1// Copyright 2015 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5option optimize_for = LITE_RUNTIME;
6
7import "common.proto";
8
9package attestation;
10
11// Holds TPM credentials that the attestation server will need to see. These
12// credentials must be cleared once the attestation server has certified the
13// AIK.
14message TPMCredentials {
15  optional bytes endorsement_public_key = 1;
16  optional bytes endorsement_credential = 2;
17  optional bytes platform_credential = 3;
18  optional bytes conformance_credential = 4;
19  // The |endorsement_credential| encrypted with a public key associated with
20  // the default Chrome OS Privacy CA.
21  optional EncryptedData default_encrypted_endorsement_credential = 5;
22  optional EncryptedData alternate_encrypted_endorsement_credential = 6;
23}
24
25// Holds information relevant to a particular AIK.
26message IdentityKey {
27  // The DER encoded public key.
28  optional bytes identity_public_key = 1;
29  // The TPM-specific key blob that can be loaded back into the TPM.
30  optional bytes identity_key_blob = 2;
31  // A credential issued by the attestation server.
32  optional bytes identity_credential = 3;
33}
34
35// Holds information required to verify the binding of an AIK to an EK. This
36// information should be cleared once the attestation server has certified the
37// AIK.
38message IdentityBinding {
39  // The binding data, as output by the TPM_MakeIdentity operation.
40  optional bytes identity_binding = 1;
41  // The AIK public key, DER encoded.
42  optional bytes identity_public_key_der = 2;
43  // The AIK public key, in TPM_PUBKEY form.
44  optional bytes identity_public_key = 3;
45  // The label used during AIK creation.
46  optional bytes identity_label = 4;
47  // The PCA public key used during AIK creation, in TPM_PUBKEY form.
48  optional bytes pca_public_key = 5;
49}
50
51// Holds owner delegation information.
52message Delegation {
53  // The delegate owner blob.
54  optional bytes blob = 1;
55  // The authorization secret.
56  optional bytes secret = 2;
57  // Whether this delegate has permissions to call TPM_ResetLockValue.
58  optional bool has_reset_lock_permissions = 3;
59}
60
61// Holds information about a certified key.
62message CertifiedKey {
63  // The TPM-wrapped key blob.
64  optional bytes key_blob = 1;
65  // The public key in ASN.1 DER form.
66  optional bytes public_key = 2;
67  // The credential of the certified key in X.509 format.
68  optional bytes certified_key_credential = 3;
69  // The issuer intermediate CA certificate in X.509 format.
70  optional bytes intermediate_ca_cert = 4;
71  // A key name.  This is not necessarily a unique identifier.
72  optional bytes key_name = 5;
73  // An arbitrary payload associated with the key.
74  optional bytes payload = 6;
75  // Addtional intermediate CA certificates that helps chaining up to the root
76  // CA. See |AttestationCertificateResponse.additional_intermediate_ca_cert|
77  // for more detail.
78  repeated bytes additional_intermediate_ca_cert = 7;
79  // The public key in TPM_PUBKEY form.
80  optional bytes public_key_tpm_format = 8;
81  // The serialized TPM_CERTIFY_INFO for the certified key.
82  optional bytes certified_key_info = 9;
83  // The signature of the TPM_CERTIFY_INFO by the AIK.
84  optional bytes certified_key_proof = 10;
85  // The original key type specified when the key was created.
86  optional KeyType key_type = 11;
87  // The original key usage specified when the key was created.
88  optional KeyUsage key_usage = 12;
89}
90
91// Holds all information that a client stores locally.
92message AttestationDatabase {
93  optional TPMCredentials credentials = 2;
94  optional IdentityBinding identity_binding = 3;
95  optional IdentityKey identity_key = 4;
96  optional Quote pcr0_quote = 5;
97  optional Quote pcr1_quote = 12;
98  optional Delegation delegate = 6;
99  repeated CertifiedKey device_keys = 7;
100
101  message TemporalIndexRecord {
102    optional bytes user_hash = 1;
103    optional bytes origin_hash = 2;
104    optional int32 temporal_index = 3;
105  }
106  repeated TemporalIndexRecord temporal_index_record = 8;
107
108  optional IdentityBinding alternate_identity_binding = 9;
109  optional IdentityKey alternate_identity_key = 10;
110  optional Quote alternate_pcr0_quote = 11;
111  optional Quote alternate_pcr1_quote = 13;
112}
113
114