Added boot_hash and GetBootInfo().
Change-Id: I5de580a910291eb9a6db626e5444facbedb6c617
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.options b/nugget/proto/nugget/app/keymaster/keymaster.options
index 2081eaf..79aa06f 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster.options
+++ b/nugget/proto/nugget/app/keymaster/keymaster.options
@@ -3,9 +3,12 @@
nugget.app.keymaster.ImportWrappedKeyRequest.masking_key max_size:32
nugget.app.keymaster.SetRootOfTrustRequest.digest max_size:32
nugget.app.keymaster.SetBootStateRequest.public_key max_size:32
+nugget.app.keymaster.SetBootStateRequest.boot_hash max_size:32
nugget.app.keymaster.ComputeSharedHmacRequest.hmac_sharing_params max_count:3
nugget.app.keymaster.ComputeSharedHmacResponse.sharing_check max_size:32
nugget.app.keymaster.DTupHandshakeRequest.nonce_client max_size:32
nugget.app.keymaster.DTupHandshakeResponse.nonce_citadel max_size:32
nugget.app.keymaster.DTupHandshakeResponse.signature max_size:32
nugget.app.keymaster.DTupFetchInputEventResponse.signature max_size:32
+nugget.app.keymaster.GetBootInfoResponse.boot_key max_size:32
+nugget.app.keymaster.GetBootInfoResponse.boot_hash max_size:32
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.proto b/nugget/proto/nugget/app/keymaster/keymaster.proto
index 3344210..8766cdf 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster.proto
@@ -97,6 +97,7 @@
*/
// Only callable once per boot.
rpc SetSystemVersionInfo (SetSystemVersionInfoRequest) returns (SetSystemVersionInfoResponse);
+ rpc GetBootInfo (GetBootInfoRequest) returns (GetBootInfoResponse);
// These are implemented with a enum, so new RPCs must be appended, and
// deprecated RPCs need placeholders.
@@ -374,3 +375,13 @@
// Specified in keymaster_defs.proto:ErrorCode
ErrorCode error_code = 1;
}
+
+message GetBootInfoRequest {}
+
+message GetBootInfoResponse {
+ ErrorCode error_code = 1;
+ bool is_unlocked = 2;
+ BootColor boot_color = 3;
+ bytes boot_key = 4; // This is a SHA256 digest.
+ bytes boot_hash = 5; // This is a SHA256 digest.
+}