f9/sdk/fidl/fuchsia.castauth/README.md - reference-docs - Git at Google

 <link rel="stylesheet" href="../style.css" />

 [TOC]
 # fuchsia.castauth

 <div class="fidl-version-div"><span class="fidl-attribute fidl-version">Added: 7</span></div>

 ## **PROTOCOLS**

 ## CastKeySigner {#CastKeySigner}
 *Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=26)*
 <p>This FIDL interface is used to sign with hardware Cast key.
 It is intended for short-term use only and will not be supported on all
 devices. It will eventually be replaced by an attestation service.</p>

 ### GetCertificateChain {#CastKeySigner.GetCertificateChain}

 <p>Get the Cast certificate chain.</p>
 <p>The return value is the error code or the certificate chain if
 the operation succeeds. The chain contains Cast key cert,
 one or more intermediate CA certs and root CA cert.</p>

 #### Request {#CastKeySigner.GetCertificateChain_Request}

 &lt;EMPTY&gt;


 #### Response {#CastKeySigner.GetCertificateChain_Response}

 <table>
     <tr><th>Name</th><th>Type</th></tr>
         <tr>
             <td><code>result</code></td>
             <td>
                 <code><a class='link' href='#CastKeySigner_GetCertificateChain_Result'>CastKeySigner_GetCertificateChain_Result</a></code>
             </td>
         </tr>
 </table>

 ### SignHash {#CastKeySigner.SignHash}

 <p>Use Cast key to sign a hash value.</p>
 <p>The input is hash value.
 The return value is the error code or the signature if the operation
 succeeds. The signature algorithm is RSA-2048-PKCS1.</p>

 #### Request {#CastKeySigner.SignHash_Request}

 <table>
     <tr><th>Name</th><th>Type</th></tr>
         <tr>
             <td><code>hash</code></td>
             <td>
                 <code><a class='link' href='#Asn1EncodedHash'>Asn1EncodedHash</a></code>
             </td>
         </tr>
 </table>


 #### Response {#CastKeySigner.SignHash_Response}

 <table>
     <tr><th>Name</th><th>Type</th></tr>
         <tr>
             <td><code>result</code></td>
             <td>
                 <code><a class='link' href='#CastKeySigner_SignHash_Result'>CastKeySigner_SignHash_Result</a></code>
             </td>
         </tr>
 </table>


 ## **STRUCTS**

 ### CastKeySigner_GetCertificateChain_Response  {#CastKeySigner_GetCertificateChain_Response data-text="CastKeySigner_GetCertificateChain_Response"}
 *Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=43)*

 <table>
     <tr><th>Field</th><th>Type</th><th>Description</th><th>Default</th></tr>
         <tr id="CastKeySigner_GetCertificateChain_Response.cert_chain">
             <td><code>cert_chain</code></td>
             <td>
                 <code>vector&lt;vector&lt;uint8&gt;&gt;[16]</code>
             </td>
             <td></td>
             <td>No default</td>
         </tr>
 </table>

 ### CastKeySigner_SignHash_Response  {#CastKeySigner_SignHash_Response data-text="CastKeySigner_SignHash_Response"}
 *Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=34)*

 <table>
     <tr><th>Field</th><th>Type</th><th>Description</th><th>Default</th></tr>
         <tr id="CastKeySigner_SignHash_Response.signature">
             <td><code>signature</code></td>
             <td>
                 <code>uint8[256]</code>
             </td>
             <td></td>
             <td>No default</td>
         </tr>
 </table>


 ## **ENUMS**

 ### ErrorCode [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute} {#ErrorCode data-text="ErrorCode"}
 Type: <code>uint32</code>

 *Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=15)*
 <p>Error codes for CastKeySigner operations.</p>

 <table>
     <tr><th>Name</th><th>Value</th><th>Description</th></tr>
         <tr id="ErrorCode.FILE_NOT_FOUND">
 <td><h3 id="ErrorCode.FILE_NOT_FOUND" class="add-link hide-from-toc">FILE_NOT_FOUND</h3></td>
             <td><code>1</code></td>
             <td><p>Key/cert not found in storage.</p>
 </td>
         </tr>
         <tr id="ErrorCode.CRYPTO_ERROR">
 <td><h3 id="ErrorCode.CRYPTO_ERROR" class="add-link hide-from-toc">CRYPTO_ERROR</h3></td>
             <td><code>2</code></td>
             <td><p>Error occurred during signing operation.</p>
 </td>
         </tr>
 </table>


 ## **UNIONS**

 ### Asn1EncodedHash [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute}  {#Asn1EncodedHash data-text="Asn1EncodedHash"}
 *Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=9)*
 <p>Input hash to be signed by Cast key.
 It must be ASN1-encoded SHA1 or SHA256 hash, with sizes 35 or 51 bytes.</p>
 <table>
     <tr><th>Ordinal</th><th>Variant</th><th>Type</th><th>Description</th></tr>
         <tr id="Asn1EncodedHash.sha1">
 <td><h3 id="Asn1EncodedHash.sha1" class="add-link hide-from-toc">1</h3></td>
             <td><code>sha1</code></td>
             <td>
                 <code>uint8[35]</code>
             </td>
             <td></td>
         </tr>
         <tr id="Asn1EncodedHash.sha256">
 <td><h3 id="Asn1EncodedHash.sha256" class="add-link hide-from-toc">2</h3></td>
             <td><code>sha256</code></td>
             <td>
                 <code>uint8[51]</code>
             </td>
             <td></td>
         </tr>
 </table>

 ### CastKeySigner_GetCertificateChain_Result [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute}  {#CastKeySigner_GetCertificateChain_Result data-text="CastKeySigner_GetCertificateChain_Result"}
 *Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=43)*
 <table>
     <tr><th>Ordinal</th><th>Variant</th><th>Type</th><th>Description</th></tr>
         <tr id="CastKeySigner_GetCertificateChain_Result.response">
 <td><h3 id="CastKeySigner_GetCertificateChain_Result.response" class="add-link hide-from-toc">1</h3></td>
             <td><code>response</code></td>
             <td>
                 <code><a class='link' href='#CastKeySigner_GetCertificateChain_Response'>CastKeySigner_GetCertificateChain_Response</a></code>
             </td>
             <td></td>
         </tr>
         <tr id="CastKeySigner_GetCertificateChain_Result.err">
 <td><h3 id="CastKeySigner_GetCertificateChain_Result.err" class="add-link hide-from-toc">2</h3></td>
             <td><code>err</code></td>
             <td>
                 <code><a class='link' href='#ErrorCode'>ErrorCode</a></code>
             </td>
             <td></td>
         </tr>
 </table>

 ### CastKeySigner_SignHash_Result [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute}  {#CastKeySigner_SignHash_Result data-text="CastKeySigner_SignHash_Result"}
 *Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=34)*
 <table>
     <tr><th>Ordinal</th><th>Variant</th><th>Type</th><th>Description</th></tr>
         <tr id="CastKeySigner_SignHash_Result.response">
 <td><h3 id="CastKeySigner_SignHash_Result.response" class="add-link hide-from-toc">1</h3></td>
             <td><code>response</code></td>
             <td>
                 <code><a class='link' href='#CastKeySigner_SignHash_Response'>CastKeySigner_SignHash_Response</a></code>
             </td>
             <td></td>
         </tr>
         <tr id="CastKeySigner_SignHash_Result.err">
 <td><h3 id="CastKeySigner_SignHash_Result.err" class="add-link hide-from-toc">2</h3></td>
             <td><code>err</code></td>
             <td>
                 <code><a class='link' href='#ErrorCode'>ErrorCode</a></code>
             </td>
             <td></td>
         </tr>
 </table>
	<link rel="stylesheet" href="../style.css" />

	[TOC]
	# fuchsia.castauth

	<div class="fidl-version-div"><span class="fidl-attribute fidl-version">Added: 7</span></div>

	## PROTOCOLS

	## CastKeySigner {#CastKeySigner}
	Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=26)
	<p>This FIDL interface is used to sign with hardware Cast key.
	It is intended for short-term use only and will not be supported on all
	devices. It will eventually be replaced by an attestation service.</p>

	### GetCertificateChain {#CastKeySigner.GetCertificateChain}

	<p>Get the Cast certificate chain.</p>
	<p>The return value is the error code or the certificate chain if
	the operation succeeds. The chain contains Cast key cert,
	one or more intermediate CA certs and root CA cert.</p>

	#### Request {#CastKeySigner.GetCertificateChain_Request}

	<EMPTY>


	#### Response {#CastKeySigner.GetCertificateChain_Response}

	<table>
	<tr><th>Name</th><th>Type</th></tr>
	<tr>
	<td><code>result</code></td>
	<td>
	<code><a class='link' href='#CastKeySigner_GetCertificateChain_Result'>CastKeySigner_GetCertificateChain_Result</a></code>
	</td>
	</tr>
	</table>

	### SignHash {#CastKeySigner.SignHash}

	<p>Use Cast key to sign a hash value.</p>
	<p>The input is hash value.
	The return value is the error code or the signature if the operation
	succeeds. The signature algorithm is RSA-2048-PKCS1.</p>

	#### Request {#CastKeySigner.SignHash_Request}

	<table>
	<tr><th>Name</th><th>Type</th></tr>
	<tr>
	<td><code>hash</code></td>
	<td>
	<code><a class='link' href='#Asn1EncodedHash'>Asn1EncodedHash</a></code>
	</td>
	</tr>
	</table>


	#### Response {#CastKeySigner.SignHash_Response}

	<table>
	<tr><th>Name</th><th>Type</th></tr>
	<tr>
	<td><code>result</code></td>
	<td>
	<code><a class='link' href='#CastKeySigner_SignHash_Result'>CastKeySigner_SignHash_Result</a></code>
	</td>
	</tr>
	</table>


	## STRUCTS

	### CastKeySigner_GetCertificateChain_Response {#CastKeySigner_GetCertificateChain_Response data-text="CastKeySigner_GetCertificateChain_Response"}
	Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=43)

	<table>
	<tr><th>Field</th><th>Type</th><th>Description</th><th>Default</th></tr>
	<tr id="CastKeySigner_GetCertificateChain_Response.cert_chain">
	<td><code>cert_chain</code></td>
	<td>
	<code>vector<vector<uint8>>[16]</code>
	</td>
	<td></td>
	<td>No default</td>
	</tr>
	</table>

	### CastKeySigner_SignHash_Response {#CastKeySigner_SignHash_Response data-text="CastKeySigner_SignHash_Response"}
	Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=34)

	<table>
	<tr><th>Field</th><th>Type</th><th>Description</th><th>Default</th></tr>
	<tr id="CastKeySigner_SignHash_Response.signature">
	<td><code>signature</code></td>
	<td>
	<code>uint8[256]</code>
	</td>
	<td></td>
	<td>No default</td>
	</tr>
	</table>


	## ENUMS

	### ErrorCode [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute} {#ErrorCode data-text="ErrorCode"}
	Type: <code>uint32</code>

	Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=15)
	<p>Error codes for CastKeySigner operations.</p>

	<table>
	<tr><th>Name</th><th>Value</th><th>Description</th></tr>
	<tr id="ErrorCode.FILE_NOT_FOUND">
	<td><h3 id="ErrorCode.FILE_NOT_FOUND" class="add-link hide-from-toc">FILE_NOT_FOUND</h3></td>
	<td><code>1</code></td>
	<td><p>Key/cert not found in storage.</p>
	</td>
	</tr>
	<tr id="ErrorCode.CRYPTO_ERROR">
	<td><h3 id="ErrorCode.CRYPTO_ERROR" class="add-link hide-from-toc">CRYPTO_ERROR</h3></td>
	<td><code>2</code></td>
	<td><p>Error occurred during signing operation.</p>
	</td>
	</tr>
	</table>



	## UNIONS

	### Asn1EncodedHash [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute} {#Asn1EncodedHash data-text="Asn1EncodedHash"}
	Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=9)
	<p>Input hash to be signed by Cast key.
	It must be ASN1-encoded SHA1 or SHA256 hash, with sizes 35 or 51 bytes.</p>
	<table>
	<tr><th>Ordinal</th><th>Variant</th><th>Type</th><th>Description</th></tr>
	<tr id="Asn1EncodedHash.sha1">
	<td><h3 id="Asn1EncodedHash.sha1" class="add-link hide-from-toc">1</h3></td>
	<td><code>sha1</code></td>
	<td>
	<code>uint8[35]</code>
	</td>
	<td></td>
	</tr>
	<tr id="Asn1EncodedHash.sha256">
	<td><h3 id="Asn1EncodedHash.sha256" class="add-link hide-from-toc">2</h3></td>
	<td><code>sha256</code></td>
	<td>
	<code>uint8[51]</code>
	</td>
	<td></td>
	</tr>
	</table>

	### CastKeySigner_GetCertificateChain_Result [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute} {#CastKeySigner_GetCertificateChain_Result data-text="CastKeySigner_GetCertificateChain_Result"}
	Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=43)
	<table>
	<tr><th>Ordinal</th><th>Variant</th><th>Type</th><th>Description</th></tr>
	<tr id="CastKeySigner_GetCertificateChain_Result.response">
	<td><h3 id="CastKeySigner_GetCertificateChain_Result.response" class="add-link hide-from-toc">1</h3></td>
	<td><code>response</code></td>
	<td>
	<code><a class='link' href='#CastKeySigner_GetCertificateChain_Response'>CastKeySigner_GetCertificateChain_Response</a></code>
	</td>
	<td></td>
	</tr>
	<tr id="CastKeySigner_GetCertificateChain_Result.err">
	<td><h3 id="CastKeySigner_GetCertificateChain_Result.err" class="add-link hide-from-toc">2</h3></td>
	<td><code>err</code></td>
	<td>
	<code><a class='link' href='#ErrorCode'>ErrorCode</a></code>
	</td>
	<td></td>
	</tr>
	</table>

	### CastKeySigner_SignHash_Result [strict](/fuchsia-src/reference/fidl/language/language.md#strict-vs-flexible){:.fidl-attribute} {#CastKeySigner_SignHash_Result data-text="CastKeySigner_SignHash_Result"}
	Defined in [fuchsia.castauth/cast_auth.fidl](https://cs.opensource.google/fuchsia/fuchsia/+/main:sdk/fidl/fuchsia.castauth/cast_auth.fidl;l=34)
	<table>
	<tr><th>Ordinal</th><th>Variant</th><th>Type</th><th>Description</th></tr>
	<tr id="CastKeySigner_SignHash_Result.response">
	<td><h3 id="CastKeySigner_SignHash_Result.response" class="add-link hide-from-toc">1</h3></td>
	<td><code>response</code></td>
	<td>
	<code><a class='link' href='#CastKeySigner_SignHash_Response'>CastKeySigner_SignHash_Response</a></code>
	</td>
	<td></td>
	</tr>
	<tr id="CastKeySigner_SignHash_Result.err">
	<td><h3 id="CastKeySigner_SignHash_Result.err" class="add-link hide-from-toc">2</h3></td>
	<td><code>err</code></td>
	<td>
	<code><a class='link' href='#ErrorCode'>ErrorCode</a></code>
	</td>
	<td></td>
	</tr>
	</table>