| // Copyright 2021 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| // Our Python generator removes the "_serialized_" namespace when generating |
| // the code, to avoid symbol clash with the code generated by flatc. |
| namespace cryptohome.structure._serialized_; |
| |
| // Defined the attributes that may be used in this schema file. |
| attribute "optional"; |
| attribute "secure"; |
| attribute "serializable"; |
| |
| // Cryptographic signature algorithm type for challenge requests. Used with |
| // challenge-response cryptohome keys. |
| enum ChallengeSignatureAlgorithm : int { |
| kRsassaPkcs1V15Sha1 = 1, |
| kRsassaPkcs1V15Sha256 = 2, |
| kRsassaPkcs1V15Sha384 = 3, |
| kRsassaPkcs1V15Sha512 = 4, |
| } |
| |
| // Data for the TPM 2.0 method based on the "TPM2_PolicySigned" feature. |
| table Tpm2PolicySignedData { |
| // DER-encoded blob of the X.509 Subject Public Key Info of the key that |
| // should be used for unsealing. |
| public_key_spki_der:[ubyte] (id: 0); |
| |
| // The secret blob, wrapped by the TPM's Storage Root Key. |
| srk_wrapped_secret:[ubyte] (id: 1); |
| |
| // The signature scheme (TPM_ALG_ID) that should be used for unsealing. |
| scheme:int = null (id: 2); |
| |
| // The signature hash algorithm (TPM_ALG_ID) that should be used for |
| // unsealing. |
| hash_alg:int = null (id: 3); |
| |
| // TPM policy digest for the TPM2_PolicyPCR command executed with default PCR |
| // map. |
| default_pcr_policy_digest:[ubyte] (id: 4); |
| |
| // TPM policy digest for the TPM2_PolicyPCR command executed with extended PCR |
| // map. |
| extended_pcr_policy_digest:[ubyte] (id: 5); |
| } |
| |
| // Data for the TPM 1.2 method based on the "Certified Migratable Key" |
| // functionality. |
| table Tpm12CertifiedMigratableKeyData { |
| // DER-encoded blob of the X.509 Subject Public Key Info of the key that |
| // should be used for unsealing. |
| public_key_spki_der:[ubyte] (id: 0); |
| |
| // The blob of the Certified Migratable Key wrapped by the TPM's Storage |
| // Root Key. |
| srk_wrapped_cmk:[ubyte] (id: 1); |
| |
| // The TPM_PUBKEY blob of the Certified Migratable Key. |
| cmk_pubkey:[ubyte] (id: 2); |
| |
| // The AuthData blob encrypted by the CMK using the RSAES-OAEP MGF1 |
| // algorithm. |
| cmk_wrapped_auth_data:[ubyte] (id: 3); |
| |
| // The secret blob, which is bound to the default PCR map. |
| default_pcr_bound_secret:[ubyte] (id: 4); |
| |
| // The secret blob, which is bound to the extended PCR map. |
| extended_pcr_bound_secret:[ubyte] (id: 5); |
| } |
| |
| union SignatureSealedData { |
| Tpm2PolicySignedData, |
| Tpm12CertifiedMigratableKeyData |
| } |
| |
| // Fields specific to the challenge-response protection. |
| // The Scrypt KDF passphrase, used for the protection of the keyset, is |
| // defined as a concatenation of two values: |
| // * The first is the blob which is sealed in |sealed_secret|. |
| // * The second is the deterministic signature of |salt| using the |
| // |salt_signature_algorithm| algorithm. |
| // The cryptographic key specified in |public_key_spki_der| is used for both. |
| table SignatureChallengeInfo (serializable) { |
| // DER-encoded blob of the X.509 Subject Public Key Info of the key to be |
| // challenged in order to obtain the KDF passphrase for decrypting the vault |
| // keyset. |
| public_key_spki_der:[ubyte] (id: 0); |
| // Container with the secret data which is sealed using the TPM in a way |
| // that the process of its unsealing involves signature challenges against |
| // the specified key. This secret data is one of the sources for building |
| // the KDF passphrase. |
| sealed_secret:SignatureSealedData (id: 2); |
| // Salt whose signature is another source for building the KDF passphrase. |
| salt:[ubyte] (id: 3); |
| // Signature algorithm to be used for signing |salt|. |
| // NOTE: the signature algorithm has to be deterministic (that is, always |
| // produce the same output for the same input). |
| salt_signature_algorithm:ChallengeSignatureAlgorithm = null (id: 4); |
| } |
| |
| // Description of a public key of an asymmetric cryptographic key. Used with |
| // challenge-response cryptohome keys. |
| table ChallengePublicKeyInfo { |
| // DER-encoded blob of the X.509 Subject Public Key Info. |
| public_key_spki_der:[ubyte] (id: 0); |
| // Supported signature algorithms, in the order of preference (starting from |
| // the most preferred). Absence of this field denotes that the key cannot be |
| // used for signing. |
| signature_algorithm:[ChallengeSignatureAlgorithm] (id: 1); |
| } |
| |
| root_type SignatureChallengeInfo; |