1// Copyright 2015 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5option optimize_for = LITE_RUNTIME; 6 7import "common.proto"; 8 9package attestation; 10 11// Holds TPM credentials that the attestation server will need to see. These 12// credentials must be cleared once the attestation server has certified the 13// AIK. 14message TPMCredentials { 15 optional bytes endorsement_public_key = 1; 16 optional bytes endorsement_credential = 2; 17 optional bytes platform_credential = 3; 18 optional bytes conformance_credential = 4; 19 // The |endorsement_credential| encrypted with a public key associated with 20 // the default Chrome OS Privacy CA. 21 optional EncryptedData default_encrypted_endorsement_credential = 5; 22 optional EncryptedData alternate_encrypted_endorsement_credential = 6; 23} 24 25// Holds information relevant to a particular AIK. 26message IdentityKey { 27 // The DER encoded public key. 28 optional bytes identity_public_key = 1; 29 // The TPM-specific key blob that can be loaded back into the TPM. 30 optional bytes identity_key_blob = 2; 31 // A credential issued by the attestation server. 32 optional bytes identity_credential = 3; 33} 34 35// Holds information required to verify the binding of an AIK to an EK. This 36// information should be cleared once the attestation server has certified the 37// AIK. 38message IdentityBinding { 39 // The binding data, as output by the TPM_MakeIdentity operation. 40 optional bytes identity_binding = 1; 41 // The AIK public key, DER encoded. 42 optional bytes identity_public_key_der = 2; 43 // The AIK public key, in TPM_PUBKEY form. 44 optional bytes identity_public_key = 3; 45 // The label used during AIK creation. 46 optional bytes identity_label = 4; 47 // The PCA public key used during AIK creation, in TPM_PUBKEY form. 48 optional bytes pca_public_key = 5; 49} 50 51// Holds owner delegation information. 52message Delegation { 53 // The delegate owner blob. 54 optional bytes blob = 1; 55 // The authorization secret. 56 optional bytes secret = 2; 57 // Whether this delegate has permissions to call TPM_ResetLockValue. 58 optional bool has_reset_lock_permissions = 3; 59} 60 61// Holds information about a certified key. 62message CertifiedKey { 63 // The TPM-wrapped key blob. 64 optional bytes key_blob = 1; 65 // The public key in ASN.1 DER form. 66 optional bytes public_key = 2; 67 // The credential of the certified key in X.509 format. 68 optional bytes certified_key_credential = 3; 69 // The issuer intermediate CA certificate in X.509 format. 70 optional bytes intermediate_ca_cert = 4; 71 // A key name. This is not necessarily a unique identifier. 72 optional bytes key_name = 5; 73 // An arbitrary payload associated with the key. 74 optional bytes payload = 6; 75 // Addtional intermediate CA certificates that helps chaining up to the root 76 // CA. See |AttestationCertificateResponse.additional_intermediate_ca_cert| 77 // for more detail. 78 repeated bytes additional_intermediate_ca_cert = 7; 79 // The public key in TPM_PUBKEY form. 80 optional bytes public_key_tpm_format = 8; 81 // The serialized TPM_CERTIFY_INFO for the certified key. 82 optional bytes certified_key_info = 9; 83 // The signature of the TPM_CERTIFY_INFO by the AIK. 84 optional bytes certified_key_proof = 10; 85 // The original key type specified when the key was created. 86 optional KeyType key_type = 11; 87 // The original key usage specified when the key was created. 88 optional KeyUsage key_usage = 12; 89} 90 91// Holds all information that a client stores locally. 92message AttestationDatabase { 93 optional TPMCredentials credentials = 2; 94 optional IdentityBinding identity_binding = 3; 95 optional IdentityKey identity_key = 4; 96 optional Quote pcr0_quote = 5; 97 optional Quote pcr1_quote = 12; 98 optional Delegation delegate = 6; 99 repeated CertifiedKey device_keys = 7; 100 101 message TemporalIndexRecord { 102 optional bytes user_hash = 1; 103 optional bytes origin_hash = 2; 104 optional int32 temporal_index = 3; 105 } 106 repeated TemporalIndexRecord temporal_index_record = 8; 107 108 optional IdentityBinding alternate_identity_binding = 9; 109 optional IdentityKey alternate_identity_key = 10; 110 optional Quote alternate_pcr0_quote = 11; 111 optional Quote alternate_pcr1_quote = 13; 112} 113 114