| // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| package cryptohome; |
| |
| // Holds TPM credentials that the attestation server will need to see. These |
| // credentials must be cleared once the attestation server has certified the |
| // AIK. |
| message TPMCredentials { |
| optional bytes endorsement_public_key = 1; |
| optional bytes endorsement_credential = 2; |
| optional bytes platform_credential = 3; |
| optional bytes conformance_credential = 4; |
| } |
| |
| // Holds information relevant to a particular AIK. |
| message IdentityKey { |
| // The DER encoded public key. |
| optional bytes identity_public_key = 1; |
| // The TPM-specific key blob that can be loaded back into the TPM. |
| optional bytes identity_key_blob = 2; |
| // A credential issued by the attestation server. |
| optional bytes identity_credential = 3; |
| } |
| |
| // Holds information required to verify the binding of an AIK to an EK. This |
| // information should be cleared once the attestation server has certified the |
| // AIK. |
| message IdentityBinding { |
| // The binding data, as output by the TPM_MakeIdentity operation. |
| optional bytes identity_binding = 1; |
| // The AIK public key, DER encoded. |
| optional bytes identity_public_key_der = 2; |
| // The AIK public key, in TPM_PUBKEY form. |
| optional bytes identity_public_key = 3; |
| // The label used during AIK creation. |
| optional bytes identity_label = 4; |
| // The PCA public key used during AIK creation, in TPM_PUBKEY form. |
| optional bytes pca_public_key = 5; |
| } |
| |
| // Holds information about a quote generated by the TPM. |
| message Quote { |
| // The quote; a signature generated with the AIK. |
| optional bytes quote = 1; |
| // The serialized data that was quoted; this assists in verifying the quote. |
| optional bytes quoted_data = 2; |
| // The value of the PCR(s) at the time the quote was generated. |
| optional bytes quoted_pcr_value = 3; |
| } |
| |
| // Holds owner delegation information. |
| message Delegation { |
| // The delegate owner blob. |
| optional bytes blob = 1; |
| // The authorization secret. |
| optional bytes secret = 2; |
| } |
| |
| // This message holds all information to be sent to the attestation server in |
| // order to complete enrollment. |
| message AttestationEnrollmentRequest { |
| // The EK cert, in X.509 form. |
| optional bytes endorsement_credential = 1; |
| // The AIK public key, in TPM_PUBKEY form. |
| optional bytes identity_public_key = 2; |
| // PCR0 quoted by AIK. |
| optional Quote pcr0_quote = 3; |
| } |
| |
| // These two fields are sutible for passing to Tspi_TPM_ActivateIdentity() |
| // directly. |
| message EncryptedIdentityCredential { |
| // TPM_ASYM_CA_CONTENTS, encrypted with EK public key. |
| optional bytes asym_ca_contents = 1; |
| // TPM_SYM_CA_ATTESTATION, encrypted with the key in aysm_ca_contents. |
| optional bytes sym_ca_attestation = 2; |
| } |
| |
| enum ResponseStatus { |
| OK = 0; |
| // Internal server error. |
| SERVER_ERROR = 1; |
| // The server cannot parse the request. |
| BAD_REQUEST = 2; |
| // The server rejects the request. |
| REJECT = 3; |
| } |
| |
| // The response from the attestation server. |
| message AttestationEnrollmentResponse { |
| optional ResponseStatus status = 1; |
| // Detail response message. Included when the result is not OK. |
| optional string detail = 2; |
| optional EncryptedIdentityCredential encrypted_identity_credential = 3; |
| } |
| |
| // Holds all information that a client stores locally. |
| message AttestationDatabase { |
| optional TPMCredentials credentials = 2; |
| optional IdentityBinding identity_binding = 3; |
| optional IdentityKey identity_key = 4; |
| optional Quote pcr0_quote = 5; |
| optional Delegation delegate = 6; |
| } |
| |
| // Holds encrypted data and information required to decrypt it. |
| message EncryptedDatabase { |
| // A key that has been sealed to the TPM. |
| optional bytes sealed_key = 2; |
| // The initialization vector used during encryption. |
| optional bytes iv = 3; |
| // MAC of (iv || encrypted_data). |
| optional bytes mac = 4; |
| optional bytes encrypted_data = 5; |
| } |