metadata: introduce protobuf structures

This commit adds in the metadata package. The primary purpose of this package is to provide the on-disk metadata structures in the form of protocol buffers. This includes: - Policy metadata structure - Protector metadata structure - Config file structure - All necessary sub-structures (wrapped keys, parameters, etc) This commit also adds in an example usage of the Config structure, which represents the structure of the global config file. All the package does at this point is convert between the Config structure and a JSON representation. Here we introduce govendor, which is described more in the README. This means we will have all of our Go dependencies in the vendor subdirectory. This means we will have no Go source dependencies, only dependencies on the build tools (Go and govendor). The README describes this in detail. Note that we commit the generated files. see: https://blog.golang.org/generate Change-Id: Iaacd46666b5d3e4e865a0f4045dd63ed7e3d6f96
author: Joe Richey <joerichey@google.com> 2017-03-02 10:15:23 -0800
committer: Joe Richey joerichey@google.com <joerichey@google.com> 2017-05-02 13:39:18 -0700
commit: 2ccea6496efc054c21c5ed397f3caff8d4992957 (patch)
tree: 3a5a46492ad867d767770985773d08dcd49d1df6 /metadata/metadata.pb.go
parent: 49f7bad068c82d71d2af73b9c8046fb882b29c69 (diff)
1 files changed, 415 insertions, 0 deletions
diff --git a/metadata/metadata.pb.go b/metadata/metadata.pb.go
new file mode 100644
index 0000000..68001e9
--- /dev/null
+++ b/metadata/metadata.pb.go
@@ -0,0 +1,415 @@
+// Code generated by protoc-gen-go.
+// source: metadata.proto
+// DO NOT EDIT!
+
+/*
+Package metadata is a generated protocol buffer package.
+
+It is generated from these files:
+	metadata.proto
+
+It has these top-level messages:
+	HashingCosts
+	WrappedKeyData
+	ProtectorData
+	EncryptionOptions
+	WrappedPolicyKey
+	PolicyData
+	Config
+*/
+package metadata
+
+import proto "github.com/golang/protobuf/proto"
+import fmt "fmt"
+import math "math"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
+
+// Specifies the method in which an outside secret is obtained for a Protector
+type SourceType int32
+
+const (
+	SourceType_none              SourceType = 0
+	SourceType_pam_passphrase    SourceType = 1
+	SourceType_custom_passphrase SourceType = 2
+	SourceType_raw_key           SourceType = 3
+)
+
+var SourceType_name = map[int32]string{
+	0: "none",
+	1: "pam_passphrase",
+	2: "custom_passphrase",
+	3: "raw_key",
+}
+var SourceType_value = map[string]int32{
+	"none":              0,
+	"pam_passphrase":    1,
+	"custom_passphrase": 2,
+	"raw_key":           3,
+}
+
+func (x SourceType) String() string {
+	return proto.EnumName(SourceType_name, int32(x))
+}
+func (SourceType) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
+
+// Type of encryption, should match the declarations of FS_ENCRYPTION_MODE
+type EncryptionMode int32
+
+const (
+	EncryptionMode_default EncryptionMode = 0
+	EncryptionMode_XTS     EncryptionMode = 1
+	EncryptionMode_GCM     EncryptionMode = 2
+	EncryptionMode_CBC     EncryptionMode = 3
+	EncryptionMode_CTS     EncryptionMode = 4
+)
+
+var EncryptionMode_name = map[int32]string{
+	0: "default",
+	1: "XTS",
+	2: "GCM",
+	3: "CBC",
+	4: "CTS",
+}
+var EncryptionMode_value = map[string]int32{
+	"default": 0,
+	"XTS":     1,
+	"GCM":     2,
+	"CBC":     3,
+	"CTS":     4,
+}
+
+func (x EncryptionMode) String() string {
+	return proto.EnumName(EncryptionMode_name, int32(x))
+}
+func (EncryptionMode) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
+
+// Cost parameters to be used in our hashing functions.
+type HashingCosts struct {
+	Time        int64 `protobuf:"varint,2,opt,name=time" json:"time,omitempty"`
+	Memory      int64 `protobuf:"varint,3,opt,name=memory" json:"memory,omitempty"`
+	Parallelism int64 `protobuf:"varint,4,opt,name=parallelism" json:"parallelism,omitempty"`
+}
+
+func (m *HashingCosts) Reset()                    { *m = HashingCosts{} }
+func (m *HashingCosts) String() string            { return proto.CompactTextString(m) }
+func (*HashingCosts) ProtoMessage()               {}
+func (*HashingCosts) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
+
+func (m *HashingCosts) GetTime() int64 {
+	if m != nil {
+		return m.Time
+	}
+	return 0
+}
+
+func (m *HashingCosts) GetMemory() int64 {
+	if m != nil {
+		return m.Memory
+	}
+	return 0
+}
+
+func (m *HashingCosts) GetParallelism() int64 {
+	if m != nil {
+		return m.Parallelism
+	}
+	return 0
+}
+
+// This structure is used for our authenticated wrapping/unwrapping of keys.
+type WrappedKeyData struct {
+	IV           []byte `protobuf:"bytes,1,opt,name=IV,proto3" json:"IV,omitempty"`
+	EncryptedKey []byte `protobuf:"bytes,2,opt,name=encrypted_key,json=encryptedKey,proto3" json:"encrypted_key,omitempty"`
+	Hmac         []byte `protobuf:"bytes,3,opt,name=hmac,proto3" json:"hmac,omitempty"`
+}
+
+func (m *WrappedKeyData) Reset()                    { *m = WrappedKeyData{} }
+func (m *WrappedKeyData) String() string            { return proto.CompactTextString(m) }
+func (*WrappedKeyData) ProtoMessage()               {}
+func (*WrappedKeyData) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
+
+func (m *WrappedKeyData) GetIV() []byte {
+	if m != nil {
+		return m.IV
+	}
+	return nil
+}
+
+func (m *WrappedKeyData) GetEncryptedKey() []byte {
+	if m != nil {
+		return m.EncryptedKey
+	}
+	return nil
+}
+
+func (m *WrappedKeyData) GetHmac() []byte {
+	if m != nil {
+		return m.Hmac
+	}
+	return nil
+}
+
+// The associated data for each protector
+type ProtectorData struct {
+	ProtectorDescriptor string     `protobuf:"bytes,1,opt,name=protector_descriptor,json=protectorDescriptor" json:"protector_descriptor,omitempty"`
+	Name                string     `protobuf:"bytes,2,opt,name=name" json:"name,omitempty"`
+	Source              SourceType `protobuf:"varint,3,opt,name=source,enum=metadata.SourceType" json:"source,omitempty"`
+	// These are only used by some of the protector types
+	Costs      *HashingCosts   `protobuf:"bytes,4,opt,name=costs" json:"costs,omitempty"`
+	Salt       []byte          `protobuf:"bytes,5,opt,name=salt,proto3" json:"salt,omitempty"`
+	Uid        int64           `protobuf:"varint,6,opt,name=uid" json:"uid,omitempty"`
+	WrappedKey *WrappedKeyData `protobuf:"bytes,7,opt,name=wrapped_key,json=wrappedKey" json:"wrapped_key,omitempty"`
+}
+
+func (m *ProtectorData) Reset()                    { *m = ProtectorData{} }
+func (m *ProtectorData) String() string            { return proto.CompactTextString(m) }
+func (*ProtectorData) ProtoMessage()               {}
+func (*ProtectorData) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} }
+
+func (m *ProtectorData) GetProtectorDescriptor() string {
+	if m != nil {
+		return m.ProtectorDescriptor
+	}
+	return ""
+}
+
+func (m *ProtectorData) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
+func (m *ProtectorData) GetSource() SourceType {
+	if m != nil {
+		return m.Source
+	}
+	return SourceType_none
+}
+
+func (m *ProtectorData) GetCosts() *HashingCosts {
+	if m != nil {
+		return m.Costs
+	}
+	return nil
+}
+
+func (m *ProtectorData) GetSalt() []byte {
+	if m != nil {
+		return m.Salt
+	}
+	return nil
+}
+
+func (m *ProtectorData) GetUid() int64 {
+	if m != nil {
+		return m.Uid
+	}
+	return 0
+}
+
+func (m *ProtectorData) GetWrappedKey() *WrappedKeyData {
+	if m != nil {
+		return m.WrappedKey
+	}
+	return nil
+}
+
+// Encryption policy specifics, should match struct fscrypt_policy
+type EncryptionOptions struct {
+	Padding       int64          `protobuf:"varint,1,opt,name=padding" json:"padding,omitempty"`
+	ContentsMode  EncryptionMode `protobuf:"varint,2,opt,name=contents_mode,json=contentsMode,enum=metadata.EncryptionMode" json:"contents_mode,omitempty"`
+	FilenamesMode EncryptionMode `protobuf:"varint,3,opt,name=filenames_mode,json=filenamesMode,enum=metadata.EncryptionMode" json:"filenames_mode,omitempty"`
+}
+
+func (m *EncryptionOptions) Reset()                    { *m = EncryptionOptions{} }
+func (m *EncryptionOptions) String() string            { return proto.CompactTextString(m) }
+func (*EncryptionOptions) ProtoMessage()               {}
+func (*EncryptionOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} }
+
+func (m *EncryptionOptions) GetPadding() int64 {
+	if m != nil {
+		return m.Padding
+	}
+	return 0
+}
+
+func (m *EncryptionOptions) GetContentsMode() EncryptionMode {
+	if m != nil {
+		return m.ContentsMode
+	}
+	return EncryptionMode_default
+}
+
+func (m *EncryptionOptions) GetFilenamesMode() EncryptionMode {
+	if m != nil {
+		return m.FilenamesMode
+	}
+	return EncryptionMode_default
+}
+
+type WrappedPolicyKey struct {
+	ProtectorDescriptor string          `protobuf:"bytes,1,opt,name=protector_descriptor,json=protectorDescriptor" json:"protector_descriptor,omitempty"`
+	WrappedKey          *WrappedKeyData `protobuf:"bytes,2,opt,name=wrapped_key,json=wrappedKey" json:"wrapped_key,omitempty"`
+}
+
+func (m *WrappedPolicyKey) Reset()                    { *m = WrappedPolicyKey{} }
+func (m *WrappedPolicyKey) String() string            { return proto.CompactTextString(m) }
+func (*WrappedPolicyKey) ProtoMessage()               {}
+func (*WrappedPolicyKey) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
+
+func (m *WrappedPolicyKey) GetProtectorDescriptor() string {
+	if m != nil {
+		return m.ProtectorDescriptor
+	}
+	return ""
+}
+
+func (m *WrappedPolicyKey) GetWrappedKey() *WrappedKeyData {
+	if m != nil {
+		return m.WrappedKey
+	}
+	return nil
+}
+
+// The associated data for each policy
+type PolicyData struct {
+	KeyDescriptor     string              `protobuf:"bytes,1,opt,name=key_descriptor,json=keyDescriptor" json:"key_descriptor,omitempty"`
+	Options           *EncryptionOptions  `protobuf:"bytes,2,opt,name=options" json:"options,omitempty"`
+	WrappedPolicyKeys []*WrappedPolicyKey `protobuf:"bytes,3,rep,name=wrapped_policy_keys,json=wrappedPolicyKeys" json:"wrapped_policy_keys,omitempty"`
+}
+
+func (m *PolicyData) Reset()                    { *m = PolicyData{} }
+func (m *PolicyData) String() string            { return proto.CompactTextString(m) }
+func (*PolicyData) ProtoMessage()               {}
+func (*PolicyData) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} }
+
+func (m *PolicyData) GetKeyDescriptor() string {
+	if m != nil {
+		return m.KeyDescriptor
+	}
+	return ""
+}
+
+func (m *PolicyData) GetOptions() *EncryptionOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+func (m *PolicyData) GetWrappedPolicyKeys() []*WrappedPolicyKey {
+	if m != nil {
+		return m.WrappedPolicyKeys
+	}
+	return nil
+}
+
+// Data stored in the config file
+type Config struct {
+	Source        SourceType         `protobuf:"varint,1,opt,name=source,enum=metadata.SourceType" json:"source,omitempty"`
+	HashCosts     *HashingCosts      `protobuf:"bytes,2,opt,name=hash_costs,json=hashCosts" json:"hash_costs,omitempty"`
+	Compatibility string             `protobuf:"bytes,3,opt,name=compatibility" json:"compatibility,omitempty"`
+	Options       *EncryptionOptions `protobuf:"bytes,4,opt,name=options" json:"options,omitempty"`
+}
+
+func (m *Config) Reset()                    { *m = Config{} }
+func (m *Config) String() string            { return proto.CompactTextString(m) }
+func (*Config) ProtoMessage()               {}
+func (*Config) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} }
+
+func (m *Config) GetSource() SourceType {
+	if m != nil {
+		return m.Source
+	}
+	return SourceType_none
+}
+
+func (m *Config) GetHashCosts() *HashingCosts {
+	if m != nil {
+		return m.HashCosts
+	}
+	return nil
+}
+
+func (m *Config) GetCompatibility() string {
+	if m != nil {
+		return m.Compatibility
+	}
+	return ""
+}
+
+func (m *Config) GetOptions() *EncryptionOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*HashingCosts)(nil), "metadata.HashingCosts")
+	proto.RegisterType((*WrappedKeyData)(nil), "metadata.WrappedKeyData")
+	proto.RegisterType((*ProtectorData)(nil), "metadata.ProtectorData")
+	proto.RegisterType((*EncryptionOptions)(nil), "metadata.EncryptionOptions")
+	proto.RegisterType((*WrappedPolicyKey)(nil), "metadata.WrappedPolicyKey")
+	proto.RegisterType((*PolicyData)(nil), "metadata.PolicyData")
+	proto.RegisterType((*Config)(nil), "metadata.Config")
+	proto.RegisterEnum("metadata.SourceType", SourceType_name, SourceType_value)
+	proto.RegisterEnum("metadata.EncryptionMode", EncryptionMode_name, EncryptionMode_value)
+}
+
+func init() { proto.RegisterFile("metadata.proto", fileDescriptor0) }
+
+var fileDescriptor0 = []byte{
+	// 629 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x94, 0x51, 0x6f, 0xd3, 0x30,
+	0x10, 0xc7, 0x97, 0xa4, 0x6b, 0xd7, 0x6b, 0x1b, 0x65, 0xde, 0x98, 0x22, 0x78, 0xa9, 0x0a, 0x48,
+	0xd3, 0x34, 0x4d, 0x62, 0x68, 0x0f, 0x3c, 0x20, 0x04, 0x1d, 0x82, 0x31, 0x0d, 0x26, 0x6f, 0x1a,
+	0x20, 0x21, 0x55, 0x5e, 0xe2, 0xad, 0x56, 0x93, 0xd8, 0xb2, 0x5d, 0x55, 0x79, 0xe3, 0x3b, 0xf0,
+	0x39, 0x78, 0xe5, 0x43, 0xf0, 0xa9, 0x90, 0x9d, 0x34, 0x4d, 0x37, 0x04, 0x83, 0x97, 0xe8, 0xee,
+	0x7c, 0xb9, 0xff, 0xdd, 0xcf, 0x27, 0x83, 0x9f, 0x52, 0x4d, 0x62, 0xa2, 0xc9, 0x9e, 0x90, 0x5c,
+	0x73, 0xb4, 0x36, 0xf7, 0x07, 0x5f, 0xa0, 0xfb, 0x96, 0xa8, 0x31, 0xcb, 0xae, 0x87, 0x5c, 0x69,
+	0x85, 0x10, 0x34, 0x34, 0x4b, 0x69, 0xe8, 0xf6, 0x9d, 0x6d, 0x0f, 0x5b, 0x1b, 0x6d, 0x41, 0x33,
+	0xa5, 0x29, 0x97, 0x79, 0xe8, 0xd9, 0x68, 0xe9, 0xa1, 0x3e, 0x74, 0x04, 0x91, 0x24, 0x49, 0x68,
+	0xc2, 0x54, 0x1a, 0x36, 0xec, 0x61, 0x3d, 0x34, 0xf8, 0x0c, 0xfe, 0x47, 0x49, 0x84, 0xa0, 0xf1,
+	0x31, 0xcd, 0x0f, 0x89, 0x26, 0xc8, 0x07, 0xf7, 0xe8, 0x22, 0x74, 0xfa, 0xce, 0x76, 0x17, 0xbb,
+	0x47, 0x17, 0xe8, 0x21, 0xf4, 0x68, 0x16, 0xc9, 0x5c, 0x68, 0x1a, 0x8f, 0x26, 0x34, 0xb7, 0xc2,
+	0x5d, 0xdc, 0xad, 0x82, 0xc7, 0x34, 0x37, 0x4d, 0x8d, 0x53, 0x12, 0x59, 0xf9, 0x2e, 0xb6, 0xf6,
+	0xe0, 0x9b, 0x0b, 0xbd, 0x53, 0xc9, 0x35, 0x8d, 0x34, 0x97, 0xb6, 0xf4, 0x13, 0xd8, 0x14, 0xf3,
+	0xc0, 0x28, 0xa6, 0x2a, 0x92, 0x4c, 0x68, 0x2e, 0xad, 0x58, 0x1b, 0x6f, 0x54, 0x67, 0x87, 0xd5,
+	0x91, 0x29, 0x9c, 0x91, 0x72, 0xda, 0x36, 0xb6, 0x36, 0xda, 0x85, 0xa6, 0xe2, 0x53, 0x19, 0x51,
+	0x2b, 0xe7, 0xef, 0x6f, 0xee, 0x55, 0xf0, 0xce, 0x6c, 0xfc, 0x3c, 0x17, 0x14, 0x97, 0x39, 0x68,
+	0x17, 0x56, 0x23, 0x03, 0xce, 0x4e, 0xdf, 0xd9, 0xdf, 0x5a, 0x24, 0xd7, 0xb1, 0xe2, 0x22, 0xc9,
+	0xe8, 0x29, 0x92, 0xe8, 0x70, 0xb5, 0x18, 0xc4, 0xd8, 0x28, 0x00, 0x6f, 0xca, 0xe2, 0xb0, 0x69,
+	0xe9, 0x19, 0x13, 0x3d, 0x83, 0xce, 0xac, 0xa0, 0x66, 0x89, 0xb4, 0x6c, 0xe5, 0x70, 0x51, 0x79,
+	0x19, 0x29, 0x86, 0x59, 0xe5, 0x0f, 0xbe, 0x3b, 0xb0, 0xfe, 0xba, 0x40, 0xc7, 0x78, 0xf6, 0xc1,
+	0x7e, 0x15, 0x0a, 0xa1, 0x25, 0x48, 0x1c, 0xb3, 0xec, 0xda, 0xc2, 0xf0, 0xf0, 0xdc, 0x45, 0xcf,
+	0xa1, 0x17, 0xf1, 0x4c, 0xd3, 0x4c, 0xab, 0x51, 0xca, 0xe3, 0x82, 0x84, 0x5f, 0x17, 0x5b, 0x54,
+	0x3b, 0xe1, 0x31, 0xc5, 0xdd, 0x79, 0xba, 0xf1, 0xd0, 0x0b, 0xf0, 0xaf, 0x58, 0x42, 0x0d, 0xb7,
+	0xf2, 0x7f, 0xef, 0x2f, 0xff, 0xf7, 0xaa, 0x7c, 0xe3, 0x0e, 0xbe, 0x3a, 0x10, 0x94, 0xe3, 0x9c,
+	0xf2, 0x84, 0x45, 0xb9, 0xb9, 0xee, 0xff, 0xb8, 0xc8, 0x1b, 0xc8, 0xdc, 0x7f, 0x40, 0xf6, 0xc3,
+	0x01, 0x28, 0xb4, 0xed, 0x16, 0x3d, 0x06, 0x7f, 0x42, 0xf3, 0xdb, 0xb2, 0xbd, 0x09, 0xcd, 0x6b,
+	0x82, 0x07, 0xd0, 0xe2, 0x05, 0xdd, 0x52, 0xec, 0xc1, 0xef, 0x46, 0x2e, 0x2f, 0x00, 0xcf, 0x73,
+	0xd1, 0x3b, 0xd8, 0x98, 0xf7, 0x29, 0xac, 0xa6, 0x69, 0x57, 0x85, 0x5e, 0xdf, 0xdb, 0xee, 0xec,
+	0xdf, 0xbf, 0xd5, 0x6f, 0xc5, 0x04, 0xaf, 0xcf, 0x6e, 0x44, 0xd4, 0xe0, 0xa7, 0x03, 0xcd, 0x21,
+	0xcf, 0xae, 0xd8, 0x75, 0x6d, 0x67, 0x9d, 0x3b, 0xec, 0xec, 0x01, 0xc0, 0x98, 0xa8, 0xf1, 0xa8,
+	0x58, 0x5c, 0xf7, 0x8f, 0x8b, 0xdb, 0x36, 0x99, 0xc5, 0xd3, 0xf0, 0xc8, 0xec, 0x4a, 0x2a, 0x88,
+	0x66, 0x97, 0x2c, 0x61, 0xba, 0x78, 0x0d, 0xda, 0x78, 0x39, 0x58, 0x07, 0xd3, 0xb8, 0x3b, 0x98,
+	0x9d, 0xf7, 0x00, 0x8b, 0x4e, 0xd1, 0x1a, 0x34, 0x32, 0x9e, 0xd1, 0x60, 0x05, 0x21, 0xf0, 0x05,
+	0x49, 0x47, 0x82, 0x28, 0x25, 0xc6, 0x92, 0x28, 0x1a, 0x38, 0xe8, 0x1e, 0xac, 0x47, 0x53, 0xa5,
+	0xf9, 0x52, 0xd8, 0x45, 0x1d, 0x68, 0x49, 0x32, 0x33, 0x40, 0x03, 0x6f, 0xe7, 0x25, 0xf8, 0xcb,
+	0x9b, 0x67, 0x8e, 0x63, 0x7a, 0x45, 0xa6, 0x89, 0x0e, 0x56, 0x50, 0x0b, 0xbc, 0x4f, 0xe7, 0x67,
+	0x81, 0x63, 0x8c, 0x37, 0xc3, 0x93, 0xc0, 0x35, 0xc6, 0xf0, 0xd5, 0x30, 0xf0, 0xac, 0x71, 0x7e,
+	0x16, 0x34, 0x2e, 0x9b, 0xf6, 0xad, 0x7c, 0xfa, 0x2b, 0x00, 0x00, 0xff, 0xff, 0x53, 0xcd, 0x67,
+	0x08, 0x3d, 0x05, 0x00, 0x00,
+}
author	Joe Richey <joerichey@google.com>	2017-03-02 10:15:23 -0800
committer	Joe Richey joerichey@google.com <joerichey@google.com>	2017-05-02 13:39:18 -0700
commit	2ccea6496efc054c21c5ed397f3caff8d4992957 (patch)
tree	3a5a46492ad867d767770985773d08dcd49d1df6 /metadata/metadata.pb.go
parent	49f7bad068c82d71d2af73b9c8046fb882b29c69 (diff)