| // Copyright 2018 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| syntax = "proto2"; |
| |
| package cryptohome; |
| |
| // Container for the signature-sealed data, including the additional non-secret |
| // information required for unsealing. |
| message SignatureSealedData { |
| // Data for the TPM 2.0 method based on the "TPM2_PolicySigned" feature. |
| message Tpm2PolicySignedData { |
| // DER-encoded blob of the X.509 Subject Public Key Info of the key that |
| // should be used for unsealing. |
| optional bytes public_key_spki_der = 1; |
| |
| // The secret blob, wrapped by the TPM's Storage Root Key. |
| optional bytes srk_wrapped_secret = 2; |
| |
| // The signature scheme (TPM_ALG_ID) that should be used for unsealing. |
| optional int32 scheme = 3; |
| |
| // The signature hash algorithm (TPM_ALG_ID) that should be used for |
| // unsealing. |
| optional int32 hash_alg = 4; |
| } |
| |
| // The union containing the data depending on the sealing method. |
| oneof data { Tpm2PolicySignedData tpm2_policy_signed_data = 1; } |
| } |