| // Copyright (c) 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| // |
| // Provides wire-type for cryptohome Key objects. It does not |
| // represent the entirety of the bookkeeping data needed by Cryptohome. |
| // |
| // Anything in this file may be persisted on disk. Update carefully! |
| |
| syntax = "proto2"; |
| |
| option optimize_for = LITE_RUNTIME; |
| |
| package cryptohome; |
| |
| message KeyAuthorizationSecretUsage { |
| optional bool encrypt = 1; |
| optional bool sign = 2; |
| } |
| |
| message KeyAuthorizationSecret { |
| optional KeyAuthorizationSecretUsage usage = 1; |
| optional bytes symmetric_key = 2; |
| optional bytes public_key = 3; |
| // Indicates if the symmetric_key is wrapped. |
| optional bool wrapped = 4 [default=false]; |
| } |
| |
| message KeyAuthorizationData { |
| enum KeyAuthorizationType { |
| KEY_AUTHORIZATION_TYPE_HMACSHA256 = 0; |
| KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256 = 1; |
| } |
| optional KeyAuthorizationType type = 1; |
| repeated KeyAuthorizationSecret secrets = 2; |
| } |
| |
| // Software-enforced privileges. |
| message KeyPrivileges { |
| // Allows the key to mount the cryptohome. |
| optional bool mount = 1 [default=true]; |
| // Allows new keys to be added. |
| optional bool add = 2 [default=true]; |
| // Allows other existing keys to be removed. |
| optional bool remove = 3 [default=true]; |
| // Allows the key to update itself. |
| optional bool update = 4 [default=true]; |
| // Allows a key to update itself iff the requested change |
| // is authorized as per KeyAuthorizationData. |
| optional bool authorized_update = 5 [default=false]; |
| } |
| |
| // Public metadata stored on behalf of the KeyProvider. |
| message KeyProviderData { |
| message Entry { |
| optional string name = 1; |
| optional int64 number = 2; |
| optional bytes bytes = 3; |
| } |
| repeated Entry entry = 1; |
| } |
| |
| message KeyData { |
| // The KeyType should specify the handling needed by Cryptohome |
| // and not a provider KeyType. |
| enum KeyType { |
| KEY_TYPE_PASSWORD = 0; |
| } |
| optional KeyType type = 1; |
| // All keys must be labeled when persisted to disk, but when KeyData |
| // is used in an UpdateKeyRequest, only defined fields are necessary |
| // (so that the caller doesn't need the full KeyData first). |
| optional string label = 2; |
| // If undefined, use the default settings. |
| optional KeyPrivileges privileges = 3; |
| optional int64 revision = 4; |
| // At present, only support for one authorization mechanism is implemented. |
| repeated KeyAuthorizationData authorization_data = 5; |
| // Data stored for use by the provider of the key, often for pre-processing |
| // of passwords or custom provider key typing. |
| // This will be size-limited by serialized size (e.g., 4096 bytes). |
| optional KeyProviderData provider_data = 6; |
| } |
| |
| // Key is not presently persisted to disk, but it acts as the single authority |
| // for what comprises a key. |
| message Key { |
| // In most cases, |data| is required. When used in an UpdateKeyRequest, it |
| // is only required if KeyData is changing. If only the |secret| is changing, |
| // this field may be left unset. |
| optional KeyData data = 1; |
| // |secret| is required for many requests, like AddKeyRequest, but not all. |
| // An UpdateKeyRequest only requires the changes to the Key that was |
| // was authorized in the AuthorizationRequest. Making |secret| required would |
| // logically force a key rotation even if the values were the same. |
| optional bytes secret = 2; |
| } |