Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 33aac2dda210791b4ba155d204ceff56b77a28a9^! / . / keystore / key_config.proto
commit33aac2dda210791b4ba155d204ceff56b77a28a9[log] [tgz]
authorMax Bires <jbires@google.com>Fri Feb 23 10:53:10 2018 -0800
committerMax Bires <jbires@google.com>Wed Apr 25 21:46:08 2018 +0000
tree8ec2e99594b9bf9fa74eecb05153252bdc275fe8
parentcf91dcdee36775965938f5535480d6345821b459 [diff] [blame]
Adding DropBox logging support for keystore functionality

This will allow us to track the actual usage patterns of keystore
functions and error occurences.

Bug: 36549319
Test: DropBox logging works for keystore tags
Change-Id: Iadfba3afebaa0be753212b1111b68f50b77f9978
(cherry picked from commit d6d8952b346f08b4b74199adc1215579f4faeeff)

diff --git a/keystore/key_config.proto b/keystore/key_config.proto
new file mode 100644
index 0000000..0b1a398
--- /dev/null
+++ b/keystore/key_config.proto

@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+syntax = "proto2";
+
+package keystore;
+
+option optimize_for = LITE_RUNTIME;
+
+message KeyConfig {
+  // What type of encryption algorithm is this key being generated/imported for
+  // e.g. AES, RSA, etc
+  optional string algorithm = 1;
+
+  // Size of the key being generated/imported
+  optional int32 key_size = 2;
+
+  // Log whether the key was generated, imported, securely imported, or derived.
+  optional string origin = 3;
+
+  // What auth types does this key require? If none, then no auth required.
+  optional string user_auth_type = 4;
+
+  // If user authentication is required, is the requirement time based? If it
+  // is not time based then this field will not be used and the key is per
+  // operation. Per operation keys must be user authenticated on each usage.
+  optional int32 user_auth_key_timeout = 5;
+
+  // Track which padding modes this key supports.
+  repeated string padding = 6;
+
+  // Track which digests this key supports
+  repeated string digest = 7;
+
+  // Check what block mode is being used depending on the mode of encryption
+  repeated string block_mode = 8;
+
+  // Was the key generated/imported successfully?
+  optional bool was_creation_successful = 9;
+
+  // What purposes can this key be used for?
+  repeated string purpose = 10;
+
+  // Which ec curve was selected if elliptic curve cryptography is in use
+  optional string ec_curve = 11;
+
+  // Standalone or is a file system required
+  optional string key_blob_usage_reqs = 12;
+}