2023-03-16 22:28:46 +00:00
|
|
|
syntax = "proto3";
|
2023-03-16 23:11:16 +00:00
|
|
|
package palmdef.unencrypted_reflection;
|
2023-03-16 22:28:46 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
This file contains message definitions for packets sent via unencrypted reflection.
|
|
|
|
These packets have the directions C2R and R2C (client to relay, relay to client)
|
|
|
|
|
|
|
|
These packets are assigned the ID block 0x10-0x2f.
|
|
|
|
*/
|
|
|
|
|
|
|
|
// Sent by the client to the relay to initialize the connection. Sends the relay the client's public key and a randomized session ID
|
|
|
|
// used by the server to perform X25519 to enable encryption.
|
|
|
|
message PalmC2RHandshakeStart {
|
|
|
|
enum packet_info { invalid = 0; type = 0x10; }
|
|
|
|
|
|
|
|
bytes client_public_key = 1; // The client's X25519 public key. This should be generated afresh for this session.
|
|
|
|
int32 session_id = 2; // A random 4-byte integer, used to uniquely identify this session.
|
|
|
|
bytes iv = 3; // A random 12-byte IV used for encryption
|
|
|
|
}
|
|
|
|
|
|
|
|
// Sent by the server to the client to finish initializing the connection. Sends the client the relay's public key,
|
|
|
|
// so the client and the server can both enable encryption.
|
|
|
|
message PalmR2CHandshakeFinish {
|
|
|
|
enum packet_info { invalid = 0; type = 0x11; }
|
|
|
|
|
|
|
|
// The relay's public key. As opposed to the client public key, relay keys are static -
|
|
|
|
// it is very, very important to check the relay's identity to make sure you aren't being MITMd.
|
|
|
|
// Clients should authenticate this against a previously known value.
|
|
|
|
// See the main palm.proto file for how this will be given to a client.
|
|
|
|
bytes relay_public_key = 1;
|
|
|
|
int32 session_id = 2; // The same 4-byte integer sent by the client in PalmC2RHandshakeStart.
|
|
|
|
bytes iv = 3; // A random 12-byte IV used for encryption
|
|
|
|
}
|
|
|
|
|
|
|
|
// After these two packets, stream encryption is enabled on the client and server
|