* Sender identity is never shared in the encrypted payload * Sender signs the data-encryption key via Ed25519 if sender-auth is desired; else a "signature" of all zeroes is used. In either case, this signature is encrypted with the same data-encryption key. * cleaned up stale code and updated tests
32 lines
960 B
Protocol Buffer
32 lines
960 B
Protocol Buffer
syntax="proto3";
|
|
|
|
//import "gogoproto/gogo.proto"
|
|
|
|
package pb;
|
|
|
|
//option (gogoproto.marshaler_all) = true;
|
|
//option (gogoproto.sizer_all) = true;
|
|
//option (gogoproto.unmarshaler_all) = true;
|
|
//option (gogoproto.goproto_getters_all) = false;
|
|
|
|
/*
|
|
* Every encrypted file starts with a header describing the
|
|
* Block Size, Salt, Recipient keys etc. Header represents a
|
|
* decoded version of this information. It is encoded in
|
|
* protobuf format before writing to disk.
|
|
*/
|
|
message header {
|
|
uint32 chunk_size = 1; // encryption block size
|
|
bytes salt = 2; // master salt (nonces are derived from this)
|
|
bytes pk = 3; // ephemeral curve PK
|
|
bytes sender_sign = 4; // signature block of sender
|
|
repeated wrapped_key keys = 5; // list of wrapped receiver blocks
|
|
}
|
|
|
|
/*
|
|
* A file encryption key is wrapped by a recipient specific public
|
|
* key. WrappedKey describes such a wrapped key.
|
|
*/
|
|
message wrapped_key {
|
|
bytes d_key = 1; // encrypted data key
|
|
}
|