From e675d5fd7684e437bb35fb24330234d43ee2e4db Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 3 Nov 2014 19:43:11 +0100 Subject: [PATCH] rework EncryptMessage/DecryptMessage --- protob/messages.proto | 43 +++++++++++++++++++++++++++++++++++++------ 1 file changed, 37 insertions(+), 6 deletions(-) diff --git a/protob/messages.proto b/protob/messages.proto index decc934d7..643109670 100644 --- a/protob/messages.proto +++ b/protob/messages.proto @@ -38,6 +38,7 @@ enum MessageType { MessageType_TxRequest = 21 [(wire_out) = true]; MessageType_TxAck = 22 [(wire_in) = true]; MessageType_CipherKeyValue = 23 [(wire_in) = true]; + MessageType_CipheredKeyValue = 48 [(wire_out) = true]; MessageType_ClearSession = 24 [(wire_in) = true]; MessageType_ApplySettings = 25 [(wire_in) = true]; MessageType_ButtonRequest = 26 [(wire_out) = true]; @@ -49,8 +50,10 @@ enum MessageType { MessageType_SignMessage = 38 [(wire_in) = true]; MessageType_VerifyMessage = 39 [(wire_in) = true]; MessageType_MessageSignature = 40 [(wire_out) = true]; - MessageType_EncryptMessage = 48 [(wire_in) = true]; - MessageType_DecryptMessage = 49 [(wire_in) = true]; + MessageType_EncryptMessage = 49 [(wire_in) = true]; + MessageType_EncryptedMessage = 50 [(wire_out) = true]; + MessageType_DecryptMessage = 51 [(wire_in) = true]; + MessageType_DecryptedMessage = 52 [(wire_out) = true]; MessageType_PassphraseRequest = 41 [(wire_out) = true]; MessageType_PassphraseAck = 42 [(wire_in) = true]; MessageType_EstimateTxSize = 43 [(wire_in) = true]; @@ -142,7 +145,6 @@ message Ping { */ message Success { optional string message = 1; // human readable description of action or request-specific payload - optional bytes payload = 2; // request-specific binary payload } /** @@ -398,7 +400,7 @@ message MessageSignature { /** * Request: Ask device to encrypt message - * @next Success + * @next EncryptedMessage * @next Failure */ message EncryptMessage { @@ -409,6 +411,16 @@ message EncryptMessage { optional string coin_name = 5 [default='Bitcoin']; // coin to use for signing } +/** + * Response: Encrypted message + * @prev EncryptMessage + */ +message EncryptedMessage { + optional bytes nonce = 1; // nonce used during encryption + optional bytes message = 2; // encrypted message + optional bytes hmac = 3; // message hmac +} + /** * Request: Ask device to decrypt message * @next Success @@ -416,12 +428,23 @@ message EncryptMessage { */ message DecryptMessage { repeated uint32 address_n = 1; // BIP-32 path to derive the decryption key from master node - optional bytes message = 2; // message to decrypt + optional bytes nonce = 2; // nonce used during encryption + optional bytes message = 3; // message to decrypt + optional bytes hmac = 4; // message hmac +} + +/** + * Response: Decrypted message + * @prev DecryptedMessage + */ +message DecryptedMessage { + optional bytes message = 1; // decrypted message + optional string address = 2; // address used to sign the message (if used) } /** * Request: Ask device to encrypt or decrypt value of given key - * @next Success + * @next CipheredKeyValue * @next Failure */ message CipherKeyValue { @@ -433,6 +456,14 @@ message CipherKeyValue { optional bool ask_on_decrypt = 6; // should we ask on decrypt operation? } +/** + * Response: Return ciphered/deciphered value + * @prev CipherKeyValue + */ +message CipheredKeyValue { + optional bytes value = 1; // ciphered/deciphered value +} + ////////////////////////////////// // Transaction signing messages // //////////////////////////////////