Moving protobufs around so that they can be reused by chrome.

Phase one: add protos to public_api, extract enums to separate proto file.

BUG=chromium:316189
TEST=compile test. Protos are optional and unreferenced.

Change-Id: I91a403ecacaafbd0b44ab74cb60322a3a35cbde2
Reviewed-on: https://chromium-review.googlesource.com/186540
Tested-by: Denis Kuznetsov <antrim@chromium.org>
Reviewed-by: Nikita Kostylev <nkostylev@chromium.org>
Commit-Queue: Nikita Kostylev <nkostylev@chromium.org>

2 files changed, 81 insertions, 0 deletions

diff --git a/dbus/cryptohome/key_enums.proto b/dbus/cryptohome/key_enums.proto
new file mode 100644
index 0000000..e5ce286
--- /dev/null
+++ b/dbus/cryptohome/key_enums.proto
@@ -0,0 +1,36 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package cryptohome;
+
+enum KeyType {
+  PASSWORD_CROS_LEGACY = 0;
+  // Password plain which is signed by a RSA-SHA256 key
+  PASSWORD_PLAIN = 1;
+}
+
+// Software-enforced privileges.
+enum KeyPrivileges {
+  // Can mount
+  MOUNT = 1;
+  // Can add other keys
+  ADD = 2;
+  // Can remove other keys
+  REMOVE = 4;
+  // Destroys all other keys and replaces the old key.
+  MIGRATE = 8;
+  DEFAULT = 15; // (MOUNT|ADD|REMOVE|MIGRATE)
+  // Allows a key to be updated in place if authorized (e.g., by a signature).
+  AUTHORIZED_UPDATE = 16;
+}
+
+enum KeyAuthorizationType {
+  // Changes must be authorized by a HMAC-SHA256
+  // with a sub-key of the privilege_key, which is wrapped by the
+  // wrapped_keyset, used to authenticate the encrypted payload of
+  // (revision||new_passphrase), encrypted using a sub-key of
+  // the unwrapped privilege_key.
+  // The subkeys are computed as one-half of a SHA512 of the priv_key.
+  AES256_HMAC_SHA256 = 0;
+}
diff --git a/dbus/cryptohome/key_parameters.proto b/dbus/cryptohome/key_parameters.proto
new file mode 100644
index 0000000..dd206b3
--- /dev/null
+++ b/dbus/cryptohome/key_parameters.proto
@@ -0,0 +1,45 @@
+// Copyright (c) 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+option optimize_for = LITE_RUNTIME;
+
+package cryptohome;
+
+import "key_enums.proto";
+
+message KeyParameters {
+  message KeyAuthorization {
+    required string label = 1;
+    // At present, the only signature authorized privilege is
+    // a superviser user key which will can replace itself iff
+    // the new key and the new revision have a valid signature
+    // (and the revision is not old).
+    optional bytes authorization_signature = 3;
+  }
+  optional KeyAuthorization auth = 1;
+
+  // Used when a key is being added, even if it is being
+  // clobbered as long as the authorizing key is not the same.
+  message KeyAddition {
+    required KeyType type = 1;
+    required string label = 2;
+    optional KeyPrivileges
+      privs = 3 [default=DEFAULT];
+    optional KeyAuthorizationType
+      authorization_type = 4;
+    optional bytes authorization_key = 5;
+  }
+  optional KeyAddition add = 2;
+
+  // Used when a key is updating itself.  If another key is being used,
+  // it should be a clobbering KeyAddition.
+  message KeyUpdate {
+    // These fields only need to be specified if an explicit change is required.
+    optional string label = 1;
+    // The new_revision must be larger than the current revision.
+    // Revisions are not incremented automatically.
+    optional int64 new_revision = 2;
+  }
+  optional KeyUpdate update = 3;
+}