1//
2// Copyright (C) 2013 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17option optimize_for = LITE_RUNTIME;
18package shill_protos;
19
20// Return codes describing calls to the shim.  We could optionally use the
21// process return code instead, or use definitions from elsewhere, but this
22// way we have a self contained protocol.
23enum ReturnCode {
24  OK = 0;
25  ERROR_UNKNOWN = 1;
26  ERROR_OUT_OF_MEMORY = 2;
27  ERROR_CRYPTO_OPERATION_FAILED = 3;
28  ERROR_INVALID_ARGUMENTS = 4;
29}
30
31// This protobuf is for sending credential information from shill to the
32// credential verification shim.  The call will fail if public_key is empty
33// or otherwise invalid.
34message EncryptDataMessage {
35  // DER encoded public key.
36  optional bytes public_key = 1;
37
38  // Data to be encrypted under the public key.
39  required bytes data = 2;
40}
41
42// The returned response from an EncryptData call.
43message EncryptDataResponse {
44  // Will be OK iff the operation is successful.
45  required ReturnCode ret = 1;
46
47  // Data after being encrypted under the public_key, or an empty string.
48  optional bytes encrypted_data = 2;
49}
50
51// This protobuf gives the parameters for the shim the verify credentials.
52// The operation will fail if any argument is empty or badly formatted.
53message VerifyCredentialsMessage {
54  // PEM encoded certificate.
55  optional bytes certificate = 1;
56
57  // Data string hashed with SHA-1 before being encrypted with the private key
58  // corresponding to the public key in certificate.
59  optional bytes signed_data = 2;
60
61  // Data string built up by shill.  Needs to be hashed with SHA-1 for
62  // comparison with the decrypted version of signed_data.
63  optional bytes unsigned_data = 3;
64
65  // Mac address in human readable format like 00:11:22:33:44:55.
66  optional bytes mac_address = 4;
67}
68
69// The response from a call to VerifyCredentials.
70message VerifyCredentialsResponse {
71  required ReturnCode ret = 1;
72}
73