// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Contains the request and response messages used in the CryptAuth v2
// Enrollment protocol. Specifically,
// (1) SyncKeysRequest: The client submits information about their current set
// of keys to the CryptAuth server. The client can update their
// client-specific or key-specific metadata at this time as well.
// (2) SyncKeysResponse: The CryptAuth server responds with instructions such
// as what existing keys to (de)active, what new keys to create, and the
// time of the next check-in.
// (3) EnrollKeysRequest: If new keys were requested in the SyncKeysResponse,
// the client sends the new key information to CryptAuth in this request.
// (4) EnrollKeysResponse: If a certificate was generated, it will be provided
// here; otherwise, this can simply be a signal of a successful
// enrollment.
syntax = "proto3";
package cryptauthv2;
option optimize_for = LITE_RUNTIME;
import "cryptauth_common.proto";
import "cryptauth_directive.proto";
// The first request in the enrollment protocol. The request contains the
// information including the keys currently held by the client, the latest
// policies received from the server, and the metadata associated with the
// client and keys.
message SyncKeysRequest {
// The unique name of the application.
string application_name = 1;
// The version of the CryptAuth client library.
string client_version = 2;
// The request to enroll a key or update the info related to a key.
message SyncSingleKeyRequest {
// The purpose/application of the key.
string key_name = 1;
// Identifiers of keys currently held by the client.
repeated bytes key_handles = 2;
// The policy_reference received in the last KeyDirective.
PolicyReference policy_reference = 3;
// Key-specific metadata.
KeyMetadata key_metadata = 4;
// A key-specific opaque blob provided by the application.
bytes key_app_metadata = 5;
}
// Per key sync data.
repeated SyncSingleKeyRequest sync_single_key_requests = 3;
// The policy_reference received in the last ClientDirective.
PolicyReference policy_reference = 4;
// Client-specific metadata.
ClientMetadata client_metadata = 5;
// A client-specific opaque blob provided by the application.
bytes client_app_metadata = 6;
}
// The response to SyncKeysRequest. The response instructs how the client should
// manage existing keys and whether to create a new key.
message SyncKeysResponse {
// The session indentifer generated by the server, which must be
// cryptographically random.
bytes random_session_id = 1;
// The ephemeral DH public key generated by the server.
bytes server_ephemeral_dh = 2;
// The response corresponding to the SyncSingleKeyRequest message.
message SyncSingleKeyResponse {
// The actions corresponding to the key handles in SyncKeysRequest.
enum KeyAction {
// Default value. A client receiving this should treat it as a noop.
// (-- But, be wary of b/119886258. --)
KEY_ACTION_UNSPECIFIED = 0;
// Keep the key and make it the "active" key.
ACTIVATE = 1;
// Keep the key. When enrollment is complete, ensure the key is not
// "active".
// (-- But, be wary of b/119886258 and a noop on iOS. --)
DEACTIVATE = 2;
// Delete the key.
DELETE = 3;
}
// Key actions with one entry per key handle and in the same order as in the
// request.
repeated KeyAction key_actions = 1;
// The instruction for the client to create a new key.
enum KeyCreation {
// Do not create a new key.
NONE = 0;
// Create a new key, and then use it as the "active" key.
ACTIVE = 1;
// Create a new key, but do not use it as the "active" key.
// (-- Beware of b/119889101. This doesn't work on Android or iOS. --)
INACTIVE = 2;
}
// Instruction for key creation.
KeyCreation key_creation = 2;
// The type of the cryptographic key.
KeyType key_type = 3;
// The updated key-specific directives.
KeyDirective key_directive = 4;
// A key-specific opaque blob given to the application.
bytes key_app_directive = 5;
// The storage level where the key is created and stored.
enum KeyStorageLevel {
// Default value. The client is free to decide where to create the key.
KEY_STORAGE_LEVEL_UNSPECIFIED = 0;
// The key should be created and stored in software store. E.g. the
// client may create a key using a crypto library and store it in a
// file.
SOFTWARE = 1;
// The key should be created in a Trusted Execution Environment (TEE).
// E.g., TrustZone from ARM chips.
TRUSTED_EXECUTION_ENVIRONMENT = 2;
// The key should be created in a dedicated hardware that is separate from
// the main processor. E.g., StrongBox chips in Android devices and Secure
// Enclave in iOS devices.
DEDICATED_SECURE_ELEMENT = 3;
};
// The storage level to create the key.
KeyStorageLevel key_storage_level = 6;
// The newly created key should require hardware backed user presence when
// using the key.
bool hardware_user_presence_required = 7;
// The newly created key should require user verification when using the
// key.
bool user_verification_required = 8;
}
// Per key sync response.
repeated SyncSingleKeyResponse sync_single_key_responses = 3;
// The updated client-specific directives.
ClientDirective client_directive = 4;
// A client-specific opaque blob given to the application.
bytes client_app_directive = 5;
// The state of the server.
enum ServerStatus {
// The server is fine; the rest of SyncKeysResponse should be processed.
SERVER_OK = 0;
// The server is overloaded; client_directive should be followed.
SERVER_OVERLOADED = 1;
}
// The status of the server.
ServerStatus server_status = 6;
}
// The second request in the enrollment protocol. The second request is
// necessary if the client wants to enroll a new key. The request contains the
// information such as the material of the new key, and necessary proofs for
// verifying the key.
message EnrollKeysRequest {
// The session identifier copied from the SyncKeysResponse message.
bytes random_session_id = 1;
// The ephemeral DH public key generated by the client.
bytes client_ephemeral_dh = 2;
// The request to enroll a key, e.g., create a new key or rotate an old one.
message EnrollSingleKeyRequest {
// The key_name copied from SyncKeysRequest.
string key_name = 1;
// The identifier of the new key.
bytes new_key_handle = 2;
// The raw bytes of the new public key or custom data.
bytes key_material = 3;
// The public-key signature or MAC tag that shows the client indeed
// possesses the private or secret key.
bytes key_proof = 4;
// Cross-signatures or MAC tags by other keys.
message KeyCrossproof {
// The key_name of the cross-signing key.
string other_key_name = 1;
// The computed cross-signatures or MAC tags.
bytes other_key_proof = 2;
}
// Cross proofs.
repeated KeyCrossproof key_crossproofs = 5;
// Subject to certify.
repeated CertificateRequest certificate_requests = 6;
// Attestation of the key.
message KeyAttestation {
// The type of the key attestation.
enum KeyAttestationType {
// Default value.
KEY_ATTESTATION_TYPE_UNSPECIFIED = 0;
// Attestation generated by Android KeyStore API.
// See
// https://developer.android.com/training/articles/security-key-attestation
// The payload should be the concatenation of the X.509
// certificates returned by KeyStore attestation API encoded in ASN.1
// DER.
ANDROID_KEYSTORE_ATTESTATION = 1;
}
// The attestation type.
KeyAttestationType type = 1;
// The payload of the key attestation. The content of the payload is
// dependent on the attestation type.
bytes payload = 2;
}
// The attestation of the key if the key supports one.
KeyAttestation key_attestation = 7;
}
// Per key enroll data.
repeated EnrollSingleKeyRequest enroll_single_key_requests = 3;
}
// The response to EnrollKeysRequest. The response can contain a public-key
// certificate for the client to perform offline authentications.
message EnrollKeysResponse {
// The response corresponding to the EnrollSingleKeyRequest message.
message EnrollSingleKeyResponse {
// The server may produce a certificate and send it to the client.
repeated Certificate certificate = 1;
}
// Per key enroll response.
repeated EnrollSingleKeyResponse enroll_single_key_responses = 1;
}
// Subject to certify.
message CertificateRequest {
// The type of subject to certify.
enum CommonNameType {
// Reserved.
UNKNOWN_COMMON_NAME_TYPE = 0;
// Indicates a phone number needs to be signed.
PHONE_NUMBER = 1;
}
// Type of content to be signed.
CommonNameType type = 1;
// Raw data of the content.
bytes data = 2;
// Bytes used to verify the validation of data.
bytes token = 3;
// Additional data used to help verify data. (e.g. audience)
bytes additional_data = 4;
}
// The key-specific metadata contained in SyncKeysRequest.
message KeyMetadata {}
// This generic rpc is used by MagicShare, BetterTogether and possibly other
// features in the future to obtain enrollment information from the server.
// This method’s behavior shall be based on the key_name which is supplied.
// The client and server shall set and expect specific data in
// request_key_metadata and response_key_metadata, based on the application_name
// and key_name.
message GetMetadataRequest {
// The unique name of the application
string application_name = 1;
// The version of the CryptAuth client library
string client_version = 2;
// The request to get key metadata related to a key name.
message GetSingleKeyMetadataRequest {
// The purpose/application of the key.
string key_name = 1;
// key specific metadata
bytes request_key_metadata = 2;
}
// Per key request
repeated GetSingleKeyMetadataRequest get_single_key_metadata_request = 3;
// InvocationReason, retry count, etc. (same as SyncKeys).
ClientMetadata client_metadata = 4;
// A client-specific opaque blob provided by the application.
bytes app_metadata = 5;
}
// The response to GetMetadataRequest. The response contains key metadata based
// on the application name_and key_name in GetMetadataRequest.
message GetMetadataResponse {
// The response of GetKeyMetadataRequest.
message GetSingleKeyMetadataResponse {
// Key specific response metadtata.
bytes response_key_metadata = 1;
}
// A response for every key_metadata_request above.
repeated GetSingleKeyMetadataResponse get_single_skey_metadata_response = 1;
}