nugget/proto/nugget/app/identity/identity.proto - platform/external/nos/host/generic - Git at Google

 /*
  * Copyright (C) 2019 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 syntax = "proto3";

 package nugget.app.identity;

 import "nugget/app/identity/identity_defs.proto";
 import "nugget/app/identity/identity_types.proto";
 import "nugget/protobuf/options.proto";

 // Identity is the app used to implement Android's Identity HAL.
 //
 // The documentation for the HAL applies to this implementation.
 service Identity {
   option (nugget.protobuf.app_id) = "IDENTITY";
   option (nugget.protobuf.app_name) = "Identity";
   option (nugget.protobuf.app_version) = 1;
   option (nugget.protobuf.request_buffer_size) = 2048;
   option (nugget.protobuf.response_buffer_size) = 2048;

   // RPCs for the Identity HAL
   rpc WICinitialize (WICinitializeRequest) returns (WICinitializeResponse);
   rpc WICinitializeForUpdate (WICinitializeForUpdateRequest) returns (WICinitializeForUpdateResponse);
   rpc WICcreateCredentialKey (WICcreateCredentialKeyRequest) returns (WICcreateCredentialKeyResponse);
   rpc WICstartPersonalization (WICstartPersonalizationRequest) returns (WICstartPersonalizationResponse);
   rpc WICaddAccessControlProfile (WICaddAccessControlProfileRequest) returns (WICaddAccessControlProfileResponse);
   rpc WICbeginAddEntry (WICbeginAddEntryRequest) returns (WICbeginAddEntryResponse);
   rpc WICaddEntryValue (WICaddEntryValueRequest) returns (WICaddEntryValueResponse);
   rpc WICfinishAddingEntries (WICfinishAddingEntriesRequest) returns (WICfinishAddingEntriesResponse);
   rpc ICinitialize (ICinitializeRequest) returns (ICinitializeResponse);
   rpc ICcreateEphemeralKeyPair (ICcreateEphemeralKeyPairRequest) returns (ICcreateEphemeralKeyPairResponse);
   rpc ICgenerateSigningKeyPair (ICgenerateSigningKeyPairRequest) returns (ICgenerateSigningKeyPairResponse);
   rpc ICcreateAuthChallenge (ICcreateAuthChallengeRequest) returns (ICcreateAuthChallengeResponse);
   rpc ICstartRetrieveEntries (ICstartRetrieveEntriesRequest) returns (ICstartRetrieveEntriesResponse);
   rpc ICsetAuthToken (ICsetAuthTokenRequest) returns (ICsetAuthTokenResponse);
   rpc ICpushReaderCert (ICpushReaderCertRequest) returns (ICpushReaderCertResponse);
   rpc ICvalidateAccessControlProfile (ICvalidateAccessControlProfileRequest) returns (ICvalidateAccessControlProfileResponse);
   rpc ICvalidateRequestMessage (ICvalidateRequestMessageRequest) returns (ICvalidateRequestMessageResponse);
   rpc ICcalcMacKey (ICcalcMacKeyRequest) returns (ICcalcMacKeyResponse);
   rpc ICstartRetrieveEntryValue (ICstartRetrieveEntryValueRequest) returns (ICstartRetrieveEntryValueResponse);
   rpc ICretrieveEntryValue (ICretrieveEntryValueRequest) returns (ICretrieveEntryValueResponse);
   rpc ICfinishRetrieval (ICfinishRetrievalRequest) returns (ICfinishRetrievalResponse);
   rpc ICdeleteCredential (ICdeleteCredentialRequest) returns (ICdeleteCredentialResponse);
   rpc ICproveOwnership (ICproveOwnershipRequest) returns (ICproveOwnershipResponse);
   rpc GetSessionId (GetSessionIdRequest) returns (GetSessionIdResponse);
   rpc SessionShutdown(SessionShutdownRequest) returns (SessionShutdownResponse);
   rpc SessionInitialize (SessionInitializeRequest) returns (SessionInitializeResponse);
   rpc SessionSetReaderEphemeralPublicKey (SessionSetReaderEphemeralPublicKeyRequest) returns (SessionSetReaderEphemeralPublicKeyResponse);
   rpc SessionSetSessionTranscript (SessionSetSessionTranscriptRequest) returns (SessionSetSessionTranscriptResponse);
 }

 enum RequestType {
   unknown = 0;
   provision = 1;
   presentation = 2;
   session = 3;
 }

 // WICinitialize
 message WICinitializeRequest{
   bool testCredential = 1;
 }
 message WICinitializeResponse{
   Result result = 1;
 }

 // WICinitializeForUpdate
 message WICinitializeForUpdateRequest{
   bool testCredential = 1;
   bytes docType = 2;
   bytes encryptedCredentialKeys = 3;
 }

 message WICinitializeForUpdateResponse{
   Result result = 1;
 }

 // WICcreateCredentialKey
 message WICcreateCredentialKeyRequest{
 }

 message WICcreateCredentialKeyResponse{
   Result result = 1;
   bytes publickey = 2;
 }

 // WICstartPersonalization
 message WICstartPersonalizationRequest{
   uint32 accessControlProfileCount = 1;
   bytes entryCounts = 2;
   bytes docType = 3;
   uint32 expectedProofOfProvisioningSize = 4;
   bool supportInt32EntryCounts = 5;
 }
 message WICstartPersonalizationResponse{
   Result result = 1;
 }

 // WICaddAccessControlProfile
 message WICaddAccessControlProfileRequest{
   uint32 id = 1;
   bytes readerCertificate = 2;
   bool userAuthenticationRequired = 3;
   uint64 timeoutMillis = 4;
   uint64 secureUserId = 5;
 }
 message WICaddAccessControlProfileResponse{
   Result result = 1;
   bytes mac = 2;
 }

 // WICbeginAddEntry
 message WICbeginAddEntryRequest{
   bytes accessControlProfileIds = 1;
   string nameSpace = 2;
   string name = 3;
   uint64 entrySize = 4;
 }
 message WICbeginAddEntryResponse{
   Result result = 1;
 }

 // WICaddEntryValue
 message WICaddEntryValueRequest{
   bytes accessControlProfileIds = 1;
   string nameSpace = 2;
   string name = 3;
   bytes content = 4;
 }
 message WICaddEntryValueResponse{
   Result result = 1;
   bytes encrypted_content = 2;
 }

 // WICfinishAddingEntries
 message WICfinishAddingEntriesRequest{
   bytes docType = 1;
   bool testCredential = 2;
 }

 message WICfinishAddingEntriesResponse{
   Result result = 1;
   bytes signatureOfToBeSigned = 2;
   bytes credentialData = 3;
 }

 // ICinitialize
 message ICinitializeRequest{
   bool testCredential = 1;
   bytes docType = 2;
   bytes encryptedCredentialKeys = 3;
   uint32 oemHalVersion = 4;
   uint32 sessionId = 5;
 }

 message ICinitializeResponse{
   Result result = 1;
 }

 // ICcreateEphemeralKeyPair
 message ICcreateEphemeralKeyPairRequest{
 }

 message ICcreateEphemeralKeyPairResponse{
   Result result = 1;
   bytes ephemeralPriv = 2;
 }

 // ICgenerateSigningKeyPair
 message ICgenerateSigningKeyPairRequest{
   bytes docType = 1;
 }

 message ICgenerateSigningKeyPairResponse{
   Result result = 1;
   bytes SigningKeyBlob =2;
   bytes signingPubKey =3;
 }

 // ICcreateAuthChallenge
 message ICcreateAuthChallengeRequest{
 }

 message ICcreateAuthChallengeResponse{
   Result result = 1;
   uint64 challenge = 2;
 }

 // ICstartRetrieveEntries
 message ICstartRetrieveEntriesRequest{
 }

 message ICstartRetrieveEntriesResponse{
   Result result = 1;
 }

 // ICsetAuthToken
 message ICsetAuthTokenRequest{
   uint64 challenge = 1;
   uint64 secureUserId = 2;
   uint64 authenticatorId = 3;
   uint32 hardwareAuthenticatorType = 4;
   uint64 timeStamp = 5;
   bytes mac = 6;
   uint64 verificationTokenChallenge = 7;
   uint64 verificationTokenTimestamp =8;
   uint32 verificationTokenSecurityLevel =9;
   bytes verificationTokenMac = 10;
 }

 message ICsetAuthTokenResponse{
   Result result = 1;
 }

 // ICpushReaderCert
 message ICpushReaderCertRequest{
   bytes x509Cert = 1;
   uint32 tbsCertificateOffset = 2;
   uint32 tbsCertificateSize = 3;
   uint32 signatureOffset = 4;
   uint32 signatureSize = 5;
   uint32 publicKeyOffset = 6;
   uint32 publicKeySize = 7;
   uint32 signAlg = 8;
 }

 message ICpushReaderCertResponse{
   Result result = 1;
 }

 // ICvalidateAccessControlProfile
 message ICvalidateAccessControlProfileRequest{
   uint32 id = 1;
   bytes readerCertificate = 2;
   bool userAuthenticationRequired = 3;
   uint32 timeoutMillis = 4;
   uint64 secureUserId = 5;
   bytes mac = 6;
   uint32 publicKeyOffset = 7;
   uint32 publicKeysize = 8;
 }

 message ICvalidateAccessControlProfileResponse{
   Result result = 1;
   bool accessGranted = 2;
 }

 // ICvalidateRequestMessage
 message ICvalidateRequestMessageRequest{
   bytes sessionTranscript = 1;
   bytes requestMessage = 2;
   uint32 coseSignAlg = 3;
   bytes readerSignatureOfToBeSigned = 4;
 }

 message ICvalidateRequestMessageResponse{
   Result result = 1;
 }

 // ICcalcMacKey
 message ICcalcMacKeyRequest{
   bytes sessionTranscript = 1;
   bytes readerEphemeralPublicKey = 2;
   bytes signingKeyBlob = 3;
   bytes docType = 4;
   uint32 numNamespacesWithValues = 5;
   uint32 expectedProofOfProvisioningSize = 6;
 }

 message ICcalcMacKeyResponse{
   Result result = 1;
 }

 // ICstartRetrieveEntryValue
 message ICstartRetrieveEntryValueRequest{
   string nameSpace = 1;
   string name = 2;
   uint32 newNamespaceNumEntries = 3;
   uint32 entrySize = 4;
   bytes accessControlProfileIds = 5;
 }

 message ICstartRetrieveEntryValueResponse{
   AccessResult accessCheckResult = 1;
   uint32 sessionCookie = 2;
 }

 // ICretrieveEntryValue
 message ICretrieveEntryValueRequest{
   bytes encryptedContent = 1;
   string nameSpace = 2;
   string name = 3;
   bytes accessControlProfileIds = 4;
   uint32 sessionCookie = 5;
 }

 message ICretrieveEntryValueResponse{
   Result result = 1;
   bytes content = 2;
 }

 // ICfinishRetrieval
 message ICfinishRetrievalRequest{
 }

 message ICfinishRetrievalResponse{
   Result result = 1;
   bytes mac = 2;
 }

 // ICdeleteCredential
 message ICdeleteCredentialRequest{
   bytes docType = 1;
   bytes challenge = 2;
   bool includeChallenge = 3;
   uint32 proofOfDeletionCborSize = 4;
 }

 message ICdeleteCredentialResponse{
   Result result = 1;
   bytes signatureOfToBeSigned = 2;
 }

 // ICproveOwnership
 message ICproveOwnershipRequest{
   bytes docType = 1;
   bool testCredential = 2;
   bytes challenge = 3;
   uint32 proofOfOwnershipCborSize = 4;
 }

 message ICproveOwnershipResponse{
   Result result = 1;
   bytes signatureOfToBeSigned = 2;
 }

 // GetSessionId
 message GetSessionIdRequest{
   RequestType requestType = 1;
 }

 message GetSessionIdResponse{
   Result result = 1;
   uint32 id = 2;
 }

 // SessionShutdown
 message SessionShutdownRequest{
   RequestType requestType = 1;
 }

 message SessionShutdownResponse{
   Result result = 1;
 }

 // SessionInitialize
 message SessionInitializeRequest{
 }

 message SessionInitializeResponse{
   Result result = 1;
   uint64 authChallenge = 2;
   bytes ephemeralPrivateKey = 3;
 }

 // SessionSetReaderEphemeralPublicKey
 message SessionSetReaderEphemeralPublicKeyRequest{
   bytes readerEphemeralPublicKey = 1;
 }

 message SessionSetReaderEphemeralPublicKeyResponse{
   Result result = 1;
 }

 // SessionSetSessionTranscript
 message SessionSetSessionTranscriptRequest{
   bytes sessionTranscript = 1;
 }

 message SessionSetSessionTranscriptResponse{
   Result result = 1;
 }
	/*
	* Copyright (C) 2019 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	syntax = "proto3";

	package nugget.app.identity;

	import "nugget/app/identity/identity_defs.proto";
	import "nugget/app/identity/identity_types.proto";
	import "nugget/protobuf/options.proto";

	// Identity is the app used to implement Android's Identity HAL.
	//
	// The documentation for the HAL applies to this implementation.
	service Identity {
	option (nugget.protobuf.app_id) = "IDENTITY";
	option (nugget.protobuf.app_name) = "Identity";
	option (nugget.protobuf.app_version) = 1;
	option (nugget.protobuf.request_buffer_size) = 2048;
	option (nugget.protobuf.response_buffer_size) = 2048;

	// RPCs for the Identity HAL
	rpc WICinitialize (WICinitializeRequest) returns (WICinitializeResponse);
	rpc WICinitializeForUpdate (WICinitializeForUpdateRequest) returns (WICinitializeForUpdateResponse);
	rpc WICcreateCredentialKey (WICcreateCredentialKeyRequest) returns (WICcreateCredentialKeyResponse);
	rpc WICstartPersonalization (WICstartPersonalizationRequest) returns (WICstartPersonalizationResponse);
	rpc WICaddAccessControlProfile (WICaddAccessControlProfileRequest) returns (WICaddAccessControlProfileResponse);
	rpc WICbeginAddEntry (WICbeginAddEntryRequest) returns (WICbeginAddEntryResponse);
	rpc WICaddEntryValue (WICaddEntryValueRequest) returns (WICaddEntryValueResponse);
	rpc WICfinishAddingEntries (WICfinishAddingEntriesRequest) returns (WICfinishAddingEntriesResponse);
	rpc ICinitialize (ICinitializeRequest) returns (ICinitializeResponse);
	rpc ICcreateEphemeralKeyPair (ICcreateEphemeralKeyPairRequest) returns (ICcreateEphemeralKeyPairResponse);
	rpc ICgenerateSigningKeyPair (ICgenerateSigningKeyPairRequest) returns (ICgenerateSigningKeyPairResponse);
	rpc ICcreateAuthChallenge (ICcreateAuthChallengeRequest) returns (ICcreateAuthChallengeResponse);
	rpc ICstartRetrieveEntries (ICstartRetrieveEntriesRequest) returns (ICstartRetrieveEntriesResponse);
	rpc ICsetAuthToken (ICsetAuthTokenRequest) returns (ICsetAuthTokenResponse);
	rpc ICpushReaderCert (ICpushReaderCertRequest) returns (ICpushReaderCertResponse);
	rpc ICvalidateAccessControlProfile (ICvalidateAccessControlProfileRequest) returns (ICvalidateAccessControlProfileResponse);
	rpc ICvalidateRequestMessage (ICvalidateRequestMessageRequest) returns (ICvalidateRequestMessageResponse);
	rpc ICcalcMacKey (ICcalcMacKeyRequest) returns (ICcalcMacKeyResponse);
	rpc ICstartRetrieveEntryValue (ICstartRetrieveEntryValueRequest) returns (ICstartRetrieveEntryValueResponse);
	rpc ICretrieveEntryValue (ICretrieveEntryValueRequest) returns (ICretrieveEntryValueResponse);
	rpc ICfinishRetrieval (ICfinishRetrievalRequest) returns (ICfinishRetrievalResponse);
	rpc ICdeleteCredential (ICdeleteCredentialRequest) returns (ICdeleteCredentialResponse);
	rpc ICproveOwnership (ICproveOwnershipRequest) returns (ICproveOwnershipResponse);
	rpc GetSessionId (GetSessionIdRequest) returns (GetSessionIdResponse);
	rpc SessionShutdown(SessionShutdownRequest) returns (SessionShutdownResponse);
	rpc SessionInitialize (SessionInitializeRequest) returns (SessionInitializeResponse);
	rpc SessionSetReaderEphemeralPublicKey (SessionSetReaderEphemeralPublicKeyRequest) returns (SessionSetReaderEphemeralPublicKeyResponse);
	rpc SessionSetSessionTranscript (SessionSetSessionTranscriptRequest) returns (SessionSetSessionTranscriptResponse);
	}

	enum RequestType {
	unknown = 0;
	provision = 1;
	presentation = 2;
	session = 3;
	}

	// WICinitialize
	message WICinitializeRequest{
	bool testCredential = 1;
	}
	message WICinitializeResponse{
	Result result = 1;
	}

	// WICinitializeForUpdate
	message WICinitializeForUpdateRequest{
	bool testCredential = 1;
	bytes docType = 2;
	bytes encryptedCredentialKeys = 3;
	}

	message WICinitializeForUpdateResponse{
	Result result = 1;
	}

	// WICcreateCredentialKey
	message WICcreateCredentialKeyRequest{
	}

	message WICcreateCredentialKeyResponse{
	Result result = 1;
	bytes publickey = 2;
	}

	// WICstartPersonalization
	message WICstartPersonalizationRequest{
	uint32 accessControlProfileCount = 1;
	bytes entryCounts = 2;
	bytes docType = 3;
	uint32 expectedProofOfProvisioningSize = 4;
	bool supportInt32EntryCounts = 5;
	}
	message WICstartPersonalizationResponse{
	Result result = 1;
	}

	// WICaddAccessControlProfile
	message WICaddAccessControlProfileRequest{
	uint32 id = 1;
	bytes readerCertificate = 2;
	bool userAuthenticationRequired = 3;
	uint64 timeoutMillis = 4;
	uint64 secureUserId = 5;
	}
	message WICaddAccessControlProfileResponse{
	Result result = 1;
	bytes mac = 2;
	}

	// WICbeginAddEntry
	message WICbeginAddEntryRequest{
	bytes accessControlProfileIds = 1;
	string nameSpace = 2;
	string name = 3;
	uint64 entrySize = 4;
	}
	message WICbeginAddEntryResponse{
	Result result = 1;
	}

	// WICaddEntryValue
	message WICaddEntryValueRequest{
	bytes accessControlProfileIds = 1;
	string nameSpace = 2;
	string name = 3;
	bytes content = 4;
	}
	message WICaddEntryValueResponse{
	Result result = 1;
	bytes encrypted_content = 2;
	}

	// WICfinishAddingEntries
	message WICfinishAddingEntriesRequest{
	bytes docType = 1;
	bool testCredential = 2;
	}

	message WICfinishAddingEntriesResponse{
	Result result = 1;
	bytes signatureOfToBeSigned = 2;
	bytes credentialData = 3;
	}

	// ICinitialize
	message ICinitializeRequest{
	bool testCredential = 1;
	bytes docType = 2;
	bytes encryptedCredentialKeys = 3;
	uint32 oemHalVersion = 4;
	uint32 sessionId = 5;
	}

	message ICinitializeResponse{
	Result result = 1;
	}

	// ICcreateEphemeralKeyPair
	message ICcreateEphemeralKeyPairRequest{
	}

	message ICcreateEphemeralKeyPairResponse{
	Result result = 1;
	bytes ephemeralPriv = 2;
	}

	// ICgenerateSigningKeyPair
	message ICgenerateSigningKeyPairRequest{
	bytes docType = 1;
	}

	message ICgenerateSigningKeyPairResponse{
	Result result = 1;
	bytes SigningKeyBlob =2;
	bytes signingPubKey =3;
	}

	// ICcreateAuthChallenge
	message ICcreateAuthChallengeRequest{
	}

	message ICcreateAuthChallengeResponse{
	Result result = 1;
	uint64 challenge = 2;
	}

	// ICstartRetrieveEntries
	message ICstartRetrieveEntriesRequest{
	}

	message ICstartRetrieveEntriesResponse{
	Result result = 1;
	}

	// ICsetAuthToken
	message ICsetAuthTokenRequest{
	uint64 challenge = 1;
	uint64 secureUserId = 2;
	uint64 authenticatorId = 3;
	uint32 hardwareAuthenticatorType = 4;
	uint64 timeStamp = 5;
	bytes mac = 6;
	uint64 verificationTokenChallenge = 7;
	uint64 verificationTokenTimestamp =8;
	uint32 verificationTokenSecurityLevel =9;
	bytes verificationTokenMac = 10;
	}

	message ICsetAuthTokenResponse{
	Result result = 1;
	}

	// ICpushReaderCert
	message ICpushReaderCertRequest{
	bytes x509Cert = 1;
	uint32 tbsCertificateOffset = 2;
	uint32 tbsCertificateSize = 3;
	uint32 signatureOffset = 4;
	uint32 signatureSize = 5;
	uint32 publicKeyOffset = 6;
	uint32 publicKeySize = 7;
	uint32 signAlg = 8;
	}

	message ICpushReaderCertResponse{
	Result result = 1;
	}

	// ICvalidateAccessControlProfile
	message ICvalidateAccessControlProfileRequest{
	uint32 id = 1;
	bytes readerCertificate = 2;
	bool userAuthenticationRequired = 3;
	uint32 timeoutMillis = 4;
	uint64 secureUserId = 5;
	bytes mac = 6;
	uint32 publicKeyOffset = 7;
	uint32 publicKeysize = 8;
	}

	message ICvalidateAccessControlProfileResponse{
	Result result = 1;
	bool accessGranted = 2;
	}

	// ICvalidateRequestMessage
	message ICvalidateRequestMessageRequest{
	bytes sessionTranscript = 1;
	bytes requestMessage = 2;
	uint32 coseSignAlg = 3;
	bytes readerSignatureOfToBeSigned = 4;
	}

	message ICvalidateRequestMessageResponse{
	Result result = 1;
	}

	// ICcalcMacKey
	message ICcalcMacKeyRequest{
	bytes sessionTranscript = 1;
	bytes readerEphemeralPublicKey = 2;
	bytes signingKeyBlob = 3;
	bytes docType = 4;
	uint32 numNamespacesWithValues = 5;
	uint32 expectedProofOfProvisioningSize = 6;
	}

	message ICcalcMacKeyResponse{
	Result result = 1;
	}

	// ICstartRetrieveEntryValue
	message ICstartRetrieveEntryValueRequest{
	string nameSpace = 1;
	string name = 2;
	uint32 newNamespaceNumEntries = 3;
	uint32 entrySize = 4;
	bytes accessControlProfileIds = 5;
	}

	message ICstartRetrieveEntryValueResponse{
	AccessResult accessCheckResult = 1;
	uint32 sessionCookie = 2;
	}

	// ICretrieveEntryValue
	message ICretrieveEntryValueRequest{
	bytes encryptedContent = 1;
	string nameSpace = 2;
	string name = 3;
	bytes accessControlProfileIds = 4;
	uint32 sessionCookie = 5;
	}

	message ICretrieveEntryValueResponse{
	Result result = 1;
	bytes content = 2;
	}

	// ICfinishRetrieval
	message ICfinishRetrievalRequest{
	}

	message ICfinishRetrievalResponse{
	Result result = 1;
	bytes mac = 2;
	}

	// ICdeleteCredential
	message ICdeleteCredentialRequest{
	bytes docType = 1;
	bytes challenge = 2;
	bool includeChallenge = 3;
	uint32 proofOfDeletionCborSize = 4;
	}

	message ICdeleteCredentialResponse{
	Result result = 1;
	bytes signatureOfToBeSigned = 2;
	}

	// ICproveOwnership
	message ICproveOwnershipRequest{
	bytes docType = 1;
	bool testCredential = 2;
	bytes challenge = 3;
	uint32 proofOfOwnershipCborSize = 4;
	}

	message ICproveOwnershipResponse{
	Result result = 1;
	bytes signatureOfToBeSigned = 2;
	}

	// GetSessionId
	message GetSessionIdRequest{
	RequestType requestType = 1;
	}

	message GetSessionIdResponse{
	Result result = 1;
	uint32 id = 2;
	}

	// SessionShutdown
	message SessionShutdownRequest{
	RequestType requestType = 1;
	}

	message SessionShutdownResponse{
	Result result = 1;
	}

	// SessionInitialize
	message SessionInitializeRequest{
	}

	message SessionInitializeResponse{
	Result result = 1;
	uint64 authChallenge = 2;
	bytes ephemeralPrivateKey = 3;
	}

	// SessionSetReaderEphemeralPublicKey
	message SessionSetReaderEphemeralPublicKeyRequest{
	bytes readerEphemeralPublicKey = 1;
	}

	message SessionSetReaderEphemeralPublicKeyResponse{
	Result result = 1;
	}

	// SessionSetSessionTranscript
	message SessionSetSessionTranscriptRequest{
	bytes sessionTranscript = 1;
	}

	message SessionSetSessionTranscriptResponse{
	Result result = 1;
	}