| syntax = "proto2"; |
| |
| package android_backup_crypto; |
| |
| option java_package = "com.android.server.backup.encryption.protos"; |
| option java_outer_classname = "WrappedKeyProto"; |
| |
| // Metadata associated with a tertiary key. |
| message KeyMetadata { |
| // Type of Cipher algorithm the key is used for. |
| enum Type { |
| UNKNOWN = 0; |
| // No padding. Uses 12-byte nonce. Tag length 16 bytes. |
| AES_256_GCM = 1; |
| } |
| |
| // What kind of Cipher algorithm the key is used for. We assume at the moment |
| // that this will always be AES_256_GCM and throw if this is not the case. |
| // Provided here for forwards compatibility in case at some point we need to |
| // change Cipher algorithm. |
| optional Type type = 1; |
| } |
| |
| // An encrypted tertiary key. |
| message WrappedKey { |
| // The Cipher with which the key was encrypted. |
| enum WrapAlgorithm { |
| UNKNOWN = 0; |
| // No padding. Uses 16-byte nonce (see nonce field). Tag length 16 bytes. |
| // The nonce is 16-bytes as this is wrapped with a key in AndroidKeyStore. |
| // AndroidKeyStore requires that it generates the IV, and it generates a |
| // 16-byte IV for you. You CANNOT provide your own IV. |
| AES_256_GCM = 1; |
| } |
| |
| // Cipher algorithm used to wrap the key. We assume at the moment that this |
| // is always AES_256_GC and throw if this is not the case. Provided here for |
| // forwards compatibility if at some point we need to change Cipher algorithm. |
| optional WrapAlgorithm wrap_algorithm = 1; |
| |
| // The nonce used to initialize the Cipher in AES/256/GCM mode. |
| optional bytes nonce = 2; |
| |
| // The encrypted bytes of the key material. |
| optional bytes key = 3; |
| |
| // Associated key metadata. |
| optional KeyMetadata metadata = 4; |
| |
| // Deprecated field; Do not use |
| reserved 5; |
| } |