diff options
Diffstat (limited to 'dbus/cryptohome/rpc.proto')
-rw-r--r-- | dbus/cryptohome/rpc.proto | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/dbus/cryptohome/rpc.proto b/dbus/cryptohome/rpc.proto index 1b5d7c1..7682303 100644 --- a/dbus/cryptohome/rpc.proto +++ b/dbus/cryptohome/rpc.proto @@ -352,3 +352,52 @@ message MigrateToDircryptoRequest { // a working profile will be migrated. Most user data will be wiped. optional bool minimal_migration = 1; } + +// Request parameters for challenge requests for keys of the +// |KEY_TYPE_CHALLENGE_RESPONSE| type. +message KeyChallengeRequest { + // An opaque identifier of the request. Should be used for sending the + // response back. + optional int64 request_id = 1; + // Specifies challenge types. + enum ChallengeType { + // Challenge is a request of a cryptographic signature of the specified data + // using the specified key. + CHALLENGE_TYPE_SIGNATURE = 1; + } + // Type of the requested challenge. + optional ChallengeType challenge_type = 2; + // Is set when |challenge_type| is |CHALLENGE_TYPE_SIGNATURE|. Contains the + // challenge request data. + optional SignatureKeyChallengeRequestData signature_request_data = 3; +} + +// Request data for challenge requests of the |CHALLENGE_TYPE_SIGNATURE| request +// type. +message SignatureKeyChallengeRequestData { + // The blob of data for which the signature is asked. + optional bytes data_to_sign = 1; + // Specifies the key which is asked to sign the data. Contains the DER-encoded + // blob of the X.509 Subject Public Key Info. + optional bytes public_key_spki_der = 2; + // Specifies the signature algorithm that has to be used. + optional ChallengeSignatureAlgorithm signature_algorithm = 3; +} + +// Response for challenge requests. +message KeyChallengeResponse { + // The request identifier. Should be taken from the |request_id| field of the + // KeyChallengeRequest message. + optional int64 request_id = 1; + // Is set for responses to challenge requests of the + // |CHALLENGE_TYPE_SIGNATURE| challenge type. Contains the challenge + // response data. + optional SignatureKeyChallengeResponseData signature_response_data = 2; +} + +// Response data for challenge requests of the |CHALLENGE_TYPE_SIGNATURE| +// challenge type. +message SignatureKeyChallengeResponseData { + // The signature blob of the requested data. + optional bytes signature = 1; +} |