forked from trezor/trezor-firmware
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmessages-crypto.proto
91 lines (81 loc) · 2.84 KB
/
messages-crypto.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
syntax = "proto2";
package hw.trezor.messages.crypto;
// Sugar for easier handling in Java
option java_package = "com.satoshilabs.trezor.lib.protobuf";
option java_outer_classname = "TrezorMessageCrypto";
import "options.proto";
option (include_in_bitcoin_only) = true;
/**
* Request: Ask device to encrypt or decrypt value of given key
* @start
* @next CipheredKeyValue
* @next Failure
*/
message CipherKeyValue {
repeated uint32 address_n = 1; // BIP-32 path to derive the key from master node
required string key = 2; // key component of key:value
required bytes value = 3; // value component of key:value
optional bool encrypt = 4; // are we encrypting (True) or decrypting (False)?
optional bool ask_on_encrypt = 5; // should we ask on encrypt operation?
optional bool ask_on_decrypt = 6; // should we ask on decrypt operation?
optional bytes iv = 7; // initialization vector (will be computed if not set)
}
/**
* Response: Return ciphered/deciphered value
* @end
*/
message CipheredKeyValue {
required bytes value = 1; // ciphered/deciphered value
}
/**
* Structure representing identity data
* @embed
*/
message IdentityType {
optional string proto = 1; // proto part of URI
optional string user = 2; // user part of URI
optional string host = 3; // host part of URI
optional string port = 4; // port part of URI
optional string path = 5; // path part of URI
optional uint32 index = 6 [default=0]; // identity index
}
/**
* Request: Ask device to sign identity
* @start
* @next SignedIdentity
* @next Failure
*/
message SignIdentity {
required IdentityType identity = 1; // identity
optional bytes challenge_hidden = 2 [default=""]; // non-visible challenge
optional string challenge_visual = 3 [default=""]; // challenge shown on display (e.g. date+time)
optional string ecdsa_curve_name = 4; // ECDSA curve name to use
}
/**
* Response: Device provides signed identity
* @end
*/
message SignedIdentity {
optional string address = 1; // identity address
required bytes public_key = 2; // identity public key
required bytes signature = 3; // signature of the identity data
}
/**
* Request: Ask device to generate ECDH session key
* @start
* @next ECDHSessionKey
* @next Failure
*/
message GetECDHSessionKey {
required IdentityType identity = 1; // identity
required bytes peer_public_key = 2; // peer's public key
optional string ecdsa_curve_name = 3; // ECDSA curve name to use
}
/**
* Response: Device provides ECDH session key
* @end
*/
message ECDHSessionKey {
required bytes session_key = 1; // ECDH session key
optional bytes public_key = 2; // identity public key
}