| // Copyright 2016 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| syntax = "proto3"; |
| |
| package cobalt; |
| |
| option go_package = "cobalt"; |
| |
| //////////////////////////////////////////////////////////////////////////////// |
| // |
| // NOTE: This copy of encrypted_message.proto is used by the Cobalt client. |
| // A second copy of this file is used by the Cobalt Shuffler and Analyzer |
| // running in Google production. It is necessary to have two copies due to |
| // requirements by the Google Logs Privacy team regarding the location of |
| // of .proto files used in logs processing pipelines. Any changes to this |
| // file must be replicated in the other copy of the file. |
| // |
| //////////////////////////////////////////////////////////////////////////////// |
| |
| // An EncryptedMessage carries the encrypted bytes of another proto message, |
| // along with information about how it is encrypted. |
| // |
| // Observations collected via Cobalt are doubly encrypted. First each individual |
| // message is encrypted to the Analyzer that will process it. Second each |
| // Envelope containing many observations is encrypted to the Shuffler. We use |
| // the EncryptedMessage proto to carry the ciphertext in both cases. |
| message EncryptedMessage { |
| // The different schemes used in Cobalt to encrypt a message. |
| enum EncryptionScheme { |
| // The message is not encrypted. |ciphertext| contains plaintext bytes of a |
| // serialized protocol buffer message. This scheme must only be used in |
| // tests. |
| NONE = 0; |
| |
| // Hybrid Cipher using elliptic curve Diffie-Hellman, version 1. |
| HYBRID_ECDH_V1 = 1; |
| |
| // Hybrid cipher compatible with Tink hybrid encryption/decryption |
| // primitives declared in |
| // third_party/tink/cc/hybrid/hybrid_key_templates.h |
| // Multiple hybrid encryption schemes are supported and indicated by the |
| // type of key used. |
| HYBRID_TINK = 2; |
| } |
| // Which scheme was used to encrypt this message? |
| EncryptionScheme scheme = 1; |
| |
| // 32-byte fingerprint (SHA256) of the recipient’s public key. |
| // This is used to facilitate key rotation. |
| bytes public_key_fingerprint = 2; |
| |
| // The |ciphertext| field contains the bytes of the encryption of the standard |
| // serialization of one of the following types of proto messages: |
| // |
| // - A cobalt.Envelope, as defined in envelope.proto. |
| // EncryptedMessages containing Envelopes are the input to the Shuffler. |
| // |
| // - A cobalt.Observation2, as defined in observation2.proto. |
| // An ObservationBatch (defined in observation_batch.proto) contains |
| // EncryptedMessages of this type. ObservationBatches are output from the |
| // Shuffler. |
| bytes ciphertext = 3; |
| } |