| Index: components/proximity_auth/cryptauth/proto/securemessage.proto
|
| diff --git a/components/proximity_auth/cryptauth/proto/securemessage.proto b/components/proximity_auth/cryptauth/proto/securemessage.proto
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..9e5d9cbfe363726b2170636e7db604654c9b1e3e
|
| --- /dev/null
|
| +++ b/components/proximity_auth/cryptauth/proto/securemessage.proto
|
| @@ -0,0 +1,95 @@
|
| +// Copyright 2015 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +// Definitions related to the SecureMessage format, used by CryptAuth. Do not
|
| +// edit unless transcribing from server definitions.
|
| +syntax = "proto2";
|
| +
|
| +package securemessage;
|
| +
|
| +option optimize_for = LITE_RUNTIME;
|
| +
|
| +message SecureMessage {
|
| + // Must contain a HeaderAndBody message.
|
| + required bytes header_and_body = 1;
|
| + // Signature of header_and_body.
|
| + required bytes signature = 2;
|
| +}
|
| +
|
| +// Supported "signature" schemes (both symmetric key and public key based).
|
| +enum SigScheme {
|
| + HMAC_SHA256 = 1;
|
| + ECDSA_P256_SHA256 = 2;
|
| + // Not recommended -- use ECDSA_P256_SHA256 instead
|
| + RSA2048_SHA256 = 3;
|
| +}
|
| +
|
| +// Supported encryption schemes.
|
| +enum EncScheme {
|
| + // No encryption.
|
| + NONE = 1;
|
| + AES_256_CBC = 2;
|
| +}
|
| +
|
| +message Header {
|
| + required SigScheme signature_scheme = 1;
|
| + required EncScheme encryption_scheme = 2;
|
| + // Identifies the verification key.
|
| + optional bytes verification_key_id = 3;
|
| + // Identifies the decryption key.
|
| + optional bytes decryption_key_id = 4;
|
| + // Encryption may use an IV.
|
| + optional bytes iv = 5;
|
| + // Arbitrary per-protocol public data, to be sent with the plain-text header.
|
| + optional bytes public_metadata = 6;
|
| + // The length of some associated data that is not sent in this SecureMessage,
|
| + // but which will be bound to the signature.
|
| + optional uint32 associated_data_length = 7 [default = 0];
|
| +}
|
| +
|
| +message HeaderAndBody {
|
| + // Public data about this message (to be bound in the signature).
|
| + required Header header = 1;
|
| + // Payload data.
|
| + required bytes body = 2;
|
| +}
|
| +
|
| +// A list of supported public key types.
|
| +enum PublicKeyType {
|
| + EC_P256 = 1;
|
| + RSA2048 = 2;
|
| + // 2048-bit MODP group 14, from RFC 3526.
|
| + DH2048_MODP = 3;
|
| +}
|
| +
|
| +// A convenience proto for encoding NIST P-256 elliptic curve public keys.
|
| +message EcP256PublicKey {
|
| + // x and y are encoded in big-endian two's complement (slightly wasteful)
|
| + // Client MUST verify (x,y) is a valid point on NIST P256.
|
| + required bytes x = 1;
|
| + required bytes y = 2;
|
| +}
|
| +
|
| +// A convenience proto for encoding RSA public keys with small exponents.
|
| +message SimpleRsaPublicKey {
|
| + // Encoded in big-endian two's complement.
|
| + required bytes n = 1;
|
| + optional int32 e = 2 [default = 65537];
|
| +}
|
| +
|
| +// A convenience proto for encoding Diffie-Hellman public keys,
|
| +// for use only when Elliptic Curve based key exchanges are not possible.
|
| +// (Note that the group parameters must be specified separately).
|
| +message DhPublicKey {
|
| + // Big-endian two's complement encoded group element.
|
| + required bytes y = 1;
|
| +}
|
| +
|
| +message GenericPublicKey {
|
| + required PublicKeyType type = 1;
|
| + optional EcP256PublicKey ec_p256_public_key = 2;
|
| + optional SimpleRsaPublicKey rsa2048_public_key = 3;
|
| + // Use only as a last resort.
|
| + optional DhPublicKey dh2048_public_key = 4;
|
| +}
|
|
|
Chromium Code Reviews
Issue 1060483002:
Add SecureMessage definitions to CryptAuth. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master