1// Copyright (c) 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4// 5// Provides wire-type for cryptohome Key objects. It does not 6// represent the entirety of the bookkeeping data needed by Cryptohome. 7// 8// Anything in this file may be persisted on disk. Update carefully! 9 10syntax = "proto2"; 11 12option optimize_for = LITE_RUNTIME; 13 14package cryptohome; 15 16message KeyAuthorizationSecretUsage { 17 optional bool encrypt = 1; 18 optional bool sign = 2; 19} 20 21message KeyAuthorizationSecret { 22 optional KeyAuthorizationSecretUsage usage = 1; 23 optional bytes symmetric_key = 2; 24 optional bytes public_key = 3; 25 // Indicates if the symmetric_key is wrapped. 26 optional bool wrapped = 4 [default=false]; 27} 28 29message KeyAuthorizationData { 30 enum KeyAuthorizationType { 31 KEY_AUTHORIZATION_TYPE_HMACSHA256 = 0; 32 KEY_AUTHORIZATION_TYPE_AES256CBC_HMACSHA256 = 1; 33 } 34 optional KeyAuthorizationType type = 1; 35 repeated KeyAuthorizationSecret secrets = 2; 36} 37 38// Software-enforced privileges. 39message KeyPrivileges { 40 // Allows the key to mount the cryptohome. 41 optional bool mount = 1 [default=true]; 42 // Allows new keys to be added. 43 optional bool add = 2 [default=true]; 44 // Allows other existing keys to be removed. 45 optional bool remove = 3 [default=true]; 46 // Allows the key to update itself. 47 optional bool update = 4 [default=true]; 48 // Allows a key to update itself iff the requested change 49 // is authorized as per KeyAuthorizationData. 50 optional bool authorized_update = 5 [default=false]; 51} 52 53// Public metadata stored on behalf of the KeyProvider. 54message KeyProviderData { 55 message Entry { 56 optional string name = 1; 57 optional int64 number = 2; 58 optional bytes bytes = 3; 59 } 60 repeated Entry entry = 1; 61} 62 63message KeyData { 64 // The KeyType should specify the handling needed by Cryptohome 65 // and not a provider KeyType. 66 enum KeyType { 67 KEY_TYPE_PASSWORD = 0; 68 } 69 optional KeyType type = 1; 70 // All keys must be labeled when persisted to disk, but when KeyData 71 // is used in an UpdateKeyRequest, only defined fields are necessary 72 // (so that the caller doesn't need the full KeyData first). 73 optional string label = 2; 74 // If undefined, use the default settings. 75 optional KeyPrivileges privileges = 3; 76 optional int64 revision = 4; 77 // At present, only support for one authorization mechanism is implemented. 78 repeated KeyAuthorizationData authorization_data = 5; 79 // Data stored for use by the provider of the key, often for pre-processing 80 // of passwords or custom provider key typing. 81 // This will be size-limited by serialized size (e.g., 4096 bytes). 82 optional KeyProviderData provider_data = 6; 83} 84 85// Key is not presently persisted to disk, but it acts as the single authority 86// for what comprises a key. 87message Key { 88 // In most cases, |data| is required. When used in an UpdateKeyRequest, it 89 // is only required if KeyData is changing. If only the |secret| is changing, 90 // this field may be left unset. 91 optional KeyData data = 1; 92 // |secret| is required for many requests, like AddKeyRequest, but not all. 93 // An UpdateKeyRequest only requires the changes to the Key that was 94 // was authorized in the AuthorizationRequest. Making |secret| required would 95 // logically force a key rotation even if the values were the same. 96 optional bytes secret = 2; 97} 98