Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / nos / host / generic / 4967ca5174ca53737043d5c9a48eb3017e363cd6 / . / nugget / proto / nugget / app / keymaster / keymaster_defs.proto
blob: 1dcb5b64b28cdcc97d61084fe6edec0862d17bfd [file] [log] [blame]
nagendra modadugubdcfaa82017-09-17 17:11:36 -0700[diff] [blame]1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17syntax = "proto3";
18
19package nugget.app.keymaster;
20
Andrew Scullb5f24a52017-10-13 19:46:40 +0100[diff] [blame]21/*
22 * Minimal type definitions required for building protos. Sourced from:
23 * ::android::hardware::keymaster::V3_0
24 */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]25enum TagType {
26 TAG_TYPE_INVALID = 0x0; /* 0 << 16 */
27 ENUM = 0x10000; /* 1 << 16 */
28 ENUM_REP = 0x20000; /* 2 << 16 */
29 UINT = 0x30000; /* 3 << 16 */
30 UINT_REP = 0x40000; /* 4 << 16 */
31 ULONG = 0x50000; /* 5 << 16 */
32 DATE = 0x60000; /* 6 << 16 */
33 BOOL = 0x70000; /* 7 << 16 */
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]34 /* BIGNUM = 0x80000; 8 << 16 */ /* Unused. */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]35 BYTES = 0x90000; /* 9 << 16 */
36 ULONG_REP = 0xA0000; /* 10 << 16 */
37};
38
39enum Tag {
40 TAG_INVALID = 0; // (TagType:INVALID | 0)
41 PURPOSE = 0x20001; // (TagType:ENUM_REP | 1)
42 ALGORITHM = 0x10002; // (TagType:ENUM | 2)
43 KEY_SIZE = 0x30003; // (TagType:UINT | 3)
44 BLOCK_MODE = 0x20004; // (TagType:ENUM_REP | 4)
45 DIGEST = 0x20005; // (TagType:ENUM_REP | 5)
46 PADDING = 0x20006; // (TagType:ENUM_REP | 6)
47 CALLER_NONCE = 0x70007; // (TagType:BOOL | 7)
48 MIN_MAC_LENGTH = 0x30008; // (TagType:UINT | 8)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]49 /* RESERVED: KDF = 0x20009; // (TagType:ENUM_REP | 9) */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]50 EC_CURVE = 0x1000a; // (TagType:ENUM | 10)
51 RSA_PUBLIC_EXPONENT = 0x500c8; // (TagType:ULONG | 200)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]52 /* RESERVED: ECIES_SINGLE_HASH_MODE = 0x700c9; // (TagType:BOOL | 201) */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]53 INCLUDE_UNIQUE_ID = 0x700ca; // (TagType:BOOL | 202)
54 BLOB_USAGE_REQUIREMENTS = 0x1012d; // (TagType:ENUM | 301)
55 BOOTLOADER_ONLY = 0x7012e; // (TagType:BOOL | 302)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]56 ROLLBACK_RESISTANCE = 0x7012f; // (TagType:BOOL | 303)
57 HARDWARE_TYPE = 0x10130; // TagType:ENUM | 304,
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]58 ACTIVE_DATETIME = 0x60190; // (TagType:DATE | 400)
59 ORIGINATION_EXPIRE_DATETIME = 0x60191; // (TagType:DATE | 401)
60 USAGE_EXPIRE_DATETIME = 0x60192; // (TagType:DATE | 402)
61 MIN_SECONDS_BETWEEN_OPS = 0x30193; // (TagType:UINT | 403)
62 MAX_USES_PER_BOOT = 0x30194; // (TagType:UINT | 404)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]63 /* RESERVED: ALL_USERS = 0x701f4; // (TagType:BOOL | 500) */
64 /* RESERVED: USER_ID = 0x301f5; // (TagType:UINT | 501) */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]65 USER_SECURE_ID = 0xa01f6; // (TagType:ULONG_REP | 502)
66 NO_AUTH_REQUIRED = 0x701f7; // (TagType:BOOL | 503)
67 USER_AUTH_TYPE = 0x101f8; // (TagType:ENUM | 504)
68 AUTH_TIMEOUT = 0x301f9; // (TagType:UINT | 505)
69 ALLOW_WHILE_ON_BODY = 0x701fa; // (TagType:BOOL | 506)
nagendra modadugue52e8ab2018-01-10 08:08:00 -0800[diff] [blame]70 TRUSTED_USER_PRESENCE_REQUIRED = 0x701fb; // (TagType:BOOL | 507)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]71 /* RESERVED: ALL_APPLICATIONS = 0x70258; // (TagType:BOOL | 600) */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]72 APPLICATION_ID = 0x90259; // (TagType:BYTES | 601)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]73 /* RESERVED: EXPORTABLE = 0x7025a; // (TagType:BOOL | 602) */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]74 APPLICATION_DATA = 0x902bc; // (TagType:BYTES | 700)
75 CREATION_DATETIME = 0x602bd; // (TagType:DATE | 701)
76 ORIGIN = 0x102be; // (TagType:ENUM | 702)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]77 /* RESERVED: ROLLBACK_RESISTANT = 0x702bf; // (TagType:BOOL | 703) */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]78 ROOT_OF_TRUST = 0x902c0; // (TagType:BYTES | 704)
79 OS_VERSION = 0x302c1; // (TagType:UINT | 705)
80 OS_PATCHLEVEL = 0x302c2; // (TagType:UINT | 706)
81 UNIQUE_ID = 0x902c3; // (TagType:BYTES | 707)
82 ATTESTATION_CHALLENGE = 0x902c4; // (TagType:BYTES | 708)
83 ATTESTATION_APPLICATION_ID = 0x902c5; // (TagType:BYTES | 709)
84 ATTESTATION_ID_BRAND = 0x902c6; // (TagType:BYTES | 710)
85 ATTESTATION_ID_DEVICE = 0x902c7; // (TagType:BYTES | 711)
86 ATTESTATION_ID_PRODUCT = 0x902c8; // (TagType:BYTES | 712)
87 ATTESTATION_ID_SERIAL = 0x902c9; // (TagType:BYTES | 713)
88 ATTESTATION_ID_IMEI = 0x902ca; // (TagType:BYTES | 714)
89 ATTESTATION_ID_MEID = 0x902cb; // (TagType:BYTES | 715)
90 ATTESTATION_ID_MANUFACTURER = 0x902cc; // (TagType:BYTES | 716)
91 ATTESTATION_ID_MODEL = 0x902cd; // (TagType:BYTES | 717)
Allen Webb91df0bd2018-05-24 09:01:05 -0700[diff] [blame]92 VENDOR_PATCHLEVEL = 0x302ce; // (TagType:UINT | 718)
93 BOOT_PATCHLEVEL = 0x302cf; // (TagType:UINT | 719)
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]94 ASSOCIATED_DATA = 0x903e8; // (TagType:BYTES | 1000)
95 NONCE = 0x903e9; // (TagType:BYTES | 1001)
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]96 /* RESERVED: AUTH_TOKEN = 0x903ea; // (TagType:BYTES | 1002) */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]97 MAC_LENGTH = 0x303eb; // (TagType:UINT | 1003)
98 RESET_SINCE_ID_ROTATION = 0x703ec; // (TagType:BOOL | 1004)
99};
100
101enum Algorithm {
102 RSA = 0;
103 EC = 1;
104 AES = 2;
105 DES = 3;
106 HMAC = 4;
107 ALGORITHM_MAX = 5;
108};
109
110enum BlockMode {
111 ECB = 0;
112 CBC = 1;
113 CTR = 2;
114 GCM = 3;
115 BLOCK_MODE_MAX = 4;
116};
117
118enum PaddingMode {
119 PADDING_NONE = 0;
120 PADDING_RSA_OAEP = 1;
121 PADDING_RSA_PSS = 2;
122 PADDING_RSA_PKCS1_1_5_ENCRYPT = 3;
123 PADDING_RSA_PKCS1_1_5_SIGN = 4;
124 PADDING_PKCS7 = 5;
125 PADDING_MODE_MAX = 6;
126};
127
128enum Digest {
129 DIGEST_NONE = 0;
130 DIGEST_MD5 = 1;
131 DIGEST_SHA1 = 2;
132 DIGEST_SHA_2_224 = 3;
133 DIGEST_SHA_2_256 = 4;
134 DIGEST_SHA_2_384 = 5;
135 DIGEST_SHA_2_512 = 6;
136 DIGEST_MAX = 7;
137};
138
139enum EcCurve {
140 P_224 = 0;
141 P_256 = 1;
142 P_384 = 2;
143 P_521 = 3;
144 EC_CURVE_MAX = 4;
145};
146
147enum KeyOrigin {
148 GENERATED = 0;
149 DERIVED = 1;
150 IMPORTED = 2;
151 UNKNOWN = 3;
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]152 SECURELY_IMPORTED = 4;
153 KEY_ORIGIN_MAX = 5;
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]154};
155
156enum KeyBlobUsageRequirements {
157 STANDALONE = 0;
158 REQUIRES_FILE_SYSTEM = 1;
159 KEY_USAGE_MAX = 2;
160};
161
Andrew Scullb5f24a52017-10-13 19:46:40 +0100[diff] [blame]162enum KeyPurpose {
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]163 ENCRYPT = 0;
164 DECRYPT = 1;
165 SIGN = 2;
166 VERIFY = 3;
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]167 /* RESERVED: DERIVE_KEY = 4; */
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]168 WRAP_KEY = 5;
169 PURPOSE_MAX = 6;
170};
171
172enum ErrorCode {
173 OK = 0;
174 ROOT_OF_TRUST_ALREADY_SET = 1;
175 UNSUPPORTED_PURPOSE = 2;
176 INCOMPATIBLE_PURPOSE = 3;
177 UNSUPPORTED_ALGORITHM = 4;
178 INCOMPATIBLE_ALGORITHM = 5;
179 UNSUPPORTED_KEY_SIZE = 6;
180 UNSUPPORTED_BLOCK_MODE = 7;
181 INCOMPATIBLE_BLOCK_MODE = 8;
182 UNSUPPORTED_MAC_LENGTH = 9;
183 UNSUPPORTED_PADDING_MODE = 10;
184 INCOMPATIBLE_PADDING_MODE = 11;
185 UNSUPPORTED_DIGEST = 12;
186 INCOMPATIBLE_DIGEST = 13;
187 INVALID_EXPIRATION_TIME = 14;
188 INVALID_USER_ID = 15;
189 INVALID_AUTHORIZATION_TIMEOUT = 16;
190 UNSUPPORTED_KEY_FORMAT = 17;
191 INCOMPATIBLE_KEY_FORMAT = 18;
192 UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM = 19;
193 UNSUPPORTED_KEY_VERIFICATION_ALGORITHM = 20;
194 INVALID_INPUT_LENGTH = 21;
195 KEY_EXPORT_OPTIONS_INVALID = 22;
196 DELEGATION_NOT_ALLOWED = 23;
197 KEY_NOT_YET_VALID = 24;
198 KEY_EXPIRED = 25;
199 KEY_USER_NOT_AUTHENTICATED = 26;
200 OUTPUT_PARAMETER_NULL = 27;
201 INVALID_OPERATION_HANDLE = 28;
202 INSUFFICIENT_BUFFER_SPACE = 29;
203 VERIFICATION_FAILED = 30;
204 TOO_MANY_OPERATIONS = 31;
205 UNEXPECTED_NULL_POINTER = 32;
206 INVALID_KEY_BLOB = 33;
207 IMPORTED_KEY_NOT_ENCRYPTED = 34;
208 IMPORTED_KEY_DECRYPTION_FAILED = 35;
209 IMPORTED_KEY_NOT_SIGNED = 36;
210 IMPORTED_KEY_VERIFICATION_FAILED = 37;
211 INVALID_ARGUMENT = 38;
212 UNSUPPORTED_TAG = 39;
213 INVALID_TAG = 40;
214 MEMORY_ALLOCATION_FAILED = 41;
215 IMPORT_PARAMETER_MISMATCH = 42;
216 SECURE_HW_ACCESS_DENIED = 43;
217 OPERATION_CANCELLED = 44;
218 CONCURRENT_ACCESS_CONFLICT = 45;
219 SECURE_HW_BUSY = 46;
220 SECURE_HW_COMMUNICATION_FAILED = 47;
221 UNSUPPORTED_EC_FIELD = 48;
222 MISSING_NONCE = 49;
223 INVALID_NONCE = 50;
224 MISSING_MAC_LENGTH = 51;
225 KEY_RATE_LIMIT_EXCEEDED = 52;
226 CALLER_NONCE_PROHIBITED = 53;
227 KEY_MAX_OPS_EXCEEDED = 54;
228 INVALID_MAC_LENGTH = 55;
229 MISSING_MIN_MAC_LENGTH = 56;
230 UNSUPPORTED_MIN_MAC_LENGTH = 57;
231 UNSUPPORTED_KDF = 58;
232 UNSUPPORTED_EC_CURVE = 59;
233 KEY_REQUIRES_UPGRADE = 60;
234 ATTESTATION_CHALLENGE_MISSING = 61;
235 KEYMASTER_NOT_CONFIGURED = 62;
236 ATTESTATION_APPLICATION_ID_MISSING = 63;
237 CANNOT_ATTEST_IDS = 64;
238 UNIMPLEMENTED = 65;
239 VERSION_MISMATCH = 66;
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]240 ROLLBACK_RESISTANCE_UNAVAILABLE = 67;
241 HARDWARE_TYPE_UNAVAILABLE = 68;
nagendra modadugue52e8ab2018-01-10 08:08:00 -0800[diff] [blame]242 PROOF_OF_PRESENCE_REQUIRED = 69;
243 CONCURRENT_PROOF_OF_PRESENCE_REQUESTED = 70;
244 UNKNOWN_ERROR = 71;
nagendra modaduguf32029b2018-03-27 15:30:13 -0700[diff] [blame]245 INVALID_DEVICE_IDS = 72; // Vendor specific.
246 PRODUCTION_MODE_PROVISIONING = 73; // Vendor specific.
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]247};
248
249enum HardwareAuthenticatorType {
250 AUTH_NONE = 0;
251 AUTH_PASSWORD = 1; // (1 << 0)
252 AUTH_FINGERPRINT = 2; // (1 << 1)
253 AUTH_ANY = 3;
254 AUTH_MAX = 4;
255};
256
257enum SecurityLevel {
258 SOFTWARE = 0;
259 TRUSTED_ENVIRONMENT = 1;
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]260 STRONGBOX = 2;
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]261};
Andrew Scullb5f24a52017-10-13 19:46:40 +0100[diff] [blame]262
263enum KeyFormat {
nagendra modaduguebfdd372017-10-25 23:52:25 -0700[diff] [blame]264 X509 = 0; /* for public key export */
265 PKCS8 = 1; /* for asymmetric key pair import */
nagendra modadugubdf53cd2017-12-04 21:28:02 -0800[diff] [blame]266 RAW = 3; /* for symmetric key import and export*/
Andrew Scullb5f24a52017-10-13 19:46:40 +0100[diff] [blame]267}
Janis Danisevskise0a319a2018-04-11 16:51:44 -0700[diff] [blame]268
269enum DTupError {
270 DTUP_OK = 0;
271 DTUP_NO_EVENT = 1;
272}
273
274/* matches Linux event device codes */
275enum DTupKeyEvent {
276 DTUP_RESERVED = 0;
277 DTUP_VOL_DOWN = 114;
278 DTUP_VOL_UP = 115;
279 DTUP_PWR = 116;
280}
nagendra modadugu53158e92018-05-29 12:40:54 -0700[diff] [blame]281
282enum BootColor {
283 BOOT_VERIFIED_GREEN = 0;
284 BOOT_SELFSIGNED_YELLOW = 1;
285 BOOT_UNVERIFIED_ORANGE = 2;
286 BOOT_VERIFY_FAILED_RED = 3;
287}