Add key attestation challenge proto in rejection info. am: 832a408159
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/federated-compute/+/25482935
Change-Id: If897b66cbb7aa395cc02e07d38a49d318748dfae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/fcp/protos/federatedcompute/common.proto b/fcp/protos/federatedcompute/common.proto
index 9b4bd5a..2c6f05c 100644
--- a/fcp/protos/federatedcompute/common.proto
+++ b/fcp/protos/federatedcompute/common.proto
@@ -117,7 +117,7 @@
// Currently empty message which is sent when client (device) is rejected for
// participation and is not assigned a task.
-// Next id: 1003
+// Next id: 1004
message RejectionInfo {
RejectionReason.Enum reason = 1001;
@@ -126,10 +126,26 @@
oneof metadata {
// Retry after a period of time.
RetryWindow retry_window = 1002;
+
+ // The field is used when the RejectionReason is UNAUTHENTICATED.
+ AuthenticationMetadata auth_metadata = 1003;
}
}
-// Next id: 3
+// The metadata used to authenticate a device.
+// Next Id: 2
+message AuthenticationMetadata {
+ KeyAttestationAuthMetadata key_attestation_metadata = 1;
+}
+
+// The metadata to authenticate with key attestation.
+// Next Id: 2
+message KeyAttestationAuthMetadata {
+ // The challenge to generate hardware-backed key pairs on device.
+ bytes challenge = 1;
+}
+
+// Next id: 4
message RejectionReason {
enum Enum {
// Unknown status.
@@ -140,6 +156,9 @@
// No permission to do the operation.
UNAUTHORIZED = 2;
+
+ // The device is not authenticated to the server.
+ UNAUTHENTICATED = 3;
}
}