forked from TheThingsNetwork/lorawan-stack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathkeys.proto
More file actions
63 lines (55 loc) · 2.7 KB
/
keys.proto
File metadata and controls
63 lines (55 loc) · 2.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
// Copyright © 2019 The Things Network Foundation, The Things Industries B.V.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
import "github.com/envoyproxy/protoc-gen-validate/validate/validate.proto";
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
package ttn.lorawan.v3;
option go_package = "go.thethings.network/lorawan-stack/v3/pkg/ttnpb";
message KeyEnvelope {
// The unencrypted AES key.
bytes key = 1 [(gogoproto.customtype) = "go.thethings.network/lorawan-stack/v3/pkg/types.AES128Key"];
// The label of the RFC 3394 key-encryption-key (KEK) that was used to encrypt the key.
string kek_label = 2 [(gogoproto.customname) = "KEKLabel", (validate.rules).string.max_len = 2048];
bytes encrypted_key = 3;
}
// Root keys for a LoRaWAN device.
// These are stored on the Join Server.
message RootKeys {
// Join Server issued identifier for the root keys.
string root_key_id = 1 [(gogoproto.customname) = "RootKeyID", (validate.rules).string.max_len = 2048];
// The (encrypted) Application Key.
KeyEnvelope app_key = 2;
// The (encrypted) Network Key.
KeyEnvelope nwk_key = 3;
}
// Session keys for a LoRaWAN session.
// Only the components for which the keys were meant, will have the key-encryption-key (KEK) to decrypt the individual keys.
message SessionKeys {
option (gogoproto.populate) = false;
// Join Server issued identifier for the session keys.
// This ID can be used to request the keys from the Join Server in case the are lost.
bytes session_key_id = 1 [(gogoproto.customname) = "SessionKeyID", (validate.rules).bytes.max_len = 2048];
// The (encrypted) Forwarding Network Session Integrity Key (or Network Session Key in 1.0 compatibility mode).
// This key is stored by the (forwarding) Network Server.
KeyEnvelope f_nwk_s_int_key = 2;
// The (encrypted) Serving Network Session Integrity Key.
// This key is stored by the (serving) Network Server.
KeyEnvelope s_nwk_s_int_key = 3;
// The (encrypted) Network Session Encryption Key.
// This key is stored by the (serving) Network Server.
KeyEnvelope nwk_s_enc_key = 4;
// The (encrypted) Application Session Key.
// This key is stored by the Application Server.
KeyEnvelope app_s_key = 5;
}