xref: /aosp_15_r20/external/tink/python/tink/proto/ecies_aead_hkdf.proto (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1// Copyright 2017 Google Inc.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//      http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15////////////////////////////////////////////////////////////////////////////////
16
17// Definitions for Elliptic Curve Digital Signature Algorithm (ECDSA).
18syntax = "proto3";
19
20package google.crypto.tink;
21
22import "tink/proto/common.proto";
23import "tink/proto/tink.proto";
24
25option java_package = "com.google.crypto.tink.proto";
26option java_multiple_files = true;
27option go_package = "github.com/google/tink/go/proto/ecies_aead_hkdf_go_proto";
28
29// Protos for keys for ECIES with HKDF and AEAD encryption.
30//
31// These definitions follow loosely ECIES ISO 18033-2 standard
32// (Elliptic Curve Integrated Encryption Scheme, see
33// http://www.shoup.net/iso/std6.pdf), with but with some differences:
34//  * use of HKDF key derivation function (instead of KDF1 and KDF2) enabling
35//  the use
36//    of optional parameters to the key derivation function, which strenghten
37//    the overall security and allow for binding the key material to
38//    application-specific information (cf. RFC 5869,
39//    https://tools.ietf.org/html/rfc5869)
40//  * use of modern AEAD schemes rather than "manual composition" of symmetric
41//  encryption
42//    with message authentication codes (as in DEM1, DEM2, and DEM3 schemes of
43//    ISO 18033-2)
44//
45// ECIES-keys represent HybridEncryption resp. HybridDecryption primitives.
46
47// Parameters of KEM (Key Encapsulation Mechanism)
48message EciesHkdfKemParams {
49  // Required.
50  EllipticCurveType curve_type = 1;
51
52  // Required.
53  HashType hkdf_hash_type = 2;
54
55  // Optional.
56  bytes hkdf_salt = 11;
57}
58
59// Parameters of AEAD DEM (Data Encapsulation Mechanism).
60message EciesAeadDemParams {
61  // Required.
62  // Contains an Aead or DeterministicAead key format (e.g:
63  // AesCtrHmacAeadKeyFormat, AesGcmKeyFormat or AesSivKeyFormat).
64  KeyTemplate aead_dem = 2;
65}
66
67message EciesAeadHkdfParams {
68  // Key Encapsulation Mechanism.
69  // Required.
70  EciesHkdfKemParams kem_params = 1;
71
72  // Data Encapsulation Mechanism.
73  // Required.
74  EciesAeadDemParams dem_params = 2;
75
76  // EC point format.
77  // Required.
78  EcPointFormat ec_point_format = 3;
79}
80
81// EciesAeadHkdfPublicKey represents HybridEncryption primitive.
82// key_type: type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey
83message EciesAeadHkdfPublicKey {
84  // Required.
85  uint32 version = 1;
86  // Required.
87  EciesAeadHkdfParams params = 2;
88
89  // Affine coordinates of the public key in bigendian representation.
90  // The public key is a point (x, y) on the curve defined by
91  // params.kem_params.curve. Required.
92  bytes x = 3;
93  // Required.
94  bytes y = 4;
95}
96
97// EciesKdfAeadPrivateKey represents HybridDecryption primitive.
98// key_type: type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey
99message EciesAeadHkdfPrivateKey {
100  // Required.
101  uint32 version = 1;
102
103  // Required.
104  EciesAeadHkdfPublicKey public_key = 2;
105
106  // Required.
107  bytes key_value = 3;  // Big integer in bigendian representation.
108}
109
110message EciesAeadHkdfKeyFormat {
111  // Required.
112  EciesAeadHkdfParams params = 1;
113}
114