Commit 99b99a14 authored by James Hughes's avatar James Hughes
Browse files

Merge pull request #16 from icorderi/master

PinAuth split between Authentication and payload. I will merge and then tune it up... 
parents 760485c7 da1062d4
Loading
Loading
Loading
Loading
+91 −79
Original line number Diff line number Diff line
@@ -81,46 +81,11 @@ message Message {
		optional bytes hmac = 2;
	}

	// Pin Auth is used for special commands that are valid when the device
	// is locked or to be locked. These are unlock, lock and erase.
	// This must come over the TLS connection to protect the confidentiality and
	// integrity. The request ignores the value in commandBytes. The
	// response will return this pinAuth and will have a status in
	// the commandBytes.
	// Pin based authentication for Pin operations.
	message PINauth {

	// The operation
		optional PinOp pinOp = 1;

		// The pin necessary to make the operations valid
		optional bytes pin = 2;
		enum PinOp {
			INVALID_PINOP = -1;

			// The pin will unlock the device
			UNLOCK_PINOP = 1;

			// This will lock the device. This includes all
			// configuration and user data. This operation is
			// secure from even given physical access and
			// disassembly of the device.
			LOCK_PINOP = 2;

			// Erase the device. This may be secure
			// or not. The implication is that it may be faster
			// than the secure operation.
			ERASE_PINOP = 3;

			// Erase the device in a way that will
			// physical access and disassembly of the device
			// will not
			SECURE_ERASE_PINOP = 4;

			// Both erase operations will return
			// the device to an as manufactured state removing all
			// user data and configuration settings.
		}

		optional bytes pin = 1;
	}

}
@@ -220,6 +185,9 @@ message Command {
		// Defined long running commands that are device dependent and
		// typically background operations.
		optional BackgroundOperation backgroundOperation = 5;
        
        	// Perform Pin-based operations
        	optional PinOperation pinOp = 8;
	}

	//operation status
@@ -392,16 +360,6 @@ message Command {
		// message. The firmware is itself protected on its own for integrity,
		// authenticity, etc.
		optional bool firmwareDownload = 5;

		// sets the erase pin for the pin authorized erase commands.
		// 0 length or null pin is NOT allowed and an INVALID_REQUEST
		// error is returned.
		optional bytes newErasePin = 6;

		// Sets the lock unlock pin. When enabled the device has the
		// ability to be securely locked. Entering or changing the lock
		// unlock pin does not erase the device.
		optional bytes newLockPin = 7;
	}

	// P2P operations allow devices to be able to send keys to other devices.
@@ -647,6 +605,7 @@ message Command {

		// The range on the request and results on the response
		optional Range range = 2;
        
		enum BackOpType {
			INVALID_BACKOP = -1;

@@ -663,6 +622,55 @@ message Command {

	}
    
    	// Pin Operations are used for special commands that are valid when the device
	// is locked or to be locked. These are unlock, lock and erase.
	// This must come over the TLS connection to protect the confidentiality and
	// integrity. This operations must be used with PinAuth.    
    	message PinOperation {
        
	        optional PinOpType pinOpType = 1;
	        
	        // New pin used for SET_LOCKPIN_PINOP or SET_ERASEPIN_PINOP operations
		optional bytes newPin = 2;
			
	        enum PinOpType {
			INVALID_PINOP = -1;

			// The pin will unlock the device
			UNLOCK_PINOP = 1;

			// This will lock the device. This includes all
			// configuration and user data. This operation is
			// secure from even given physical access and
			// disassembly of the device.
			LOCK_PINOP = 2;

			// Both erase operations will return
			// the device to an as manufactured state removing all
			// user data and configuration settings.
			
			// Erase the device. This may be secure
			// or not. The implication is that it may be faster
			// than the secure operation.
			ERASE_PINOP = 3;

			// Erase the device in a way that will
			// physical access and disassembly of the device
			// will not
			SECURE_ERASE_PINOP = 4;

			// Sets the lock unlock pin. When enabled the device has the
			// ability to be securely locked. Entering or changing the lock
			// unlock pin does not erase the device.
			SET_LOCKPIN_PINOP = 5;
			
			// sets the erase pin for the pin authorized erase commands.
			// 0 length or null pin is NOT allowed and an INVALID_REQUEST
			// error is returned.
			SET_ERASEPIN_PINOP = 6;
		}
    	}

	enum Priority {
		NORMAL = 5;
		LOWEST = 1;
@@ -700,10 +708,12 @@ message Command {
		GETKEYRANGE_RESPONSE = 11;
		
		// 13 and 14 are reserved, do not use
		
		GETVERSION = 16;
		GETVERSION_RESPONSE = 15;
		
		// 17, 18, 19, and 20 are reserved, do not use
		
		SETUP = 22;
		SETUP_RESPONSE = 21;
		GETLOG = 24;
@@ -718,6 +728,8 @@ message Command {
		FLUSHALLDATA_RESPONSE = 31;
		BACKOP = 34; // background operations
		BACKOP_RESPONSE = 33;
		PINOP = 36; // Pin based operations
		PINOP_RESPONSE = 35;
	}

}