1// Copyright (c) 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4//
5// Provides wire-type for cryptohome Key objects.  It does not
6// represent the entirety of the bookkeeping data needed by Cryptohome.
7//
8// Anything in this file may be persisted on disk.  Update carefully!
9
10syntax = "proto2";
11
12option optimize_for = LITE_RUNTIME;
13
14package cryptohome;
15
16message KeyAuthorizationSecretUsage {
17  optional bool encrypt = 1;
18  optional bool sign = 2;
19}
20
21message KeyAuthorizationSecret {
22  optional KeyAuthorizationSecretUsage usage = 1;
23  optional bytes symmetric_key = 2;
24  optional bytes public_key = 3;
25  // Indicates if the symmetric_key is wrapped.
26  optional bool wrapped = 4 [default=false];
27}
28
29message KeyAuthorizationData {
30  enum KeyAuthorizationType {
31    KEY_AUTHORIZATION_TYPE_HMACSHA256 = 0;
32    KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256 = 1;
33  }
34  optional KeyAuthorizationType type = 1;
35  repeated KeyAuthorizationSecret secrets = 2;
36}
37
38// Software-enforced privileges.
39message KeyPrivileges {
40  // Allows the key to mount the cryptohome.
41  optional bool mount = 1 [default=true];
42  // Allows new keys to be added.
43  optional bool add = 2 [default=true];
44  // Allows other existing keys to be removed.
45  optional bool remove = 3 [default=true];
46  // Allows the key to update itself.
47  optional bool update = 4 [default=true];
48  // Allows a key to update itself iff the requested change
49  // is authorized as per KeyAuthorizationData.
50  optional bool authorized_update = 5 [default=false];
51}
52
53// Public metadata stored on behalf of the KeyProvider.
54message KeyProviderData {
55  message Entry {
56    optional string name = 1;
57    optional int64 number = 2;
58    optional bytes bytes = 3;
59  }
60  repeated Entry entry = 1;
61}
62
63message KeyData {
64  // The KeyType should specify the handling needed by Cryptohome
65  // and not a provider KeyType.
66  enum KeyType {
67    KEY_TYPE_PASSWORD = 0;
68  }
69  optional KeyType type = 1;
70  // All keys must be labeled when persisted to disk, but when KeyData
71  // is used in an UpdateKeyRequest, only defined fields are necessary
72  // (so that the caller doesn't need the full KeyData first).
73  optional string label = 2;
74  // If undefined, use the default settings.
75  optional KeyPrivileges privileges = 3;
76  optional int64 revision = 4;
77  // At present, only support for one authorization mechanism is implemented.
78  repeated KeyAuthorizationData authorization_data = 5;
79  // Data stored for use by the provider of the key, often for pre-processing
80  // of passwords or custom provider key typing.
81  // This will be size-limited by serialized size (e.g., 4096 bytes).
82  optional KeyProviderData provider_data = 6;
83}
84
85// Key is not presently persisted to disk, but it acts as the single authority
86// for what comprises a key.
87message Key {
88  // In most cases, |data| is required.  When used in an UpdateKeyRequest, it
89  // is only required if KeyData is changing.  If only the |secret| is changing,
90  // this field may be left unset.
91  optional KeyData data = 1;
92  // |secret| is required for many requests, like AddKeyRequest, but not all.
93  // An UpdateKeyRequest only requires the changes to the Key that was
94  // was authorized in the AuthorizationRequest. Making |secret| required would
95  // logically force a key rotation even if the values were the same.
96  optional bytes secret = 2;
97}
98