| // Copyright 2017 Google Inc. |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| // |
| //////////////////////////////////////////////////////////////////////////////// |
| |
| // Definitions for Cloud Crypto SDK (Tink) library. |
| syntax = "proto3"; |
| |
| package google.crypto.tink; |
| |
| option java_package = "com.google.crypto.tink.proto"; |
| option java_multiple_files = true; |
| option objc_class_prefix = "TINKPB"; |
| option go_package = "github.com/google/tink/proto/tink_go_proto"; |
| |
| // Each instantiation of a Tink primitive is identified by type_url, |
| // which is a global URL pointing to a *Key-proto that holds key material |
| // and other parameters of the instantiation. For standard Tink key types |
| // the value of type_url follows the structure of type_url-field of |
| // google.protobuf.Any-protos, and is given as: |
| // |
| // type.googleapis.com/packagename.messagename |
| // |
| // For example, for an HMAC key defined in proto google.cloud.tink.HmacKey |
| // the value of type_url is: |
| // |
| // type.googleapis.com/google.cloud.tink.HmacKey |
| // |
| // For each type_url, in addition to the *Key proto, there exist two |
| // related structures: |
| // 1. *Params: parameters of an instantiation of the primitive, |
| // needed when a key is being used. |
| // 2. *KeyFormat: parameters needed to generate a new key; these |
| // include the corresponding Params, since when a factory generates |
| // a key based on KeyFormat, it must add Params to the resulting |
| // key proto with the actual key material. |
| // The actual *KeyFormat proto is wrapped in a KeyTemplate message. |
| // By convention, the name of the *KeyFormat-proto must be equal |
| // to the name of the *Key-proto from type_url-field suffixed with "Format". |
| |
| message KeyTemplate { |
| // Required. |
| string type_url = 1; // in format type.googleapis.com/packagename.messagename |
| // Optional. |
| // If missing, it means the key type doesn't require a *KeyFormat proto. |
| bytes value = 2; // contains specific serialized *KeyFormat proto |
| // Optional. |
| // If missing, uses OutputPrefixType.TINK. |
| OutputPrefixType output_prefix_type = 3; |
| } |
| |
| enum KeyStatusType { |
| UNKNOWN_STATUS = 0; |
| ENABLED = 1; // Can be used for crypto operations. |
| DISABLED = 2; // Cannot be used, but exists and can become ENABLED. |
| DESTROYED = 3; // Key data does not exist in this Keyset any more. |
| } |
| |
| // Tink produces and accepts ciphertexts or signatures that consist |
| // of a prefix and a payload. The payload and its format is determined |
| // entirely by the primitive, but the prefix has to be one of the following |
| // 4 types: |
| // - Legacy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte |
| // key id that is computed from the key material. |
| // - Crunchy: prefix is 5 bytes, starts with \x00 and followed by a 4-byte |
| // key id that is generated randomly. |
| // - Tink : prefix is 5 bytes, starts with \x01 and followed by 4-byte |
| // key id that is generated randomly. |
| // - Raw : prefix is 0 byte, i.e., empty. |
| enum OutputPrefixType { |
| UNKNOWN_PREFIX = 0; |
| TINK = 1; |
| LEGACY = 2; |
| RAW = 3; |
| // CRUNCHY is like LEGACY, but with two differences: |
| // - Its key id is generated randomly (like TINK) |
| // - Its signature schemes don't append zero to sign messages |
| CRUNCHY = 4; |
| } |
| |
| // Each *Key proto by convention contains a version field, which |
| // identifies the version of implementation that can work with this key. |
| // message SomeInstantiationKey { |
| // uint32 version = 1; |
| // ... |
| // } |
| // Version is a monotonic counter: each implementation of a primitive |
| // has its associated "current version", which starts at 0 and is incremented |
| // upon updates of the code/key proto. A key with version n needs |
| // an implementation version n or higher to work. |
| |
| // For public key primitives, the public and private keys are distinct entities |
| // and represent distinct primitives. However, by convention, the private key |
| // of a public-key primitive contains the corresponding public key proto. |
| |
| // The actual *Key-proto is wrapped in a KeyData message, which in addition |
| // to this serialized proto contains also type_url identifying the |
| // definition of *Key-proto (as in KeyFormat-message), and some extra metadata |
| // about the type key material. |
| message KeyData { |
| // Required. |
| string type_url = 1; // In format type.googleapis.com/packagename.messagename |
| // Required. |
| bytes value = 2; // contains specific serialized *Key proto |
| enum KeyMaterialType { |
| UNKNOWN_KEYMATERIAL = 0; |
| SYMMETRIC = 1; |
| ASYMMETRIC_PRIVATE = 2; |
| ASYMMETRIC_PUBLIC = 3; |
| REMOTE = 4; // points to a remote key, i.e., in a KMS. |
| } |
| // Required. |
| KeyMaterialType key_material_type = 3; |
| } |
| |
| // A Tink user works usually not with single keys, but with keysets, |
| // to enable key rotation. The keys in a keyset can belong to different |
| // implementations/key types, but must all implement the same primitive. |
| // Any given keyset (and any given key) can be used for one primitive only. |
| message Keyset { |
| message Key { |
| |
| // Contains the actual, instantiation specific key proto. |
| // By convention, each key proto contains a version field. |
| KeyData key_data = 1; |
| |
| KeyStatusType status = 2; |
| |
| // Identifies a key within a keyset, is a part of metadata |
| // of a ciphertext/signature. |
| uint32 key_id = 3; |
| |
| // Determines the prefix of the ciphertexts/signatures produced by this key. |
| // This value is copied verbatim from the key template. |
| OutputPrefixType output_prefix_type = 4; |
| } |
| |
| // Identifies key used to generate new crypto data (encrypt, sign). |
| // Required. |
| uint32 primary_key_id = 1; |
| |
| // Actual keys in the Keyset. |
| // Required. |
| repeated Key key = 2; |
| } |
| |
| // Represents a "safe" Keyset that doesn't contain any actual key material, |
| // thus can be used for logging or monitoring. Most fields are copied from |
| // Keyset. |
| message KeysetInfo { |
| message KeyInfo { |
| // the type url of this key, |
| // e.g., type.googleapis.com/google.crypto.tink.HmacKey. |
| string type_url = 1; |
| |
| // See Keyset.Key.status. |
| KeyStatusType status = 2; |
| |
| // See Keyset.Key.key_id. |
| uint32 key_id = 3; |
| |
| // See Keyset.Key.output_prefix_type. |
| OutputPrefixType output_prefix_type = 4; |
| } |
| |
| // See Keyset.primary_key_id. |
| uint32 primary_key_id = 1; |
| |
| // KeyInfos in the KeysetInfo. |
| // Each KeyInfo is corresponding to a Key in the corresponding Keyset. |
| repeated KeyInfo key_info = 2; |
| } |
| |
| // Represents a keyset that is encrypted with a master key. |
| message EncryptedKeyset { |
| // Required. |
| bytes encrypted_keyset = 2; |
| // Optional. |
| KeysetInfo keyset_info = 3; |
| } |