode=function(bT){if(bT){var e;if(bA<2){for(e in bT){bB[e]=[bB[e],bT[e]]}}else{e=bT[bJ.status];bJ.then(e,e)}}return this};bD.url=((bz||bD.url)+"").replace(bq,"").replace(c,s[1]+"//");bD.dataTypes=b.trim(bD.dataType||"*").toLowerCase().split(h);if(bD.crossDomain==null){bI=K.exec(bD.url.toLowerCase());bD.crossDomain=!!(bI&&(bI[1]!=s[1]||bI[2]!=s[2]||(bI[3]||(bI[1]==="http:"?80:443))!=(s[3]||(s[1]==="http:"?80:443))))}if(bD.data&&bD.processData&&typeof bD.data!=="string"){bD.data=b.param(bD.data,bD.traditional)}aW(aa,bD,bx,bJ);if(bA===2){return false}bw=bD.global;bD.type=bD.type.toUpperCase();bD.hasContent=!aQ.test(bD.type);if(bw&&b.active++===0){b.event.trigger("ajaxStart")}if(!bD.hasContent){if(bD.data){bD.url+=(M.test(bD.url)?"&":"?")+bD.data;delete bD.data}bC=bD.url;if(bD.cache===false){var bv=b.now(),bP=bD.url.replace(br,"$1_="+bv);bD.url=bP+((bP===bD.url)?(M.test(bD.url)?"&":"?")+"_="+bv:"")}}if(bD.data&&bD.hasContent&&bD.contentType!==false||bx.contentType){bJ.setRequestHeader("Content-Type",bD.contentType)}if(bD.ifModified){bC=bC||bD.url;if(b.lastModified[bC]){bJ.setRequestHeader("If-Modified-Since",b.lastModified[bC])}if(b.etag[bC]){bJ.setRequestHeader("If-None-Match",b.etag[bC])}}bJ.setRequestHeader("Accept",bD.dataTypes[0]&&bD.accepts[bD.dataTypes[0]]?bD.accepts[bD.dataTypes[0]]+(bD.dataTypes[0]!=="*"?", "+aV+"; q=0.01":""):bD.accepts["*"]);for(bK in bD.headers){bJ.setRequestHeader(bK,bD.headers[bK])}if(bD.beforeSend&&(bD.beforeSend.call(bS,bJ,bD)===false||bA===2)){bJ.abort();return false}for(bK in {success:1,error:1,complete:1}){bJ[bK](bD[bK])}bL=aW(r,bD,bx,bJ);if(!bL){bF(-1,"No Transport")}else{bJ.readyState=1;if(bw){bG.trigger("ajaxSend",[bJ,bD])}if(bD.async&&bD.timeout>0){bE=setTimeout(function(){bJ.abort("timeout")},bD.timeout)}try{bA=1;bL.send(bH,bF)}catch(bM){if(bA<2){bF(-1,bM)}else{throw bM}}}return bJ},param:function(e,bw){var bv=[],by=function(bz,bA){bA=b.isFunction(bA)?bA():bA;bv[bv.length]=encodeURIComponent(bz)+"="+encodeURIComponent(bA)};if(bw===L){bw=b.ajaxSettings.traditional}if(b.isArray(e)||(e.jquery&&!b.isPlainObject(e))){b.each(e,function(){by(this.name,this.value)})}else{for(var bx in e){v(bx,e[bx],bw,by)}}return bv.join("&").replace(k,"+")}});function v(bw,by,bv,bx){if(b.isArray(by)){b.each(by,function(bA,bz){if(bv||ap.test(bw)){bx(bw,bz)}else{v(bw+"["+(typeof bz==="object"||b.isArray(bz)?bA:"")+"]",bz,bv,bx)}})}else{if(!bv&&by!=null&&typeof by==="object"){for(var e in by){v(bw+"["+e+"]",by[e],bv,bx)}}else{bx(bw,by)}}}b.extend({active:0,lastModified:{},etag:{}});function bj(bD,bC,bz){var bv=bD.contents,bB=bD.dataTypes,bw=bD.responseFields,by,bA,bx,e;for(bA in bw){if(bA in bz){bC[bw[bA]]=bz[bA]}}while(bB[0]==="*"){bB.shift();if(by===L){by=bD.mimeType||bC.getResponseHeader("content-type")}}if(by){for(bA in bv){if(bv[bA]&&bv[bA].test(by)){bB.unshift(bA);break}}}if(bB[0] in bz){bx=bB[0]}else{for(bA in bz){if(!bB[0]||bD.converters[bA+" "+bB[0]]){bx=bA;break}if(!e){e=bA}}bx=bx||e}if(bx){if(bx!==bB[0]){bB.unshift(bx)}return bz[bx]}}function G(bH,bz){if(bH.dataFilter){bz=bH.dataFilter(bz,bH.dataType)}var bD=bH.dataTypes,bG={},bA,bE,bw=bD.length,bB,bC=bD[0],bx,by,bF,bv,e;for(bA=1;bA=bw.duration+this.startTime){this.now=this.end;this.pos=this.state=1;this.update();bw.animatedProperties[this.prop]=true;for(bA in bw.animatedProperties){if(bw.animatedProperties[bA]!==true){e=false}}if(e){if(bw.overflow!=null&&!b.support.shrinkWrapBlocks){b.each(["","X","Y"],function(bC,bD){bz.style["overflow"+bD]=bw.overflow[bC]})}if(bw.hide){b(bz).hide()}if(bw.hide||bw.show){for(bA in bw.animatedProperties){b.style(bz,bA,bw.orig[bA]);b.removeData(bz,"fxshow"+bA,true);b.removeData(bz,"toggle"+bA,true)}}bv=bw.complete;if(bv){bw.complete=false;bv.call(bz)}}return false}else{if(bw.duration==Infinity){this.now=bx}else{bB=bx-this.startTime;this.state=bB/bw.duration;this.pos=b.easing[bw.animatedProperties[this.prop]](this.state,bB,0,1,bw.duration);this.now=this.start+((this.end-this.start)*this.pos)}this.update()}return true}};b.extend(b.fx,{tick:function(){var bw,bv=b.timers,e=0;for(;e").appendTo(e),bw=bv.css("display");bv.remove();if(bw==="none"||bw===""){if(!a8){a8=av.createElement("iframe");a8.frameBorder=a8.width=a8.height=0}e.appendChild(a8);if(!m||!a8.createElement){m=(a8.contentWindow||a8.contentDocument).document;m.write((av.compatMode==="CSS1Compat"?"":"")+"");m.close()}bv=m.createElement(bx);m.body.appendChild(bv);bw=b.css(bv,"display");e.removeChild(a8)}Q[bx]=bw}return Q[bx]}var V=/^t(?:able|d|h)$/i,ad=/^(?:body|html)$/i;if("getBoundingClientRect" in av.documentElement){b.fn.offset=function(bI){var by=this[0],bB;if(bI){return this.each(function(e){b.offset.setOffset(this,bI,e)})}if(!by||!by.ownerDocument){return null}if(by===by.ownerDocument.body){return b.offset.bodyOffset(by)}try{bB=by.getBoundingClientRect()}catch(bF){}var bH=by.ownerDocument,bw=bH.documentElement;if(!bB||!b.contains(bw,by)){return bB?{top:bB.top,left:bB.left}:{top:0,left:0}}var bC=bH.body,bD=aK(bH),bA=bw.clientTop||bC.clientTop||0,bE=bw.clientLeft||bC.clientLeft||0,bv=bD.pageYOffset||b.support.boxModel&&bw.scrollTop||bC.scrollTop,bz=bD.pageXOffset||b.support.boxModel&&bw.scrollLeft||bC.scrollLeft,bG=bB.top+bv-bA,bx=bB.left+bz-bE;return{top:bG,left:bx}}}else{b.fn.offset=function(bF){var bz=this[0];if(bF){return this.each(function(bG){b.offset.setOffset(this,bF,bG)})}if(!bz||!bz.ownerDocument){return null}if(bz===bz.ownerDocument.body){return b.offset.bodyOffset(bz)}var bC,bw=bz.offsetParent,bv=bz,bE=bz.ownerDocument,bx=bE.documentElement,bA=bE.body,bB=bE.defaultView,e=bB?bB.getComputedStyle(bz,null):bz.currentStyle,bD=bz.offsetTop,by=bz.offsetLeft;while((bz=bz.parentNode)&&bz!==bA&&bz!==bx){if(b.support.fixedPosition&&e.position==="fixed"){break}bC=bB?bB.getComputedStyle(bz,null):bz.currentStyle;bD-=bz.scrollTop;by-=bz.scrollLeft;if(bz===bw){bD+=bz.offsetTop;by+=bz.offsetLeft;if(b.support.doesNotAddBorder&&!(b.support.doesAddBorderForTableAndCells&&V.test(bz.nodeName))){bD+=parseFloat(bC.borderTopWidth)||0;by+=parseFloat(bC.borderLeftWidth)||0}bv=bw;bw=bz.offsetParent}if(b.support.subtractsBorderForOverflowNotVisible&&bC.overflow!=="visible"){bD+=parseFloat(bC.borderTopWidth)||0;by+=parseFloat(bC.borderLeftWidth)||0}e=bC}if(e.position==="relative"||e.position==="static"){bD+=bA.offsetTop;by+=bA.offsetLeft}if(b.support.fixedPosition&&e.position==="fixed"){bD+=Math.max(bx.scrollTop,bA.scrollTop);by+=Math.max(bx.scrollLeft,bA.scrollLeft)}return{top:bD,left:by}}}b.offset={bodyOffset:function(e){var bw=e.offsetTop,bv=e.offsetLeft;if(b.support.doesNotIncludeMarginInBodyOffset){bw+=parseFloat(b.css(e,"marginTop"))||0;bv+=parseFloat(b.css(e,"marginLeft"))||0}return{top:bw,left:bv}},setOffset:function(bx,bG,bA){var bB=b.css(bx,"position");if(bB==="static"){bx.style.position="relative"}var bz=b(bx),bv=bz.offset(),e=b.css(bx,"top"),bE=b.css(bx,"left"),bF=(bB==="absolute"||bB==="fixed")&&b.inArray("auto",[e,bE])>-1,bD={},bC={},bw,by;if(bF){bC=bz.position();bw=bC.top;by=bC.left}else{bw=parseFloat(e)||0;by=parseFloat(bE)||0}if(b.isFunction(bG)){bG=bG.call(bx,bA,bv)}if(bG.top!=null){bD.top=(bG.top-bv.top)+bw}if(bG.left!=null){bD.left=(bG.left-bv.left)+by}if("using" in bG){bG.using.call(bx,bD)}else{bz.css(bD)}}};b.fn.extend({position:function(){if(!this[0]){return null}var bw=this[0],bv=this.offsetParent(),bx=this.offset(),e=ad.test(bv[0].nodeName)?{top:0,left:0}:bv.offset();bx.top-=parseFloat(b.css(bw,"marginTop"))||0;bx.left-=parseFloat(b.css(bw,"marginLeft"))||0;e.top+=parseFloat(b.css(bv[0],"borderTopWidth"))||0;e.left+=parseFloat(b.css(bv[0],"borderLeftWidth"))||0;return{top:bx.top-e.top,left:bx.left-e.left}},offsetParent:function(){return this.map(function(){var e=this.offsetParent||av.body;while(e&&(!ad.test(e.nodeName)&&b.css(e,"position")==="static")){e=e.offsetParent}return e})}});b.each(["Left","Top"],function(bv,e){var bw="scroll"+e;b.fn[bw]=function(bz){var bx,by;if(bz===L){bx=this[0];if(!bx){return null}by=aK(bx);return by?("pageXOffset" in by)?by[bv?"pageYOffset":"pageXOffset"]:b.support.boxModel&&by.document.documentElement[bw]||by.document.body[bw]:bx[bw]}return this.each(function(){by=aK(this);if(by){by.scrollTo(!bv?bz:b(by).scrollLeft(),bv?bz:b(by).scrollTop())}else{this[bw]=bz}})}});function aK(e){return b.isWindow(e)?e:e.nodeType===9?e.defaultView||e.parentWindow:false}b.each(["Height","Width"],function(bv,e){var bw=e.toLowerCase();b.fn["inner"+e]=function(){var bx=this[0];return bx?bx.style?parseFloat(b.css(bx,bw,"padding")):this[bw]():null};b.fn["outer"+e]=function(by){var bx=this[0];return bx?bx.style?parseFloat(b.css(bx,bw,by?"margin":"border")):this[bw]():null};b.fn[bw]=function(bz){var bA=this[0];if(!bA){return bz==null?null:this}if(b.isFunction(bz)){return this.each(function(bE){var bD=b(this);bD[bw](bz.call(this,bE,bD[bw]()))})}if(b.isWindow(bA)){var bB=bA.document.documentElement["client"+e],bx=bA.document.body;return bA.document.compatMode==="CSS1Compat"&&bB||bx&&bx["client"+e]||bB}else{if(bA.nodeType===9){return Math.max(bA.documentElement["client"+e],bA.body["scroll"+e],bA.documentElement["scroll"+e],bA.body["offset"+e],bA.documentElement["offset"+e])}else{if(bz===L){var bC=b.css(bA,bw),by=parseFloat(bC);return b.isNumeric(by)?by:bC}else{return this.css(bw,typeof bz==="string"?bz:bz+"px")}}}}});bb.jQuery=bb.$=b;if(typeof define==="function"&&define.amd&&define.amd.jQuery){define("jquery",[],function(){return b})}})(window);/*! +(function(){var bH=/((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^\[\]]*\]|['"][^'"]*['"]|[^\[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,bC="sizcache"+(Math.random()+"").replace(".",""),bI=0,bL=Object.prototype.toString,bB=false,bA=true,bK=/\\/g,bO=/\r\n/g,bQ=/\W/;[0,0].sort(function(){bA=false;return 0});var by=function(bV,e,bY,bZ){bY=bY||[];e=e||av;var b1=e;if(e.nodeType!==1&&e.nodeType!==9){return[]}if(!bV||typeof bV!=="string"){return bY}var bS,b3,b6,bR,b2,b5,b4,bX,bU=true,bT=by.isXML(e),bW=[],b0=bV;do{bH.exec("");bS=bH.exec(b0);if(bS){b0=bS[3];bW.push(bS[1]);if(bS[2]){bR=bS[3];break}}}while(bS);if(bW.length>1&&bD.exec(bV)){if(bW.length===2&&bE.relative[bW[0]]){b3=bM(bW[0]+bW[1],e,bZ)}else{b3=bE.relative[bW[0]]?[e]:by(bW.shift(),e);while(bW.length){bV=bW.shift();if(bE.relative[bV]){bV+=bW.shift()}b3=bM(bV,b3,bZ)}}}else{if(!bZ&&bW.length>1&&e.nodeType===9&&!bT&&bE.match.ID.test(bW[0])&&!bE.match.ID.test(bW[bW.length-1])){b2=by.find(bW.shift(),e,bT);e=b2.expr?by.filter(b2.expr,b2.set)[0]:b2.set[0]}if(e){b2=bZ?{expr:bW.pop(),set:bF(bZ)}:by.find(bW.pop(),bW.length===1&&(bW[0]==="~"||bW[0]==="+")&&e.parentNode?e.parentNode:e,bT);b3=b2.expr?by.filter(b2.expr,b2.set):b2.set;if(bW.length>0){b6=bF(b3)}else{bU=false}while(bW.length){b5=bW.pop();b4=b5;if(!bE.relative[b5]){b5=""}else{b4=bW.pop()}if(b4==null){b4=e}bE.relative[b5](b6,b4,bT)}}else{b6=bW=[]}}if(!b6){b6=b3}if(!b6){by.error(b5||bV)}if(bL.call(b6)==="[object Array]"){if(!bU){bY.push.apply(bY,b6)}else{if(e&&e.nodeType===1){for(bX=0;b6[bX]!=null;bX++){if(b6[bX]&&(b6[bX]===true||b6[bX].nodeType===1&&by.contains(e,b6[bX]))){bY.push(b3[bX])}}}else{for(bX=0;b6[bX]!=null;bX++){if(b6[bX]&&b6[bX].nodeType===1){bY.push(b3[bX])}}}}}else{bF(b6,bY)}if(bR){by(bR,b1,bY,bZ);by.uniqueSort(bY)}return bY};by.uniqueSort=function(bR){if(bJ){bB=bA;bR.sort(bJ);if(bB){for(var e=1;e0};by.find=function(bX,e,bY){var bW,bS,bU,bT,bV,bR;if(!bX){return[]}for(bS=0,bU=bE.order.length;bS":function(bW,bR){var bV,bU=typeof bR==="string",bS=0,e=bW.length;if(bU&&!bQ.test(bR)){bR=bR.toLowerCase();for(;bS=0)){if(!bS){e.push(bV)}}else{if(bS){bR[bU]=false}}}}return false},ID:function(e){return e[1].replace(bK,"")},TAG:function(bR,e){return bR[1].replace(bK,"").toLowerCase()},CHILD:function(e){if(e[1]==="nth"){if(!e[2]){by.error(e[0])}e[2]=e[2].replace(/^\+|\s*/g,"");var bR=/(-?)(\d*)(?:n([+\-]?\d*))?/.exec(e[2]==="even"&&"2n"||e[2]==="odd"&&"2n+1"||!/\D/.test(e[2])&&"0n+"+e[2]||e[2]);e[2]=(bR[1]+(bR[2]||1))-0;e[3]=bR[3]-0}else{if(e[2]){by.error(e[0])}}e[0]=bI++;return e},ATTR:function(bU,bR,bS,e,bV,bW){var bT=bU[1]=bU[1].replace(bK,"");if(!bW&&bE.attrMap[bT]){bU[1]=bE.attrMap[bT]}bU[4]=(bU[4]||bU[5]||"").replace(bK,"");if(bU[2]==="~="){bU[4]=" "+bU[4]+" "}return bU},PSEUDO:function(bU,bR,bS,e,bV){if(bU[1]==="not"){if((bH.exec(bU[3])||"").length>1||/^\w/.test(bU[3])){bU[3]=by(bU[3],null,null,bR)}else{var bT=by.filter(bU[3],bR,bS,true^bV);if(!bS){e.push.apply(e,bT)}return false}}else{if(bE.match.POS.test(bU[0])||bE.match.CHILD.test(bU[0])){return true}}return bU},POS:function(e){e.unshift(true);return e}},filters:{enabled:function(e){return e.disabled===false&&e.type!=="hidden"},disabled:function(e){return e.disabled===true},checked:function(e){return e.checked===true},selected:function(e){if(e.parentNode){e.parentNode.selectedIndex}return e.selected===true},parent:function(e){return !!e.firstChild},empty:function(e){return !e.firstChild},has:function(bS,bR,e){return !!by(e[3],bS).length},header:function(e){return(/h\d/i).test(e.nodeName)},text:function(bS){var e=bS.getAttribute("type"),bR=bS.type;return bS.nodeName.toLowerCase()==="input"&&"text"===bR&&(e===bR||e===null)},radio:function(e){return e.nodeName.toLowerCase()==="input"&&"radio"===e.type},checkbox:function(e){return e.nodeName.toLowerCase()==="input"&&"checkbox"===e.type},file:function(e){return e.nodeName.toLowerCase()==="input"&&"file"===e.type},password:function(e){return e.nodeName.toLowerCase()==="input"&&"password"===e.type},submit:function(bR){var e=bR.nodeName.toLowerCase();return(e==="input"||e==="button")&&"submit"===bR.type},image:function(e){return e.nodeName.toLowerCase()==="input"&&"image"===e.type},reset:function(bR){var e=bR.nodeName.toLowerCase();return(e==="input"||e==="button")&&"reset"===bR.type},button:function(bR){var e=bR.nodeName.toLowerCase();return e==="input"&&"button"===bR.type||e==="button"},input:function(e){return(/input|select|textarea|button/i).test(e.nodeName)},focus:function(e){return e===e.ownerDocument.activeElement}},setFilters:{first:function(bR,e){return e===0},last:function(bS,bR,e,bT){return bR===bT.length-1},even:function(bR,e){return e%2===0},odd:function(bR,e){return e%2===1},lt:function(bS,bR,e){return bRe[3]-0},nth:function(bS,bR,e){return e[3]-0===bR},eq:function(bS,bR,e){return e[3]-0===bR}},filter:{PSEUDO:function(bS,bX,bW,bY){var e=bX[1],bR=bE.filters[e];if(bR){return bR(bS,bW,bX,bY)}else{if(e==="contains"){return(bS.textContent||bS.innerText||bw([bS])||"").indexOf(bX[3])>=0}else{if(e==="not"){var bT=bX[3];for(var bV=0,bU=bT.length;bV=0)}}},ID:function(bR,e){return bR.nodeType===1&&bR.getAttribute("id")===e},TAG:function(bR,e){return(e==="*"&&bR.nodeType===1)||!!bR.nodeName&&bR.nodeName.toLowerCase()===e},CLASS:function(bR,e){return(" "+(bR.className||bR.getAttribute("class"))+" ").indexOf(e)>-1},ATTR:function(bV,bT){var bS=bT[1],e=by.attr?by.attr(bV,bS):bE.attrHandle[bS]?bE.attrHandle[bS](bV):bV[bS]!=null?bV[bS]:bV.getAttribute(bS),bW=e+"",bU=bT[2],bR=bT[4];return e==null?bU==="!=":!bU&&by.attr?e!=null:bU==="="?bW===bR:bU==="*="?bW.indexOf(bR)>=0:bU==="~="?(" "+bW+" ").indexOf(bR)>=0:!bR?bW&&e!==false:bU==="!="?bW!==bR:bU==="^="?bW.indexOf(bR)===0:bU==="$="?bW.substr(bW.length-bR.length)===bR:bU==="|="?bW===bR||bW.substr(0,bR.length+1)===bR+"-":false},POS:function(bU,bR,bS,bV){var e=bR[2],bT=bE.setFilters[e];if(bT){return bT(bU,bS,bR,bV)}}}};var bD=bE.match.POS,bx=function(bR,e){return"\\"+(e-0+1)};for(var bz in bE.match){bE.match[bz]=new RegExp(bE.match[bz].source+(/(?![^\[]*\])(?![^\(]*\))/.source));bE.leftMatch[bz]=new RegExp(/(^(?:.|\r|\n)*?)/.source+bE.match[bz].source.replace(/\\(\d+)/g,bx))}var bF=function(bR,e){bR=Array.prototype.slice.call(bR,0);if(e){e.push.apply(e,bR);return e}return bR};try{Array.prototype.slice.call(av.documentElement.childNodes,0)[0].nodeType}catch(bP){bF=function(bU,bT){var bS=0,bR=bT||[];if(bL.call(bU)==="[object Array]"){Array.prototype.push.apply(bR,bU)}else{if(typeof bU.length==="number"){for(var e=bU.length;bS";e.insertBefore(bR,e.firstChild);if(av.getElementById(bS)){bE.find.ID=function(bU,bV,bW){if(typeof bV.getElementById!=="undefined"&&!bW){var bT=bV.getElementById(bU[1]);return bT?bT.id===bU[1]||typeof bT.getAttributeNode!=="undefined"&&bT.getAttributeNode("id").nodeValue===bU[1]?[bT]:L:[]}};bE.filter.ID=function(bV,bT){var bU=typeof bV.getAttributeNode!=="undefined"&&bV.getAttributeNode("id");return bV.nodeType===1&&bU&&bU.nodeValue===bT}}e.removeChild(bR);e=bR=null})();(function(){var e=av.createElement("div");e.appendChild(av.createComment(""));if(e.getElementsByTagName("*").length>0){bE.find.TAG=function(bR,bV){var bU=bV.getElementsByTagName(bR[1]);if(bR[1]==="*"){var bT=[];for(var bS=0;bU[bS];bS++){if(bU[bS].nodeType===1){bT.push(bU[bS])}}bU=bT}return bU}}e.innerHTML="";if(e.firstChild&&typeof e.firstChild.getAttribute!=="undefined"&&e.firstChild.getAttribute("href")!=="#"){bE.attrHandle.href=function(bR){return bR.getAttribute("href",2)}}e=null})();if(av.querySelectorAll){(function(){var e=by,bT=av.createElement("div"),bS="__sizzle__";bT.innerHTML="

              ";if(bT.querySelectorAll&&bT.querySelectorAll(".TEST").length===0){return}by=function(b4,bV,bZ,b3){bV=bV||av;if(!b3&&!by.isXML(bV)){var b2=/^(\w+$)|^\.([\w\-]+$)|^#([\w\-]+$)/.exec(b4);if(b2&&(bV.nodeType===1||bV.nodeType===9)){if(b2[1]){return bF(bV.getElementsByTagName(b4),bZ)}else{if(b2[2]&&bE.find.CLASS&&bV.getElementsByClassName){return bF(bV.getElementsByClassName(b2[2]),bZ)}}}if(bV.nodeType===9){if(b4==="body"&&bV.body){return bF([bV.body],bZ)}else{if(b2&&b2[3]){var bY=bV.getElementById(b2[3]);if(bY&&bY.parentNode){if(bY.id===b2[3]){return bF([bY],bZ)}}else{return bF([],bZ)}}}try{return bF(bV.querySelectorAll(b4),bZ)}catch(b0){}}else{if(bV.nodeType===1&&bV.nodeName.toLowerCase()!=="object"){var bW=bV,bX=bV.getAttribute("id"),bU=bX||bS,b6=bV.parentNode,b5=/^\s*[+~]/.test(b4);if(!bX){bV.setAttribute("id",bU)}else{bU=bU.replace(/'/g,"\\$&")}if(b5&&b6){bV=bV.parentNode}try{if(!b5||b6){return bF(bV.querySelectorAll("[id='"+bU+"'] "+b4),bZ)}}catch(b1){}finally{if(!bX){bW.removeAttribute("id")}}}}}return e(b4,bV,bZ,b3)};for(var bR in e){by[bR]=e[bR]}bT=null})()}(function(){var e=av.documentElement,bS=e.matchesSelector||e.mozMatchesSelector||e.webkitMatchesSelector||e.msMatchesSelector;if(bS){var bU=!bS.call(av.createElement("div"),"div"),bR=false;try{bS.call(av.documentElement,"[test!='']:sizzle")}catch(bT){bR=true}by.matchesSelector=function(bW,bY){bY=bY.replace(/\=\s*([^'"\]]*)\s*\]/g,"='$1']");if(!by.isXML(bW)){try{if(bR||!bE.match.PSEUDO.test(bY)&&!/!=/.test(bY)){var bV=bS.call(bW,bY);if(bV||!bU||bW.document&&bW.document.nodeType!==11){return bV}}}catch(bX){}}return by(bY,null,null,[bW]).length>0}}})();(function(){var e=av.createElement("div");e.innerHTML="
              ";if(!e.getElementsByClassName||e.getElementsByClassName("e").length===0){return}e.lastChild.className="e";if(e.getElementsByClassName("e").length===1){return}bE.order.splice(1,0,"CLASS");bE.find.CLASS=function(bR,bS,bT){if(typeof bS.getElementsByClassName!=="undefined"&&!bT){return bS.getElementsByClassName(bR[1])}};e=null})();function bv(bR,bW,bV,bZ,bX,bY){for(var bT=0,bS=bZ.length;bT0){bU=e;break}}}e=e[bR]}bZ[bT]=bU}}}if(av.documentElement.contains){by.contains=function(bR,e){return bR!==e&&(bR.contains?bR.contains(e):true)}}else{if(av.documentElement.compareDocumentPosition){by.contains=function(bR,e){return !!(bR.compareDocumentPosition(e)&16)}}else{by.contains=function(){return false}}}by.isXML=function(e){var bR=(e?e.ownerDocument||e:0).documentElement;return bR?bR.nodeName!=="HTML":false};var bM=function(bS,e,bW){var bV,bX=[],bU="",bY=e.nodeType?[e]:e;while((bV=bE.match.PSEUDO.exec(bS))){bU+=bV[0];bS=bS.replace(bE.match.PSEUDO,"")}bS=bE.relative[bS]?bS+"*":bS;for(var bT=0,bR=bY.length;bT0){for(bB=bA;bB=0:b.filter(e,this).length>0:this.filter(e).length>0)},closest:function(by,bx){var bv=[],bw,e,bz=this[0];if(b.isArray(by)){var bB=1;while(bz&&bz.ownerDocument&&bz!==bx){for(bw=0;bw-1:b.find.matchesSelector(bz,by)){bv.push(bz);break}else{bz=bz.parentNode;if(!bz||!bz.ownerDocument||bz===bx||bz.nodeType===11){break}}}}bv=bv.length>1?b.unique(bv):bv;return this.pushStack(bv,"closest",by)},index:function(e){if(!e){return(this[0]&&this[0].parentNode)?this.prevAll().length:-1}if(typeof e==="string"){return b.inArray(this[0],b(e))}return b.inArray(e.jquery?e[0]:e,this)},add:function(e,bv){var bx=typeof e==="string"?b(e,bv):b.makeArray(e&&e.nodeType?[e]:e),bw=b.merge(this.get(),bx);return this.pushStack(C(bx[0])||C(bw[0])?bw:b.unique(bw))},andSelf:function(){return this.add(this.prevObject)}});function C(e){return !e||!e.parentNode||e.parentNode.nodeType===11}b.each({parent:function(bv){var e=bv.parentNode;return e&&e.nodeType!==11?e:null},parents:function(e){return b.dir(e,"parentNode")},parentsUntil:function(bv,e,bw){return b.dir(bv,"parentNode",bw)},next:function(e){return b.nth(e,2,"nextSibling")},prev:function(e){return b.nth(e,2,"previousSibling")},nextAll:function(e){return b.dir(e,"nextSibling")},prevAll:function(e){return b.dir(e,"previousSibling")},nextUntil:function(bv,e,bw){return b.dir(bv,"nextSibling",bw)},prevUntil:function(bv,e,bw){return b.dir(bv,"previousSibling",bw)},siblings:function(e){return b.sibling(e.parentNode.firstChild,e)},children:function(e){return b.sibling(e.firstChild)},contents:function(e){return b.nodeName(e,"iframe")?e.contentDocument||e.contentWindow.document:b.makeArray(e.childNodes)}},function(e,bv){b.fn[e]=function(by,bw){var bx=b.map(this,bv,by);if(!ab.test(e)){bw=by}if(bw&&typeof bw==="string"){bx=b.filter(bw,bx)}bx=this.length>1&&!ay[e]?b.unique(bx):bx;if((this.length>1||a9.test(bw))&&aq.test(e)){bx=bx.reverse()}return this.pushStack(bx,e,P.call(arguments).join(","))}});b.extend({filter:function(bw,e,bv){if(bv){bw=":not("+bw+")"}return e.length===1?b.find.matchesSelector(e[0],bw)?[e[0]]:[]:b.find.matches(bw,e)},dir:function(bw,bv,by){var e=[],bx=bw[bv];while(bx&&bx.nodeType!==9&&(by===L||bx.nodeType!==1||!b(bx).is(by))){if(bx.nodeType===1){e.push(bx)}bx=bx[bv]}return e},nth:function(by,e,bw,bx){e=e||1;var bv=0;for(;by;by=by[bw]){if(by.nodeType===1&&++bv===e){break}}return by},sibling:function(bw,bv){var e=[];for(;bw;bw=bw.nextSibling){if(bw.nodeType===1&&bw!==bv){e.push(bw)}}return e}});function aG(bx,bw,e){bw=bw||0;if(b.isFunction(bw)){return b.grep(bx,function(bz,by){var bA=!!bw.call(bz,by,bz);return bA===e})}else{if(bw.nodeType){return b.grep(bx,function(bz,by){return(bz===bw)===e})}else{if(typeof bw==="string"){var bv=b.grep(bx,function(by){return by.nodeType===1});if(bp.test(bw)){return b.filter(bw,bv,!e)}else{bw=b.filter(bw,bv)}}}}return b.grep(bx,function(bz,by){return(b.inArray(bz,bw)>=0)===e})}function a(e){var bw=aR.split("|"),bv=e.createDocumentFragment();if(bv.createElement){while(bw.length){bv.createElement(bw.pop())}}return bv}var aR="abbr|article|aside|audio|canvas|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",ag=/ jQuery\d+="(?:\d+|null)"/g,ar=/^\s+/,R=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/ig,d=/<([\w:]+)/,w=/
              ",""],legend:[1,"
              ","
              "],thead:[1,"
              ","
              "],tr:[2,"","
              "],td:[3,"","
              "],col:[2,"","
              "],area:[1,"",""],_default:[0,"",""]},ac=a(av);ax.optgroup=ax.option;ax.tbody=ax.tfoot=ax.colgroup=ax.caption=ax.thead;ax.th=ax.td;if(!b.support.htmlSerialize){ax._default=[1,"div
              ","
              "]}b.fn.extend({text:function(e){if(b.isFunction(e)){return this.each(function(bw){var bv=b(this);bv.text(e.call(this,bw,bv.text()))})}if(typeof e!=="object"&&e!==L){return this.empty().append((this[0]&&this[0].ownerDocument||av).createTextNode(e))}return b.text(this)},wrapAll:function(e){if(b.isFunction(e)){return this.each(function(bw){b(this).wrapAll(e.call(this,bw))})}if(this[0]){var bv=b(e,this[0].ownerDocument).eq(0).clone(true);if(this[0].parentNode){bv.insertBefore(this[0])}bv.map(function(){var bw=this;while(bw.firstChild&&bw.firstChild.nodeType===1){bw=bw.firstChild}return bw}).append(this)}return this},wrapInner:function(e){if(b.isFunction(e)){return this.each(function(bv){b(this).wrapInner(e.call(this,bv))})}return this.each(function(){var bv=b(this),bw=bv.contents();if(bw.length){bw.wrapAll(e)}else{bv.append(e)}})},wrap:function(e){var bv=b.isFunction(e);return this.each(function(bw){b(this).wrapAll(bv?e.call(this,bw):e)})},unwrap:function(){return this.parent().each(function(){if(!b.nodeName(this,"body")){b(this).replaceWith(this.childNodes)}}).end()},append:function(){return this.domManip(arguments,true,function(e){if(this.nodeType===1){this.appendChild(e)}})},prepend:function(){return this.domManip(arguments,true,function(e){if(this.nodeType===1){this.insertBefore(e,this.firstChild)}})},before:function(){if(this[0]&&this[0].parentNode){return this.domManip(arguments,false,function(bv){this.parentNode.insertBefore(bv,this)})}else{if(arguments.length){var e=b.clean(arguments);e.push.apply(e,this.toArray());return this.pushStack(e,"before",arguments)}}},after:function(){if(this[0]&&this[0].parentNode){return this.domManip(arguments,false,function(bv){this.parentNode.insertBefore(bv,this.nextSibling)})}else{if(arguments.length){var e=this.pushStack(this,"after",arguments);e.push.apply(e,b.clean(arguments));return e}}},remove:function(e,bx){for(var bv=0,bw;(bw=this[bv])!=null;bv++){if(!e||b.filter(e,[bw]).length){if(!bx&&bw.nodeType===1){b.cleanData(bw.getElementsByTagName("*"));b.cleanData([bw])}if(bw.parentNode){bw.parentNode.removeChild(bw)}}}return this},empty:function(){for(var e=0,bv;(bv=this[e])!=null;e++){if(bv.nodeType===1){b.cleanData(bv.getElementsByTagName("*"))}while(bv.firstChild){bv.removeChild(bv.firstChild)}}return this},clone:function(bv,e){bv=bv==null?false:bv;e=e==null?bv:e;return this.map(function(){return b.clone(this,bv,e)})},html:function(bx){if(bx===L){return this[0]&&this[0].nodeType===1?this[0].innerHTML.replace(ag,""):null}else{if(typeof bx==="string"&&!ae.test(bx)&&(b.support.leadingWhitespace||!ar.test(bx))&&!ax[(d.exec(bx)||["",""])[1].toLowerCase()]){bx=bx.replace(R,"<$1>");try{for(var bw=0,bv=this.length;bw1&&bw0?this.clone(true):this).get();b(bC[bA])[bv](by);bz=bz.concat(by)}return this.pushStack(bz,e,bC.selector)}}});function bg(e){if(typeof e.getElementsByTagName!=="undefined"){return e.getElementsByTagName("*")}else{if(typeof e.querySelectorAll!=="undefined"){return e.querySelectorAll("*")}else{return[]}}}function az(e){if(e.type==="checkbox"||e.type==="radio"){e.defaultChecked=e.checked}}function E(e){var bv=(e.nodeName||"").toLowerCase();if(bv==="input"){az(e)}else{if(bv!=="script"&&typeof e.getElementsByTagName!=="undefined"){b.grep(e.getElementsByTagName("input"),az)}}}function al(e){var bv=av.createElement("div");ac.appendChild(bv);bv.innerHTML=e.outerHTML;return bv.firstChild}b.extend({clone:function(by,bA,bw){var e,bv,bx,bz=b.support.html5Clone||!ah.test("<"+by.nodeName)?by.cloneNode(true):al(by);if((!b.support.noCloneEvent||!b.support.noCloneChecked)&&(by.nodeType===1||by.nodeType===11)&&!b.isXMLDoc(by)){ai(by,bz);e=bg(by);bv=bg(bz);for(bx=0;e[bx];++bx){if(bv[bx]){ai(e[bx],bv[bx])}}}if(bA){t(by,bz);if(bw){e=bg(by);bv=bg(bz);for(bx=0;e[bx];++bx){t(e[bx],bv[bx])}}}e=bv=null;return bz},clean:function(bw,by,bH,bA){var bF;by=by||av;if(typeof by.createElement==="undefined"){by=by.ownerDocument||by[0]&&by[0].ownerDocument||av}var bI=[],bB;for(var bE=0,bz;(bz=bw[bE])!=null;bE++){if(typeof bz==="number"){bz+=""}if(!bz){continue}if(typeof bz==="string"){if(!W.test(bz)){bz=by.createTextNode(bz)}else{bz=bz.replace(R,"<$1>");var bK=(d.exec(bz)||["",""])[1].toLowerCase(),bx=ax[bK]||ax._default,bD=bx[0],bv=by.createElement("div");if(by===av){ac.appendChild(bv)}else{a(by).appendChild(bv)}bv.innerHTML=bx[1]+bz+bx[2];while(bD--){bv=bv.lastChild}if(!b.support.tbody){var e=w.test(bz),bC=bK==="table"&&!e?bv.firstChild&&bv.firstChild.childNodes:bx[1]===""&&!e?bv.childNodes:[];for(bB=bC.length-1;bB>=0;--bB){if(b.nodeName(bC[bB],"tbody")&&!bC[bB].childNodes.length){bC[bB].parentNode.removeChild(bC[bB])}}}if(!b.support.leadingWhitespace&&ar.test(bz)){bv.insertBefore(by.createTextNode(ar.exec(bz)[0]),bv.firstChild)}bz=bv.childNodes}}var bG;if(!b.support.appendChecked){if(bz[0]&&typeof(bG=bz.length)==="number"){for(bB=0;bB=0){return bx+"px"}}else{return bx}}}});if(!b.support.opacity){b.cssHooks.opacity={get:function(bv,e){return au.test((e&&bv.currentStyle?bv.currentStyle.filter:bv.style.filter)||"")?(parseFloat(RegExp.$1)/100)+"":e?"1":""},set:function(by,bz){var bx=by.style,bv=by.currentStyle,e=b.isNumeric(bz)?"alpha(opacity="+bz*100+")":"",bw=bv&&bv.filter||bx.filter||"";bx.zoom=1;if(bz>=1&&b.trim(bw.replace(ak,""))===""){bx.removeAttribute("filter");if(bv&&!bv.filter){return}}bx.filter=ak.test(bw)?bw.replace(ak,e):bw+" "+e}}}b(function(){if(!b.support.reliableMarginRight){b.cssHooks.marginRight={get:function(bw,bv){var e;b.swap(bw,{display:"inline-block"},function(){if(bv){e=Z(bw,"margin-right","marginRight")}else{e=bw.style.marginRight}});return e}}}});if(av.defaultView&&av.defaultView.getComputedStyle){aI=function(by,bw){var bv,bx,e;bw=bw.replace(z,"-$1").toLowerCase();if((bx=by.ownerDocument.defaultView)&&(e=bx.getComputedStyle(by,null))){bv=e.getPropertyValue(bw);if(bv===""&&!b.contains(by.ownerDocument.documentElement,by)){bv=b.style(by,bw)}}return bv}}if(av.documentElement.currentStyle){aX=function(bz,bw){var bA,e,by,bv=bz.currentStyle&&bz.currentStyle[bw],bx=bz.style;if(bv===null&&bx&&(by=bx[bw])){bv=by}if(!bc.test(bv)&&bn.test(bv)){bA=bx.left;e=bz.runtimeStyle&&bz.runtimeStyle.left;if(e){bz.runtimeStyle.left=bz.currentStyle.left}bx.left=bw==="fontSize"?"1em":(bv||0);bv=bx.pixelLeft+"px";bx.left=bA;if(e){bz.runtimeStyle.left=e}}return bv===""?"auto":bv}}Z=aI||aX;function p(by,bw,bv){var bA=bw==="width"?by.offsetWidth:by.offsetHeight,bz=bw==="width"?an:a1,bx=0,e=bz.length;if(bA>0){if(bv!=="border"){for(;bx)<[^<]*)*<\/script>/gi,q=/^(?:select|textarea)/i,h=/\s+/,br=/([?&])_=[^&]*/,K=/^([\w\+\.\-]+:)(?:\/\/([^\/?#:]*)(?::(\d+))?)?/,A=b.fn.load,aa={},r={},aE,s,aV=["*/"]+["*"];try{aE=bl.href}catch(aw){aE=av.createElement("a");aE.href="";aE=aE.href}s=K.exec(aE.toLowerCase())||[];function f(e){return function(by,bA){if(typeof by!=="string"){bA=by;by="*"}if(b.isFunction(bA)){var bx=by.toLowerCase().split(h),bw=0,bz=bx.length,bv,bB,bC;for(;bw=0){var e=bw.slice(by,bw.length);bw=bw.slice(0,by)}var bx="GET";if(bz){if(b.isFunction(bz)){bA=bz;bz=L}else{if(typeof bz==="object"){bz=b.param(bz,b.ajaxSettings.traditional);bx="POST"}}}var bv=this;b.ajax({url:bw,type:bx,dataType:"html",data:bz,complete:function(bC,bB,bD){bD=bC.responseText;if(bC.isResolved()){bC.done(function(bE){bD=bE});bv.html(e?b("
              ").append(bD.replace(a6,"")).find(e):bD)}if(bA){bv.each(bA,[bD,bB,bC])}}});return this},serialize:function(){return b.param(this.serializeArray())},serializeArray:function(){return this.map(function(){return this.elements?b.makeArray(this.elements):this}).filter(function(){return this.name&&!this.disabled&&(this.checked||q.test(this.nodeName)||aZ.test(this.type))}).map(function(e,bv){var bw=b(this).val();return bw==null?null:b.isArray(bw)?b.map(bw,function(by,bx){return{name:bv.name,value:by.replace(bs,"\r\n")}}):{name:bv.name,value:bw.replace(bs,"\r\n")}}).get()}});b.each("ajaxStart ajaxStop ajaxComplete ajaxError ajaxSuccess ajaxSend".split(" "),function(e,bv){b.fn[bv]=function(bw){return this.on(bv,bw)}});b.each(["get","post"],function(e,bv){b[bv]=function(bw,by,bz,bx){if(b.isFunction(by)){bx=bx||bz;bz=by;by=L}return b.ajax({type:bv,url:bw,data:by,success:bz,dataType:bx})}});b.extend({getScript:function(e,bv){return b.get(e,L,bv,"script")},getJSON:function(e,bv,bw){return b.get(e,bv,bw,"json")},ajaxSetup:function(bv,e){if(e){am(bv,b.ajaxSettings)}else{e=bv;bv=b.ajaxSettings}am(bv,e);return bv},ajaxSettings:{url:aE,isLocal:aM.test(s[1]),global:true,type:"GET",contentType:"application/x-www-form-urlencoded",processData:true,async:true,accepts:{xml:"application/xml, text/xml",html:"text/html",text:"text/plain",json:"application/json, text/javascript","*":aV},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText"},converters:{"* text":bb.String,"text html":true,"text json":b.parseJSON,"text xml":b.parseXML},flatOptions:{context:true,url:true}},ajaxPrefilter:f(aa),ajaxTransport:f(r),ajax:function(bz,bx){if(typeof bz==="object"){bx=bz;bz=L}bx=bx||{};var bD=b.ajaxSetup({},bx),bS=bD.context||bD,bG=bS!==bD&&(bS.nodeType||bS instanceof b)?b(bS):b.event,bR=b.Deferred(),bN=b.Callbacks("once memory"),bB=bD.statusCode||{},bC,bH={},bO={},bQ,by,bL,bE,bI,bA=0,bw,bK,bJ={readyState:0,setRequestHeader:function(bT,bU){if(!bA){var e=bT.toLowerCase();bT=bO[e]=bO[e]||bT;bH[bT]=bU}return this},getAllResponseHeaders:function(){return bA===2?bQ:null},getResponseHeader:function(bT){var e;if(bA===2){if(!by){by={};while((e=aD.exec(bQ))){by[e[1].toLowerCase()]=e[2]}}e=by[bT.toLowerCase()]}return e===L?null:e},overrideMimeType:function(e){if(!bA){bD.mimeType=e}return this},abort:function(e){e=e||"abort";if(bL){bL.abort(e)}bF(0,e);return this}};function bF(bZ,bU,b0,bW){if(bA===2){return}bA=2;if(bE){clearTimeout(bE)}bL=L;bQ=bW||"";bJ.readyState=bZ>0?4:0;var bT,b4,b3,bX=bU,bY=b0?bj(bD,bJ,b0):L,bV,b2;if(bZ>=200&&bZ<300||bZ===304){if(bD.ifModified){if((bV=bJ.getResponseHeader("Last-Modified"))){b.lastModified[bC]=bV}if((b2=bJ.getResponseHeader("Etag"))){b.etag[bC]=b2}}if(bZ===304){bX="notmodified";bT=true}else{try{b4=G(bD,bY);bX="success";bT=true}catch(b1){bX="parsererror";b3=b1}}}else{b3=bX;if(!bX||bZ){bX="error";if(bZ<0){bZ=0}}}bJ.status=bZ;bJ.statusText=""+(bU||bX);if(bT){bR.resolveWith(bS,[b4,bX,bJ])}else{bR.rejectWith(bS,[bJ,bX,b3])}bJ.statusCode(bB);bB=L;if(bw){bG.trigger("ajax"+(bT?"Success":"Error"),[bJ,bD,bT?b4:b3])}bN.fireWith(bS,[bJ,bX]);if(bw){bG.trigger("ajaxComplete",[bJ,bD]);if(!(--b.active)){b.event.trigger("ajaxStop")}}}bR.promise(bJ);bJ.success=bJ.done;bJ.error=bJ.fail;bJ.complete=bN.add;bJ.statusCode=function(bT){if(bT){var e;if(bA<2){for(e in bT){bB[e]=[bB[e],bT[e]]}}else{e=bT[bJ.status];bJ.then(e,e)}}return this};bD.url=((bz||bD.url)+"").replace(bq,"").replace(c,s[1]+"//");bD.dataTypes=b.trim(bD.dataType||"*").toLowerCase().split(h);if(bD.crossDomain==null){bI=K.exec(bD.url.toLowerCase());bD.crossDomain=!!(bI&&(bI[1]!=s[1]||bI[2]!=s[2]||(bI[3]||(bI[1]==="http:"?80:443))!=(s[3]||(s[1]==="http:"?80:443))))}if(bD.data&&bD.processData&&typeof bD.data!=="string"){bD.data=b.param(bD.data,bD.traditional)}aW(aa,bD,bx,bJ);if(bA===2){return false}bw=bD.global;bD.type=bD.type.toUpperCase();bD.hasContent=!aQ.test(bD.type);if(bw&&b.active++===0){b.event.trigger("ajaxStart")}if(!bD.hasContent){if(bD.data){bD.url+=(M.test(bD.url)?"&":"?")+bD.data;delete bD.data}bC=bD.url;if(bD.cache===false){var bv=b.now(),bP=bD.url.replace(br,"$1_="+bv);bD.url=bP+((bP===bD.url)?(M.test(bD.url)?"&":"?")+"_="+bv:"")}}if(bD.data&&bD.hasContent&&bD.contentType!==false||bx.contentType){bJ.setRequestHeader("Content-Type",bD.contentType)}if(bD.ifModified){bC=bC||bD.url;if(b.lastModified[bC]){bJ.setRequestHeader("If-Modified-Since",b.lastModified[bC])}if(b.etag[bC]){bJ.setRequestHeader("If-None-Match",b.etag[bC])}}bJ.setRequestHeader("Accept",bD.dataTypes[0]&&bD.accepts[bD.dataTypes[0]]?bD.accepts[bD.dataTypes[0]]+(bD.dataTypes[0]!=="*"?", "+aV+"; q=0.01":""):bD.accepts["*"]);for(bK in bD.headers){bJ.setRequestHeader(bK,bD.headers[bK])}if(bD.beforeSend&&(bD.beforeSend.call(bS,bJ,bD)===false||bA===2)){bJ.abort();return false}for(bK in {success:1,error:1,complete:1}){bJ[bK](bD[bK])}bL=aW(r,bD,bx,bJ);if(!bL){bF(-1,"No Transport")}else{bJ.readyState=1;if(bw){bG.trigger("ajaxSend",[bJ,bD])}if(bD.async&&bD.timeout>0){bE=setTimeout(function(){bJ.abort("timeout")},bD.timeout)}try{bA=1;bL.send(bH,bF)}catch(bM){if(bA<2){bF(-1,bM)}else{throw bM}}}return bJ},param:function(e,bw){var bv=[],by=function(bz,bA){bA=b.isFunction(bA)?bA():bA;bv[bv.length]=encodeURIComponent(bz)+"="+encodeURIComponent(bA)};if(bw===L){bw=b.ajaxSettings.traditional}if(b.isArray(e)||(e.jquery&&!b.isPlainObject(e))){b.each(e,function(){by(this.name,this.value)})}else{for(var bx in e){v(bx,e[bx],bw,by)}}return bv.join("&").replace(k,"+")}});function v(bw,by,bv,bx){if(b.isArray(by)){b.each(by,function(bA,bz){if(bv||ap.test(bw)){bx(bw,bz)}else{v(bw+"["+(typeof bz==="object"||b.isArray(bz)?bA:"")+"]",bz,bv,bx)}})}else{if(!bv&&by!=null&&typeof by==="object"){for(var e in by){v(bw+"["+e+"]",by[e],bv,bx)}}else{bx(bw,by)}}}b.extend({active:0,lastModified:{},etag:{}});function bj(bD,bC,bz){var bv=bD.contents,bB=bD.dataTypes,bw=bD.responseFields,by,bA,bx,e;for(bA in bw){if(bA in bz){bC[bw[bA]]=bz[bA]}}while(bB[0]==="*"){bB.shift();if(by===L){by=bD.mimeType||bC.getResponseHeader("content-type")}}if(by){for(bA in bv){if(bv[bA]&&bv[bA].test(by)){bB.unshift(bA);break}}}if(bB[0] in bz){bx=bB[0]}else{for(bA in bz){if(!bB[0]||bD.converters[bA+" "+bB[0]]){bx=bA;break}if(!e){e=bA}}bx=bx||e}if(bx){if(bx!==bB[0]){bB.unshift(bx)}return bz[bx]}}function G(bH,bz){if(bH.dataFilter){bz=bH.dataFilter(bz,bH.dataType)}var bD=bH.dataTypes,bG={},bA,bE,bw=bD.length,bB,bC=bD[0],bx,by,bF,bv,e;for(bA=1;bA=bw.duration+this.startTime){this.now=this.end;this.pos=this.state=1;this.update();bw.animatedProperties[this.prop]=true;for(bA in bw.animatedProperties){if(bw.animatedProperties[bA]!==true){e=false}}if(e){if(bw.overflow!=null&&!b.support.shrinkWrapBlocks){b.each(["","X","Y"],function(bC,bD){bz.style["overflow"+bD]=bw.overflow[bC]})}if(bw.hide){b(bz).hide()}if(bw.hide||bw.show){for(bA in bw.animatedProperties){b.style(bz,bA,bw.orig[bA]);b.removeData(bz,"fxshow"+bA,true);b.removeData(bz,"toggle"+bA,true)}}bv=bw.complete;if(bv){bw.complete=false;bv.call(bz)}}return false}else{if(bw.duration==Infinity){this.now=bx}else{bB=bx-this.startTime;this.state=bB/bw.duration;this.pos=b.easing[bw.animatedProperties[this.prop]](this.state,bB,0,1,bw.duration);this.now=this.start+((this.end-this.start)*this.pos)}this.update()}return true}};b.extend(b.fx,{tick:function(){var bw,bv=b.timers,e=0;for(;e").appendTo(e),bw=bv.css("display");bv.remove();if(bw==="none"||bw===""){if(!a8){a8=av.createElement("iframe");a8.frameBorder=a8.width=a8.height=0}e.appendChild(a8);if(!m||!a8.createElement){m=(a8.contentWindow||a8.contentDocument).document;m.write((av.compatMode==="CSS1Compat"?"":"")+"");m.close()}bv=m.createElement(bx);m.body.appendChild(bv);bw=b.css(bv,"display");e.removeChild(a8)}Q[bx]=bw}return Q[bx]}var V=/^t(?:able|d|h)$/i,ad=/^(?:body|html)$/i;if("getBoundingClientRect" in av.documentElement){b.fn.offset=function(bI){var by=this[0],bB;if(bI){return this.each(function(e){b.offset.setOffset(this,bI,e)})}if(!by||!by.ownerDocument){return null}if(by===by.ownerDocument.body){return b.offset.bodyOffset(by)}try{bB=by.getBoundingClientRect()}catch(bF){}var bH=by.ownerDocument,bw=bH.documentElement;if(!bB||!b.contains(bw,by)){return bB?{top:bB.top,left:bB.left}:{top:0,left:0}}var bC=bH.body,bD=aK(bH),bA=bw.clientTop||bC.clientTop||0,bE=bw.clientLeft||bC.clientLeft||0,bv=bD.pageYOffset||b.support.boxModel&&bw.scrollTop||bC.scrollTop,bz=bD.pageXOffset||b.support.boxModel&&bw.scrollLeft||bC.scrollLeft,bG=bB.top+bv-bA,bx=bB.left+bz-bE;return{top:bG,left:bx}}}else{b.fn.offset=function(bF){var bz=this[0];if(bF){return this.each(function(bG){b.offset.setOffset(this,bF,bG)})}if(!bz||!bz.ownerDocument){return null}if(bz===bz.ownerDocument.body){return b.offset.bodyOffset(bz)}var bC,bw=bz.offsetParent,bv=bz,bE=bz.ownerDocument,bx=bE.documentElement,bA=bE.body,bB=bE.defaultView,e=bB?bB.getComputedStyle(bz,null):bz.currentStyle,bD=bz.offsetTop,by=bz.offsetLeft;while((bz=bz.parentNode)&&bz!==bA&&bz!==bx){if(b.support.fixedPosition&&e.position==="fixed"){break}bC=bB?bB.getComputedStyle(bz,null):bz.currentStyle;bD-=bz.scrollTop;by-=bz.scrollLeft;if(bz===bw){bD+=bz.offsetTop;by+=bz.offsetLeft;if(b.support.doesNotAddBorder&&!(b.support.doesAddBorderForTableAndCells&&V.test(bz.nodeName))){bD+=parseFloat(bC.borderTopWidth)||0;by+=parseFloat(bC.borderLeftWidth)||0}bv=bw;bw=bz.offsetParent}if(b.support.subtractsBorderForOverflowNotVisible&&bC.overflow!=="visible"){bD+=parseFloat(bC.borderTopWidth)||0;by+=parseFloat(bC.borderLeftWidth)||0}e=bC}if(e.position==="relative"||e.position==="static"){bD+=bA.offsetTop;by+=bA.offsetLeft}if(b.support.fixedPosition&&e.position==="fixed"){bD+=Math.max(bx.scrollTop,bA.scrollTop);by+=Math.max(bx.scrollLeft,bA.scrollLeft)}return{top:bD,left:by}}}b.offset={bodyOffset:function(e){var bw=e.offsetTop,bv=e.offsetLeft;if(b.support.doesNotIncludeMarginInBodyOffset){bw+=parseFloat(b.css(e,"marginTop"))||0;bv+=parseFloat(b.css(e,"marginLeft"))||0}return{top:bw,left:bv}},setOffset:function(bx,bG,bA){var bB=b.css(bx,"position");if(bB==="static"){bx.style.position="relative"}var bz=b(bx),bv=bz.offset(),e=b.css(bx,"top"),bE=b.css(bx,"left"),bF=(bB==="absolute"||bB==="fixed")&&b.inArray("auto",[e,bE])>-1,bD={},bC={},bw,by;if(bF){bC=bz.position();bw=bC.top;by=bC.left}else{bw=parseFloat(e)||0;by=parseFloat(bE)||0}if(b.isFunction(bG)){bG=bG.call(bx,bA,bv)}if(bG.top!=null){bD.top=(bG.top-bv.top)+bw}if(bG.left!=null){bD.left=(bG.left-bv.left)+by}if("using" in bG){bG.using.call(bx,bD)}else{bz.css(bD)}}};b.fn.extend({position:function(){if(!this[0]){return null}var bw=this[0],bv=this.offsetParent(),bx=this.offset(),e=ad.test(bv[0].nodeName)?{top:0,left:0}:bv.offset();bx.top-=parseFloat(b.css(bw,"marginTop"))||0;bx.left-=parseFloat(b.css(bw,"marginLeft"))||0;e.top+=parseFloat(b.css(bv[0],"borderTopWidth"))||0;e.left+=parseFloat(b.css(bv[0],"borderLeftWidth"))||0;return{top:bx.top-e.top,left:bx.left-e.left}},offsetParent:function(){return this.map(function(){var e=this.offsetParent||av.body;while(e&&(!ad.test(e.nodeName)&&b.css(e,"position")==="static")){e=e.offsetParent}return e})}});b.each(["Left","Top"],function(bv,e){var bw="scroll"+e;b.fn[bw]=function(bz){var bx,by;if(bz===L){bx=this[0];if(!bx){return null}by=aK(bx);return by?("pageXOffset" in by)?by[bv?"pageYOffset":"pageXOffset"]:b.support.boxModel&&by.document.documentElement[bw]||by.document.body[bw]:bx[bw]}return this.each(function(){by=aK(this);if(by){by.scrollTo(!bv?bz:b(by).scrollLeft(),bv?bz:b(by).scrollTop())}else{this[bw]=bz}})}});function aK(e){return b.isWindow(e)?e:e.nodeType===9?e.defaultView||e.parentWindow:false}b.each(["Height","Width"],function(bv,e){var bw=e.toLowerCase();b.fn["inner"+e]=function(){var bx=this[0];return bx?bx.style?parseFloat(b.css(bx,bw,"padding")):this[bw]():null};b.fn["outer"+e]=function(by){var bx=this[0];return bx?bx.style?parseFloat(b.css(bx,bw,by?"margin":"border")):this[bw]():null};b.fn[bw]=function(bz){var bA=this[0];if(!bA){return bz==null?null:this}if(b.isFunction(bz)){return this.each(function(bE){var bD=b(this);bD[bw](bz.call(this,bE,bD[bw]()))})}if(b.isWindow(bA)){var bB=bA.document.documentElement["client"+e],bx=bA.document.body;return bA.document.compatMode==="CSS1Compat"&&bB||bx&&bx["client"+e]||bB}else{if(bA.nodeType===9){return Math.max(bA.documentElement["client"+e],bA.body["scroll"+e],bA.documentElement["scroll"+e],bA.body["offset"+e],bA.documentElement["offset"+e])}else{if(bz===L){var bC=b.css(bA,bw),by=parseFloat(bC);return b.isNumeric(by)?by:bC}else{return this.css(bw,typeof bz==="string"?bz:bz+"px")}}}}});bb.jQuery=bb.$=b;if(typeof define==="function"&&define.amd&&define.amd.jQuery){define("jquery",[],function(){return b})}})(window);/* * jQuery UI 1.8.18 * * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about) @@ -29,7 +29,7 @@ * * http://docs.jquery.com/UI */ -(function(a,d){a.ui=a.ui||{};if(a.ui.version){return}a.extend(a.ui,{version:"1.8.18",keyCode:{ALT:18,BACKSPACE:8,CAPS_LOCK:20,COMMA:188,COMMAND:91,COMMAND_LEFT:91,COMMAND_RIGHT:93,CONTROL:17,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,INSERT:45,LEFT:37,MENU:93,NUMPAD_ADD:107,NUMPAD_DECIMAL:110,NUMPAD_DIVIDE:111,NUMPAD_ENTER:108,NUMPAD_MULTIPLY:106,NUMPAD_SUBTRACT:109,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SHIFT:16,SPACE:32,TAB:9,UP:38,WINDOWS:91}});a.fn.extend({propAttr:a.fn.prop||a.fn.attr,_focus:a.fn.focus,focus:function(e,f){return typeof e==="number"?this.each(function(){var g=this;setTimeout(function(){a(g).focus();if(f){f.call(g)}},e)}):this._focus.apply(this,arguments)},scrollParent:function(){var e;if((a.browser.msie&&(/(static|relative)/).test(this.css("position")))||(/absolute/).test(this.css("position"))){e=this.parents().filter(function(){return(/(relative|absolute|fixed)/).test(a.curCSS(this,"position",1))&&(/(auto|scroll)/).test(a.curCSS(this,"overflow",1)+a.curCSS(this,"overflow-y",1)+a.curCSS(this,"overflow-x",1))}).eq(0)}else{e=this.parents().filter(function(){return(/(auto|scroll)/).test(a.curCSS(this,"overflow",1)+a.curCSS(this,"overflow-y",1)+a.curCSS(this,"overflow-x",1))}).eq(0)}return(/fixed/).test(this.css("position"))||!e.length?a(document):e},zIndex:function(h){if(h!==d){return this.css("zIndex",h)}if(this.length){var f=a(this[0]),e,g;while(f.length&&f[0]!==document){e=f.css("position");if(e==="absolute"||e==="relative"||e==="fixed"){g=parseInt(f.css("zIndex"),10);if(!isNaN(g)&&g!==0){return g}}f=f.parent()}}return 0},disableSelection:function(){return this.bind((a.support.selectstart?"selectstart":"mousedown")+".ui-disableSelection",function(e){e.preventDefault()})},enableSelection:function(){return this.unbind(".ui-disableSelection")}});a.each(["Width","Height"],function(g,e){var f=e==="Width"?["Left","Right"]:["Top","Bottom"],h=e.toLowerCase(),k={innerWidth:a.fn.innerWidth,innerHeight:a.fn.innerHeight,outerWidth:a.fn.outerWidth,outerHeight:a.fn.outerHeight};function j(m,l,i,n){a.each(f,function(){l-=parseFloat(a.curCSS(m,"padding"+this,true))||0;if(i){l-=parseFloat(a.curCSS(m,"border"+this+"Width",true))||0}if(n){l-=parseFloat(a.curCSS(m,"margin"+this,true))||0}});return l}a.fn["inner"+e]=function(i){if(i===d){return k["inner"+e].call(this)}return this.each(function(){a(this).css(h,j(this,i)+"px")})};a.fn["outer"+e]=function(i,l){if(typeof i!=="number"){return k["outer"+e].call(this,i)}return this.each(function(){a(this).css(h,j(this,i,true,l)+"px")})}});function c(g,e){var j=g.nodeName.toLowerCase();if("area"===j){var i=g.parentNode,h=i.name,f;if(!g.href||!h||i.nodeName.toLowerCase()!=="map"){return false}f=a("img[usemap=#"+h+"]")[0];return !!f&&b(f)}return(/input|select|textarea|button|object/.test(j)?!g.disabled:"a"==j?g.href||e:e)&&b(g)}function b(e){return !a(e).parents().andSelf().filter(function(){return a.curCSS(this,"visibility")==="hidden"||a.expr.filters.hidden(this)}).length}a.extend(a.expr[":"],{data:function(g,f,e){return !!a.data(g,e[3])},focusable:function(e){return c(e,!isNaN(a.attr(e,"tabindex")))},tabbable:function(g){var e=a.attr(g,"tabindex"),f=isNaN(e);return(f||e>=0)&&c(g,!f)}});a(function(){var e=document.body,f=e.appendChild(f=document.createElement("div"));f.offsetHeight;a.extend(f.style,{minHeight:"100px",height:"auto",padding:0,borderWidth:0});a.support.minHeight=f.offsetHeight===100;a.support.selectstart="onselectstart" in f;e.removeChild(f).style.display="none"});a.extend(a.ui,{plugin:{add:function(f,g,j){var h=a.ui[f].prototype;for(var e in j){h.plugins[e]=h.plugins[e]||[];h.plugins[e].push([g,j[e]])}},call:function(e,g,f){var j=e.plugins[g];if(!j||!e.element[0].parentNode){return}for(var h=0;h0){return true}h[e]=1;g=(h[e]>0);h[e]=0;return g},isOverAxis:function(f,e,g){return(f>e)&&(f<(e+g))},isOver:function(j,f,i,h,e,g){return a.ui.isOverAxis(j,i,e)&&a.ui.isOverAxis(f,h,g)}})})(jQuery);/*! +(function(a,d){a.ui=a.ui||{};if(a.ui.version){return}a.extend(a.ui,{version:"1.8.18",keyCode:{ALT:18,BACKSPACE:8,CAPS_LOCK:20,COMMA:188,COMMAND:91,COMMAND_LEFT:91,COMMAND_RIGHT:93,CONTROL:17,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,INSERT:45,LEFT:37,MENU:93,NUMPAD_ADD:107,NUMPAD_DECIMAL:110,NUMPAD_DIVIDE:111,NUMPAD_ENTER:108,NUMPAD_MULTIPLY:106,NUMPAD_SUBTRACT:109,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SHIFT:16,SPACE:32,TAB:9,UP:38,WINDOWS:91}});a.fn.extend({propAttr:a.fn.prop||a.fn.attr,_focus:a.fn.focus,focus:function(e,f){return typeof e==="number"?this.each(function(){var g=this;setTimeout(function(){a(g).focus();if(f){f.call(g)}},e)}):this._focus.apply(this,arguments)},scrollParent:function(){var e;if((a.browser.msie&&(/(static|relative)/).test(this.css("position")))||(/absolute/).test(this.css("position"))){e=this.parents().filter(function(){return(/(relative|absolute|fixed)/).test(a.curCSS(this,"position",1))&&(/(auto|scroll)/).test(a.curCSS(this,"overflow",1)+a.curCSS(this,"overflow-y",1)+a.curCSS(this,"overflow-x",1))}).eq(0)}else{e=this.parents().filter(function(){return(/(auto|scroll)/).test(a.curCSS(this,"overflow",1)+a.curCSS(this,"overflow-y",1)+a.curCSS(this,"overflow-x",1))}).eq(0)}return(/fixed/).test(this.css("position"))||!e.length?a(document):e},zIndex:function(h){if(h!==d){return this.css("zIndex",h)}if(this.length){var f=a(this[0]),e,g;while(f.length&&f[0]!==document){e=f.css("position");if(e==="absolute"||e==="relative"||e==="fixed"){g=parseInt(f.css("zIndex"),10);if(!isNaN(g)&&g!==0){return g}}f=f.parent()}}return 0},disableSelection:function(){return this.bind((a.support.selectstart?"selectstart":"mousedown")+".ui-disableSelection",function(e){e.preventDefault()})},enableSelection:function(){return this.unbind(".ui-disableSelection")}});a.each(["Width","Height"],function(g,e){var f=e==="Width"?["Left","Right"]:["Top","Bottom"],h=e.toLowerCase(),k={innerWidth:a.fn.innerWidth,innerHeight:a.fn.innerHeight,outerWidth:a.fn.outerWidth,outerHeight:a.fn.outerHeight};function j(m,l,i,n){a.each(f,function(){l-=parseFloat(a.curCSS(m,"padding"+this,true))||0;if(i){l-=parseFloat(a.curCSS(m,"border"+this+"Width",true))||0}if(n){l-=parseFloat(a.curCSS(m,"margin"+this,true))||0}});return l}a.fn["inner"+e]=function(i){if(i===d){return k["inner"+e].call(this)}return this.each(function(){a(this).css(h,j(this,i)+"px")})};a.fn["outer"+e]=function(i,l){if(typeof i!=="number"){return k["outer"+e].call(this,i)}return this.each(function(){a(this).css(h,j(this,i,true,l)+"px")})}});function c(g,e){var j=g.nodeName.toLowerCase();if("area"===j){var i=g.parentNode,h=i.name,f;if(!g.href||!h||i.nodeName.toLowerCase()!=="map"){return false}f=a("img[usemap=#"+h+"]")[0];return !!f&&b(f)}return(/input|select|textarea|button|object/.test(j)?!g.disabled:"a"==j?g.href||e:e)&&b(g)}function b(e){return !a(e).parents().andSelf().filter(function(){return a.curCSS(this,"visibility")==="hidden"||a.expr.filters.hidden(this)}).length}a.extend(a.expr[":"],{data:function(g,f,e){return !!a.data(g,e[3])},focusable:function(e){return c(e,!isNaN(a.attr(e,"tabindex")))},tabbable:function(g){var e=a.attr(g,"tabindex"),f=isNaN(e);return(f||e>=0)&&c(g,!f)}});a(function(){var e=document.body,f=e.appendChild(f=document.createElement("div"));f.offsetHeight;a.extend(f.style,{minHeight:"100px",height:"auto",padding:0,borderWidth:0});a.support.minHeight=f.offsetHeight===100;a.support.selectstart="onselectstart" in f;e.removeChild(f).style.display="none"});a.extend(a.ui,{plugin:{add:function(f,g,j){var h=a.ui[f].prototype;for(var e in j){h.plugins[e]=h.plugins[e]||[];h.plugins[e].push([g,j[e]])}},call:function(e,g,f){var j=e.plugins[g];if(!j||!e.element[0].parentNode){return}for(var h=0;h0){return true}h[e]=1;g=(h[e]>0);h[e]=0;return g},isOverAxis:function(f,e,g){return(f>e)&&(f<(e+g))},isOver:function(j,f,i,h,e,g){return a.ui.isOverAxis(j,i,e)&&a.ui.isOverAxis(f,h,g)}})})(jQuery);/* * jQuery UI Widget 1.8.18 * * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about) @@ -38,7 +38,7 @@ * * http://docs.jquery.com/UI/Widget */ -(function(b,d){if(b.cleanData){var c=b.cleanData;b.cleanData=function(f){for(var g=0,h;(h=f[g])!=null;g++){try{b(h).triggerHandler("remove")}catch(j){}}c(f)}}else{var a=b.fn.remove;b.fn.remove=function(e,f){return this.each(function(){if(!f){if(!e||b.filter(e,[this]).length){b("*",this).add([this]).each(function(){try{b(this).triggerHandler("remove")}catch(g){}})}}return a.call(b(this),e,f)})}}b.widget=function(f,h,e){var g=f.split(".")[0],j;f=f.split(".")[1];j=g+"-"+f;if(!e){e=h;h=b.Widget}b.expr[":"][j]=function(k){return !!b.data(k,f)};b[g]=b[g]||{};b[g][f]=function(k,l){if(arguments.length){this._createWidget(k,l)}};var i=new h();i.options=b.extend(true,{},i.options);b[g][f].prototype=b.extend(true,i,{namespace:g,widgetName:f,widgetEventPrefix:b[g][f].prototype.widgetEventPrefix||f,widgetBaseClass:j},e);b.widget.bridge(f,b[g][f])};b.widget.bridge=function(f,e){b.fn[f]=function(i){var g=typeof i==="string",h=Array.prototype.slice.call(arguments,1),j=this;i=!g&&h.length?b.extend.apply(null,[true,i].concat(h)):i;if(g&&i.charAt(0)==="_"){return j}if(g){this.each(function(){var k=b.data(this,f),l=k&&b.isFunction(k[i])?k[i].apply(k,h):k;if(l!==k&&l!==d){j=l;return false}})}else{this.each(function(){var k=b.data(this,f);if(k){k.option(i||{})._init()}else{b.data(this,f,new e(i,this))}})}return j}};b.Widget=function(e,f){if(arguments.length){this._createWidget(e,f)}};b.Widget.prototype={widgetName:"widget",widgetEventPrefix:"",options:{disabled:false},_createWidget:function(f,g){b.data(g,this.widgetName,this);this.element=b(g);this.options=b.extend(true,{},this.options,this._getCreateOptions(),f);var e=this;this.element.bind("remove."+this.widgetName,function(){e.destroy()});this._create();this._trigger("create");this._init()},_getCreateOptions:function(){return b.metadata&&b.metadata.get(this.element[0])[this.widgetName]},_create:function(){},_init:function(){},destroy:function(){this.element.unbind("."+this.widgetName).removeData(this.widgetName);this.widget().unbind("."+this.widgetName).removeAttr("aria-disabled").removeClass(this.widgetBaseClass+"-disabled ui-state-disabled")},widget:function(){return this.element},option:function(f,g){var e=f;if(arguments.length===0){return b.extend({},this.options)}if(typeof f==="string"){if(g===d){return this.options[f]}e={};e[f]=g}this._setOptions(e);return this},_setOptions:function(f){var e=this;b.each(f,function(g,h){e._setOption(g,h)});return this},_setOption:function(e,f){this.options[e]=f;if(e==="disabled"){this.widget()[f?"addClass":"removeClass"](this.widgetBaseClass+"-disabled ui-state-disabled").attr("aria-disabled",f)}return this},enable:function(){return this._setOption("disabled",false)},disable:function(){return this._setOption("disabled",true)},_trigger:function(e,f,g){var j,i,h=this.options[e];g=g||{};f=b.Event(f);f.type=(e===this.widgetEventPrefix?e:this.widgetEventPrefix+e).toLowerCase();f.target=this.element[0];i=f.originalEvent;if(i){for(j in i){if(!(j in f)){f[j]=i[j]}}}this.element.trigger(f,g);return !(b.isFunction(h)&&h.call(this.element[0],f,g)===false||f.isDefaultPrevented())}}})(jQuery);/*! +(function(b,d){if(b.cleanData){var c=b.cleanData;b.cleanData=function(f){for(var g=0,h;(h=f[g])!=null;g++){try{b(h).triggerHandler("remove")}catch(j){}}c(f)}}else{var a=b.fn.remove;b.fn.remove=function(e,f){return this.each(function(){if(!f){if(!e||b.filter(e,[this]).length){b("*",this).add([this]).each(function(){try{b(this).triggerHandler("remove")}catch(g){}})}}return a.call(b(this),e,f)})}}b.widget=function(f,h,e){var g=f.split(".")[0],j;f=f.split(".")[1];j=g+"-"+f;if(!e){e=h;h=b.Widget}b.expr[":"][j]=function(k){return !!b.data(k,f)};b[g]=b[g]||{};b[g][f]=function(k,l){if(arguments.length){this._createWidget(k,l)}};var i=new h();i.options=b.extend(true,{},i.options);b[g][f].prototype=b.extend(true,i,{namespace:g,widgetName:f,widgetEventPrefix:b[g][f].prototype.widgetEventPrefix||f,widgetBaseClass:j},e);b.widget.bridge(f,b[g][f])};b.widget.bridge=function(f,e){b.fn[f]=function(i){var g=typeof i==="string",h=Array.prototype.slice.call(arguments,1),j=this;i=!g&&h.length?b.extend.apply(null,[true,i].concat(h)):i;if(g&&i.charAt(0)==="_"){return j}if(g){this.each(function(){var k=b.data(this,f),l=k&&b.isFunction(k[i])?k[i].apply(k,h):k;if(l!==k&&l!==d){j=l;return false}})}else{this.each(function(){var k=b.data(this,f);if(k){k.option(i||{})._init()}else{b.data(this,f,new e(i,this))}})}return j}};b.Widget=function(e,f){if(arguments.length){this._createWidget(e,f)}};b.Widget.prototype={widgetName:"widget",widgetEventPrefix:"",options:{disabled:false},_createWidget:function(f,g){b.data(g,this.widgetName,this);this.element=b(g);this.options=b.extend(true,{},this.options,this._getCreateOptions(),f);var e=this;this.element.bind("remove."+this.widgetName,function(){e.destroy()});this._create();this._trigger("create");this._init()},_getCreateOptions:function(){return b.metadata&&b.metadata.get(this.element[0])[this.widgetName]},_create:function(){},_init:function(){},destroy:function(){this.element.unbind("."+this.widgetName).removeData(this.widgetName);this.widget().unbind("."+this.widgetName).removeAttr("aria-disabled").removeClass(this.widgetBaseClass+"-disabled ui-state-disabled")},widget:function(){return this.element},option:function(f,g){var e=f;if(arguments.length===0){return b.extend({},this.options)}if(typeof f==="string"){if(g===d){return this.options[f]}e={};e[f]=g}this._setOptions(e);return this},_setOptions:function(f){var e=this;b.each(f,function(g,h){e._setOption(g,h)});return this},_setOption:function(e,f){this.options[e]=f;if(e==="disabled"){this.widget()[f?"addClass":"removeClass"](this.widgetBaseClass+"-disabled ui-state-disabled").attr("aria-disabled",f)}return this},enable:function(){return this._setOption("disabled",false)},disable:function(){return this._setOption("disabled",true)},_trigger:function(e,f,g){var j,i,h=this.options[e];g=g||{};f=b.Event(f);f.type=(e===this.widgetEventPrefix?e:this.widgetEventPrefix+e).toLowerCase();f.target=this.element[0];i=f.originalEvent;if(i){for(j in i){if(!(j in f)){f[j]=i[j]}}}this.element.trigger(f,g);return !(b.isFunction(h)&&h.call(this.element[0],f,g)===false||f.isDefaultPrevented())}}})(jQuery);/* * jQuery UI Mouse 1.8.18 * * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about) @@ -50,7 +50,7 @@ * Depends: * jquery.ui.widget.js */ -(function(b,c){var a=false;b(document).mouseup(function(d){a=false});b.widget("ui.mouse",{options:{cancel:":input,option",distance:1,delay:0},_mouseInit:function(){var d=this;this.element.bind("mousedown."+this.widgetName,function(e){return d._mouseDown(e)}).bind("click."+this.widgetName,function(e){if(true===b.data(e.target,d.widgetName+".preventClickEvent")){b.removeData(e.target,d.widgetName+".preventClickEvent");e.stopImmediatePropagation();return false}});this.started=false},_mouseDestroy:function(){this.element.unbind("."+this.widgetName)},_mouseDown:function(f){if(a){return}(this._mouseStarted&&this._mouseUp(f));this._mouseDownEvent=f;var e=this,g=(f.which==1),d=(typeof this.options.cancel=="string"&&f.target.nodeName?b(f.target).closest(this.options.cancel).length:false);if(!g||d||!this._mouseCapture(f)){return true}this.mouseDelayMet=!this.options.delay;if(!this.mouseDelayMet){this._mouseDelayTimer=setTimeout(function(){e.mouseDelayMet=true},this.options.delay)}if(this._mouseDistanceMet(f)&&this._mouseDelayMet(f)){this._mouseStarted=(this._mouseStart(f)!==false);if(!this._mouseStarted){f.preventDefault();return true}}if(true===b.data(f.target,this.widgetName+".preventClickEvent")){b.removeData(f.target,this.widgetName+".preventClickEvent")}this._mouseMoveDelegate=function(h){return e._mouseMove(h)};this._mouseUpDelegate=function(h){return e._mouseUp(h)};b(document).bind("mousemove."+this.widgetName,this._mouseMoveDelegate).bind("mouseup."+this.widgetName,this._mouseUpDelegate);f.preventDefault();a=true;return true},_mouseMove:function(d){if(b.browser.msie&&!(document.documentMode>=9)&&!d.button){return this._mouseUp(d)}if(this._mouseStarted){this._mouseDrag(d);return d.preventDefault()}if(this._mouseDistanceMet(d)&&this._mouseDelayMet(d)){this._mouseStarted=(this._mouseStart(this._mouseDownEvent,d)!==false);(this._mouseStarted?this._mouseDrag(d):this._mouseUp(d))}return !this._mouseStarted},_mouseUp:function(d){b(document).unbind("mousemove."+this.widgetName,this._mouseMoveDelegate).unbind("mouseup."+this.widgetName,this._mouseUpDelegate);if(this._mouseStarted){this._mouseStarted=false;if(d.target==this._mouseDownEvent.target){b.data(d.target,this.widgetName+".preventClickEvent",true)}this._mouseStop(d)}return false},_mouseDistanceMet:function(d){return(Math.max(Math.abs(this._mouseDownEvent.pageX-d.pageX),Math.abs(this._mouseDownEvent.pageY-d.pageY))>=this.options.distance)},_mouseDelayMet:function(d){return this.mouseDelayMet},_mouseStart:function(d){},_mouseDrag:function(d){},_mouseStop:function(d){},_mouseCapture:function(d){return true}})})(jQuery);(function(c,d){c.widget("ui.resizable",c.ui.mouse,{widgetEventPrefix:"resize",options:{alsoResize:false,animate:false,animateDuration:"slow",animateEasing:"swing",aspectRatio:false,autoHide:false,containment:false,ghost:false,grid:false,handles:"e,s,se",helper:false,maxHeight:null,maxWidth:null,minHeight:10,minWidth:10,zIndex:1000},_create:function(){var f=this,k=this.options;this.element.addClass("ui-resizable");c.extend(this,{_aspectRatio:!!(k.aspectRatio),aspectRatio:k.aspectRatio,originalElement:this.element,_proportionallyResizeElements:[],_helper:k.helper||k.ghost||k.animate?k.helper||"ui-resizable-helper":null});if(this.element[0].nodeName.match(/canvas|textarea|input|select|button|img/i)){this.element.wrap(c('
              ').css({position:this.element.css("position"),width:this.element.outerWidth(),height:this.element.outerHeight(),top:this.element.css("top"),left:this.element.css("left")}));this.element=this.element.parent().data("resizable",this.element.data("resizable"));this.elementIsWrapper=true;this.element.css({marginLeft:this.originalElement.css("marginLeft"),marginTop:this.originalElement.css("marginTop"),marginRight:this.originalElement.css("marginRight"),marginBottom:this.originalElement.css("marginBottom")});this.originalElement.css({marginLeft:0,marginTop:0,marginRight:0,marginBottom:0});this.originalResizeStyle=this.originalElement.css("resize");this.originalElement.css("resize","none");this._proportionallyResizeElements.push(this.originalElement.css({position:"static",zoom:1,display:"block"}));this.originalElement.css({margin:this.originalElement.css("margin")});this._proportionallyResize()}this.handles=k.handles||(!c(".ui-resizable-handle",this.element).length?"e,s,se":{n:".ui-resizable-n",e:".ui-resizable-e",s:".ui-resizable-s",w:".ui-resizable-w",se:".ui-resizable-se",sw:".ui-resizable-sw",ne:".ui-resizable-ne",nw:".ui-resizable-nw"});if(this.handles.constructor==String){if(this.handles=="all"){this.handles="n,e,s,w,se,sw,ne,nw"}var l=this.handles.split(",");this.handles={};for(var g=0;g
              ');if(/sw|se|ne|nw/.test(j)){h.css({zIndex:++k.zIndex})}if("se"==j){h.addClass("ui-icon ui-icon-gripsmall-diagonal-se")}this.handles[j]=".ui-resizable-"+j;this.element.append(h)}}this._renderAxis=function(q){q=q||this.element;for(var n in this.handles){if(this.handles[n].constructor==String){this.handles[n]=c(this.handles[n],this.element).show()}if(this.elementIsWrapper&&this.originalElement[0].nodeName.match(/textarea|input|select|button/i)){var o=c(this.handles[n],this.element),p=0;p=/sw|ne|nw|se|n|s/.test(n)?o.outerHeight():o.outerWidth();var m=["padding",/ne|nw|n/.test(n)?"Top":/se|sw|s/.test(n)?"Bottom":/^e$/.test(n)?"Right":"Left"].join("");q.css(m,p);this._proportionallyResize()}if(!c(this.handles[n]).length){continue}}};this._renderAxis(this.element);this._handles=c(".ui-resizable-handle",this.element).disableSelection();this._handles.mouseover(function(){if(!f.resizing){if(this.className){var i=this.className.match(/ui-resizable-(se|sw|ne|nw|n|e|s|w)/i)}f.axis=i&&i[1]?i[1]:"se"}});if(k.autoHide){this._handles.hide();c(this.element).addClass("ui-resizable-autohide").hover(function(){if(k.disabled){return}c(this).removeClass("ui-resizable-autohide");f._handles.show()},function(){if(k.disabled){return}if(!f.resizing){c(this).addClass("ui-resizable-autohide");f._handles.hide()}})}this._mouseInit()},destroy:function(){this._mouseDestroy();var e=function(g){c(g).removeClass("ui-resizable ui-resizable-disabled ui-resizable-resizing").removeData("resizable").unbind(".resizable").find(".ui-resizable-handle").remove()};if(this.elementIsWrapper){e(this.element);var f=this.element;f.after(this.originalElement.css({position:f.css("position"),width:f.outerWidth(),height:f.outerHeight(),top:f.css("top"),left:f.css("left")})).remove()}this.originalElement.css("resize",this.originalResizeStyle);e(this.originalElement);return this},_mouseCapture:function(f){var g=false;for(var e in this.handles){if(c(this.handles[e])[0]==f.target){g=true}}return !this.options.disabled&&g},_mouseStart:function(g){var j=this.options,f=this.element.position(),e=this.element;this.resizing=true;this.documentScroll={top:c(document).scrollTop(),left:c(document).scrollLeft()};if(e.is(".ui-draggable")||(/absolute/).test(e.css("position"))){e.css({position:"absolute",top:f.top,left:f.left})}this._renderProxy();var k=b(this.helper.css("left")),h=b(this.helper.css("top"));if(j.containment){k+=c(j.containment).scrollLeft()||0;h+=c(j.containment).scrollTop()||0}this.offset=this.helper.offset();this.position={left:k,top:h};this.size=this._helper?{width:e.outerWidth(),height:e.outerHeight()}:{width:e.width(),height:e.height()};this.originalSize=this._helper?{width:e.outerWidth(),height:e.outerHeight()}:{width:e.width(),height:e.height()};this.originalPosition={left:k,top:h};this.sizeDiff={width:e.outerWidth()-e.width(),height:e.outerHeight()-e.height()};this.originalMousePosition={left:g.pageX,top:g.pageY};this.aspectRatio=(typeof j.aspectRatio=="number")?j.aspectRatio:((this.originalSize.width/this.originalSize.height)||1);var i=c(".ui-resizable-"+this.axis).css("cursor");c("body").css("cursor",i=="auto"?this.axis+"-resize":i);e.addClass("ui-resizable-resizing");this._propagate("start",g);return true},_mouseDrag:function(e){var h=this.helper,g=this.options,m={},q=this,j=this.originalMousePosition,n=this.axis;var r=(e.pageX-j.left)||0,p=(e.pageY-j.top)||0;var i=this._change[n];if(!i){return false}var l=i.apply(this,[e,r,p]),k=c.browser.msie&&c.browser.version<7,f=this.sizeDiff;this._updateVirtualBoundaries(e.shiftKey);if(this._aspectRatio||e.shiftKey){l=this._updateRatio(l,e)}l=this._respectSize(l,e);this._propagate("resize",e);h.css({top:this.position.top+"px",left:this.position.left+"px",width:this.size.width+"px",height:this.size.height+"px"});if(!this._helper&&this._proportionallyResizeElements.length){this._proportionallyResize()}this._updateCache(l);this._trigger("resize",e,this.ui());return false},_mouseStop:function(h){this.resizing=false;var i=this.options,m=this;if(this._helper){var g=this._proportionallyResizeElements,e=g.length&&(/textarea/i).test(g[0].nodeName),f=e&&c.ui.hasScroll(g[0],"left")?0:m.sizeDiff.height,k=e?0:m.sizeDiff.width;var n={width:(m.helper.width()-k),height:(m.helper.height()-f)},j=(parseInt(m.element.css("left"),10)+(m.position.left-m.originalPosition.left))||null,l=(parseInt(m.element.css("top"),10)+(m.position.top-m.originalPosition.top))||null;if(!i.animate){this.element.css(c.extend(n,{top:l,left:j}))}m.helper.height(m.size.height);m.helper.width(m.size.width);if(this._helper&&!i.animate){this._proportionallyResize()}}c("body").css("cursor","auto");this.element.removeClass("ui-resizable-resizing");this._propagate("stop",h);if(this._helper){this.helper.remove()}return false},_updateVirtualBoundaries:function(g){var j=this.options,i,h,f,k,e;e={minWidth:a(j.minWidth)?j.minWidth:0,maxWidth:a(j.maxWidth)?j.maxWidth:Infinity,minHeight:a(j.minHeight)?j.minHeight:0,maxHeight:a(j.maxHeight)?j.maxHeight:Infinity};if(this._aspectRatio||g){i=e.minHeight*this.aspectRatio;f=e.minWidth/this.aspectRatio;h=e.maxHeight*this.aspectRatio;k=e.maxWidth/this.aspectRatio;if(i>e.minWidth){e.minWidth=i}if(f>e.minHeight){e.minHeight=f}if(hl.width),s=a(l.height)&&i.minHeight&&(i.minHeight>l.height);if(h){l.width=i.minWidth}if(s){l.height=i.minHeight}if(t){l.width=i.maxWidth}if(m){l.height=i.maxHeight}var f=this.originalPosition.left+this.originalSize.width,p=this.position.top+this.size.height;var k=/sw|nw|w/.test(q),e=/nw|ne|n/.test(q);if(h&&k){l.left=f-i.minWidth}if(t&&k){l.left=f-i.maxWidth}if(s&&e){l.top=p-i.minHeight}if(m&&e){l.top=p-i.maxHeight}var n=!l.width&&!l.height;if(n&&!l.left&&l.top){l.top=null}else{if(n&&!l.top&&l.left){l.left=null}}return l},_proportionallyResize:function(){var k=this.options;if(!this._proportionallyResizeElements.length){return}var g=this.helper||this.element;for(var f=0;f');var e=c.browser.msie&&c.browser.version<7,g=(e?1:0),h=(e?2:-1);this.helper.addClass(this._helper).css({width:this.element.outerWidth()+h,height:this.element.outerHeight()+h,position:"absolute",left:this.elementOffset.left-g+"px",top:this.elementOffset.top-g+"px",zIndex:++i.zIndex});this.helper.appendTo("body").disableSelection()}else{this.helper=this.element}},_change:{e:function(g,f,e){return{width:this.originalSize.width+f}},w:function(h,f,e){var j=this.options,g=this.originalSize,i=this.originalPosition;return{left:i.left+f,width:g.width-f}},n:function(h,f,e){var j=this.options,g=this.originalSize,i=this.originalPosition;return{top:i.top+e,height:g.height-e}},s:function(g,f,e){return{height:this.originalSize.height+e}},se:function(g,f,e){return c.extend(this._change.s.apply(this,arguments),this._change.e.apply(this,[g,f,e]))},sw:function(g,f,e){return c.extend(this._change.s.apply(this,arguments),this._change.w.apply(this,[g,f,e]))},ne:function(g,f,e){return c.extend(this._change.n.apply(this,arguments),this._change.e.apply(this,[g,f,e]))},nw:function(g,f,e){return c.extend(this._change.n.apply(this,arguments),this._change.w.apply(this,[g,f,e]))}},_propagate:function(f,e){c.ui.plugin.call(this,f,[e,this.ui()]);(f!="resize"&&this._trigger(f,e,this.ui()))},plugins:{},ui:function(){return{originalElement:this.originalElement,element:this.element,helper:this.helper,position:this.position,size:this.size,originalSize:this.originalSize,originalPosition:this.originalPosition}}});c.extend(c.ui.resizable,{version:"1.8.18"});c.ui.plugin.add("resizable","alsoResize",{start:function(f,g){var e=c(this).data("resizable"),i=e.options;var h=function(j){c(j).each(function(){var k=c(this);k.data("resizable-alsoresize",{width:parseInt(k.width(),10),height:parseInt(k.height(),10),left:parseInt(k.css("left"),10),top:parseInt(k.css("top"),10)})})};if(typeof(i.alsoResize)=="object"&&!i.alsoResize.parentNode){if(i.alsoResize.length){i.alsoResize=i.alsoResize[0];h(i.alsoResize)}else{c.each(i.alsoResize,function(j){h(j)})}}else{h(i.alsoResize)}},resize:function(g,i){var f=c(this).data("resizable"),j=f.options,h=f.originalSize,l=f.originalPosition;var k={height:(f.size.height-h.height)||0,width:(f.size.width-h.width)||0,top:(f.position.top-l.top)||0,left:(f.position.left-l.left)||0},e=function(m,n){c(m).each(function(){var q=c(this),r=c(this).data("resizable-alsoresize"),p={},o=n&&n.length?n:q.parents(i.originalElement[0]).length?["width","height"]:["width","height","top","left"];c.each(o,function(s,u){var t=(r[u]||0)+(k[u]||0);if(t&&t>=0){p[u]=t||null}});q.css(p)})};if(typeof(j.alsoResize)=="object"&&!j.alsoResize.nodeType){c.each(j.alsoResize,function(m,n){e(m,n)})}else{e(j.alsoResize)}},stop:function(e,f){c(this).removeData("resizable-alsoresize")}});c.ui.plugin.add("resizable","animate",{stop:function(i,n){var p=c(this).data("resizable"),j=p.options;var h=p._proportionallyResizeElements,e=h.length&&(/textarea/i).test(h[0].nodeName),f=e&&c.ui.hasScroll(h[0],"left")?0:p.sizeDiff.height,l=e?0:p.sizeDiff.width;var g={width:(p.size.width-l),height:(p.size.height-f)},k=(parseInt(p.element.css("left"),10)+(p.position.left-p.originalPosition.left))||null,m=(parseInt(p.element.css("top"),10)+(p.position.top-p.originalPosition.top))||null;p.element.animate(c.extend(g,m&&k?{top:m,left:k}:{}),{duration:j.animateDuration,easing:j.animateEasing,step:function(){var o={width:parseInt(p.element.css("width"),10),height:parseInt(p.element.css("height"),10),top:parseInt(p.element.css("top"),10),left:parseInt(p.element.css("left"),10)};if(h&&h.length){c(h[0]).css({width:o.width,height:o.height})}p._updateCache(o);p._propagate("resize",i)}})}});c.ui.plugin.add("resizable","containment",{start:function(f,r){var t=c(this).data("resizable"),j=t.options,l=t.element;var g=j.containment,k=(g instanceof c)?g.get(0):(/parent/.test(g))?l.parent().get(0):g;if(!k){return}t.containerElement=c(k);if(/document/.test(g)||g==document){t.containerOffset={left:0,top:0};t.containerPosition={left:0,top:0};t.parentData={element:c(document),left:0,top:0,width:c(document).width(),height:c(document).height()||document.body.parentNode.scrollHeight}}else{var n=c(k),i=[];c(["Top","Right","Left","Bottom"]).each(function(p,o){i[p]=b(n.css("padding"+o))});t.containerOffset=n.offset();t.containerPosition=n.position();t.containerSize={height:(n.innerHeight()-i[3]),width:(n.innerWidth()-i[1])};var q=t.containerOffset,e=t.containerSize.height,m=t.containerSize.width,h=(c.ui.hasScroll(k,"left")?k.scrollWidth:m),s=(c.ui.hasScroll(k)?k.scrollHeight:e);t.parentData={element:k,left:q.left,top:q.top,width:h,height:s}}},resize:function(g,q){var t=c(this).data("resizable"),i=t.options,f=t.containerSize,p=t.containerOffset,m=t.size,n=t.position,r=t._aspectRatio||g.shiftKey,e={top:0,left:0},h=t.containerElement;if(h[0]!=document&&(/static/).test(h.css("position"))){e=p}if(n.left<(t._helper?p.left:0)){t.size.width=t.size.width+(t._helper?(t.position.left-p.left):(t.position.left-e.left));if(r){t.size.height=t.size.width/i.aspectRatio}t.position.left=i.helper?p.left:0}if(n.top<(t._helper?p.top:0)){t.size.height=t.size.height+(t._helper?(t.position.top-p.top):t.position.top);if(r){t.size.width=t.size.height*i.aspectRatio}t.position.top=t._helper?p.top:0}t.offset.left=t.parentData.left+t.position.left;t.offset.top=t.parentData.top+t.position.top;var l=Math.abs((t._helper?t.offset.left-e.left:(t.offset.left-e.left))+t.sizeDiff.width),s=Math.abs((t._helper?t.offset.top-e.top:(t.offset.top-p.top))+t.sizeDiff.height);var k=t.containerElement.get(0)==t.element.parent().get(0),j=/relative|absolute/.test(t.containerElement.css("position"));if(k&&j){l-=t.parentData.left}if(l+t.size.width>=t.parentData.width){t.size.width=t.parentData.width-l;if(r){t.size.height=t.size.width/t.aspectRatio}}if(s+t.size.height>=t.parentData.height){t.size.height=t.parentData.height-s;if(r){t.size.width=t.size.height*t.aspectRatio}}},stop:function(f,n){var q=c(this).data("resizable"),g=q.options,l=q.position,m=q.containerOffset,e=q.containerPosition,i=q.containerElement;var j=c(q.helper),r=j.offset(),p=j.outerWidth()-q.sizeDiff.width,k=j.outerHeight()-q.sizeDiff.height;if(q._helper&&!g.animate&&(/relative/).test(i.css("position"))){c(this).css({left:r.left-e.left-m.left,width:p,height:k})}if(q._helper&&!g.animate&&(/static/).test(i.css("position"))){c(this).css({left:r.left-e.left-m.left,width:p,height:k})}}});c.ui.plugin.add("resizable","ghost",{start:function(g,h){var e=c(this).data("resizable"),i=e.options,f=e.size;e.ghost=e.originalElement.clone();e.ghost.css({opacity:0.25,display:"block",position:"relative",height:f.height,width:f.width,margin:0,left:0,top:0}).addClass("ui-resizable-ghost").addClass(typeof i.ghost=="string"?i.ghost:"");e.ghost.appendTo(e.helper)},resize:function(f,g){var e=c(this).data("resizable"),h=e.options;if(e.ghost){e.ghost.css({position:"relative",height:e.size.height,width:e.size.width})}},stop:function(f,g){var e=c(this).data("resizable"),h=e.options;if(e.ghost&&e.helper){e.helper.get(0).removeChild(e.ghost.get(0))}}});c.ui.plugin.add("resizable","grid",{resize:function(e,m){var p=c(this).data("resizable"),h=p.options,k=p.size,i=p.originalSize,j=p.originalPosition,n=p.axis,l=h._aspectRatio||e.shiftKey;h.grid=typeof h.grid=="number"?[h.grid,h.grid]:h.grid;var g=Math.round((k.width-i.width)/(h.grid[0]||1))*(h.grid[0]||1),f=Math.round((k.height-i.height)/(h.grid[1]||1))*(h.grid[1]||1);if(/^(se|s|e)$/.test(n)){p.size.width=i.width+g;p.size.height=i.height+f}else{if(/^(ne)$/.test(n)){p.size.width=i.width+g;p.size.height=i.height+f;p.position.top=j.top-f}else{if(/^(sw)$/.test(n)){p.size.width=i.width+g;p.size.height=i.height+f;p.position.left=j.left-g}else{p.size.width=i.width+g;p.size.height=i.height+f;p.position.top=j.top-f;p.position.left=j.left-g}}}}});var b=function(e){return parseInt(e,10)||0};var a=function(e){return !isNaN(parseInt(e,10))}})(jQuery);/*! +(function(b,c){var a=false;b(document).mouseup(function(d){a=false});b.widget("ui.mouse",{options:{cancel:":input,option",distance:1,delay:0},_mouseInit:function(){var d=this;this.element.bind("mousedown."+this.widgetName,function(e){return d._mouseDown(e)}).bind("click."+this.widgetName,function(e){if(true===b.data(e.target,d.widgetName+".preventClickEvent")){b.removeData(e.target,d.widgetName+".preventClickEvent");e.stopImmediatePropagation();return false}});this.started=false},_mouseDestroy:function(){this.element.unbind("."+this.widgetName)},_mouseDown:function(f){if(a){return}(this._mouseStarted&&this._mouseUp(f));this._mouseDownEvent=f;var e=this,g=(f.which==1),d=(typeof this.options.cancel=="string"&&f.target.nodeName?b(f.target).closest(this.options.cancel).length:false);if(!g||d||!this._mouseCapture(f)){return true}this.mouseDelayMet=!this.options.delay;if(!this.mouseDelayMet){this._mouseDelayTimer=setTimeout(function(){e.mouseDelayMet=true},this.options.delay)}if(this._mouseDistanceMet(f)&&this._mouseDelayMet(f)){this._mouseStarted=(this._mouseStart(f)!==false);if(!this._mouseStarted){f.preventDefault();return true}}if(true===b.data(f.target,this.widgetName+".preventClickEvent")){b.removeData(f.target,this.widgetName+".preventClickEvent")}this._mouseMoveDelegate=function(h){return e._mouseMove(h)};this._mouseUpDelegate=function(h){return e._mouseUp(h)};b(document).bind("mousemove."+this.widgetName,this._mouseMoveDelegate).bind("mouseup."+this.widgetName,this._mouseUpDelegate);f.preventDefault();a=true;return true},_mouseMove:function(d){if(b.browser.msie&&!(document.documentMode>=9)&&!d.button){return this._mouseUp(d)}if(this._mouseStarted){this._mouseDrag(d);return d.preventDefault()}if(this._mouseDistanceMet(d)&&this._mouseDelayMet(d)){this._mouseStarted=(this._mouseStart(this._mouseDownEvent,d)!==false);(this._mouseStarted?this._mouseDrag(d):this._mouseUp(d))}return !this._mouseStarted},_mouseUp:function(d){b(document).unbind("mousemove."+this.widgetName,this._mouseMoveDelegate).unbind("mouseup."+this.widgetName,this._mouseUpDelegate);if(this._mouseStarted){this._mouseStarted=false;if(d.target==this._mouseDownEvent.target){b.data(d.target,this.widgetName+".preventClickEvent",true)}this._mouseStop(d)}return false},_mouseDistanceMet:function(d){return(Math.max(Math.abs(this._mouseDownEvent.pageX-d.pageX),Math.abs(this._mouseDownEvent.pageY-d.pageY))>=this.options.distance)},_mouseDelayMet:function(d){return this.mouseDelayMet},_mouseStart:function(d){},_mouseDrag:function(d){},_mouseStop:function(d){},_mouseCapture:function(d){return true}})})(jQuery);(function(c,d){c.widget("ui.resizable",c.ui.mouse,{widgetEventPrefix:"resize",options:{alsoResize:false,animate:false,animateDuration:"slow",animateEasing:"swing",aspectRatio:false,autoHide:false,containment:false,ghost:false,grid:false,handles:"e,s,se",helper:false,maxHeight:null,maxWidth:null,minHeight:10,minWidth:10,zIndex:1000},_create:function(){var f=this,k=this.options;this.element.addClass("ui-resizable");c.extend(this,{_aspectRatio:!!(k.aspectRatio),aspectRatio:k.aspectRatio,originalElement:this.element,_proportionallyResizeElements:[],_helper:k.helper||k.ghost||k.animate?k.helper||"ui-resizable-helper":null});if(this.element[0].nodeName.match(/canvas|textarea|input|select|button|img/i)){this.element.wrap(c('
              ').css({position:this.element.css("position"),width:this.element.outerWidth(),height:this.element.outerHeight(),top:this.element.css("top"),left:this.element.css("left")}));this.element=this.element.parent().data("resizable",this.element.data("resizable"));this.elementIsWrapper=true;this.element.css({marginLeft:this.originalElement.css("marginLeft"),marginTop:this.originalElement.css("marginTop"),marginRight:this.originalElement.css("marginRight"),marginBottom:this.originalElement.css("marginBottom")});this.originalElement.css({marginLeft:0,marginTop:0,marginRight:0,marginBottom:0});this.originalResizeStyle=this.originalElement.css("resize");this.originalElement.css("resize","none");this._proportionallyResizeElements.push(this.originalElement.css({position:"static",zoom:1,display:"block"}));this.originalElement.css({margin:this.originalElement.css("margin")});this._proportionallyResize()}this.handles=k.handles||(!c(".ui-resizable-handle",this.element).length?"e,s,se":{n:".ui-resizable-n",e:".ui-resizable-e",s:".ui-resizable-s",w:".ui-resizable-w",se:".ui-resizable-se",sw:".ui-resizable-sw",ne:".ui-resizable-ne",nw:".ui-resizable-nw"});if(this.handles.constructor==String){if(this.handles=="all"){this.handles="n,e,s,w,se,sw,ne,nw"}var l=this.handles.split(",");this.handles={};for(var g=0;g');if(/sw|se|ne|nw/.test(j)){h.css({zIndex:++k.zIndex})}if("se"==j){h.addClass("ui-icon ui-icon-gripsmall-diagonal-se")}this.handles[j]=".ui-resizable-"+j;this.element.append(h)}}this._renderAxis=function(q){q=q||this.element;for(var n in this.handles){if(this.handles[n].constructor==String){this.handles[n]=c(this.handles[n],this.element).show()}if(this.elementIsWrapper&&this.originalElement[0].nodeName.match(/textarea|input|select|button/i)){var o=c(this.handles[n],this.element),p=0;p=/sw|ne|nw|se|n|s/.test(n)?o.outerHeight():o.outerWidth();var m=["padding",/ne|nw|n/.test(n)?"Top":/se|sw|s/.test(n)?"Bottom":/^e$/.test(n)?"Right":"Left"].join("");q.css(m,p);this._proportionallyResize()}if(!c(this.handles[n]).length){continue}}};this._renderAxis(this.element);this._handles=c(".ui-resizable-handle",this.element).disableSelection();this._handles.mouseover(function(){if(!f.resizing){if(this.className){var i=this.className.match(/ui-resizable-(se|sw|ne|nw|n|e|s|w)/i)}f.axis=i&&i[1]?i[1]:"se"}});if(k.autoHide){this._handles.hide();c(this.element).addClass("ui-resizable-autohide").hover(function(){if(k.disabled){return}c(this).removeClass("ui-resizable-autohide");f._handles.show()},function(){if(k.disabled){return}if(!f.resizing){c(this).addClass("ui-resizable-autohide");f._handles.hide()}})}this._mouseInit()},destroy:function(){this._mouseDestroy();var e=function(g){c(g).removeClass("ui-resizable ui-resizable-disabled ui-resizable-resizing").removeData("resizable").unbind(".resizable").find(".ui-resizable-handle").remove()};if(this.elementIsWrapper){e(this.element);var f=this.element;f.after(this.originalElement.css({position:f.css("position"),width:f.outerWidth(),height:f.outerHeight(),top:f.css("top"),left:f.css("left")})).remove()}this.originalElement.css("resize",this.originalResizeStyle);e(this.originalElement);return this},_mouseCapture:function(f){var g=false;for(var e in this.handles){if(c(this.handles[e])[0]==f.target){g=true}}return !this.options.disabled&&g},_mouseStart:function(g){var j=this.options,f=this.element.position(),e=this.element;this.resizing=true;this.documentScroll={top:c(document).scrollTop(),left:c(document).scrollLeft()};if(e.is(".ui-draggable")||(/absolute/).test(e.css("position"))){e.css({position:"absolute",top:f.top,left:f.left})}this._renderProxy();var k=b(this.helper.css("left")),h=b(this.helper.css("top"));if(j.containment){k+=c(j.containment).scrollLeft()||0;h+=c(j.containment).scrollTop()||0}this.offset=this.helper.offset();this.position={left:k,top:h};this.size=this._helper?{width:e.outerWidth(),height:e.outerHeight()}:{width:e.width(),height:e.height()};this.originalSize=this._helper?{width:e.outerWidth(),height:e.outerHeight()}:{width:e.width(),height:e.height()};this.originalPosition={left:k,top:h};this.sizeDiff={width:e.outerWidth()-e.width(),height:e.outerHeight()-e.height()};this.originalMousePosition={left:g.pageX,top:g.pageY};this.aspectRatio=(typeof j.aspectRatio=="number")?j.aspectRatio:((this.originalSize.width/this.originalSize.height)||1);var i=c(".ui-resizable-"+this.axis).css("cursor");c("body").css("cursor",i=="auto"?this.axis+"-resize":i);e.addClass("ui-resizable-resizing");this._propagate("start",g);return true},_mouseDrag:function(e){var h=this.helper,g=this.options,m={},q=this,j=this.originalMousePosition,n=this.axis;var r=(e.pageX-j.left)||0,p=(e.pageY-j.top)||0;var i=this._change[n];if(!i){return false}var l=i.apply(this,[e,r,p]),k=c.browser.msie&&c.browser.version<7,f=this.sizeDiff;this._updateVirtualBoundaries(e.shiftKey);if(this._aspectRatio||e.shiftKey){l=this._updateRatio(l,e)}l=this._respectSize(l,e);this._propagate("resize",e);h.css({top:this.position.top+"px",left:this.position.left+"px",width:this.size.width+"px",height:this.size.height+"px"});if(!this._helper&&this._proportionallyResizeElements.length){this._proportionallyResize()}this._updateCache(l);this._trigger("resize",e,this.ui());return false},_mouseStop:function(h){this.resizing=false;var i=this.options,m=this;if(this._helper){var g=this._proportionallyResizeElements,e=g.length&&(/textarea/i).test(g[0].nodeName),f=e&&c.ui.hasScroll(g[0],"left")?0:m.sizeDiff.height,k=e?0:m.sizeDiff.width;var n={width:(m.helper.width()-k),height:(m.helper.height()-f)},j=(parseInt(m.element.css("left"),10)+(m.position.left-m.originalPosition.left))||null,l=(parseInt(m.element.css("top"),10)+(m.position.top-m.originalPosition.top))||null;if(!i.animate){this.element.css(c.extend(n,{top:l,left:j}))}m.helper.height(m.size.height);m.helper.width(m.size.width);if(this._helper&&!i.animate){this._proportionallyResize()}}c("body").css("cursor","auto");this.element.removeClass("ui-resizable-resizing");this._propagate("stop",h);if(this._helper){this.helper.remove()}return false},_updateVirtualBoundaries:function(g){var j=this.options,i,h,f,k,e;e={minWidth:a(j.minWidth)?j.minWidth:0,maxWidth:a(j.maxWidth)?j.maxWidth:Infinity,minHeight:a(j.minHeight)?j.minHeight:0,maxHeight:a(j.maxHeight)?j.maxHeight:Infinity};if(this._aspectRatio||g){i=e.minHeight*this.aspectRatio;f=e.minWidth/this.aspectRatio;h=e.maxHeight*this.aspectRatio;k=e.maxWidth/this.aspectRatio;if(i>e.minWidth){e.minWidth=i}if(f>e.minHeight){e.minHeight=f}if(hl.width),s=a(l.height)&&i.minHeight&&(i.minHeight>l.height);if(h){l.width=i.minWidth}if(s){l.height=i.minHeight}if(t){l.width=i.maxWidth}if(m){l.height=i.maxHeight}var f=this.originalPosition.left+this.originalSize.width,p=this.position.top+this.size.height;var k=/sw|nw|w/.test(q),e=/nw|ne|n/.test(q);if(h&&k){l.left=f-i.minWidth}if(t&&k){l.left=f-i.maxWidth}if(s&&e){l.top=p-i.minHeight}if(m&&e){l.top=p-i.maxHeight}var n=!l.width&&!l.height;if(n&&!l.left&&l.top){l.top=null}else{if(n&&!l.top&&l.left){l.left=null}}return l},_proportionallyResize:function(){var k=this.options;if(!this._proportionallyResizeElements.length){return}var g=this.helper||this.element;for(var f=0;f');var e=c.browser.msie&&c.browser.version<7,g=(e?1:0),h=(e?2:-1);this.helper.addClass(this._helper).css({width:this.element.outerWidth()+h,height:this.element.outerHeight()+h,position:"absolute",left:this.elementOffset.left-g+"px",top:this.elementOffset.top-g+"px",zIndex:++i.zIndex});this.helper.appendTo("body").disableSelection()}else{this.helper=this.element}},_change:{e:function(g,f,e){return{width:this.originalSize.width+f}},w:function(h,f,e){var j=this.options,g=this.originalSize,i=this.originalPosition;return{left:i.left+f,width:g.width-f}},n:function(h,f,e){var j=this.options,g=this.originalSize,i=this.originalPosition;return{top:i.top+e,height:g.height-e}},s:function(g,f,e){return{height:this.originalSize.height+e}},se:function(g,f,e){return c.extend(this._change.s.apply(this,arguments),this._change.e.apply(this,[g,f,e]))},sw:function(g,f,e){return c.extend(this._change.s.apply(this,arguments),this._change.w.apply(this,[g,f,e]))},ne:function(g,f,e){return c.extend(this._change.n.apply(this,arguments),this._change.e.apply(this,[g,f,e]))},nw:function(g,f,e){return c.extend(this._change.n.apply(this,arguments),this._change.w.apply(this,[g,f,e]))}},_propagate:function(f,e){c.ui.plugin.call(this,f,[e,this.ui()]);(f!="resize"&&this._trigger(f,e,this.ui()))},plugins:{},ui:function(){return{originalElement:this.originalElement,element:this.element,helper:this.helper,position:this.position,size:this.size,originalSize:this.originalSize,originalPosition:this.originalPosition}}});c.extend(c.ui.resizable,{version:"1.8.18"});c.ui.plugin.add("resizable","alsoResize",{start:function(f,g){var e=c(this).data("resizable"),i=e.options;var h=function(j){c(j).each(function(){var k=c(this);k.data("resizable-alsoresize",{width:parseInt(k.width(),10),height:parseInt(k.height(),10),left:parseInt(k.css("left"),10),top:parseInt(k.css("top"),10)})})};if(typeof(i.alsoResize)=="object"&&!i.alsoResize.parentNode){if(i.alsoResize.length){i.alsoResize=i.alsoResize[0];h(i.alsoResize)}else{c.each(i.alsoResize,function(j){h(j)})}}else{h(i.alsoResize)}},resize:function(g,i){var f=c(this).data("resizable"),j=f.options,h=f.originalSize,l=f.originalPosition;var k={height:(f.size.height-h.height)||0,width:(f.size.width-h.width)||0,top:(f.position.top-l.top)||0,left:(f.position.left-l.left)||0},e=function(m,n){c(m).each(function(){var q=c(this),r=c(this).data("resizable-alsoresize"),p={},o=n&&n.length?n:q.parents(i.originalElement[0]).length?["width","height"]:["width","height","top","left"];c.each(o,function(s,u){var t=(r[u]||0)+(k[u]||0);if(t&&t>=0){p[u]=t||null}});q.css(p)})};if(typeof(j.alsoResize)=="object"&&!j.alsoResize.nodeType){c.each(j.alsoResize,function(m,n){e(m,n)})}else{e(j.alsoResize)}},stop:function(e,f){c(this).removeData("resizable-alsoresize")}});c.ui.plugin.add("resizable","animate",{stop:function(i,n){var p=c(this).data("resizable"),j=p.options;var h=p._proportionallyResizeElements,e=h.length&&(/textarea/i).test(h[0].nodeName),f=e&&c.ui.hasScroll(h[0],"left")?0:p.sizeDiff.height,l=e?0:p.sizeDiff.width;var g={width:(p.size.width-l),height:(p.size.height-f)},k=(parseInt(p.element.css("left"),10)+(p.position.left-p.originalPosition.left))||null,m=(parseInt(p.element.css("top"),10)+(p.position.top-p.originalPosition.top))||null;p.element.animate(c.extend(g,m&&k?{top:m,left:k}:{}),{duration:j.animateDuration,easing:j.animateEasing,step:function(){var o={width:parseInt(p.element.css("width"),10),height:parseInt(p.element.css("height"),10),top:parseInt(p.element.css("top"),10),left:parseInt(p.element.css("left"),10)};if(h&&h.length){c(h[0]).css({width:o.width,height:o.height})}p._updateCache(o);p._propagate("resize",i)}})}});c.ui.plugin.add("resizable","containment",{start:function(f,r){var t=c(this).data("resizable"),j=t.options,l=t.element;var g=j.containment,k=(g instanceof c)?g.get(0):(/parent/.test(g))?l.parent().get(0):g;if(!k){return}t.containerElement=c(k);if(/document/.test(g)||g==document){t.containerOffset={left:0,top:0};t.containerPosition={left:0,top:0};t.parentData={element:c(document),left:0,top:0,width:c(document).width(),height:c(document).height()||document.body.parentNode.scrollHeight}}else{var n=c(k),i=[];c(["Top","Right","Left","Bottom"]).each(function(p,o){i[p]=b(n.css("padding"+o))});t.containerOffset=n.offset();t.containerPosition=n.position();t.containerSize={height:(n.innerHeight()-i[3]),width:(n.innerWidth()-i[1])};var q=t.containerOffset,e=t.containerSize.height,m=t.containerSize.width,h=(c.ui.hasScroll(k,"left")?k.scrollWidth:m),s=(c.ui.hasScroll(k)?k.scrollHeight:e);t.parentData={element:k,left:q.left,top:q.top,width:h,height:s}}},resize:function(g,q){var t=c(this).data("resizable"),i=t.options,f=t.containerSize,p=t.containerOffset,m=t.size,n=t.position,r=t._aspectRatio||g.shiftKey,e={top:0,left:0},h=t.containerElement;if(h[0]!=document&&(/static/).test(h.css("position"))){e=p}if(n.left<(t._helper?p.left:0)){t.size.width=t.size.width+(t._helper?(t.position.left-p.left):(t.position.left-e.left));if(r){t.size.height=t.size.width/i.aspectRatio}t.position.left=i.helper?p.left:0}if(n.top<(t._helper?p.top:0)){t.size.height=t.size.height+(t._helper?(t.position.top-p.top):t.position.top);if(r){t.size.width=t.size.height*i.aspectRatio}t.position.top=t._helper?p.top:0}t.offset.left=t.parentData.left+t.position.left;t.offset.top=t.parentData.top+t.position.top;var l=Math.abs((t._helper?t.offset.left-e.left:(t.offset.left-e.left))+t.sizeDiff.width),s=Math.abs((t._helper?t.offset.top-e.top:(t.offset.top-p.top))+t.sizeDiff.height);var k=t.containerElement.get(0)==t.element.parent().get(0),j=/relative|absolute/.test(t.containerElement.css("position"));if(k&&j){l-=t.parentData.left}if(l+t.size.width>=t.parentData.width){t.size.width=t.parentData.width-l;if(r){t.size.height=t.size.width/t.aspectRatio}}if(s+t.size.height>=t.parentData.height){t.size.height=t.parentData.height-s;if(r){t.size.width=t.size.height*t.aspectRatio}}},stop:function(f,n){var q=c(this).data("resizable"),g=q.options,l=q.position,m=q.containerOffset,e=q.containerPosition,i=q.containerElement;var j=c(q.helper),r=j.offset(),p=j.outerWidth()-q.sizeDiff.width,k=j.outerHeight()-q.sizeDiff.height;if(q._helper&&!g.animate&&(/relative/).test(i.css("position"))){c(this).css({left:r.left-e.left-m.left,width:p,height:k})}if(q._helper&&!g.animate&&(/static/).test(i.css("position"))){c(this).css({left:r.left-e.left-m.left,width:p,height:k})}}});c.ui.plugin.add("resizable","ghost",{start:function(g,h){var e=c(this).data("resizable"),i=e.options,f=e.size;e.ghost=e.originalElement.clone();e.ghost.css({opacity:0.25,display:"block",position:"relative",height:f.height,width:f.width,margin:0,left:0,top:0}).addClass("ui-resizable-ghost").addClass(typeof i.ghost=="string"?i.ghost:"");e.ghost.appendTo(e.helper)},resize:function(f,g){var e=c(this).data("resizable"),h=e.options;if(e.ghost){e.ghost.css({position:"relative",height:e.size.height,width:e.size.width})}},stop:function(f,g){var e=c(this).data("resizable"),h=e.options;if(e.ghost&&e.helper){e.helper.get(0).removeChild(e.ghost.get(0))}}});c.ui.plugin.add("resizable","grid",{resize:function(e,m){var p=c(this).data("resizable"),h=p.options,k=p.size,i=p.originalSize,j=p.originalPosition,n=p.axis,l=h._aspectRatio||e.shiftKey;h.grid=typeof h.grid=="number"?[h.grid,h.grid]:h.grid;var g=Math.round((k.width-i.width)/(h.grid[0]||1))*(h.grid[0]||1),f=Math.round((k.height-i.height)/(h.grid[1]||1))*(h.grid[1]||1);if(/^(se|s|e)$/.test(n)){p.size.width=i.width+g;p.size.height=i.height+f}else{if(/^(ne)$/.test(n)){p.size.width=i.width+g;p.size.height=i.height+f;p.position.top=j.top-f}else{if(/^(sw)$/.test(n)){p.size.width=i.width+g;p.size.height=i.height+f;p.position.left=j.left-g}else{p.size.width=i.width+g;p.size.height=i.height+f;p.position.top=j.top-f;p.position.left=j.left-g}}}}});var b=function(e){return parseInt(e,10)||0};var a=function(e){return !isNaN(parseInt(e,10))}})(jQuery);/* * jQuery hashchange event - v1.3 - 7/21/2010 * http://benalman.com/projects/jquery-hashchange-plugin/ * @@ -58,7 +58,7 @@ * Dual licensed under the MIT and GPL licenses. * http://benalman.com/about/license/ */ -(function($,e,b){var c="hashchange",h=document,f,g=$.event.special,i=h.documentMode,d="on"+c in e&&(i===b||i>7);function a(j){j=j||location.href;return"#"+j.replace(/^[^#]*#?(.*)$/,"$1")}$.fn[c]=function(j){return j?this.bind(c,j):this.trigger(c)};$.fn[c].delay=50;g[c]=$.extend(g[c],{setup:function(){if(d){return false}$(f.start)},teardown:function(){if(d){return false}$(f.stop)}});f=(function(){var j={},p,m=a(),k=function(q){return q},l=k,o=k;j.start=function(){p||n()};j.stop=function(){p&&clearTimeout(p);p=b};function n(){var r=a(),q=o(m);if(r!==m){l(m=r,q);$(e).trigger(c)}else{if(q!==m){location.href=location.href.replace(/#.*/,"")+q}}p=setTimeout(n,$.fn[c].delay)}$.browser.msie&&!d&&(function(){var q,r;j.start=function(){if(!q){r=$.fn[c].src;r=r&&r+a();q=$('