| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 // Definitions related to the SecureMessage format, used by CryptAuth. Do not |
| 6 // edit unless transcribing from server definitions. |
| 7 syntax = "proto2"; |
| 8 |
| 9 package securemessage; |
| 10 |
| 11 option optimize_for = LITE_RUNTIME; |
| 12 |
| 13 message SecureMessage { |
| 14 // Must contain a HeaderAndBody message. |
| 15 required bytes header_and_body = 1; |
| 16 // Signature of header_and_body. |
| 17 required bytes signature = 2; |
| 18 } |
| 19 |
| 20 // Supported "signature" schemes (both symmetric key and public key based). |
| 21 enum SigScheme { |
| 22 HMAC_SHA256 = 1; |
| 23 ECDSA_P256_SHA256 = 2; |
| 24 // Not recommended -- use ECDSA_P256_SHA256 instead |
| 25 RSA2048_SHA256 = 3; |
| 26 } |
| 27 |
| 28 // Supported encryption schemes. |
| 29 enum EncScheme { |
| 30 // No encryption. |
| 31 NONE = 1; |
| 32 AES_256_CBC = 2; |
| 33 } |
| 34 |
| 35 message Header { |
| 36 required SigScheme signature_scheme = 1; |
| 37 required EncScheme encryption_scheme = 2; |
| 38 // Identifies the verification key. |
| 39 optional bytes verification_key_id = 3; |
| 40 // Identifies the decryption key. |
| 41 optional bytes decryption_key_id = 4; |
| 42 // Encryption may use an IV. |
| 43 optional bytes iv = 5; |
| 44 // Arbitrary per-protocol public data, to be sent with the plain-text header. |
| 45 optional bytes public_metadata = 6; |
| 46 // The length of some associated data that is not sent in this SecureMessage, |
| 47 // but which will be bound to the signature. |
| 48 optional uint32 associated_data_length = 7 [default = 0]; |
| 49 } |
| 50 |
| 51 message HeaderAndBody { |
| 52 // Public data about this message (to be bound in the signature). |
| 53 required Header header = 1; |
| 54 // Payload data. |
| 55 required bytes body = 2; |
| 56 } |
| 57 |
| 58 // A list of supported public key types. |
| 59 enum PublicKeyType { |
| 60 EC_P256 = 1; |
| 61 RSA2048 = 2; |
| 62 // 2048-bit MODP group 14, from RFC 3526. |
| 63 DH2048_MODP = 3; |
| 64 } |
| 65 |
| 66 // A convenience proto for encoding NIST P-256 elliptic curve public keys. |
| 67 message EcP256PublicKey { |
| 68 // x and y are encoded in big-endian two's complement (slightly wasteful) |
| 69 // Client MUST verify (x,y) is a valid point on NIST P256. |
| 70 required bytes x = 1; |
| 71 required bytes y = 2; |
| 72 } |
| 73 |
| 74 // A convenience proto for encoding RSA public keys with small exponents. |
| 75 message SimpleRsaPublicKey { |
| 76 // Encoded in big-endian two's complement. |
| 77 required bytes n = 1; |
| 78 optional int32 e = 2 [default = 65537]; |
| 79 } |
| 80 |
| 81 // A convenience proto for encoding Diffie-Hellman public keys, |
| 82 // for use only when Elliptic Curve based key exchanges are not possible. |
| 83 // (Note that the group parameters must be specified separately). |
| 84 message DhPublicKey { |
| 85 // Big-endian two's complement encoded group element. |
| 86 required bytes y = 1; |
| 87 } |
| 88 |
| 89 message GenericPublicKey { |
| 90 required PublicKeyType type = 1; |
| 91 optional EcP256PublicKey ec_p256_public_key = 2; |
| 92 optional SimpleRsaPublicKey rsa2048_public_key = 3; |
| 93 // Use only as a last resort. |
| 94 optional DhPublicKey dh2048_public_key = 4; |
| 95 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1060483002:
Add SecureMessage definitions to CryptAuth. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master