rework EncryptMessage/DecryptMessage

2024-11-26 17:38:39 +00:00 · 2014-11-03 19:43:11 +01:00 · 2014-11-03 19:43:11 +01:00 · e675d5fd76
commit e675d5fd76
parent 71a02eb83d
1 changed files with 37 additions and 6 deletions
--- a/protob/messages.proto
+++ b/protob/messages.proto
@ -38,6 +38,7 @@ enum MessageType {
 	MessageType_TxRequest = 21 [(wire_out) = true];
 	MessageType_TxAck = 22 [(wire_in) = true];
 	MessageType_CipherKeyValue = 23 [(wire_in) = true];
+	MessageType_CipheredKeyValue = 48 [(wire_out) = true];
 	MessageType_ClearSession = 24 [(wire_in) = true];
 	MessageType_ApplySettings = 25 [(wire_in) = true];
 	MessageType_ButtonRequest = 26 [(wire_out) = true];
@ -49,8 +50,10 @@ enum MessageType {
 	MessageType_SignMessage = 38 [(wire_in) = true];
 	MessageType_VerifyMessage = 39 [(wire_in) = true];
 	MessageType_MessageSignature = 40 [(wire_out) = true];
-	MessageType_EncryptMessage = 48 [(wire_in) = true];
-	MessageType_DecryptMessage = 49 [(wire_in) = true];
+	MessageType_EncryptMessage = 49 [(wire_in) = true];
+	MessageType_EncryptedMessage = 50 [(wire_out) = true];
+	MessageType_DecryptMessage = 51 [(wire_in) = true];
+	MessageType_DecryptedMessage = 52 [(wire_out) = true];
 	MessageType_PassphraseRequest = 41 [(wire_out) = true];
 	MessageType_PassphraseAck = 42 [(wire_in) = true];
 	MessageType_EstimateTxSize = 43 [(wire_in) = true];
@ -142,7 +145,6 @@ message Ping {
 */
 message Success {
 	optional string message = 1;	// human readable description of action or request-specific payload
-	optional bytes payload = 2;	// request-specific binary payload
 }

 /**
@ -398,7 +400,7 @@ message MessageSignature {

 /**
 * Request: Ask device to encrypt message
- * @next Success
+ * @next EncryptedMessage
 * @next Failure
 */
 message EncryptMessage {
@ -409,6 +411,16 @@ message EncryptMessage {
 	optional string coin_name = 5 [default='Bitcoin'];	// coin to use for signing
 }

+/**
+ * Response: Encrypted message
+ * @prev EncryptMessage
+ */
+message EncryptedMessage {
+	optional bytes nonce = 1;				// nonce used during encryption
+	optional bytes message = 2;				// encrypted message
+	optional bytes hmac = 3;				// message hmac
+}
+
 /**
 * Request: Ask device to decrypt message
 * @next Success
@ -416,12 +428,23 @@ message EncryptMessage {
 */
 message DecryptMessage {
 	repeated uint32 address_n = 1;				// BIP-32 path to derive the decryption key from master node
-	optional bytes message = 2;				// message to decrypt
+	optional bytes nonce = 2;				// nonce used during encryption
+	optional bytes message = 3;				// message to decrypt
+	optional bytes hmac = 4;				// message hmac
+}
+
+/**
+ * Response: Decrypted message
+ * @prev DecryptedMessage
+ */
+message DecryptedMessage {
+	optional bytes message = 1;				// decrypted message
+	optional string address = 2;				// address used to sign the message (if used)
 }

 /**
 * Request: Ask device to encrypt or decrypt value of given key
- * @next Success
+ * @next CipheredKeyValue
 * @next Failure
 */
 message CipherKeyValue {
@ -433,6 +456,14 @@ message CipherKeyValue {
 	optional bool ask_on_decrypt = 6;	// should we ask on decrypt operation?
 }

+/**
+ * Response: Return ciphered/deciphered value
+ * @prev CipherKeyValue
+ */
+message CipheredKeyValue {
+	optional bytes value = 1;		// ciphered/deciphered value
+}
+
 //////////////////////////////////
 // Transaction signing messages //
 //////////////////////////////////