path: root/chromium/components/gcm_driver/crypto/proto/gcm_encryption_data.proto

// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

syntax = "proto2";

option optimize_for = LITE_RUNTIME;

package gcm;

// Stores a public/private key-pair.
// Next tag: 5
message KeyPair {
  // The type of key used for key agreement. Currently only the ECDH key
  // agreement scheme is supported, using NIST P-256.
  enum KeyType {
    ECDH_P256 = 0;
  }

  required KeyType type = 1;

  // The private key matching the size requirements of |type|.
  optional bytes private_key = 2;

  reserved 3;  // public_key_x509, now deleted.

  // The public key as an uncompressed EC point according to SEC 2.3.3.
  optional bytes public_key = 4;
}

// Stores a vector of public/private key-pairs associated with an app id and
// optionally the authorized entity of an instance id token.
//
// In the current implementation, each (app_id, authorized_entity) pair will
// have a single encryption key-pair associated with it at most. The message
// allows for multiple key pairs in case we need to force-cycle all keys,
// allowing the old keys to remain valid for a period of time enabling the web
// app to update.
//
// Next tag: 6
message EncryptionData {
  // The app id to whom this encryption data belongs.
  required string app_id = 1;

  // The sender id of the instance id token that this encryption data belongs
  // to. Must not be empty. Must be omitted for non-InstanceID registrations.
  optional string authorized_entity = 4;

  // DEPRECATED: The actual public/private key-pairs.
  repeated KeyPair keys = 2;

  // P-256 private key stored as a PKCS #8 PrivateKeyInfo block.
  optional string private_key = 5;

  // The authentication secret associated with the subscription. Must be a
  // cryptographically secure number of at least 12 bytes.
  optional bytes auth_secret = 3;
}