1/* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17syntax = "proto2"; 18 19package keystore; 20 21option optimize_for = LITE_RUNTIME; 22 23// A single operation config 24message OperationConfig { 25 // What type of encryption algorithm is the key being used in the op for. 26 optional string algorithm = 1; 27 28 // Size of the key being used in this op 29 optional int32 key_size = 2; 30 31 // Log whether the key in this op was generated, imported, 32 // securely imported, or derived. 33 optional string origin = 3; 34 35 // What auth types does this op require? If none, then no auth required. 36 optional string user_auth_type = 4; 37 38 // If user authentication is required, is the requirement time based? If it 39 // is not time based then this field will not be used and the key is per 40 // operation. Per operation keys must be user authenticated on each usage. 41 optional int32 user_auth_key_timeout = 5; 42 43 // Track which padding mode was used for this operation. 44 optional string padding = 6; 45 46 // Keep track of the digest algorithm being used. 47 optional string digest = 7; 48 49 // Check what block mode is being used depending on the mode of encryption 50 optional string block_mode = 8; 51 52 // Did the operation succeed? If it didn't, this represents bugs or 53 // error cases occurring. 54 optional bool was_op_successful = 9; 55 56 // What purpose is this operation serving? Encrypt, decrypt, sign verify? 57 optional string purpose = 10; 58 59 // Which ec curve was selected if elliptic curve cryptography is in use 60 optional string ec_curve = 11; 61 62 // Standalone or is a file system required 63 optional string key_blob_usage_reqs = 12; 64} 65 66message OperationConfigEvent { 67 optional OperationConfig op_config = 1; 68 69 // counts corresponds to the number of times each op_config in the above array 70 // was recorded during the collection period. 71 optional uint32 count = 2; 72} 73 74message OperationConfigEvents { 75 repeated OperationConfigEvent op_config_events = 1; 76} 77 78