summaryrefslogtreecommitdiffstats
path: root/components
diff options
context:
space:
mode:
authortengs <tengs@chromium.org>2014-10-15 12:47:04 -0700
committerCommit bot <commit-bot@chromium.org>2014-10-15 19:47:23 +0000
commit5921080ce77d1f7674070f8cf96473b4d4b0d684 (patch)
treec9fd6586783aca06d98424179d6ac7b391975685 /components
parent9213b26a352db67accada5c9002c830aac783258 (diff)
downloadchromium_src-5921080ce77d1f7674070f8cf96473b4d4b0d684.zip
chromium_src-5921080ce77d1f7674070f8cf96473b4d4b0d684.tar.gz
chromium_src-5921080ce77d1f7674070f8cf96473b4d4b0d684.tar.bz2
Add proto definitions for messages used by CryptAuth APIs and the authentication protocol.
BUG=385719 Review URL: https://codereview.chromium.org/616233002 Cr-Commit-Position: refs/heads/master@{#299747}
Diffstat (limited to 'components')
-rw-r--r--components/proximity_auth.gypi13
-rw-r--r--components/proximity_auth/cryptauth/proto/BUILD.gn12
-rw-r--r--components/proximity_auth/cryptauth/proto/cryptauth_api.proto209
3 files changed, 234 insertions, 0 deletions
diff --git a/components/proximity_auth.gypi b/components/proximity_auth.gypi
index d24b909..41ca37e 100644
--- a/components/proximity_auth.gypi
+++ b/components/proximity_auth.gypi
@@ -43,6 +43,19 @@
],
},
{
+ # GN version: //components/cryptauth/proto
+ 'target_name': 'cryptauth_proto',
+ 'type': 'static_library',
+ 'sources': [
+ 'proximity_auth/cryptauth/proto/cryptauth_api.proto',
+ ],
+ 'variables': {
+ 'proto_in_dir': 'proximity_auth/cryptauth/proto',
+ 'proto_out_dir': 'components/proximity_auth/cryptauth/proto',
+ },
+ 'includes': [ '../build/protoc.gypi' ]
+ },
+ {
'target_name': 'cryptauth',
'type': 'static_library',
'include_dirs': [
diff --git a/components/proximity_auth/cryptauth/proto/BUILD.gn b/components/proximity_auth/cryptauth/proto/BUILD.gn
new file mode 100644
index 0000000..5beee2a
--- /dev/null
+++ b/components/proximity_auth/cryptauth/proto/BUILD.gn
@@ -0,0 +1,12 @@
+# Copyright 2014 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import ("//third_party/protobuf/proto_library.gni")
+
+# GYP version: //components/proximity_auth.gypi:cryptauth_proto
+proto_library("proto") {
+ sources = [
+ "cryptauth_api.proto",
+ ]
+}
diff --git a/components/proximity_auth/cryptauth/proto/cryptauth_api.proto b/components/proximity_auth/cryptauth/proto/cryptauth_api.proto
new file mode 100644
index 0000000..8193b52
--- /dev/null
+++ b/components/proximity_auth/cryptauth/proto/cryptauth_api.proto
@@ -0,0 +1,209 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Definitions for CryptAuth API calls.
+// Generated from server definitions. Do not edit.
+syntax = "proto2";
+
+package cryptauth;
+
+option optimize_for = LITE_RUNTIME;
+
+// Device information provided to external clients that need to sync device
+// state.
+message ExternalDeviceInfo {
+ // A cryptographic public key associated with the device.
+ optional bytes public_key = 1;
+
+ // A user friendly (human readable) name for this device.
+ optional string friendly_device_name = 2;
+
+ // If available, the device's bluetooth MAC address
+ optional string bluetooth_address = 3;
+
+ // Whether or not this device can be used as an unlock key
+ optional bool unlock_key = 4;
+
+ // Whether or not this device can be unlocked
+ optional bool unlockable = 5;
+}
+
+// Request for a list of devices that could be used as Unlock Keys, optionally
+// requesting a callback over bluetooth (for proximity detection).
+message FindEligibleUnlockDevicesRequest {
+ // A bluetooth MAC address to be contacted if a device that may be eligible
+ // for unlock is nearby. If set, a message will be pushed to all eligible
+ // unlock devices requesting that they contact the specified MAC address. If
+ // this field is left unset, no callback will be made, and no message will be
+ // pushed to the user's devices.
+ optional string callback_bluetooth_address = 2;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#findEligibleUnlockDevicesRequest"</code>.
+ optional string kind = 3;
+}
+
+// Response containing a list of devices that could be made Unlock Keys
+message FindEligibleUnlockDevicesResponse {
+ // Devices that could be made Unlock Keys (even if they aren't enabled yet)
+ repeated ExternalDeviceInfo eligible_devices = 1;
+
+ // Devices that cannot be made unlock keys, and reasons for this. This list
+ // will not contain any non-gms core devices, even though these are also not
+ // eligible to be unlock keys.
+ repeated IneligibleDevice ineligible_devices = 2;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#findEligibleUnlockDevicesResponse"</code>.
+ optional string kind = 3;
+}
+
+// Request to complete a device enrollment.
+message FinishEnrollmentRequest {
+ // The enrollment session identifer from the <code>setup</code> response.
+ optional bytes enrollment_session_id = 2;
+
+ // An encrypted payload containing enrollment information for the device.
+ optional bytes enrollment_message = 3;
+
+ // A Diffie-Hellman public key for the device, to complete the key exchange.
+ optional bytes device_ephemeral_key = 4;
+}
+
+// Response indicating whether a device enrollment completed successfully.
+message FinishEnrollmentResponse {
+ // Status should be OK if the request was successful.
+ optional string status = 1;
+
+ // A detailed error message if there was a failure.
+ optional string error_message = 2;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#finishEnrollmentResponse"</code>.
+ optional string kind = 5;
+}
+
+// Used to request devices that have a specific feature.
+message GetDevicesForFeatureRequest {
+ // Requests those devices that support the specified DeviceFeature
+ optional string device_feature = 2;
+}
+
+// Devices that have a certain feature, as returned by the GetDevicesForFeature
+// RPC.
+message GetDevicesForFeatureResponse {
+ // A (possibly empty) list of devices supporting the requested feature.
+ repeated ExternalDeviceInfo result_sets = 1;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#getDevicesForFeatureResponse"</code>.
+ optional string kind = 2;
+}
+
+// Request for a listing of a user's own devices
+message GetMyDevicesRequest {
+ // Return only devices that can act as EasyUnlock keys.
+ optional bool approved_for_unlock_required = 2;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#getMyDevicesRequest"</code>.
+ optional string kind = 3;
+}
+
+// Response containing a listing of the users device's
+message GetMyDevicesResponse {
+ // A listing of all sync-able devices
+ repeated ExternalDeviceInfo devices = 1;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#getMyDevicesResponse"</code>.
+ optional string kind = 2;
+}
+
+// A device that the server thinks is not eligible to be an unlock key, and the
+// reason for this.
+message IneligibleDevice {
+ // The device that is not eligible to be an unlock key.
+ optional ExternalDeviceInfo device = 1;
+
+ // The reasons why the server thinks it is not an unlock key. NOTE: for now,
+ // this list of reasons will contain exactly one element. It is a repeated
+ // field because, in principle, there can be more than one reason that makes a
+ // device not eligible to be an unlock key, and we want to be able to add
+ // multiple reasons in the future.
+ repeated string reasons = 2;
+}
+
+// Requests to send a "tickle" requesting to sync all of a user's devices now
+message SendDeviceSyncTickleRequest {
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#sendDeviceSyncTickleRequest"</code>.
+ optional string kind = 2;
+}
+
+// Contains information needed to begin a device enrollment.
+message SetupEnrollmentInfo {
+ // Type of protocol this setup information was requested for
+ optional string type = 1;
+
+ // A session identifier to be used for this enrollment session.
+ optional bytes enrollment_session_id = 2;
+
+ // A Diffie-Hellman public key used to perform a key exchange during
+ // enrollment.
+ optional bytes server_ephemeral_key = 3;
+}
+
+// Requests information needed to begin a device enrollment.
+message SetupEnrollmentRequest {
+ // Deprecated. See <code>application_id</code>
+ optional string origin = 2;
+
+ // Type(s) of protocol supported by this enrolling device (e.g. "gcmV1")
+ repeated string types = 3;
+
+ // Indicates whether a legacy crypto suite must be used with this device.
+ optional bool use_legacy_crypto = 4;
+
+ // A URL describing which application facets this enrollment can be used (see
+ // http://go/appid).
+ optional string application_id = 5;
+}
+
+// Contains information needed to begin a device enrollment.
+message SetupEnrollmentResponse {
+ // Should return OK if the request was well formed.
+ optional string status = 1;
+
+ // Information for each of the requested protocol <code>type</code>s.
+ repeated SetupEnrollmentInfo infos = 2;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#setupEnrollmentResponse"</code>.
+ optional string kind = 3;
+}
+
+// Used to enable or disable EasyUnlock features on a specified device, and also
+// causes other devices to sync the new EasyUnlock state.
+message ToggleEasyUnlockRequest {
+ // If true, Easy Unlock will be enabled for the device with public key equal
+ // to public_key. Otherwise, it will be disabled for that device.
+ optional bool enable = 1;
+
+ // Encoded public key of the device to enable/disable (here you must use the
+ // same exact encoding that was sent during device enrollment).
+ optional bytes public_key = 2;
+
+ // If true, EasyUnlock enabled state will be set to the value of "enable" for
+ // all of a user's devices. This is the same as calling the toggle RPC for
+ // every device. However, this removes the need for calling GetMyDevices, so
+ // it reduces network overhead. If this field is set "public_key" must not be
+ // set. NOTE: the case enable=true is not yet supported, so this option can
+ // only disable EasyUnlock for all devices.
+ optional bool apply_to_all = 3;
+
+ // Identifies what kind of resource this is. Value: the fixed string
+ // <code>"cryptauth#toggleEasyUnlockRequest"</code>.
+ optional string kind = 4;
+}