Mirrors/NearDrop
1
0
Fork 0
mirror of https://github.com/grishka/NearDrop.git synced 2026-04-03 01:36:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

An experimental share extension to send files and too much refactoring

Browse Source 
closes #4
This commit is contained in:
Grishka
2023-09-26 03:22:23 +03:00
parent 22a2fff54b
commit 8f0eccd7b6
39 changed files with 2158 additions and 235 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
NearbyShare/ProtobufSource/device_to_device_messages.proto Normal file
View File

@@ -0,0 +1,81 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto2";
package securegcm;
import "securemessage.proto";
option optimize_for = LITE_RUNTIME;
option java_package = "com.google.security.cryptauth.lib.securegcm";
option java_outer_classname = "DeviceToDeviceMessagesProto";
option objc_class_prefix = "SGCM";
// Used by protocols between devices
message DeviceToDeviceMessage {
// the payload of the message
optional bytes message = 1;
// the sequence number of the message - must be increasing.
optional int32 sequence_number = 2;
}
// sent as the first message from initiator to responder
// in an unauthenticated Diffie-Hellman Key Exchange
message InitiatorHello {
// The session public key to send to the responder
optional securemessage.GenericPublicKey public_dh_key = 1;
// The protocol version
optional int32 protocol_version = 2 [default = 0];
}
// sent inside the header of the first message from the responder to the
// initiator in an unauthenticated Diffie-Hellman Key Exchange
message ResponderHello {
// The session public key to send to the initiator
optional securemessage.GenericPublicKey public_dh_key = 1;
// The protocol version
optional int32 protocol_version = 2 [default = 0];
}
// Type of curve
enum Curve { ED_25519 = 1; }
// A convenience proto for encoding curve points in affine representation
message EcPoint {
required Curve curve = 1;
// x and y are encoded in big-endian two's complement
// client MUST verify (x,y) is a valid point on the specified curve
required bytes x = 2;
required bytes y = 3;
}
message SpakeHandshakeMessage {
// Each flow in the protocol bumps this counter
optional int32 flow_number = 1;
// Some (but not all) SPAKE flows send a point on an elliptic curve
optional EcPoint ec_point = 2;
// Some (but not all) SPAKE flows send a hash value
optional bytes hash_value = 3;
// The last flow of a SPAKE protocol can send an optional payload,
// since the key exchange is already complete on the sender's side.
optional bytes payload = 4;
}

403
NearbyShare/ProtobufSource/offline_wire_formats.proto Normal file
View File

@@ -0,0 +1,403 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto2";
package location.nearby.connections;
option optimize_for = LITE_RUNTIME;
option java_outer_classname = "OfflineWireFormatsProto";
option java_package = "com.google.location.nearby.connections.proto";
option objc_class_prefix = "GNCP";
message OfflineFrame {
enum Version {
UNKNOWN_VERSION = 0;
V1 = 1;
}
optional Version version = 1;
// Right now there's only 1 version, but if there are more, exactly one of
// the following fields will be set.
optional V1Frame v1 = 2;
}
message V1Frame {
enum FrameType {
UNKNOWN_FRAME_TYPE = 0;
CONNECTION_REQUEST = 1;
CONNECTION_RESPONSE = 2;
PAYLOAD_TRANSFER = 3;
BANDWIDTH_UPGRADE_NEGOTIATION = 4;
KEEP_ALIVE = 5;
DISCONNECTION = 6;
PAIRED_KEY_ENCRYPTION = 7;
}
optional FrameType type = 1;
// Exactly one of the following fields will be set.
optional ConnectionRequestFrame connection_request = 2;
optional ConnectionResponseFrame connection_response = 3;
optional PayloadTransferFrame payload_transfer = 4;
optional BandwidthUpgradeNegotiationFrame bandwidth_upgrade_negotiation = 5;
optional KeepAliveFrame keep_alive = 6;
optional DisconnectionFrame disconnection = 7;
optional PairedKeyEncryptionFrame paired_key_encryption = 8;
}
message ConnectionRequestFrame {
// Should always match cs/symbol:location.nearby.proto.connections.Medium
// LINT.IfChange
enum Medium {
UNKNOWN_MEDIUM = 0;
MDNS = 1 [deprecated = true];
BLUETOOTH = 2;
WIFI_HOTSPOT = 3;
BLE = 4;
WIFI_LAN = 5;
WIFI_AWARE = 6;
NFC = 7;
WIFI_DIRECT = 8;
WEB_RTC = 9;
BLE_L2CAP = 10;
USB = 11;
}
// LINT.ThenChange(//depot/google3/third_party/nearby/proto/connections_enums.proto)
optional string endpoint_id = 1;
optional string endpoint_name = 2;
optional bytes handshake_data = 3;
// A random number generated for each outgoing connection that is presently
// used to act as a tiebreaker when 2 devices connect to each other
// simultaneously; this can also be used for other initialization-scoped
// things in the future.
optional int32 nonce = 4;
// The mediums this device supports upgrading to. This list should be filtered
// by both the strategy and this device's individual limitations.
repeated Medium mediums = 5;
optional bytes endpoint_info = 6;
optional MediumMetadata medium_metadata = 7;
optional int32 keep_alive_interval_millis = 8;
optional int32 keep_alive_timeout_millis = 9;
// The type of {@link Device} object.
optional int32 device_type = 10 [default = 0];
// The bytes of serialized {@link Device} object.
optional bytes device_info = 11;
}
message ConnectionResponseFrame {
// This doesn't need to send back endpoint_id and endpoint_name (like
// the ConnectionRequestFrame does) because those have already been
// transmitted out-of-band, at the time this endpoint was discovered.
// One of:
//
// - ConnectionsStatusCodes.STATUS_OK
// - ConnectionsStatusCodes.STATUS_CONNECTION_REJECTED.
optional int32 status = 1 [deprecated = true];
optional bytes handshake_data = 2;
// Used to replace the status integer parameter with a meaningful enum item.
// Map ConnectionsStatusCodes.STATUS_OK to ACCEPT and
// ConnectionsStatusCodes.STATUS_CONNECTION_REJECTED to REJECT.
// Flag: connection_replace_status_with_response_connectionResponseFrame
enum ResponseStatus {
UNKNOWN_RESPONSE_STATUS = 0;
ACCEPT = 1;
REJECT = 2;
}
optional ResponseStatus response = 3;
optional OsInfo os_info = 4;
// A bitmask value to indicate which medium supports Multiplex transmission
// feature. Each supporting medium could utilize one bit starting from the
// least significant bit in this field. eq. BT utilizes the LSB bit which 0x01
// means bt supports multiplex while 0x00 means not. Refer to ClientProxy.java
// for the bit usages.
optional int32 multiplex_socket_bitmask = 5;
optional int32 nearby_connections_version = 6;
}
message PayloadTransferFrame {
enum PacketType {
UNKNOWN_PACKET_TYPE = 0;
DATA = 1;
CONTROL = 2;
}
message PayloadHeader {
enum PayloadType {
UNKNOWN_PAYLOAD_TYPE = 0;
BYTES = 1;
FILE = 2;
STREAM = 3;
}
optional int64 id = 1;
optional PayloadType type = 2;
optional int64 total_size = 3;
optional bool is_sensitive = 4;
optional string file_name = 5;
optional string parent_folder = 6;
}
// Accompanies DATA packets.
message PayloadChunk {
enum Flags {
LAST_CHUNK = 0x1;
}
optional int32 flags = 1;
optional int64 offset = 2;
optional bytes body = 3;
}
// Accompanies CONTROL packets.
message ControlMessage {
enum EventType {
UNKNOWN_EVENT_TYPE = 0;
PAYLOAD_ERROR = 1;
PAYLOAD_CANCELED = 2;
PAYLOAD_RECEIVED_ACK = 3;
}
optional EventType event = 1;
optional int64 offset = 2;
}
optional PacketType packet_type = 1;
optional PayloadHeader payload_header = 2;
// Exactly one of the following fields will be set, depending on the type.
optional PayloadChunk payload_chunk = 3;
optional ControlMessage control_message = 4;
}
message BandwidthUpgradeNegotiationFrame {
enum EventType {
UNKNOWN_EVENT_TYPE = 0;
UPGRADE_PATH_AVAILABLE = 1;
LAST_WRITE_TO_PRIOR_CHANNEL = 2;
SAFE_TO_CLOSE_PRIOR_CHANNEL = 3;
CLIENT_INTRODUCTION = 4;
UPGRADE_FAILURE = 5;
CLIENT_INTRODUCTION_ACK = 6;
}
// Accompanies UPGRADE_PATH_AVAILABLE and UPGRADE_FAILURE events.
message UpgradePathInfo {
// Should always match cs/symbol:location.nearby.proto.connections.Medium
enum Medium {
UNKNOWN_MEDIUM = 0;
MDNS = 1 [deprecated = true];
BLUETOOTH = 2;
WIFI_HOTSPOT = 3;
BLE = 4;
WIFI_LAN = 5;
WIFI_AWARE = 6;
NFC = 7;
WIFI_DIRECT = 8;
WEB_RTC = 9;
// 10 is reserved.
USB = 11;
}
// Accompanies Medium.WIFI_HOTSPOT.
message WifiHotspotCredentials {
optional string ssid = 1;
optional string password = 2;
optional int32 port = 3;
optional string gateway = 4 [default = "0.0.0.0"];
// This field can be a band or frequency
optional int32 frequency = 5 [default = -1];
}
// Accompanies Medium.WIFI_LAN.
message WifiLanSocket {
optional bytes ip_address = 1;
optional int32 wifi_port = 2;
}
// Accompanies Medium.BLUETOOTH.
message BluetoothCredentials {
optional string service_name = 1;
optional string mac_address = 2;
}
// Accompanies Medium.WIFI_AWARE.
message WifiAwareCredentials {
optional string service_id = 1;
optional bytes service_info = 2;
optional string password = 3;
}
// Accompanies Medium.WIFI_DIRECT.
message WifiDirectCredentials {
optional string ssid = 1;
optional string password = 2;
optional int32 port = 3;
optional int32 frequency = 4;
optional string gateway = 5 [default = "0.0.0.0"];
}
// Accompanies Medium.WEB_RTC
message WebRtcCredentials {
optional string peer_id = 1;
optional LocationHint location_hint = 2;
}
optional Medium medium = 1;
// Exactly one of the following fields will be set.
optional WifiHotspotCredentials wifi_hotspot_credentials = 2;
optional WifiLanSocket wifi_lan_socket = 3;
optional BluetoothCredentials bluetooth_credentials = 4;
optional WifiAwareCredentials wifi_aware_credentials = 5;
optional WifiDirectCredentials wifi_direct_credentials = 6;
optional WebRtcCredentials web_rtc_credentials = 8;
// Disable Encryption for this upgrade medium to improve throughput.
optional bool supports_disabling_encryption = 7;
// An ack will be sent after the CLIENT_INTRODUCTION frame.
optional bool supports_client_introduction_ack = 9;
}
// Accompanies CLIENT_INTRODUCTION events.
message ClientIntroduction {
optional string endpoint_id = 1;
optional bool supports_disabling_encryption = 2;
}
// Accompanies CLIENT_INTRODUCTION_ACK events.
message ClientIntroductionAck {}
optional EventType event_type = 1;
// Exactly one of the following fields will be set.
optional UpgradePathInfo upgrade_path_info = 2;
optional ClientIntroduction client_introduction = 3;
optional ClientIntroductionAck client_introduction_ack = 4;
}
message KeepAliveFrame {
// And ack will be sent after receiving KEEP_ALIVE frame.
optional bool ack = 1;
}
// Informs the remote side to immediately severe the socket connection.
// Used in bandwidth upgrades to get around a race condition, but may be used
// in other situations to trigger a faster disconnection event than waiting for
// socket closed on the remote side.
message DisconnectionFrame {
// Apply safe-to-disconnect protocol if true.
optional bool request_safe_to_disconnect = 1;
// Ack of receiving Disconnection frame will be sent to the sender
// frame.
optional bool ack_safe_to_disconnect = 2;
}
// A paired key encryption packet sent between devices, contains signed data.
message PairedKeyEncryptionFrame {
// The encrypted data (raw authentication token for the established
// connection) in byte array format.
optional bytes signed_data = 1;
}
message MediumMetadata {
// True if local device supports 5GHz.
optional bool supports_5_ghz = 1;
// WiFi LAN BSSID, in the form of a six-byte MAC address: XX:XX:XX:XX:XX:XX
optional string bssid = 2;
// IP address, in network byte order: the highest order byte of the address is
// in byte[0].
optional bytes ip_address = 3;
// True if local device supports 6GHz.
optional bool supports_6_ghz = 4;
// True if local device has mobile radio.
optional bool mobile_radio = 5;
// The frequency of the WiFi LAN AP(in MHz). Or -1 is not associated with an
// AP over WiFi, -2 represents the active network uses an Ethernet transport.
optional int32 ap_frequency = 6 [default = -1];
// Available channels on the local device.
optional AvailableChannels available_channels = 7;
// Usable WiFi Direct client channels on the local device.
optional WifiDirectCliUsableChannels wifi_direct_cli_usable_channels = 8;
// Usable WiFi LAN channels on the local device.
optional WifiLanUsableChannels wifi_lan_usable_channels = 9;
// Usable WiFi Aware channels on the local device.
optional WifiAwareUsableChannels wifi_aware_usable_channels = 10;
// Usable WiFi Hotspot STA channels on the local device.
optional WifiHotspotStaUsableChannels wifi_hotspot_sta_usable_channels = 11;
}
// Available channels on the local device.
message AvailableChannels {
repeated int32 channels = 1 [packed = true];
}
// Usable WiFi Direct client channels on the local device.
message WifiDirectCliUsableChannels {
repeated int32 channels = 1 [packed = true];
}
// Usable WiFi LAN channels on the local device.
message WifiLanUsableChannels {
repeated int32 channels = 1 [packed = true];
}
// Usable WiFi Aware channels on the local device.
message WifiAwareUsableChannels {
repeated int32 channels = 1 [packed = true];
}
// Usable WiFi Hotspot STA channels on the local device.
message WifiHotspotStaUsableChannels {
repeated int32 channels = 1 [packed = true];
}
// LocationHint is used to specify a location as well as format.
message LocationHint {
// Location is the location, provided in the format specified by format.
optional string location = 1;
// the format of location.
optional LocationStandard.Format format = 2;
}
message LocationStandard {
enum Format {
UNKNOWN = 0;
// E164 country codes:
// https://en.wikipedia.org/wiki/List_of_country_calling_codes
// e.g. +1 for USA
E164_CALLING = 1;
// ISO 3166-1 alpha-2 country codes:
// https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2
ISO_3166_1_ALPHA_2 = 2;
}
}
// Device capability for OS information.
message OsInfo {
enum OsType {
UNKNOWN_OS_TYPE = 0;
ANDROID = 1;
CHROME_OS = 2;
WINDOWS = 3;
APPLE = 4;
LINUX = 100; // g3 test environment
}
optional OsType type = 1;
}

308
NearbyShare/ProtobufSource/securegcm.proto Normal file
View File

@@ -0,0 +1,308 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto2";
package securegcm;
option optimize_for = LITE_RUNTIME;
option java_package = "com.google.security.cryptauth.lib.securegcm";
option java_outer_classname = "SecureGcmProto";
option objc_class_prefix = "SGCM";
// Message used only during enrollment
// Field numbers should be kept in sync with DeviceInfo in:
// java/com/google/security/cryptauth/backend/services/common/common.proto
message GcmDeviceInfo {
// This field's name does not match the one in DeviceInfo for legacy reasons.
// Consider using long_device_id and device_type instead when enrolling
// non-android devices.
optional fixed64 android_device_id = 1;
// Used for device_address of DeviceInfo field 2, but for GCM capable devices.
optional bytes gcm_registration_id = 102;
// Used for device_address of DeviceInfo field 2, but for iOS devices.
optional bytes apn_registration_id = 202;
// Does the user have notifications enabled for the given device address.
optional bool notification_enabled = 203 [default = true];
// Used for device_address of DeviceInfo field 2, a Bluetooth Mac address for
// the device (e.g., to be used with EasyUnlock)
optional string bluetooth_mac_address = 302;
// SHA-256 hash of the device master key (from the key exchange).
// Differs from DeviceInfo field 3, which contains the actual master key.
optional bytes device_master_key_hash = 103;
// A SecureMessage.EcP256PublicKey
required bytes user_public_key = 4;
// device's model name
// (e.g., an android.os.Build.MODEL or UIDevice.model)
optional string device_model = 7;
// device's locale
optional string locale = 8;
// The handle for user_public_key (and implicitly, a master key)
optional bytes key_handle = 9;
// The initial counter value for the device, sent by the device
optional int64 counter = 12 [default = 0];
// The Operating System version on the device
// (e.g., an android.os.Build.DISPLAY or UIDevice.systemVersion)
optional string device_os_version = 13;
// The Operating System version number on the device
// (e.g., an android.os.Build.VERSION.SDK_INT)
optional int64 device_os_version_code = 14;
// The Operating System release on the device
// (e.g., an android.os.Build.VERSION.RELEASE)
optional string device_os_release = 15;
// The Operating System codename on the device
// (e.g., an android.os.Build.VERSION.CODENAME or UIDevice.systemName)
optional string device_os_codename = 16;
// The software version running on the device
// (e.g., Authenticator app version string)
optional string device_software_version = 17;
// The software version number running on the device
// (e.g., Authenticator app version code)
optional int64 device_software_version_code = 18;
// Software package information if applicable
// (e.g., com.google.android.apps.authenticator2)
optional string device_software_package = 19;
// Size of the display in thousandths of an inch (e.g., 7000 mils = 7 in)
optional int32 device_display_diagonal_mils = 22;
// For Authzen capable devices, their Authzen protocol version
optional int32 device_authzen_version = 24;
// Not all devices have device identifiers that fit in 64 bits.
optional bytes long_device_id = 29;
// The device manufacturer name
// (e.g., android.os.Build.MANUFACTURER)
optional string device_manufacturer = 31;
// Used to indicate which type of device this is.
optional DeviceType device_type = 32 [default = ANDROID];
// Fields corresponding to screenlock type/features and hardware features
// should be numbered in the 400 range.
// Is this device using a secure screenlock (e.g., pattern or pin unlock)
optional bool using_secure_screenlock = 400 [default = false];
// Is auto-unlocking the screenlock (e.g., when at "home") supported?
optional bool auto_unlock_screenlock_supported = 401 [default = false];
// Is auto-unlocking the screenlock (e.g., when at "home") enabled?
optional bool auto_unlock_screenlock_enabled = 402 [default = false];
// Does the device have a Bluetooth (classic) radio?
optional bool bluetooth_radio_supported = 403 [default = false];
// Is the Bluetooth (classic) radio on?
optional bool bluetooth_radio_enabled = 404 [default = false];
// Does the device hardware support a mobile data connection?
optional bool mobile_data_supported = 405 [default = false];
// Does the device support tethering?
optional bool tethering_supported = 406 [default = false];
// Does the device have a BLE radio?
optional bool ble_radio_supported = 407 [default = false];
// Is the device a "Pixel Experience" Android device?
optional bool pixel_experience = 408 [default = false];
// Is the device running in the ARC++ container on a chromebook?
optional bool arc_plus_plus = 409 [default = false];
// Is the value set in |using_secure_screenlock| reliable? On some Android
// devices, the platform API to get the screenlock state is not trustworthy.
// See b/32212161.
optional bool is_screenlock_state_flaky = 410 [default = false];
// A list of multi-device software features supported by the device.
repeated SoftwareFeature supported_software_features = 411;
// A list of multi-device software features currently enabled (active) on the
// device.
repeated SoftwareFeature enabled_software_features = 412;
// The enrollment session id this is sent with
optional bytes enrollment_session_id = 1000;
// A copy of the user's OAuth token
optional string oauth_token = 1001;
}
// This enum is used by iOS devices as values for device_display_diagonal_mils
// in GcmDeviceInfo. There is no good way to calculate it on those devices.
enum AppleDeviceDiagonalMils {
// This is the mils diagonal on an iPhone 5.
APPLE_PHONE = 4000;
// This is the mils diagonal on an iPad mini.
APPLE_PAD = 7900;
}
// This should be kept in sync with DeviceType in:
// java/com/google/security/cryptauth/backend/services/common/common_enums.proto
enum DeviceType {
UNKNOWN = 0;
ANDROID = 1;
CHROME = 2;
IOS = 3;
BROWSER = 4;
OSX = 5;
}
// MultiDevice features which may be supported and enabled on a device. See
enum SoftwareFeature {
UNKNOWN_FEATURE = 0;
BETTER_TOGETHER_HOST = 1;
BETTER_TOGETHER_CLIENT = 2;
EASY_UNLOCK_HOST = 3;
EASY_UNLOCK_CLIENT = 4;
MAGIC_TETHER_HOST = 5;
MAGIC_TETHER_CLIENT = 6;
SMS_CONNECT_HOST = 7;
SMS_CONNECT_CLIENT = 8;
}
// A list of "reasons" that can be provided for calling server-side APIs.
// This is particularly important for calls that can be triggered by different
// kinds of events. Please try to keep reasons as generic as possible, so that
// codes can be re-used by various callers in a sensible fashion.
enum InvocationReason {
REASON_UNKNOWN = 0;
// First run of the software package invoking this call
REASON_INITIALIZATION = 1;
// Ordinary periodic actions (e.g. monthly master key rotation)
REASON_PERIODIC = 2;
// Slow-cycle periodic action (e.g. yearly keypair rotation???)
REASON_SLOW_PERIODIC = 3;
// Fast-cycle periodic action (e.g. daily sync for Smart Lock users)
REASON_FAST_PERIODIC = 4;
// Expired state (e.g. expired credentials, or cached entries) was detected
REASON_EXPIRATION = 5;
// An unexpected protocol failure occurred (so attempting to repair state)
REASON_FAILURE_RECOVERY = 6;
// A new account has been added to the device
REASON_NEW_ACCOUNT = 7;
// An existing account on the device has been changed
REASON_CHANGED_ACCOUNT = 8;
// The user toggled the state of a feature (e.g. Smart Lock enabled via BT)
REASON_FEATURE_TOGGLED = 9;
// A "push" from the server caused this action (e.g. a sync tickle)
REASON_SERVER_INITIATED = 10;
// A local address change triggered this (e.g. GCM registration id changed)
REASON_ADDRESS_CHANGE = 11;
// A software update has triggered this
REASON_SOFTWARE_UPDATE = 12;
// A manual action by the user triggered this (e.g. commands sent via adb)
REASON_MANUAL = 13;
// A custom key has been invalidated on the device (e.g. screen lock is
// disabled).
REASON_CUSTOM_KEY_INVALIDATION = 14;
// Periodic action triggered by auth_proximity
REASON_PROXIMITY_PERIODIC = 15;
}
enum Type {
ENROLLMENT = 0;
TICKLE = 1;
TX_REQUEST = 2;
TX_REPLY = 3;
TX_SYNC_REQUEST = 4;
TX_SYNC_RESPONSE = 5;
TX_PING = 6;
DEVICE_INFO_UPDATE = 7;
TX_CANCEL_REQUEST = 8;
// DEPRECATED (can be re-used after Aug 2015)
PROXIMITYAUTH_PAIRING = 10;
// The kind of identity assertion generated by a "GCM V1" device (i.e.,
// an Android phone that has registered with us a public and a symmetric
// key)
GCMV1_IDENTITY_ASSERTION = 11;
// Device-to-device communications are protected by an unauthenticated
// Diffie-Hellman exchange. The InitiatorHello message is simply the
// initiator's public DH key, and is not encoded as a SecureMessage, so
// it doesn't have a tag.
// The ResponderHello message (which is sent by the responder
// to the initiator), on the other hand, carries a payload that is protected
// by the derived shared key. It also contains the responder's
// public DH key. ResponderHelloAndPayload messages have the
// DEVICE_TO_DEVICE_RESPONDER_HELLO tag.
DEVICE_TO_DEVICE_RESPONDER_HELLO_PAYLOAD = 12;
// Device-to-device communications are protected by an unauthenticated
// Diffie-Hellman exchange. Once the initiator and responder
// agree on a shared key (through Diffie-Hellman), they will use messages
// tagged with DEVICE_TO_DEVICE_MESSAGE to exchange data.
DEVICE_TO_DEVICE_MESSAGE = 13;
// Notification to let a device know it should contact a nearby device.
DEVICE_PROXIMITY_CALLBACK = 14;
// Device-to-device communications are protected by an unauthenticated
// Diffie-Hellman exchange. During device-to-device authentication, the first
// message from initiator (the challenge) is signed and put into the payload
// of the message sent back to the initiator.
UNLOCK_KEY_SIGNED_CHALLENGE = 15;
// Specialty (corp only) features
LOGIN_NOTIFICATION = 101;
}
message GcmMetadata {
required Type type = 1;
optional int32 version = 2 [default = 0];
}
message Tickle {
// Time after which this tickle should expire
optional fixed64 expiry_time = 1;
}
message LoginNotificationInfo {
// Time at which the server received the login notification request.
optional fixed64 creation_time = 2;
// Must correspond to user_id in LoginNotificationRequest, if set.
optional string email = 3;
// Host where the user's credentials were used to login, if meaningful.
optional string host = 4;
// Location from where the user's credentials were used, if meaningful.
optional string source = 5;
// Type of login, e.g. ssh, gnome-screensaver, or web.
optional string event_type = 6;
}

126
NearbyShare/ProtobufSource/securemessage.proto Normal file
View File

@@ -0,0 +1,126 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Proto definitions for SecureMessage format
syntax = "proto2";
package securemessage;
option optimize_for = LITE_RUNTIME;
option java_package = "com.google.security.cryptauth.lib.securemessage";
option java_outer_classname = "SecureMessageProto";
option objc_class_prefix = "SMSG";
message SecureMessage {
// Must contain a HeaderAndBody message
required bytes header_and_body = 1;
// Signature of header_and_body
required bytes signature = 2;
}
// Supported "signature" schemes (both symmetric key and public key based)
enum SigScheme {
HMAC_SHA256 = 1;
ECDSA_P256_SHA256 = 2;
// Not recommended -- use ECDSA_P256_SHA256 instead
RSA2048_SHA256 = 3;
}
// Supported encryption schemes
enum EncScheme {
// No encryption
NONE = 1;
AES_256_CBC = 2;
}
message Header {
required SigScheme signature_scheme = 1;
required EncScheme encryption_scheme = 2;
// Identifies the verification key
optional bytes verification_key_id = 3;
// Identifies the decryption key
optional bytes decryption_key_id = 4;
// Encryption may use an IV
optional bytes iv = 5;
// Arbitrary per-protocol public data, to be sent with the plain-text header
optional bytes public_metadata = 6;
// The length of some associated data this is not sent in this SecureMessage,
// but which will be bound to the signature.
optional uint32 associated_data_length = 7 [default = 0];
}
message HeaderAndBody {
// Public data about this message (to be bound in the signature)
required Header header = 1;
// Payload data
required bytes body = 2;
}
// Must be kept wire-format compatible with HeaderAndBody. Provides the
// SecureMessage code with a consistent wire-format representation that
// remains stable irrespective of protobuf implementation choices. This
// low-level representation of a HeaderAndBody should not be used by
// any code outside of the SecureMessage library implementation/tests.
message HeaderAndBodyInternal {
// A raw (wire-format) byte encoding of a Header, suitable for hashing
required bytes header = 1;
// Payload data
required bytes body = 2;
}
// -------
// The remainder of the messages defined here are provided only for
// convenience. They are not needed for SecureMessage proper, but are
// commonly useful wherever SecureMessage might be applied.
// -------
// A list of supported public key types
enum PublicKeyType {
EC_P256 = 1;
RSA2048 = 2;
// 2048-bit MODP group 14, from RFC 3526
DH2048_MODP = 3;
}
// A convenience proto for encoding NIST P-256 elliptic curve public keys
message EcP256PublicKey {
// x and y are encoded in big-endian two's complement (slightly wasteful)
// Client MUST verify (x,y) is a valid point on NIST P256
required bytes x = 1;
required bytes y = 2;
}
// A convenience proto for encoding RSA public keys with small exponents
message SimpleRsaPublicKey {
// Encoded in big-endian two's complement
required bytes n = 1;
optional int32 e = 2 [default = 65537];
}
// A convenience proto for encoding Diffie-Hellman public keys,
// for use only when Elliptic Curve based key exchanges are not possible.
// (Note that the group parameters must be specified separately)
message DhPublicKey {
// Big-endian two's complement encoded group element
required bytes y = 1;
}
message GenericPublicKey {
required PublicKeyType type = 1;
optional EcP256PublicKey ec_p256_public_key = 2;
optional SimpleRsaPublicKey rsa2048_public_key = 3;
// Use only as a last resort
optional DhPublicKey dh2048_public_key = 4;
}

105
NearbyShare/ProtobufSource/ukey.proto Normal file
View File

@@ -0,0 +1,105 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto2";
package securegcm;
option optimize_for = LITE_RUNTIME;
option java_package = "com.google.security.cryptauth.lib.securegcm";
option java_outer_classname = "UkeyProto";
message Ukey2Message {
enum Type {
UNKNOWN_DO_NOT_USE = 0;
ALERT = 1;
CLIENT_INIT = 2;
SERVER_INIT = 3;
CLIENT_FINISH = 4;
}
optional Type message_type = 1; // Identifies message type
optional bytes message_data = 2; // Actual message, to be parsed according to
// message_type
}
message Ukey2Alert {
enum AlertType {
// Framing errors
BAD_MESSAGE = 1; // The message could not be deserialized
BAD_MESSAGE_TYPE = 2; // message_type has an undefined value
INCORRECT_MESSAGE = 3; // message_type received does not correspond to
// expected type at this stage of the protocol
BAD_MESSAGE_DATA = 4; // Could not deserialize message_data as per
// value inmessage_type
// ClientInit and ServerInit errors
BAD_VERSION = 100; // version is invalid; server cannot find
// suitable version to speak with client.
BAD_RANDOM = 101; // Random data is missing or of incorrect
// length
BAD_HANDSHAKE_CIPHER = 102; // No suitable handshake ciphers were found
BAD_NEXT_PROTOCOL = 103; // The next protocol is missing, unknown, or
// unsupported
BAD_PUBLIC_KEY = 104; // The public key could not be parsed
// Other errors
INTERNAL_ERROR = 200; // An internal error has occurred. error_message
// may contain additional details for logging
// and debugging.
}
optional AlertType type = 1;
optional string error_message = 2;
}
enum Ukey2HandshakeCipher {
RESERVED = 0;
P256_SHA512 = 100; // NIST P-256 used for ECDH, SHA512 used for
// commitment
CURVE25519_SHA512 = 200; // Curve 25519 used for ECDH, SHA512 used for
// commitment
}
message Ukey2ClientInit {
optional int32 version = 1; // highest supported version for rollback
// protection
optional bytes random = 2; // random bytes for replay/reuse protection
// One commitment (hash of ClientFinished containing public key) per supported
// cipher
message CipherCommitment {
optional Ukey2HandshakeCipher handshake_cipher = 1;
optional bytes commitment = 2;
}
repeated CipherCommitment cipher_commitments = 3;
// Next protocol that the client wants to speak.
optional string next_protocol = 4;
}
message Ukey2ServerInit {
optional int32 version = 1; // highest supported version for rollback
// protection
optional bytes random = 2; // random bytes for replay/reuse protection
// Selected Cipher and corresponding public key
optional Ukey2HandshakeCipher handshake_cipher = 3;
optional bytes public_key = 4;
}
message Ukey2ClientFinished {
optional bytes public_key = 1; // public key matching selected handshake
// cipher
}

236
NearbyShare/ProtobufSource/wire_format.proto Normal file
View File

@@ -0,0 +1,236 @@
// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Brought from: //depot/google3/location/nearby/sharing/proto/wire_format.proto
// At CL 317565061
syntax = "proto2";
package sharing.nearby;
// Required in Chrome.
option optimize_for = LITE_RUNTIME;
// File metadata. Does not include the actual bytes of the file.
// NEXT_ID=6
message FileMetadata {
enum Type {
UNKNOWN = 0;
IMAGE = 1;
VIDEO = 2;
APP = 3;
AUDIO = 4;
}
// The human readable name of this file (eg. 'Cookbook.pdf').
optional string name = 1;
// The type of file (eg. 'IMAGE' from 'dog.jpg'). Specifying a type helps
// provide a richer experience on the receiving side.
optional Type type = 2 [default = UNKNOWN];
// The FILE payload id that will be sent as a follow up containing the actual
// bytes of the file.
optional int64 payload_id = 3;
// The total size of the file.
optional int64 size = 4;
// The mimeType of file (eg. 'image/jpeg' from 'dog.jpg'). Specifying a
// mimeType helps provide a richer experience on receiving side.
optional string mime_type = 5 [default = "application/octet-stream"];
// A uuid for the attachment. Should be unique across all attachments.
optional int64 id = 6;
}
// NEXT_ID=5
message TextMetadata {
enum Type {
UNKNOWN = 0;
TEXT = 1;
// Open with browsers.
URL = 2;
// Open with map apps.
ADDRESS = 3;
// Dial.
PHONE_NUMBER = 4;
}
// The title of the text content.
optional string text_title = 2;
// The type of text (phone number, url, address, or plain text).
optional Type type = 3 [default = UNKNOWN];
// The BYTE payload id that will be sent as a follow up containing the actual
// bytes of the text.
optional int64 payload_id = 4;
// The size of the text content.
optional int64 size = 5;
// A uuid for the attachment. Should be unique across all attachments.
optional int64 id = 6;
}
// NEXT_ID=5
message WifiCredentialsMetadata {
enum SecurityType {
UNKNOWN_SECURITY_TYPE = 0;
OPEN = 1;
WPA_PSK = 2;
WEP = 3;
}
// The Wifi network name. This will be sent in introduction.
optional string ssid = 2;
// The security type of network (OPEN, WPA_PSK, WEP).
optional SecurityType security_type = 3 [default = UNKNOWN_SECURITY_TYPE];
// The BYTE payload id that will be sent as a follow up containing the
// password.
optional int64 payload_id = 4;
// A uuid for the attachment. Should be unique across all attachments.
optional int64 id = 5;
}
// A frame used when sending messages over the wire.
// NEXT_ID=3
message Frame {
enum Version {
UNKNOWN_VERSION = 0;
V1 = 1;
}
optional Version version = 1;
// Right now there's only 1 version, but if there are more, exactly one of
// the following fields will be set.
optional V1Frame v1 = 2;
}
// NEXT_ID=7
message V1Frame {
enum FrameType {
UNKNOWN_FRAME_TYPE = 0;
INTRODUCTION = 1;
RESPONSE = 2;
PAIRED_KEY_ENCRYPTION = 3;
PAIRED_KEY_RESULT = 4;
CERTIFICATE_INFO = 5;
CANCEL = 6;
}
optional FrameType type = 1;
// Exactly one of the following fields will be set.
optional IntroductionFrame introduction = 2;
optional ConnectionResponseFrame connection_response = 3;
optional PairedKeyEncryptionFrame paired_key_encryption = 4;
optional PairedKeyResultFrame paired_key_result = 5;
optional CertificateInfoFrame certificate_info = 6;
}
// An introduction packet sent by the sending side. Contains a list of files
// they'd like to share.
// NEXT_ID=4
message IntroductionFrame {
repeated FileMetadata file_metadata = 1;
repeated TextMetadata text_metadata = 2;
// The required app package to open the content. May be null.
optional string required_package = 3;
repeated WifiCredentialsMetadata wifi_credentials_metadata = 4;
}
// A response packet sent by the receiving side. Accepts or rejects the list of
// files.
// NEXT_ID=2
message ConnectionResponseFrame {
enum Status {
UNKNOWN = 0;
ACCEPT = 1;
REJECT = 2;
NOT_ENOUGH_SPACE = 3;
UNSUPPORTED_ATTACHMENT_TYPE = 4;
TIMED_OUT = 5;
}
// The receiving side's response.
optional Status status = 1;
}
// A paired key encryption packet sent between devices, contains signed data.
// NEXT_ID=3
message PairedKeyEncryptionFrame {
// The encrypted data in byte array format.
optional bytes signed_data = 1;
// The hash of a certificate id.
optional bytes secret_id_hash = 2;
// An optional encrypted data in byte array format.
optional bytes optional_signed_data = 3;
}
// A paired key verification result packet sent between devices.
// NEXT_ID=2
message PairedKeyResultFrame {
enum Status {
UNKNOWN = 0;
SUCCESS = 1;
FAIL = 2;
UNABLE = 3;
}
// The verification result.
optional Status status = 1;
}
// A package containing certificate info to be shared to remote device offline.
// NEXT_ID=2
message CertificateInfoFrame {
// The public certificates to be shared with remote devices.
repeated PublicCertificate public_certificate = 1;
}
// A public certificate from the local device.
// NEXT_ID=8
message PublicCertificate {
// The unique id of the public certificate.
optional bytes secret_id = 1;
// A bytes representation of a Secret Key owned by contact, to decrypt the
// metadata_key stored within the advertisement.
optional bytes authenticity_key = 2;
// A bytes representation a public key of X509Certificate, owned by contact,
// to decrypt encrypted UKEY2 (from Nearby Connections API) as a hand shake in
// contact verification phase.
optional bytes public_key = 3;
// The time in millis from epoch when this certificate becomes effective.
optional int64 start_time = 4;
// The time in millis from epoch when this certificate expires.
optional int64 end_time = 5;
// The encrypted metadata in bytes, contains personal information of the
// device/user who created this certificate. Needs to be decrypted into bytes,
// and converted back to EncryptedMetadata object to access fields.
optional bytes encrypted_metadata_bytes = 6;
// The tag for verifying metadata_encryption_key.
optional bytes metadata_encryption_key_tag = 7;
}
// NEXT_ID=3
message WifiCredentials {
// Wi-Fi password.
optional string password = 1;
// True if the network is a hidden network that is not broadcasting its SSID.
// Default is false.
optional bool hidden_ssid = 2 [default = false];
}