attestation/common/common.proto - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 option optimize_for = LITE_RUNTIME;

 package attestation;

 // Describes key type.
 enum KeyType {
   KEY_TYPE_RSA = 1;
   KEY_TYPE_ECC = 2;
 }

 // Describes allowed key usage.
 enum KeyUsage {
   KEY_USAGE_SIGN = 1;
   KEY_USAGE_DECRYPT = 2;
 }

 // Enumerates various certificate profiles supported by the Attestation CA.
 enum CertificateProfile {
   // A certificate intended for enterprise-owned devices.  It has the following
   // subjectName fields:
   //   CN=<stable device identifier>
   //   OU=state:[verified|developer]
   //   O=Chrome Device Enterprise
   ENTERPRISE_MACHINE_CERTIFICATE = 0;

   // A certificate intended for enterprise-owned user accounts.  It has the
   // following subjectName fields:
   //   OU=state:[verified|developer]
   //   O=Chrome Device Enterprise
   ENTERPRISE_USER_CERTIFICATE = 1;

   // A certificate intended for platform verification by providers of protected
   // content.  It has the following subjectName fields:
   //   O=Chrome Device Content Protection
   CONTENT_PROTECTION_CERTIFICATE = 2;

   // Like above, but it also includes a stable ID and origin.
   //   CN=<origin-specific device identifier>
   //   OU=<origin>
   //   O=Chrome Device Content Protection
   CONTENT_PROTECTION_CERTIFICATE_WITH_STABLE_ID = 3;

   // A certificate intended for cast devices.
   CAST_CERTIFICATE = 4;

   GFSC_CERTIFICATE = 5;

   JETSTREAM_CERTIFICATE = 6;

   // A certificate for enterprise enrollment.
   ENTERPRISE_ENROLLMENT_CERTIFICATE = 7;

   // A certificate for signing Android Testsuite Results using CTS-in-a-box.
   XTS_CERTIFICATE = 8;
 }

 enum TpmVersion {
   TPM_1_2 = 1;  // NOTE: This is the default. It must remain listed first.
   TPM_2_0 = 2;
 }

 // Holds information about a quote generated by the TPM.
 message Quote {
   // The quote; a signature generated with the AIK.
   optional bytes quote = 1;
   // The serialized data that was quoted; this assists in verifying the quote.
   optional bytes quoted_data = 2;
   // The value of the PCR(s) at the time the quote was generated.
   optional bytes quoted_pcr_value = 3;
   // Source data which was originally used to extend the PCR. If this field
   // exists it can be expected that SHA1(pcr_source_hint) was extended into the
   // PCR.
   optional bytes pcr_source_hint = 4;
 }

 // Holds encrypted data and information required to decrypt it.
 message EncryptedData {
   // A key that has been sealed to the TPM or wrapped by another key.
   optional bytes wrapped_key = 2;
   // The initialization vector used during encryption.
   optional bytes iv = 3;
   // MAC of (iv + encrypted_data).
   optional bytes mac = 4;
   optional bytes encrypted_data = 5;
   // An identifier for the wrapping key to assist in decryption.
   optional bytes wrapping_key_id = 6;
 }

 // The wrapper message of any data and its signature.
 message SignedData {
   // The data to be signed.
   optional bytes data = 1;
   // The signature of the data field.
   optional bytes signature = 2;
 }

 // The first two fields are suitable for passing to Tspi_TPM_ActivateIdentity()
 // directly when using TPM 1.2. For TPM 2.0 the first two fields are not used.
 message EncryptedIdentityCredential {
   // TPM_ASYM_CA_CONTENTS, encrypted with EK public key.
   optional bytes asym_ca_contents = 1;
   // TPM_SYM_CA_ATTESTATION, encrypted with the key in aysm_ca_contents.
   optional bytes sym_ca_attestation = 2;

   optional TpmVersion tpm_version = 3;

   // The following fields are used only for TPM 2.0. For details see the TPM 2.0
   // specification Part 1 Rev 1.16:
   // - Section 9.5.3.3: General description of the scheme.
   // - Section 24: More details including how to use the seed to compute the
   //               values for 'credential_mac' and 'wrapped_certificate->
   //               wrapped_key'
   // - Section B.10.4: Encrypting the seed with a RSA EK.
   // - Section C.7.4: Encrypting the seed with an EC EK.

   // A seed encrypted with the EK public key. The TPM will use this seed to
   // derive both an HMAC key to verify the 'credential_mac' field and an AES key
   // to unwrap the 'wrapped_certificate->wrapped_key' field.
   optional bytes encrypted_seed = 4;

   // An integrity value computed using HMAC-SHA256 over the
   // 'wrapped_certificate.wrapped_key' field and the 'Name' of the identity key.
   optional bytes credential_mac = 5;

   // A certificate encrypted with a 'credential' that is decrypted by the TPM.
   // The 'wrapped_key' field contains the encrypted credential which is
   // encrypted using AES-256-CFB with a zero IV. The encryption of the
   // certificate itself uses AES-256-CBC with PKCS #5 padding and a random IV.
   // The encryption key is derived from the 'credential' using:
   //   SHA256('ENCRYPT' + credential)
   // The mac uses HMAC-SHA256 with a key derived using:
   //   SHA256('MAC' + credential)
   optional EncryptedData wrapped_certificate = 6;
 }
	// Copyright 2015 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	option optimize_for = LITE_RUNTIME;

	package attestation;

	// Describes key type.
	enum KeyType {
	KEY_TYPE_RSA = 1;
	KEY_TYPE_ECC = 2;
	}

	// Describes allowed key usage.
	enum KeyUsage {
	KEY_USAGE_SIGN = 1;
	KEY_USAGE_DECRYPT = 2;
	}

	// Enumerates various certificate profiles supported by the Attestation CA.
	enum CertificateProfile {
	// A certificate intended for enterprise-owned devices. It has the following
	// subjectName fields:
	// CN=<stable device identifier>
	// OU=state:[verified\|developer]
	// O=Chrome Device Enterprise
	ENTERPRISE_MACHINE_CERTIFICATE = 0;

	// A certificate intended for enterprise-owned user accounts. It has the
	// following subjectName fields:
	// OU=state:[verified\|developer]
	// O=Chrome Device Enterprise
	ENTERPRISE_USER_CERTIFICATE = 1;

	// A certificate intended for platform verification by providers of protected
	// content. It has the following subjectName fields:
	// O=Chrome Device Content Protection
	CONTENT_PROTECTION_CERTIFICATE = 2;

	// Like above, but it also includes a stable ID and origin.
	// CN=<origin-specific device identifier>
	// OU=<origin>
	// O=Chrome Device Content Protection
	CONTENT_PROTECTION_CERTIFICATE_WITH_STABLE_ID = 3;

	// A certificate intended for cast devices.
	CAST_CERTIFICATE = 4;

	GFSC_CERTIFICATE = 5;

	JETSTREAM_CERTIFICATE = 6;

	// A certificate for enterprise enrollment.
	ENTERPRISE_ENROLLMENT_CERTIFICATE = 7;

	// A certificate for signing Android Testsuite Results using CTS-in-a-box.
	XTS_CERTIFICATE = 8;
	}

	enum TpmVersion {
	TPM_1_2 = 1; // NOTE: This is the default. It must remain listed first.
	TPM_2_0 = 2;
	}

	// Holds information about a quote generated by the TPM.
	message Quote {
	// The quote; a signature generated with the AIK.
	optional bytes quote = 1;
	// The serialized data that was quoted; this assists in verifying the quote.
	optional bytes quoted_data = 2;
	// The value of the PCR(s) at the time the quote was generated.
	optional bytes quoted_pcr_value = 3;
	// Source data which was originally used to extend the PCR. If this field
	// exists it can be expected that SHA1(pcr_source_hint) was extended into the
	// PCR.
	optional bytes pcr_source_hint = 4;
	}

	// Holds encrypted data and information required to decrypt it.
	message EncryptedData {
	// A key that has been sealed to the TPM or wrapped by another key.
	optional bytes wrapped_key = 2;
	// The initialization vector used during encryption.
	optional bytes iv = 3;
	// MAC of (iv + encrypted_data).
	optional bytes mac = 4;
	optional bytes encrypted_data = 5;
	// An identifier for the wrapping key to assist in decryption.
	optional bytes wrapping_key_id = 6;
	}

	// The wrapper message of any data and its signature.
	message SignedData {
	// The data to be signed.
	optional bytes data = 1;
	// The signature of the data field.
	optional bytes signature = 2;
	}

	// The first two fields are suitable for passing to Tspi_TPM_ActivateIdentity()
	// directly when using TPM 1.2. For TPM 2.0 the first two fields are not used.
	message EncryptedIdentityCredential {
	// TPM_ASYM_CA_CONTENTS, encrypted with EK public key.
	optional bytes asym_ca_contents = 1;
	// TPM_SYM_CA_ATTESTATION, encrypted with the key in aysm_ca_contents.
	optional bytes sym_ca_attestation = 2;

	optional TpmVersion tpm_version = 3;

	// The following fields are used only for TPM 2.0. For details see the TPM 2.0
	// specification Part 1 Rev 1.16:
	// - Section 9.5.3.3: General description of the scheme.
	// - Section 24: More details including how to use the seed to compute the
	// values for 'credential_mac' and 'wrapped_certificate->
	// wrapped_key'
	// - Section B.10.4: Encrypting the seed with a RSA EK.
	// - Section C.7.4: Encrypting the seed with an EC EK.

	// A seed encrypted with the EK public key. The TPM will use this seed to
	// derive both an HMAC key to verify the 'credential_mac' field and an AES key
	// to unwrap the 'wrapped_certificate->wrapped_key' field.
	optional bytes encrypted_seed = 4;

	// An integrity value computed using HMAC-SHA256 over the
	// 'wrapped_certificate.wrapped_key' field and the 'Name' of the identity key.
	optional bytes credential_mac = 5;

	// A certificate encrypted with a 'credential' that is decrypted by the TPM.
	// The 'wrapped_key' field contains the encrypted credential which is
	// encrypted using AES-256-CFB with a zero IV. The encryption of the
	// certificate itself uses AES-256-CBC with PKCS #5 padding and a random IV.
	// The encryption key is derived from the 'credential' using:
	// SHA256('ENCRYPT' + credential)
	// The mac uses HMAC-SHA256 with a key derived using:
	// SHA256('MAC' + credential)
	optional EncryptedData wrapped_certificate = 6;
	}