| // Copyright 2021 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| syntax = "proto2"; |
| |
| package cryptohome; |
| |
| // These fields are all marked optional because these protobufs are generated |
| // from objects stored on disk, such as the SerializedVaultKeyset. As a result |
| // cryptohome cannot assume the protobuf is always as expected. However, the |
| // fields should always be defined or the auth block cannot operate. |
| message AuthBlockState { |
| message TpmNotBoundToPcrAuthBlockState { |
| // Marks if the password is run through scrypt before going to the TPM. |
| optional bool scrypt_derived = 1; |
| // The salt used to bind to the TPM. |
| optional bytes salt = 2; |
| // The number of rounds key derivation is called. |
| optional uint32 password_rounds = 3; |
| // The VKK wrapped with the user's password by the tpm. |
| optional bytes tpm_key = 4; |
| // A check if this is the same TPM that wrapped the credential. |
| optional bytes tpm_public_key_hash = 5; |
| // The wrapped reset seed to reset LE credentials. |
| optional bytes wrapped_reset_seed = 6; |
| } |
| message TpmBoundToPcrAuthBlockState { |
| // Marks if the password is run through scrypt before going to the TPM. |
| optional bool scrypt_derived = 1; |
| // The salt used to bind to the TPM. |
| optional bytes salt = 2; |
| // The VKK encrypted with the user's password and TPM. |
| optional bytes tpm_key = 3; |
| // Same as tpm_key, but extends the PCR to only allow one user until reboot. |
| optional bytes extended_tpm_key = 4; |
| // A check if this is the same TPM that wrapped the credential. |
| optional bytes tpm_public_key_hash = 5; |
| // The wrapped reset seed to reset LE credentials. |
| optional bytes wrapped_reset_seed = 6; |
| } |
| message PinWeaverAuthBlockState { |
| // The label for the credential in the LE hash tree. |
| optional uint64 le_label = 1; |
| // The salt used to first scrypt the user input. |
| optional bytes salt = 2; |
| // The IV used to derive the chaps key. |
| optional bytes chaps_iv = 3; |
| // The IV used to derive the file encryption key. |
| optional bytes fek_iv = 4; |
| } |
| // This is a unique AuthBlockState for backwards compatibility. libscrypt puts |
| // the metadata, such as IV and salt, into the header of the encrypted |
| // buffer. Thus this is the only auth block state to pass wrapped secrets. See |
| // the LibScryptCompatAuthBlock header for a full explanation. |
| message LibScryptCompatAuthBlockState { |
| // The wrapped filesystem keys. |
| optional bytes wrapped_keyset = 1; |
| // The wrapped chaps keys. |
| optional bytes wrapped_chaps_key = 2; |
| // The wrapped reset seed keys. |
| optional bytes wrapped_reset_seed = 3; |
| } |
| message ChallengeCredentialAuthBlockState { |
| required LibScryptCompatAuthBlockState scrypt_state = 1; |
| } |
| message DoubleWrappedCompatAuthBlockState { |
| required LibScryptCompatAuthBlockState scrypt_state = 1; |
| required TpmNotBoundToPcrAuthBlockState tpm_state = 2; |
| } |
| message CryptohomeRecoveryAuthBlockState { |
| // Contains encrypted mediator share and data required for decryption. |
| message EncryptedMediatorShare { |
| // The integrity tag of the data generated during encryption of the |
| // mediator share. |
| optional bytes tag = 1; |
| // The initialization vector generated during encryption of the mediator |
| // share. |
| optional bytes iv = 2; |
| // Ephemeral key created during encryption of the mediator share. |
| optional bytes ephemeral_pub_key = 3; |
| // Encrypted mediator share. |
| optional bytes encrypted_data = 4; |
| }; |
| // Secret share of the mediator encrypted to the mediator public key. |
| optional EncryptedMediatorShare encrypted_mediator_share = 1; |
| // Secret share of the destination (plaintext). |
| // TODO(b/184924482): store encrypted destination share. |
| optional bytes plaintext_destination_share = 2; |
| // The public key of the publisher ECC key. |
| optional bytes publisher_pub_key = 3; |
| } |
| |
| oneof auth_block_state { |
| TpmNotBoundToPcrAuthBlockState tpm_not_bound_to_pcr_state = 1; |
| TpmBoundToPcrAuthBlockState tpm_bound_to_pcr_state = 2; |
| PinWeaverAuthBlockState pin_weaver_state = 3; |
| LibScryptCompatAuthBlockState libscrypt_compat_state = 4; |
| ChallengeCredentialAuthBlockState challenge_credential_state = 5; |
| DoubleWrappedCompatAuthBlockState double_wrapped_compat_state = 6; |
| CryptohomeRecoveryAuthBlockState cryptohome_recovery_state = 7; |
| } |
| } |