Added protocol buffers for HPKE implementation of Tink hybrid encryption.

PiperOrigin-RevId: 382730385

3 files changed, 98 insertions, 0 deletions

diff --git a/proto/BUILD.bazel b/proto/BUILD.bazel
index 76a22a1a5..7bafd3529 100644
--- a/proto/BUILD.bazel
+++ b/proto/BUILD.bazel
@@ -342,6 +342,17 @@ proto_library(
     deps = [":common_proto"],
 )
 
+# -----------------------------------------------
+# hpke
+# -----------------------------------------------
+proto_library(
+    name = "hpke_proto",
+    srcs = [
+        "hpke.proto",
+    ],
+    visibility = ["//visibility:public"],
+)
+
 # ----------------------------------------------------------------------------
 # prf_based_deriver
 # ----------------------------------------------------------------------------
diff --git a/proto/CMakeLists.txt b/proto/CMakeLists.txt
index 671970f7e..eda868a82 100644
--- a/proto/CMakeLists.txt
+++ b/proto/CMakeLists.txt
@@ -160,6 +160,11 @@ tink_cc_proto(
 )
 
 tink_cc_proto(
+  NAME hpke_cc_proto
+  SRCS hpke.proto
+)
+
+tink_cc_proto(
   NAME prf_based_deriver_cc_proto
   SRCS prf_based_deriver.proto
   DEPS
diff --git a/proto/hpke.proto b/proto/hpke.proto
new file mode 100644
index 000000000..55f6a385a
--- /dev/null
+++ b/proto/hpke.proto
@@ -0,0 +1,82 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+syntax = "proto3";
+
+package google.crypto.tink;
+
+option java_package = "com.google.crypto.tink.proto";
+option java_multiple_files = true;
+option go_package = "github.com/google/tink/proto/hpke_proto";
+
+enum HpkeKem {
+  KEM_UNKNOWN = 0;
+  DHKEM_X25519_HKDF_SHA256 = 1;
+}
+
+enum HpkeKdf {
+  KDF_UNKNOWN = 0;
+  HKDF_SHA256 = 1;
+}
+
+enum HpkeAead {
+  AEAD_UNKNOWN = 0;
+  AES_128_GCM = 1;
+  AES_256_GCM = 2;
+  CHACHA20_POLY1305 = 3;
+}
+
+message HpkeParams {
+  HpkeKem kem = 1;
+  HpkeKdf kdf = 2;
+  HpkeAead aead = 3;
+}
+
+message HpkePublicKey {
+  uint32 version = 1;
+  HpkeParams params = 2;
+  // KEM-encoding of public key (i.e., SerializePublicKey() ) as described in
+  // https://www.ietf.org/archive/id/draft-irtf-cfrg-hpke-09.html#name-cryptographic-dependencies.
+  bytes public_key = 3;
+  // `app_info` is an optional parameter that binds the derived key material
+  // to application-specific information as described in Section 5.1 of
+  // https://www.ietf.org/archive/id/draft-irtf-cfrg-hpke-09.html.
+  //
+  // NOTE: This API sets a constant 'app_info' parameter for each key, but the
+  // HPKE standard itself does not impose this restriction.  For per-context
+  // 'app_info' parameters, this API is not suitable.
+  bytes app_info = 4;
+}
+
+message HpkePrivateKey {
+  uint32 version = 1;
+  HpkePublicKey public_key = 2;
+  // KEM-encoding of private key (i.e., SerializePrivateKey() ) as described in
+  // https://www.ietf.org/archive/id/draft-irtf-cfrg-hpke-09.html#name-cryptographic-dependencies.
+  bytes private_key = 3;
+}
+
+message HpkeKeyFormat {
+  HpkeParams params = 1;
+  // `app_info` is an optional parameter that binds the derived key material
+  // to application-specific information as described in Section 5.1 of
+  // https://www.ietf.org/archive/id/draft-irtf-cfrg-hpke-09.html.
+  //
+  // NOTE: This API sets a constant 'app_info' parameter for each key, but the
+  // HPKE standard itself does not impose this restriction.  For per-context
+  // 'app_info' parameters, this API is not suitable.
+  bytes app_info = 2;
+}