1// Copyright 2018 Google Inc. 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14// 15//////////////////////////////////////////////////////////////////////////////// 16 17syntax = "proto3"; 18 19package google.crypto.tink; 20 21option java_package = "com.google.crypto.tink.proto"; 22option java_multiple_files = true; 23option go_package = "github.com/google/tink/go/proto/jwt_rsa_ssa_pss_go_proto"; 24 25// See https://datatracker.ietf.org/doc/html/rfc7518#section-3.5 26enum JwtRsaSsaPssAlgorithm { 27 PS_UNKNOWN = 0; 28 PS256 = 1; // RSASSA-PSS using SHA-256 and MGF1 with SHA-256 29 PS384 = 2; // RSASSA-PSS using SHA-384 and MGF1 with SHA-384 30 PS512 = 3; // RSASSA-PSS using SHA-512 and MGF1 with SHA-512 31} 32 33// key_type: type.googleapis.com/google.crypto.tink.JwtRsaSsaPssPublicKey 34message JwtRsaSsaPssPublicKey { 35 uint32 version = 1; 36 JwtRsaSsaPssAlgorithm algorithm = 2; 37 // Modulus. 38 // Unsigned big integer in big-endian representation. 39 bytes n = 3; 40 // Public exponent. 41 // Unsigned big integer in big-endian representation. 42 bytes e = 4; 43 44 // Optional, custom kid header value to be used with "RAW" keys. 45 // "TINK" keys with this value set will be rejected. 46 message CustomKid { 47 string value = 1; 48 } 49 CustomKid custom_kid = 5; 50} 51 52// key_type: type.googleapis.com/google.crypto.tink.JwtRsaSsaPssPrivateKey 53message JwtRsaSsaPssPrivateKey { 54 uint32 version = 1; 55 JwtRsaSsaPssPublicKey public_key = 2; 56 // Private exponent. 57 // Unsigned big integer in big-endian representation. 58 bytes d = 3; 59 60 // The following parameters are used to optimize RSA signature computation. 61 // The prime factor p of n. 62 // Unsigned big integer in big-endian representation. 63 bytes p = 4; 64 // The prime factor q of n. 65 // Unsigned big integer in big-endian representation. 66 bytes q = 5; 67 // d mod (p - 1). 68 // Unsigned big integer in big-endian representation. 69 bytes dp = 6; 70 // d mod (q - 1). 71 // Unsigned big integer in big-endian representation. 72 bytes dq = 7; 73 // Chinese Remainder Theorem coefficient q^(-1) mod p. 74 // Unsigned big integer in big-endian representation. 75 bytes crt = 8; 76} 77 78message JwtRsaSsaPssKeyFormat { 79 uint32 version = 1; 80 JwtRsaSsaPssAlgorithm algorithm = 2; 81 uint32 modulus_size_in_bits = 3; 82 bytes public_exponent = 4; 83} 84