blob: f23f6988a51bcd7ad96bbc5163479303b9074157 [file] [log] [blame]
// Copyright 2018 The Fuchsia Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
library fuchsia.auth;
/// This file contains an interface to cryptographically sign any plain text data
/// using any crypto key. This interface is useful for signing JWT's in device
/// attestation based authentication.
///
/// Specifies the success/failure status from the attestation signer.
type AttestationSignerStatus = strict enum {
/// The command completed successfully
OK = 0;
/// The command referred to a missing, or an invalid argument.
INVALID_ARGUMENT = 1;
/// There was an error in generating crypto signatures for the given
/// plaintext. This usually indicates errors for misconfigured keys or
/// signature algorithms from the underlying crypto library.
SIGNING_ERROR = 2;
};
closed protocol AttestationSigner {
/// Cryptographically signs the `plaintext` data sent in request using a
/// crypto key configured at initialization.
///
/// Returns the raw bytes of the `signature` string on success. Otherwise,
/// an error status is returned.
strict SignData(struct {
plaintext vector<uint8>:MAX;
}) -> (struct {
status AttestationSignerStatus;
signature vector<uint8>:<MAX, optional>;
});
};