keymaster: add HardwareAuth & Verification Token types
Also fill in missing proto fields in begin/update/final.
Bug: 37427639
Change-Id: I81d5de69ae0db695bda77bb1ad524ef9441ca69f
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.proto b/nugget/proto/nugget/app/keymaster/keymaster.proto
index bcc3008..092603c 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster.proto
@@ -198,6 +198,7 @@
KeyPurpose purpose = 1;
KeyBlob blob = 2;
KeyParameters params = 3;
+ HardwareAuthToken auth_token = 4;
}
message BeginOperationResponse {
ErrorCode error_code = 1;
@@ -210,6 +211,8 @@
OperationHandle handle = 1;
KeyParameters params = 2;
bytes input = 3;
+ HardwareAuthToken auth_token = 4;
+ VerificationToken verification_token = 5;
}
message UpdateOperationResponse {
ErrorCode error_code = 1;
@@ -224,6 +227,8 @@
KeyParameters params = 2;
bytes input = 3;
bytes signature = 4;
+ HardwareAuthToken auth_token = 5;
+ VerificationToken verification_token = 6;
};
message FinishOperationResponse {
ErrorCode error_code = 1;
@@ -257,6 +262,23 @@
}
// ImportWrappedKey returns a ImportKeyResponse.
+// GetHmacSharingParametersRequest
+message GetHmacSharingParametersRequest {
+}
+message GetHmacSharingParametersResponse {
+ ErrorCode error_code = 1;
+ HmacSharingParameters hmac_sharing_params = 2;
+}
+
+// ComputeSharedHmacRequest
+message ComputeSharedHmacRequest {
+ repeated HmacSharingParameters hmac_sharing_params = 1;
+}
+message ComputeSharedHmacResponse {
+ ErrorCode error_code = 1;
+ bytes sharing_check = 2;
+}
+
/*
* Vendor HAL.
*/
@@ -314,22 +336,6 @@
bytes batch_cert = 4;
}
-message GetHmacSharingParametersRequest {}
-
-message GetHmacSharingParametersResponse {
- ErrorCode error_code = 1;
- HmacSharingParameters hmac_sharing_params = 2;
-}
-
-message ComputeSharedHmacRequest {
- repeated HmacSharingParameters hmac_sharing_params = 1;
-}
-
-message ComputeSharedHmacResponse {
- ErrorCode error_code = 1;
- bytes sharing_check = 2;
-}
-
message DTupHandshakeRequest {
bytes nonce_client = 1;
}
diff --git a/nugget/proto/nugget/app/keymaster/keymaster_types.proto b/nugget/proto/nugget/app/keymaster/keymaster_types.proto
index f5399ee..9c62baf 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster_types.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster_types.proto
@@ -59,6 +59,15 @@
bytes nonce = 2;
}
+message HardwareAuthToken {
+ uint64 challenge = 1;
+ uint64 user_id = 2;
+ uint64 authenticator_id = 3;
+ HardwareAuthenticatorType authenticator_type = 4;
+ uint64 timestamp = 5;
+ bytes mac = 6;
+}
+
message VerificationToken {
uint64 challenge = 1;
uint64 timestamp = 2;