1// 2// Copyright (C) 2013 The Android Open Source Project 3// 4// Licensed under the Apache License, Version 2.0 (the "License"); 5// you may not use this file except in compliance with the License. 6// You may obtain a copy of the License at 7// 8// http://www.apache.org/licenses/LICENSE-2.0 9// 10// Unless required by applicable law or agreed to in writing, software 11// distributed under the License is distributed on an "AS IS" BASIS, 12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13// See the License for the specific language governing permissions and 14// limitations under the License. 15// 16 17option optimize_for = LITE_RUNTIME; 18package shill_protos; 19 20// Return codes describing calls to the shim. We could optionally use the 21// process return code instead, or use definitions from elsewhere, but this 22// way we have a self contained protocol. 23enum ReturnCode { 24 OK = 0; 25 ERROR_UNKNOWN = 1; 26 ERROR_OUT_OF_MEMORY = 2; 27 ERROR_CRYPTO_OPERATION_FAILED = 3; 28 ERROR_INVALID_ARGUMENTS = 4; 29} 30 31// This protobuf is for sending credential information from shill to the 32// credential verification shim. The call will fail if public_key is empty 33// or otherwise invalid. 34message EncryptDataMessage { 35 // DER encoded public key. 36 optional bytes public_key = 1; 37 38 // Data to be encrypted under the public key. 39 required bytes data = 2; 40} 41 42// The returned response from an EncryptData call. 43message EncryptDataResponse { 44 // Will be OK iff the operation is successful. 45 required ReturnCode ret = 1; 46 47 // Data after being encrypted under the public_key, or an empty string. 48 optional bytes encrypted_data = 2; 49} 50 51// This protobuf gives the parameters for the shim the verify credentials. 52// The operation will fail if any argument is empty or badly formatted. 53message VerifyCredentialsMessage { 54 // PEM encoded certificate. 55 optional bytes certificate = 1; 56 57 // Data string hashed with SHA-1 before being encrypted with the private key 58 // corresponding to the public key in certificate. 59 optional bytes signed_data = 2; 60 61 // Data string built up by shill. Needs to be hashed with SHA-1 for 62 // comparison with the decrypted version of signed_data. 63 optional bytes unsigned_data = 3; 64 65 // Mac address in human readable format like 00:11:22:33:44:55. 66 optional bytes mac_address = 4; 67} 68 69// The response from a call to VerifyCredentials. 70message VerifyCredentialsResponse { 71 required ReturnCode ret = 1; 72} 73