diff options
Diffstat (limited to 'chromium/components/gcm_driver/crypto/proto/gcm_encryption_data.proto')
-rw-r--r-- | chromium/components/gcm_driver/crypto/proto/gcm_encryption_data.proto | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/chromium/components/gcm_driver/crypto/proto/gcm_encryption_data.proto b/chromium/components/gcm_driver/crypto/proto/gcm_encryption_data.proto new file mode 100644 index 00000000000..d4ceb230894 --- /dev/null +++ b/chromium/components/gcm_driver/crypto/proto/gcm_encryption_data.proto @@ -0,0 +1,58 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +syntax = "proto2"; + +option optimize_for = LITE_RUNTIME; + +package gcm; + +// Stores a public/private key-pair. +// Next tag: 5 +message KeyPair { + // The type of key used for key agreement. Currently only the ECDH key + // agreement scheme is supported, using NIST P-256. + enum KeyType { + ECDH_P256 = 0; + } + + required KeyType type = 1; + + // The private key matching the size requirements of |type|. + optional bytes private_key = 2; + + reserved 3; // public_key_x509, now deleted. + + // The public key as an uncompressed EC point according to SEC 2.3.3. + optional bytes public_key = 4; +} + +// Stores a vector of public/private key-pairs associated with an app id and +// optionally the authorized entity of an instance id token. +// +// In the current implementation, each (app_id, authorized_entity) pair will +// have a single encryption key-pair associated with it at most. The message +// allows for multiple key pairs in case we need to force-cycle all keys, +// allowing the old keys to remain valid for a period of time enabling the web +// app to update. +// +// Next tag: 6 +message EncryptionData { + // The app id to whom this encryption data belongs. + required string app_id = 1; + + // The sender id of the instance id token that this encryption data belongs + // to. Must not be empty. Must be omitted for non-InstanceID registrations. + optional string authorized_entity = 4; + + // DEPRECATED: The actual public/private key-pairs. + repeated KeyPair keys = 2; + + // P-256 private key stored as a PKCS #8 PrivateKeyInfo block. + optional string private_key = 5; + + // The authentication secret associated with the subscription. Must be a + // cryptographically secure number of at least 12 bytes. + optional bytes auth_secret = 3; +} |