| // Copyright 2018 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| library fuchsia.auth; |
| |
| /// This file contains an interface to cryptographically sign any plain text data |
| /// using any crypto key. This interface is useful for signing JWT's in device |
| /// attestation based authentication. |
| /// |
| /// Specifies the success/failure status from the attestation signer. |
| type AttestationSignerStatus = strict enum { |
| /// The command completed successfully |
| OK = 0; |
| /// The command referred to a missing, or an invalid argument. |
| INVALID_ARGUMENT = 1; |
| /// There was an error in generating crypto signatures for the given |
| /// plaintext. This usually indicates errors for misconfigured keys or |
| /// signature algorithms from the underlying crypto library. |
| SIGNING_ERROR = 2; |
| }; |
| |
| protocol AttestationSigner { |
| /// Cryptographically signs the `plaintext` data sent in request using a |
| /// crypto key configured at initialization. |
| /// |
| /// Returns the raw bytes of the `signature` string on success. Otherwise, |
| /// an error status is returned. |
| SignData(struct { |
| plaintext bytes; |
| }) -> (struct { |
| status AttestationSignerStatus; |
| signature bytes:optional; |
| }); |
| }; |
