1/* Copyright 2018 Google LLC 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * https://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15syntax = "proto2"; 16 17package securegcm; 18 19option java_package = "com.google.security.cryptauth.lib.securegcm"; 20option java_outer_classname = "SecureGcmProto"; 21option objc_class_prefix = "SGCM"; 22 23// Message used only during enrollment 24// Field numbers should be kept in sync with DeviceInfo in: 25// java/com/google/security/cryptauth/backend/services/common/common.proto 26message GcmDeviceInfo { 27 // This field's name does not match the one in DeviceInfo for legacy reasons. 28 // Consider using long_device_id and device_type instead when enrolling 29 // non-android devices. 30 optional fixed64 android_device_id = 1; 31 32 // Used for device_address of DeviceInfo field 2, but for GCM capable devices. 33 optional bytes gcm_registration_id = 102; 34 35 // Used for device_address of DeviceInfo field 2, but for iOS devices. 36 optional bytes apn_registration_id = 202; 37 38 // Does the user have notifications enabled for the given device address. 39 optional bool notification_enabled = 203 [ default = true ]; 40 41 // Used for device_address of DeviceInfo field 2, a Bluetooth Mac address for 42 // the device (e.g., to be used with EasyUnlock) 43 optional string bluetooth_mac_address = 302; 44 45 // SHA-256 hash of the device master key (from the key exchange). 46 // Differs from DeviceInfo field 3, which contains the actual master key. 47 optional bytes device_master_key_hash = 103; 48 49 // A SecureMessage.EcP256PublicKey 50 required bytes user_public_key = 4; 51 52 // device's model name 53 // (e.g., an android.os.Build.MODEL or UIDevice.model) 54 optional string device_model = 7; 55 56 // device's locale 57 optional string locale = 8; 58 59 // The handle for user_public_key (and implicitly, a master key) 60 optional bytes key_handle = 9; 61 62 // The initial counter value for the device, sent by the device 63 optional int64 counter = 12 [default = 0]; 64 65 // The Operating System version on the device 66 // (e.g., an android.os.Build.DISPLAY or UIDevice.systemVersion) 67 optional string device_os_version = 13; 68 69 // The Operating System version number on the device 70 // (e.g., an android.os.Build.VERSION.SDK_INT) 71 optional int64 device_os_version_code = 14; 72 73 // The Operating System release on the device 74 // (e.g., an android.os.Build.VERSION.RELEASE) 75 optional string device_os_release = 15; 76 77 // The Operating System codename on the device 78 // (e.g., an android.os.Build.VERSION.CODENAME or UIDevice.systemName) 79 optional string device_os_codename = 16; 80 81 // The software version running on the device 82 // (e.g., Authenticator app version string) 83 optional string device_software_version = 17; 84 85 // The software version number running on the device 86 // (e.g., Authenticator app version code) 87 optional int64 device_software_version_code = 18; 88 89 // Software package information if applicable 90 // (e.g., com.google.android.apps.authenticator2) 91 optional string device_software_package = 19; 92 93 // Size of the display in thousandths of an inch (e.g., 7000 mils = 7 in) 94 optional int32 device_display_diagonal_mils = 22; 95 96 // For Authzen capable devices, their Authzen protocol version 97 optional int32 device_authzen_version = 24; 98 99 // Not all devices have device identifiers that fit in 64 bits. 100 optional bytes long_device_id = 29; 101 102 // The device manufacturer name 103 // (e.g., android.os.Build.MANUFACTURER) 104 optional string device_manufacturer = 31; 105 106 // Used to indicate which type of device this is. 107 optional DeviceType device_type = 32 [ default = ANDROID ]; 108 109 // Fields corresponding to screenlock type/features and hardware features 110 // should be numbered in the 400 range. 111 112 // Is this device using a secure screenlock (e.g., pattern or pin unlock) 113 optional bool using_secure_screenlock = 400 [ default = false ]; 114 115 // Is auto-unlocking the screenlock (e.g., when at "home") supported? 116 optional bool auto_unlock_screenlock_supported = 401 [ default = false ]; 117 118 // Is auto-unlocking the screenlock (e.g., when at "home") enabled? 119 optional bool auto_unlock_screenlock_enabled = 402 [ default = false ]; 120 121 // Does the device have a Bluetooth (classic) radio? 122 optional bool bluetooth_radio_supported = 403 [ default = false ]; 123 124 // Is the Bluetooth (classic) radio on? 125 optional bool bluetooth_radio_enabled = 404 [ default = false ]; 126 127 // Does the device hardware support a mobile data connection? 128 optional bool mobile_data_supported = 405 [ default = false ]; 129 130 // Does the device support tethering? 131 optional bool tethering_supported = 406 [ default = false ]; 132 133 // Does the device have a BLE radio? 134 optional bool ble_radio_supported = 407 [ default = false ]; 135 136 // Is the device a "Pixel Experience" Android device? 137 optional bool pixel_experience = 408 [ default = false ]; 138 139 // Is the device running in the ARC++ container on a chromebook? 140 optional bool arc_plus_plus = 409 [ default = false ]; 141 142 // Is the value set in |using_secure_screenlock| reliable? On some Android 143 // devices, the platform API to get the screenlock state is not trustworthy. 144 // See b/32212161. 145 optional bool is_screenlock_state_flaky = 410 [ default = false ]; 146 147 // A list of multi-device software features supported by the device. 148 repeated SoftwareFeature supported_software_features = 411; 149 150 // A list of multi-device software features currently enabled (active) on the 151 // device. 152 repeated SoftwareFeature enabled_software_features = 412; 153 154 // The enrollment session id this is sent with 155 optional bytes enrollment_session_id = 1000; 156 157 // A copy of the user's OAuth token 158 optional string oauth_token = 1001; 159} 160 161// This enum is used by iOS devices as values for device_display_diagonal_mils 162// in GcmDeviceInfo. There is no good way to calculate it on those devices. 163enum AppleDeviceDiagonalMils { 164 // This is the mils diagonal on an iPhone 5. 165 APPLE_PHONE = 4000; 166 // This is the mils diagonal on an iPad mini. 167 APPLE_PAD = 7900; 168} 169 170// This should be kept in sync with DeviceType in: 171// java/com/google/security/cryptauth/backend/services/common/common_enums.proto 172enum DeviceType { 173 UNKNOWN = 0; 174 ANDROID = 1; 175 CHROME = 2; 176 IOS = 3; 177 BROWSER = 4; 178 OSX = 5; 179} 180 181// MultiDevice features which may be supported and enabled on a device. 182enum SoftwareFeature { 183 UNKNOWN_FEATURE = 0; 184 BETTER_TOGETHER_HOST = 1; 185 BETTER_TOGETHER_CLIENT = 2; 186 EASY_UNLOCK_HOST = 3; 187 EASY_UNLOCK_CLIENT = 4; 188 MAGIC_TETHER_HOST = 5; 189 MAGIC_TETHER_CLIENT = 6; 190 SMS_CONNECT_HOST = 7; 191 SMS_CONNECT_CLIENT = 8; 192} 193 194// A list of "reasons" that can be provided for calling server-side APIs. 195// This is particularly important for calls that can be triggered by different 196// kinds of events. Please try to keep reasons as generic as possible, so that 197// codes can be re-used by various callers in a sensible fashion. 198enum InvocationReason { 199 REASON_UNKNOWN = 0; 200 // First run of the software package invoking this call 201 REASON_INITIALIZATION = 1; 202 // Ordinary periodic actions (e.g. monthly master key rotation) 203 REASON_PERIODIC = 2; 204 // Slow-cycle periodic action (e.g. yearly keypair rotation???) 205 REASON_SLOW_PERIODIC = 3; 206 // Fast-cycle periodic action (e.g. daily sync for Smart Lock users) 207 REASON_FAST_PERIODIC = 4; 208 // Expired state (e.g. expired credentials, or cached entries) was detected 209 REASON_EXPIRATION = 5; 210 // An unexpected protocol failure occurred (so attempting to repair state) 211 REASON_FAILURE_RECOVERY = 6; 212 // A new account has been added to the device 213 REASON_NEW_ACCOUNT = 7; 214 // An existing account on the device has been changed 215 REASON_CHANGED_ACCOUNT = 8; 216 // The user toggled the state of a feature (e.g. Smart Lock enabled via BT) 217 REASON_FEATURE_TOGGLED = 9; 218 // A "push" from the server caused this action (e.g. a sync tickle) 219 REASON_SERVER_INITIATED = 10; 220 // A local address change triggered this (e.g. GCM registration id changed) 221 REASON_ADDRESS_CHANGE = 11; 222 // A software update has triggered this 223 REASON_SOFTWARE_UPDATE = 12; 224 // A manual action by the user triggered this (e.g. commands sent via adb) 225 REASON_MANUAL = 13; 226 // A custom key has been invalidated on the device (e.g. screen lock is 227 // disabled). 228 REASON_CUSTOM_KEY_INVALIDATION = 14; 229 // Periodic action triggered by auth_proximity 230 REASON_PROXIMITY_PERIODIC = 15; 231} 232 233enum Type { 234 ENROLLMENT = 0; 235 TICKLE = 1; 236 TX_REQUEST = 2; 237 TX_REPLY = 3; 238 TX_SYNC_REQUEST = 4; 239 TX_SYNC_RESPONSE = 5; 240 TX_PING = 6; 241 DEVICE_INFO_UPDATE = 7; 242 TX_CANCEL_REQUEST = 8; 243 244 // DEPRECATED (can be re-used after Aug 2015) 245 PROXIMITYAUTH_PAIRING = 10; 246 247 // The kind of identity assertion generated by a "GCM V1" device (i.e., 248 // an Android phone that has registered with us a public and a symmetric 249 // key) 250 GCMV1_IDENTITY_ASSERTION = 11; 251 252 // Device-to-device communications are protected by an unauthenticated 253 // Diffie-Hellman exchange. The InitiatorHello message is simply the 254 // initiator's public DH key, and is not encoded as a SecureMessage, so 255 // it doesn't have a tag. 256 // The ResponderHello message (which is sent by the responder 257 // to the initiator), on the other hand, carries a payload that is protected 258 // by the derived shared key. It also contains the responder's 259 // public DH key. ResponderHelloAndPayload messages have the 260 // DEVICE_TO_DEVICE_RESPONDER_HELLO tag. 261 DEVICE_TO_DEVICE_RESPONDER_HELLO_PAYLOAD = 12; 262 263 // Device-to-device communications are protected by an unauthenticated 264 // Diffie-Hellman exchange. Once the initiator and responder 265 // agree on a shared key (through Diffie-Hellman), they will use messages 266 // tagged with DEVICE_TO_DEVICE_MESSAGE to exchange data. 267 DEVICE_TO_DEVICE_MESSAGE = 13; 268 269 // Notification to let a device know it should contact a nearby device. 270 DEVICE_PROXIMITY_CALLBACK = 14; 271 272 // Device-to-device communications are protected by an unauthenticated 273 // Diffie-Hellman exchange. During device-to-device authentication, the first 274 // message from initiator (the challenge) is signed and put into the payload 275 // of the message sent back to the initiator. 276 UNLOCK_KEY_SIGNED_CHALLENGE = 15; 277 278 // Specialty (corp only) features 279 LOGIN_NOTIFICATION = 101; 280} 281 282message GcmMetadata { 283 required Type type = 1; 284 optional int32 version = 2 [default = 0]; 285} 286 287message Tickle { 288 // Time after which this tickle should expire 289 optional fixed64 expiry_time = 1; 290} 291 292message LoginNotificationInfo { 293 // Time at which the server received the login notification request. 294 optional fixed64 creation_time = 2; 295 296 // Must correspond to user_id in LoginNotificationRequest, if set. 297 optional string email = 3; 298 299 // Host where the user's credentials were used to login, if meaningful. 300 optional string host = 4; 301 302 // Location from where the user's credentials were used, if meaningful. 303 optional string source = 5; 304 305 // Type of login, e.g. ssh, gnome-screensaver, or web. 306 optional string event_type = 6; 307} 308