cryptohome/auth_block_state.proto - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2021 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 syntax = "proto2";

 package cryptohome;

 // These fields are all marked optional because these protobufs are generated
 // from objects stored on disk, such as the SerializedVaultKeyset. As a result
 // cryptohome cannot assume the protobuf is always as expected. However, the
 // fields should always be defined or the auth block cannot operate.
 message AuthBlockState {
   message TpmNotBoundToPcrAuthBlockState {
     // Marks if the password is run through scrypt before going to the TPM.
     optional bool scrypt_derived = 1;
     // The salt used to bind to the TPM.
     optional bytes salt = 2;
     // The number of rounds key derivation is called.
     optional uint32 password_rounds = 3;
     // The VKK wrapped with the user's password by the tpm.
     optional bytes tpm_key = 4;
     // A check if this is the same TPM that wrapped the credential.
     optional bytes tpm_public_key_hash = 5;
     // The wrapped reset seed to reset LE credentials.
     optional bytes wrapped_reset_seed = 6;
   }
   message TpmBoundToPcrAuthBlockState {
     // Marks if the password is run through scrypt before going to the TPM.
     optional bool scrypt_derived = 1;
     // The salt used to bind to the TPM.
     optional bytes salt = 2;
     // The VKK encrypted with the user's password and TPM.
     optional bytes tpm_key = 3;
     // Same as tpm_key, but extends the PCR to only allow one user until reboot.
     optional bytes extended_tpm_key = 4;
     // A check if this is the same TPM that wrapped the credential.
     optional bytes tpm_public_key_hash = 5;
     // The wrapped reset seed to reset LE credentials.
     optional bytes wrapped_reset_seed = 6;
   }
   message PinWeaverAuthBlockState {
     // The label for the credential in the LE hash tree.
     optional uint64 le_label = 1;
     // The salt used to first scrypt the user input.
     optional bytes salt = 2;
     // The IV used to derive the chaps key.
     optional bytes chaps_iv = 3;
     // The IV used to derive the file encryption key.
     optional bytes fek_iv = 4;
   }
   // This is a unique AuthBlockState for backwards compatibility. libscrypt puts
   // the metadata, such as IV and salt, into the header of the encrypted
   // buffer. Thus this is the only auth block state to pass wrapped secrets. See
   // the LibScryptCompatAuthBlock header for a full explanation.
   message LibScryptCompatAuthBlockState {
     // The wrapped filesystem keys.
     optional bytes wrapped_keyset = 1;
     // The wrapped chaps keys.
     optional bytes wrapped_chaps_key = 2;
     // The wrapped reset seed keys.
     optional bytes wrapped_reset_seed = 3;
   }
   message ChallengeCredentialAuthBlockState {
     required LibScryptCompatAuthBlockState scrypt_state = 1;
   }
   message DoubleWrappedCompatAuthBlockState {
     required LibScryptCompatAuthBlockState scrypt_state = 1;
     required TpmNotBoundToPcrAuthBlockState tpm_state = 2;
   }
   message CryptohomeRecoveryAuthBlockState {
     // Contains encrypted mediator share and data required for decryption.
     message EncryptedMediatorShare {
       // The integrity tag of the data generated during encryption of the
       // mediator share.
       optional bytes tag = 1;
       // The initialization vector generated during encryption of the mediator
       // share.
       optional bytes iv = 2;
       // Ephemeral key created during encryption of the mediator share.
       optional bytes ephemeral_pub_key = 3;
       // Encrypted mediator share.
       optional bytes encrypted_data = 4;
     };
     // Secret share of the mediator encrypted to the mediator public key.
     optional EncryptedMediatorShare encrypted_mediator_share = 1;
     // Secret share of the destination (plaintext).
     // TODO(b/184924482): store encrypted destination share.
     optional bytes plaintext_destination_share = 2;
     // The public key of the publisher ECC key.
     optional bytes publisher_pub_key = 3;
   }

   oneof auth_block_state {
     TpmNotBoundToPcrAuthBlockState tpm_not_bound_to_pcr_state = 1;
     TpmBoundToPcrAuthBlockState tpm_bound_to_pcr_state = 2;
     PinWeaverAuthBlockState pin_weaver_state = 3;
     LibScryptCompatAuthBlockState libscrypt_compat_state = 4;
     ChallengeCredentialAuthBlockState challenge_credential_state = 5;
     DoubleWrappedCompatAuthBlockState double_wrapped_compat_state = 6;
     CryptohomeRecoveryAuthBlockState cryptohome_recovery_state = 7;
   }
 }
	// Copyright 2021 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	syntax = "proto2";

	package cryptohome;

	// These fields are all marked optional because these protobufs are generated
	// from objects stored on disk, such as the SerializedVaultKeyset. As a result
	// cryptohome cannot assume the protobuf is always as expected. However, the
	// fields should always be defined or the auth block cannot operate.
	message AuthBlockState {
	message TpmNotBoundToPcrAuthBlockState {
	// Marks if the password is run through scrypt before going to the TPM.
	optional bool scrypt_derived = 1;
	// The salt used to bind to the TPM.
	optional bytes salt = 2;
	// The number of rounds key derivation is called.
	optional uint32 password_rounds = 3;
	// The VKK wrapped with the user's password by the tpm.
	optional bytes tpm_key = 4;
	// A check if this is the same TPM that wrapped the credential.
	optional bytes tpm_public_key_hash = 5;
	// The wrapped reset seed to reset LE credentials.
	optional bytes wrapped_reset_seed = 6;
	}
	message TpmBoundToPcrAuthBlockState {
	// Marks if the password is run through scrypt before going to the TPM.
	optional bool scrypt_derived = 1;
	// The salt used to bind to the TPM.
	optional bytes salt = 2;
	// The VKK encrypted with the user's password and TPM.
	optional bytes tpm_key = 3;
	// Same as tpm_key, but extends the PCR to only allow one user until reboot.
	optional bytes extended_tpm_key = 4;
	// A check if this is the same TPM that wrapped the credential.
	optional bytes tpm_public_key_hash = 5;
	// The wrapped reset seed to reset LE credentials.
	optional bytes wrapped_reset_seed = 6;
	}
	message PinWeaverAuthBlockState {
	// The label for the credential in the LE hash tree.
	optional uint64 le_label = 1;
	// The salt used to first scrypt the user input.
	optional bytes salt = 2;
	// The IV used to derive the chaps key.
	optional bytes chaps_iv = 3;
	// The IV used to derive the file encryption key.
	optional bytes fek_iv = 4;
	}
	// This is a unique AuthBlockState for backwards compatibility. libscrypt puts
	// the metadata, such as IV and salt, into the header of the encrypted
	// buffer. Thus this is the only auth block state to pass wrapped secrets. See
	// the LibScryptCompatAuthBlock header for a full explanation.
	message LibScryptCompatAuthBlockState {
	// The wrapped filesystem keys.
	optional bytes wrapped_keyset = 1;
	// The wrapped chaps keys.
	optional bytes wrapped_chaps_key = 2;
	// The wrapped reset seed keys.
	optional bytes wrapped_reset_seed = 3;
	}
	message ChallengeCredentialAuthBlockState {
	required LibScryptCompatAuthBlockState scrypt_state = 1;
	}
	message DoubleWrappedCompatAuthBlockState {
	required LibScryptCompatAuthBlockState scrypt_state = 1;
	required TpmNotBoundToPcrAuthBlockState tpm_state = 2;
	}
	message CryptohomeRecoveryAuthBlockState {
	// Contains encrypted mediator share and data required for decryption.
	message EncryptedMediatorShare {
	// The integrity tag of the data generated during encryption of the
	// mediator share.
	optional bytes tag = 1;
	// The initialization vector generated during encryption of the mediator
	// share.
	optional bytes iv = 2;
	// Ephemeral key created during encryption of the mediator share.
	optional bytes ephemeral_pub_key = 3;
	// Encrypted mediator share.
	optional bytes encrypted_data = 4;
	};
	// Secret share of the mediator encrypted to the mediator public key.
	optional EncryptedMediatorShare encrypted_mediator_share = 1;
	// Secret share of the destination (plaintext).
	// TODO(b/184924482): store encrypted destination share.
	optional bytes plaintext_destination_share = 2;
	// The public key of the publisher ECC key.
	optional bytes publisher_pub_key = 3;
	}

	oneof auth_block_state {
	TpmNotBoundToPcrAuthBlockState tpm_not_bound_to_pcr_state = 1;
	TpmBoundToPcrAuthBlockState tpm_bound_to_pcr_state = 2;
	PinWeaverAuthBlockState pin_weaver_state = 3;
	LibScryptCompatAuthBlockState libscrypt_compat_state = 4;
	ChallengeCredentialAuthBlockState challenge_credential_state = 5;
	DoubleWrappedCompatAuthBlockState double_wrapped_compat_state = 6;
	CryptohomeRecoveryAuthBlockState cryptohome_recovery_state = 7;
	}
	}