1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// https://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto2"; 16 17package securegcm; 18 19import "securemessage.proto"; 20 21option optimize_for = LITE_RUNTIME; 22option java_package = "com.google.security.cryptauth.lib.securegcm"; 23option java_outer_classname = "DeviceToDeviceMessagesProto"; 24option objc_class_prefix = "SGCM"; 25 26// Used by protocols between devices 27message DeviceToDeviceMessage { 28 // the payload of the message 29 optional bytes message = 1; 30 31 // the sequence number of the message - must be increasing. 32 optional int32 sequence_number = 2; 33} 34 35// sent as the first message from initiator to responder 36// in an unauthenticated Diffie-Hellman Key Exchange 37message InitiatorHello { 38 // The session public key to send to the responder 39 optional securemessage.GenericPublicKey public_dh_key = 1; 40 41 // The protocol version 42 optional int32 protocol_version = 2 [default = 0]; 43} 44 45// sent inside the header of the first message from the responder to the 46// initiator in an unauthenticated Diffie-Hellman Key Exchange 47message ResponderHello { 48 // The session public key to send to the initiator 49 optional securemessage.GenericPublicKey public_dh_key = 1; 50 51 // The protocol version 52 optional int32 protocol_version = 2 [default = 0]; 53} 54 55// Type of curve 56enum Curve { ED_25519 = 1; } 57 58// A convenience proto for encoding curve points in affine representation 59message EcPoint { 60 required Curve curve = 1; 61 62 // x and y are encoded in big-endian two's complement 63 // client MUST verify (x,y) is a valid point on the specified curve 64 required bytes x = 2; 65 required bytes y = 3; 66} 67 68message SpakeHandshakeMessage { 69 // Each flow in the protocol bumps this counter 70 optional int32 flow_number = 1; 71 72 // Some (but not all) SPAKE flows send a point on an elliptic curve 73 optional EcPoint ec_point = 2; 74 75 // Some (but not all) SPAKE flows send a hash value 76 optional bytes hash_value = 3; 77 78 // The last flow of a SPAKE protocol can send an optional payload, 79 // since the key exchange is already complete on the sender's side. 80 optional bytes payload = 4; 81} 82