syntax="proto3";


option go_package = "internal/pb";


/*
 * Every encrypted file starts with a header describing the
 * Block Size, Salt, Recipient keys etc. Header represents a
 * decoded version of this information. It is encoded in
 * protobuf format before writing to disk.
 */
message header {
    uint32 chunk_size  = 1; // encryption block size
    bytes  salt        = 2; // master salt (nonces are derived from this)
    bytes  pk          = 3; // ephemeral curve PK
    bytes  sender      = 4; // sender signed artifacts
    repeated wrapped_key keys  = 5; // list of wrapped receiver blocks
}

/*
 * A file encryption key is wrapped by a recipient specific public
 * key. WrappedKey describes such a wrapped key.
 */
message wrapped_key {
    bytes d_key = 1;    // encrypted data key
    bytes nonce = 2;    // nonce used for encryption
}