Home | History | Annotate | Download | only in common 
      1 //
      2 // Copyright (C) 2015 The Android Open Source Project
      3 //
      4 // Licensed under the Apache License, Version 2.0 (the "License");
      5 // you may not use this file except in compliance with the License.
      6 // You may obtain a copy of the License at
      7 //
      8 //      http://www.apache.org/licenses/LICENSE-2.0
      9 //
     10 // Unless required by applicable law or agreed to in writing, software
     11 // distributed under the License is distributed on an "AS IS" BASIS,
     12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13 // See the License for the specific language governing permissions and
     14 // limitations under the License.
     15 //
     16 
     17 option optimize_for = LITE_RUNTIME;
     18 
     19 import "common.proto";
     20 
     21 package attestation;
     22 
     23 // This message holds all information to be sent to the attestation server in
     24 // order to complete enrollment.
     25 message AttestationEnrollmentRequest {
     26   // The EK cert, in X.509 form, encrypted using the server's public key with
     27   // the following parameters:
     28   //   Key encryption: RSA-OAEP with no custom parameters.
     29   //   Data encryption: 256-bit key, AES-CBC with PKCS5 padding.
     30   //   MAC: HMAC-SHA-512 using the AES key.
     31   optional EncryptedData encrypted_endorsement_credential = 1;
     32   // The AIK public key, in TPM_PUBKEY form.
     33   optional bytes identity_public_key = 2;
     34   // PCR0 quoted by AIK.
     35   optional Quote pcr0_quote = 3;
     36   // PCR1 quoted by AIK.
     37   optional Quote pcr1_quote = 4;
     38 }
     39 
     40 enum ResponseStatus {
     41   OK = 0;
     42   // Internal server error.
     43   SERVER_ERROR = 1;
     44   // The server cannot parse the request.
     45   BAD_REQUEST = 2;
     46   // The server rejects the request.
     47   REJECT = 3;
     48   // Only appears in enrollment response. The server returns the same generated
     49   // id and reports the quota limit exceeded status when the number of reset
     50   // action in a specified time window is more than self reset limitation.
     51   QUOTA_LIMIT_EXCEEDED = 4;
     52 }
     53 
     54 // The response from the attestation server for the enrollment request.
     55 message AttestationEnrollmentResponse {
     56   optional ResponseStatus status = 1;
     57   // Detail response message. Included when the result is not OK.
     58   optional string detail = 2;
     59   optional EncryptedIdentityCredential encrypted_identity_credential = 3;
     60 }
     61 
     62 // The certificate request to be sent to the attestation server.
     63 message AttestationCertificateRequest {
     64   // The AIK cert in X.509 format.
     65   optional bytes identity_credential = 1;
     66   // A certified public key in TPM_PUBKEY.
     67   optional bytes certified_public_key = 3;
     68   // The serialized TPM_CERTIFY_INFO for the certified key.
     69   optional bytes certified_key_info = 4;
     70   // The signature of the TPM_CERTIFY_INFO by the AIK.
     71   optional bytes certified_key_proof = 5;
     72   // A message identifier to be included in the response.
     73   optional bytes message_id = 10;
     74   // The certificate profile defines the type of certificate to issue.
     75   optional CertificateProfile profile = 11;
     76   // Information about the origin of the request which may be used depending on
     77   // the certificate profile.
     78   optional string origin = 12;
     79   // The index of a temporal value.  This may be used or ignored depending on
     80   // the certificate profile.
     81   optional int32 temporal_index = 13;
     82 }
     83 
     84 // The response from the attestation server for the certificate request.
     85 message AttestationCertificateResponse {
     86   optional ResponseStatus status = 1;
     87   // Detail response message. Included when the result is not OK.
     88   optional string detail = 2;
     89   // The credential of the certified key in X.509 format.
     90   optional bytes certified_key_credential = 3;
     91   // The issuer intermediate CA certificate in X.509 format.
     92   optional bytes intermediate_ca_cert = 5;
     93   // A message identifier from the request this message is responding to.
     94   optional bytes message_id = 6;
     95   // Additional intermediate CA certificates that can help in validation.
     96   // Certificate chaining order is from the leaf to the root. That is,
     97   // |certified_key_credential| is signed by
     98   // |intermediate_ca_cert|, which is signed by
     99   // |additional_intermediate_ca_cert(0)|, which is signed by
    100   // |additional_intermediate_ca_cert(1)|, ... and so on.
    101   repeated bytes additional_intermediate_ca_cert = 7;
    102 }
    103 
    104 // The reset request to be sent to the attestation server.
    105 message AttestationResetRequest {
    106   // The AIK cert, in X.509 form, encrypted using the server's public key with
    107   // the following parameters:
    108   //   Key encryption: RSA-OAEP with no custom parameters.
    109   //   Data encryption: 256-bit key, AES-CBC with PKCS5 padding.
    110   //   MAC: HMAC-SHA-512 using the AES key.
    111   optional EncryptedData encrypted_identity_credential = 1;
    112 
    113   // The one time token to make sure the reset process can be triggered only once.
    114   optional bytes token = 2;
    115 
    116   // The EK cert, in X.509 form, encrypted using the server's public key with
    117   // the following parameters:
    118   //   Key encryption: RSA-OAEP with no custom parameters.
    119   //   Data encryption: 256-bit key, AES-CBC with PKCS5 padding.
    120   //   MAC: HMAC-SHA-512 using the AES key.
    121   optional EncryptedData encrypted_endorsement_credential = 3;
    122 }
    123 
    124 // The response from the attestation server for the reset request.
    125 message AttestationResetResponse {
    126   // The response status.
    127   optional ResponseStatus status = 1;
    128   // Detail response message. Included when the result is not OK.
    129   optional string detail = 2;
    130 }
    131 
    132 // The challenge data (as in challenge-response) generated by the server.
    133 // Before transmitted to the client, this message will be wrapped as a
    134 // SignedData message, in which the data field is the serialized Challenge
    135 // message, and the signature field is the signature of the data field signed
    136 // by the enterprise server using a hard-coded key. The signature algorithm is
    137 // RSASSA-PKCS1-v1_5-SHA256.
    138 message Challenge {
    139   // A string for the client to sanity check a legitimate challenge.
    140   optional string prefix = 1;
    141   // A 256-bit random value generated by the server.
    142   optional bytes nonce = 2;
    143   // A timestamp for a stateless server to limit the timeframe during which the
    144   // challenge may be replayed.
    145   optional int64 timestamp = 3;
    146 }
    147 
    148 // The response data (as in challenge-response) generated by the client.
    149 // Before transmitted to the server, this message will be wrapped as a
    150 // SignedData message, in which the data field is the serialized
    151 // ChallengeResponse message, and the signature field is the signature of the
    152 // data field signed by the client using the key being challenged. The
    153 // signature algorithm is RSASSA-PKCS1-v1_5-SHA256.
    154 message ChallengeResponse {
    155   // The original challenge data.
    156   optional SignedData challenge = 1;
    157   // A 256-bit random value generated by the client. Mixing in this nonce
    158   // prevents a caller from using a challenge to sign arbitrary data.
    159   optional bytes nonce = 2;
    160   // The KeyInfo message encrypted using a public encryption key, pushed via
    161   // policy with the following parameters:
    162   //   Key encryption: RSA-OAEP with no custom parameters.
    163   //   Data encryption: 256-bit key, AES-CBC with PKCS5 padding.
    164   //   MAC: HMAC-SHA-512 using the AES key.
    165   optional EncryptedData encrypted_key_info = 3;
    166 }
    167 
    168 // The data type of the message decrypted from
    169 // ChallengeResponse.encrypted_key_info.encrypted_data field. This message holds
    170 // information required by enterprise server to complete the verification.
    171 message KeyInfo {
    172   // Indicates whether the key is an EMK or EUK.
    173   optional KeyProfile key_type = 1;
    174   // Domain information about the device or user associated with the key. For an
    175   // EMK, this value is the enrolled domain. For an EUK, this value is the
    176   // user's email address.
    177   optional string domain = 2;
    178   // The virtual device ID associated with the device or user.
    179   optional bytes device_id = 3;
    180   // If the key is an EUK, this value is the PCA-issued certificate for the key.
    181   optional bytes certificate = 4;
    182   // If the key is an EUK, this value may hold a SignedPublicKeyAndChallenge
    183   // with a random challenge.  The SignedPublicKeyAndChallenge specification is
    184   // here: https://developer.mozilla.org/en-US/docs/HTML/Element/keygen.
    185   optional bytes signed_public_key_and_challenge = 5;
    186 }
    187 
    188 enum KeyProfile {
    189   // Enterprise machine key.
    190   EMK = 0;
    191   // Enterprise user key.
    192   EUK = 1;
    193 }
    194