components/arc/mojom/cert_store.mojom - chromium/src - Git at Google

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 // Next MinVersion: 2

 //
 // CertStoreHost is modeled after Android keymaster interface
 // hardware/libhardware/include/hardware/keymaster2.h
 //
 // and must follow the concept if extended in the future.
 // Please keep names in sync as far as it is possible.
 //
 // Enums/structures are modeled after structures from
 // hardware/libhardware/include/hardware/keymaster_defs.h
 //

 module arc.mojom;

 // Describes a keymaster operation result.
 [Extensible]
 enum KeymasterError {
   ERROR_OK = 0,
   ERROR_INVALID_OPERATION_HANDLE = -28,
   ERROR_INVALID_KEY_BLOB = -33,
   ERROR_UNIMPLEMENTED = -100,
   ERROR_UNKNOWN_ERROR = -1000,
 };

 // Enumerates the crypto algorithms supported by Host.
 [Extensible]
 enum Algorithm {
   ALGORITHM_RSA = 1,
   ALGORITHM_EC = 3,
 };

 // Enumerates the digests supported by Host.
 [Extensible]
 enum Digest {
   DIGEST_NONE = 0,
   DIGEST_SHA1 = 2,
   DIGEST_SHA_2_224 = 3,
   DIGEST_SHA_2_256 = 4,
   DIGEST_SHA_2_384 = 5,
   DIGEST_SHA_2_512 = 6,
 };

 // Enumerates the paddings supported by Host.
 [Extensible]
 enum Padding {
   PAD_NONE = 1,
   PAD_RSA_PKCS1_1_5_SIGN = 5,
 };

 // Describes a parameter of client certificate provided by Host.
 union KeyParam {
   Algorithm algorithm;
   Digest digest;
   Padding padding;
 };

 // Describes a client certificate provided by Host.
 // Does not correspond to keymaster type.
 struct Certificate {
   // Nickname/alias of the certificate.
   string alias;

   // PEM-encoded client certificate.
   string cert;
 };

 // Next method ID: 6
 // The interface is modeled after keymaster interface and must follow the format
 // if extended in the future.
 interface CertStoreHost {
   // The helper method, which does not correspond to keymaster interface.
   // It returns a list of Chrome OS corporate usage client certificates if
   // any Android app is whitelisted to use them, otherwise returns an
   // empty list.
   ListCertificates@0() => (array<Certificate> certs);

   // Retrieves key characteristics for the specified key with alias.
   // params is null if any error occurred during retrieval.
   GetKeyCharacteristics@1(string alias)
       => (KeymasterError error, array<KeyParam>? params);

   // Begins the operation using the specified key with alias and operation
   // parameters (such as algorithm, digest, padding).
   // If all is well, returns ERROR_OK and creates an operation handle which
   // must be passed to subsequent calls to Update(), Finish() or Abort().
   // Currently only signature operations are supported.
   Begin@2(string alias, array<KeyParam> params)
       => (KeymasterError error, uint64 operation_handle);

   // Provides data to an ongoing cryptographic operation begun with Begin().
   // Returns an amount of data consumed by Update().
   Update@3(uint64 operation_handle, array<uint8> data)
       => (KeymasterError error, uint32 input_consumed);

   // Finalizes a cryptographic operation begun with Begin() and invalidates
   // operation handle. Retrieves the result (signature). In case of any error,
   // signed_data is null.
   Finish@4(uint64 operation_handle)
       => (KeymasterError error, array<uint8>? signed_data);

   // Aborts a cryptographic operation begun with Begin(), freeing all internal
   // resources and invalidating operation handle.
   Abort@5(uint64 operation_handle) => (KeymasterError error);
 };

 // Next method ID: 4
 interface CertStoreInstance {
   // DEPRECATED: Please use Init@3 instead.
   InitDeprecated@0(CertStoreHost host_ptr);

   // Establishes full-duplex communication with the host.
   [MinVersion=1] Init@3(CertStoreHost host_ptr) => ();

   // Informs the key permissions are changed: only listed packages are allowed
   // to use exposed certificates.
   OnKeyPermissionsChanged@1(array<string> permissions);

   // Informs the certificates are changed (added, removed or updated):
   // CertStoreInstance must call ListCertficates to update its database.
   OnCertificatesChanged@2();
 };

 // Next method ID: 1
 interface SmartCardManagerHost {
   // Refreshes smart card certificates available to Android apps.
   Refresh@0() => (bool result);
 };

 // Next method ID: 1
 interface SmartCardManagerInstance {
   // Establishes full-duplex communication with the host.
   Init@0(SmartCardManagerHost host_ptr) => ();
 };
	// Copyright 2017 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	// Next MinVersion: 2

	//
	// CertStoreHost is modeled after Android keymaster interface
	// hardware/libhardware/include/hardware/keymaster2.h
	//
	// and must follow the concept if extended in the future.
	// Please keep names in sync as far as it is possible.
	//
	// Enums/structures are modeled after structures from
	// hardware/libhardware/include/hardware/keymaster_defs.h
	//

	module arc.mojom;

	// Describes a keymaster operation result.
	[Extensible]
	enum KeymasterError {
	ERROR_OK = 0,
	ERROR_INVALID_OPERATION_HANDLE = -28,
	ERROR_INVALID_KEY_BLOB = -33,
	ERROR_UNIMPLEMENTED = -100,
	ERROR_UNKNOWN_ERROR = -1000,
	};

	// Enumerates the crypto algorithms supported by Host.
	[Extensible]
	enum Algorithm {
	ALGORITHM_RSA = 1,
	ALGORITHM_EC = 3,
	};

	// Enumerates the digests supported by Host.
	[Extensible]
	enum Digest {
	DIGEST_NONE = 0,
	DIGEST_SHA1 = 2,
	DIGEST_SHA_2_224 = 3,
	DIGEST_SHA_2_256 = 4,
	DIGEST_SHA_2_384 = 5,
	DIGEST_SHA_2_512 = 6,
	};

	// Enumerates the paddings supported by Host.
	[Extensible]
	enum Padding {
	PAD_NONE = 1,
	PAD_RSA_PKCS1_1_5_SIGN = 5,
	};

	// Describes a parameter of client certificate provided by Host.
	union KeyParam {
	Algorithm algorithm;
	Digest digest;
	Padding padding;
	};

	// Describes a client certificate provided by Host.
	// Does not correspond to keymaster type.
	struct Certificate {
	// Nickname/alias of the certificate.
	string alias;

	// PEM-encoded client certificate.
	string cert;
	};

	// Next method ID: 6
	// The interface is modeled after keymaster interface and must follow the format
	// if extended in the future.
	interface CertStoreHost {
	// The helper method, which does not correspond to keymaster interface.
	// It returns a list of Chrome OS corporate usage client certificates if
	// any Android app is whitelisted to use them, otherwise returns an
	// empty list.
	ListCertificates@0() => (array<Certificate> certs);

	// Retrieves key characteristics for the specified key with alias.
	// params is null if any error occurred during retrieval.
	GetKeyCharacteristics@1(string alias)
	=> (KeymasterError error, array<KeyParam>? params);

	// Begins the operation using the specified key with alias and operation
	// parameters (such as algorithm, digest, padding).
	// If all is well, returns ERROR_OK and creates an operation handle which
	// must be passed to subsequent calls to Update(), Finish() or Abort().
	// Currently only signature operations are supported.
	Begin@2(string alias, array<KeyParam> params)
	=> (KeymasterError error, uint64 operation_handle);

	// Provides data to an ongoing cryptographic operation begun with Begin().
	// Returns an amount of data consumed by Update().
	Update@3(uint64 operation_handle, array<uint8> data)
	=> (KeymasterError error, uint32 input_consumed);

	// Finalizes a cryptographic operation begun with Begin() and invalidates
	// operation handle. Retrieves the result (signature). In case of any error,
	// signed_data is null.
	Finish@4(uint64 operation_handle)
	=> (KeymasterError error, array<uint8>? signed_data);

	// Aborts a cryptographic operation begun with Begin(), freeing all internal
	// resources and invalidating operation handle.
	Abort@5(uint64 operation_handle) => (KeymasterError error);
	};

	// Next method ID: 4
	interface CertStoreInstance {
	// DEPRECATED: Please use Init@3 instead.
	InitDeprecated@0(CertStoreHost host_ptr);

	// Establishes full-duplex communication with the host.
	[MinVersion=1] Init@3(CertStoreHost host_ptr) => ();

	// Informs the key permissions are changed: only listed packages are allowed
	// to use exposed certificates.
	OnKeyPermissionsChanged@1(array<string> permissions);

	// Informs the certificates are changed (added, removed or updated):
	// CertStoreInstance must call ListCertficates to update its database.
	OnCertificatesChanged@2();
	};

	// Next method ID: 1
	interface SmartCardManagerHost {
	// Refreshes smart card certificates available to Android apps.
	Refresh@0() => (bool result);
	};

	// Next method ID: 1
	interface SmartCardManagerInstance {
	// Establishes full-duplex communication with the host.
	Init@0(SmartCardManagerHost host_ptr) => ();
	};