components/crx_file/crx3.proto - cobalt - Git at Google

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file

 syntax = "proto2";

 option optimize_for = LITE_RUNTIME;

 package crx_file;

 // A CRX₃ file is a binary file of the following format:
 // [4 octets]: "Cr24", a magic number.
 // [4 octets]: The version of the *.crx file format used (currently 3).
 // [4 octets]: N, little-endian, the length of the header section.
 // [N octets]: The header (the binary encoding of a CrxFileHeader).
 // [M octets]: The ZIP archive.
 // Clients should reject CRX₃ files that contain an N that is too large for the
 // client to safely handle in memory.

 message CrxFileHeader {
   // PSS signature with RSA public key. The public key is formatted as a
   // X.509 SubjectPublicKeyInfo block, as in CRX₂. In the common case of a
   // developer key proof, the first 128 bits of the SHA-256 hash of the
   // public key must equal the crx_id.
   repeated AsymmetricKeyProof sha256_with_rsa = 2;

   // ECDSA signature, using the NIST P-256 curve. Public key appears in
   // named-curve format.
   // The pinned algorithm will be this, at least on 2017-01-01.
   repeated AsymmetricKeyProof sha256_with_ecdsa = 3;

   // The binary form of a SignedData message. We do not use a nested
   // SignedData message, as handlers of this message must verify the proofs
   // on exactly these bytes, so it is convenient to parse in two steps.
   //
   // All proofs in this CrxFile message are on the value
   // "CRX3 SignedData\x00" + signed_header_size + signed_header_data +
   // archive, where "\x00" indicates an octet with value 0, "CRX3 SignedData"
   // is encoded using UTF-8, signed_header_size is the size in octets of the
   // contents of this field and is encoded using 4 octets in little-endian
   // order, signed_header_data is exactly the content of this field, and
   // archive is the remaining contents of the file following the header.
   optional bytes signed_header_data = 10000;
 }

 message AsymmetricKeyProof {
   optional bytes public_key = 1;
   optional bytes signature = 2;
 }

 message SignedData {
   // This is simple binary, not UTF-8 encoded mpdecimal; i.e. it is exactly
   // 16 bytes long.
   optional bytes crx_id = 1;
 }
	// Copyright 2017 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file

	syntax = "proto2";

	option optimize_for = LITE_RUNTIME;

	package crx_file;

	// A CRX₃ file is a binary file of the following format:
	// [4 octets]: "Cr24", a magic number.
	// [4 octets]: The version of the *.crx file format used (currently 3).
	// [4 octets]: N, little-endian, the length of the header section.
	// [N octets]: The header (the binary encoding of a CrxFileHeader).
	// [M octets]: The ZIP archive.
	// Clients should reject CRX₃ files that contain an N that is too large for the
	// client to safely handle in memory.

	message CrxFileHeader {
	// PSS signature with RSA public key. The public key is formatted as a
	// X.509 SubjectPublicKeyInfo block, as in CRX₂. In the common case of a
	// developer key proof, the first 128 bits of the SHA-256 hash of the
	// public key must equal the crx_id.
	repeated AsymmetricKeyProof sha256_with_rsa = 2;

	// ECDSA signature, using the NIST P-256 curve. Public key appears in
	// named-curve format.
	// The pinned algorithm will be this, at least on 2017-01-01.
	repeated AsymmetricKeyProof sha256_with_ecdsa = 3;

	// The binary form of a SignedData message. We do not use a nested
	// SignedData message, as handlers of this message must verify the proofs
	// on exactly these bytes, so it is convenient to parse in two steps.
	//
	// All proofs in this CrxFile message are on the value
	// "CRX3 SignedData\x00" + signed_header_size + signed_header_data +
	// archive, where "\x00" indicates an octet with value 0, "CRX3 SignedData"
	// is encoded using UTF-8, signed_header_size is the size in octets of the
	// contents of this field and is encoded using 4 octets in little-endian
	// order, signed_header_data is exactly the content of this field, and
	// archive is the remaining contents of the file following the header.
	optional bytes signed_header_data = 10000;
	}

	message AsymmetricKeyProof {
	optional bytes public_key = 1;
	optional bytes signature = 2;
	}

	message SignedData {
	// This is simple binary, not UTF-8 encoded mpdecimal; i.e. it is exactly
	// 16 bytes long.
	optional bytes crx_id = 1;
	}