ds-toolkit/proto/ds/dsdata.proto at master · jinfwhuang/ds-toolkit · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
syntax = "proto3";

package jinfwhuang.dstoolkit.ds;

import "google/api/annotations.proto";
import "google/protobuf/empty.proto";

option go_package = "github.com/jinfwhuang/ds-toolkit/proto/ds";

message DataBlob {
  repeated HiddenDataKey hiddenDataKeys = 1;

  uint64 dataLen = 10; // EncryptedData might be padded
  bytes iv = 12; // 16 bytes
  bytes encryptedDataHash = 11; // To check data integrity

  // The data is encrypted by a single data_key.
  // The hidden key is encrypted by secrets that are only retrievable by corresponding pubkey-privkey pair owner.
  bytes encryptedData = 20;
}

message HiddenDataKey {
  bytes pubkey = 1;
  // The pubkey is stored in compressed form (33 bytes)
  bytes ephemeralPubkey = 2;

  // SharedSecret = privkey * ephemeral_privkey * Generator = privkey * ephemeralPubkey = ephemeral_privkey * pubkey
  // encryptedDataKey = AES_ENCRYPT(key=sha256(SharedSecret)[:128], iv=iv, data=data_key)
  bytes encryptedDataKey = 10; // AES_128 encryption
  bytes iv = 11; // 16 bytes
}