1/* Copyright 2018 Google LLC 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * https://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15syntax = "proto2"; 16 17package securegcm; 18 19option java_package = "com.google.security.cryptauth.lib.securegcm"; 20option java_outer_classname = "DeviceToDeviceMessagesProto"; 21option objc_class_prefix = "SGCM"; 22 23import "securemessage.proto"; 24 25// Used by protocols between devices 26message DeviceToDeviceMessage { 27 // the payload of the message 28 optional bytes message = 1; 29 30 // the sequence number of the message - must be increasing. 31 optional int32 sequence_number = 2; 32} 33 34// sent as the first message from initiator to responder 35// in an unauthenticated Diffie-Hellman Key Exchange 36message InitiatorHello { 37 // The session public key to send to the responder 38 optional securemessage.GenericPublicKey public_dh_key = 1; 39 40 // The protocol version 41 optional int32 protocol_version = 2 [default = 0]; 42} 43 44// sent inside the header of the first message from the responder to the 45// initiator in an unauthenticated Diffie-Hellman Key Exchange 46message ResponderHello { 47 // The session public key to send to the initiator 48 optional securemessage.GenericPublicKey public_dh_key = 1; 49 50 // The protocol version 51 optional int32 protocol_version = 2 [default = 0]; 52} 53 54// Type of curve 55enum Curve { 56 ED_25519 = 1; 57} 58 59// A convenience proto for encoding curve points in affine representation 60message EcPoint { 61 required Curve curve = 1; 62 63 // x and y are encoded in big-endian two's complement 64 // client MUST verify (x,y) is a valid point on the specified curve 65 required bytes x = 2; 66 required bytes y = 3; 67} 68 69message SpakeHandshakeMessage { 70 // Each flow in the protocol bumps this counter 71 optional int32 flow_number = 1; 72 73 // Some (but not all) SPAKE flows send a point on an elliptic curve 74 optional EcPoint ec_point = 2; 75 76 // Some (but not all) SPAKE flows send a hash value 77 optional bytes hash_value = 3; 78 79 // The last flow of a SPAKE protocol can send an optional payload, 80 // since the key exchange is already complete on the sender's side. 81 optional bytes payload = 4; 82} 83 84