1/* Copyright 2018 Google LLC 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * https://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15syntax = "proto2"; 16 17package securegcm; 18 19option java_package = "com.google.security.cryptauth.lib.securegcm"; 20option java_outer_classname = "UkeyProto"; 21 22message Ukey2Message { 23 enum Type { 24 UNKNOWN_DO_NOT_USE = 0; 25 ALERT = 1; 26 CLIENT_INIT = 2; 27 SERVER_INIT = 3; 28 CLIENT_FINISH = 4; 29 } 30 31 optional Type message_type = 1; // Identifies message type 32 optional bytes message_data = 2; // Actual message, to be parsed according to 33 // message_type 34} 35 36message Ukey2Alert { 37 enum AlertType { 38 // Framing errors 39 BAD_MESSAGE = 1; // The message could not be deserialized 40 BAD_MESSAGE_TYPE = 2; // message_type has an undefined value 41 INCORRECT_MESSAGE = 3; // message_type received does not correspond to 42 // expected type at this stage of the protocol 43 BAD_MESSAGE_DATA = 4; // Could not deserialize message_data as per 44 // value inmessage_type 45 46 // ClientInit and ServerInit errors 47 BAD_VERSION = 100; // version is invalid; server cannot find 48 // suitable version to speak with client. 49 BAD_RANDOM = 101; // Random data is missing or of incorrect 50 // length 51 BAD_HANDSHAKE_CIPHER = 102; // No suitable handshake ciphers were found 52 BAD_NEXT_PROTOCOL = 103; // The next protocol is missing, unknown, or 53 // unsupported 54 BAD_PUBLIC_KEY = 104; // The public key could not be parsed 55 56 // Other errors 57 INTERNAL_ERROR = 200; // An internal error has occurred. error_message 58 // may contain additional details for logging 59 // and debugging. 60 } 61 62 optional AlertType type = 1; 63 optional string error_message = 2; 64} 65 66enum Ukey2HandshakeCipher { 67 RESERVED = 0; 68 P256_SHA512 = 100; // NIST P-256 used for ECDH, SHA512 used for 69 // commitment 70 CURVE25519_SHA512 = 200; // Curve 25519 used for ECDH, SHA512 used for 71 // commitment 72} 73 74message Ukey2ClientInit { 75 optional int32 version = 1; // highest supported version for rollback 76 // protection 77 optional bytes random = 2; // random bytes for replay/reuse protection 78 79 // One commitment (hash of ClientFinished containing public key) per supported 80 // cipher 81 message CipherCommitment { 82 optional Ukey2HandshakeCipher handshake_cipher = 1; 83 optional bytes commitment = 2; 84 } 85 repeated CipherCommitment cipher_commitments = 3; 86 87 // Next protocol that the client wants to speak. 88 optional string next_protocol = 4; 89} 90 91message Ukey2ServerInit { 92 optional int32 version = 1; // highest supported version for rollback 93 // protection 94 optional bytes random = 2; // random bytes for replay/reuse protection 95 96 // Selected Cipher and corresponding public key 97 optional Ukey2HandshakeCipher handshake_cipher = 3; 98 optional bytes public_key = 4; 99} 100 101message Ukey2ClientFinished { 102 optional bytes public_key = 1; // public key matching selected handshake 103 // cipher 104} 105