| Lorenz Brun | 662182f | 2022-03-10 14:06:48 +0100 | [diff] [blame] | 1 | syntax = "proto3"; |
| Tim Windelschmidt | 9f21f53 | 2024-05-07 15:14:20 +0200 | [diff] [blame] | 2 | option go_package = "source.monogon.dev/osbase/tpm/proto"; |
| Tim Windelschmidt | 2f9f624 | 2025-01-11 08:25:54 +0100 | [diff] [blame] | 3 | package osbase.tpm.proto; |
| Lorenz Brun | 662182f | 2022-03-10 14:06:48 +0100 | [diff] [blame] | 4 | |
| Lorenz Brun | d13c1c6 | 2022-03-30 19:58:58 +0200 | [diff] [blame] | 5 | import "proto/tpm/tpm.proto"; |
| Lorenz Brun | 662182f | 2022-03-10 14:06:48 +0100 | [diff] [blame] | 6 | |
| 7 | // ExtendedSealedBytes contains data sealed by a TPM2 via an indirection to |
| 8 | // allow for more than 128 bytes of payload. It seals an ephemeral key for |
| 9 | // a nacl secretbox in the TPM and stores the encrypted box next to the sealed |
| 10 | // key. |
| 11 | message ExtendedSealedBytes { |
| 12 | // The secretbox key, as sealed by the TPM. |
| Lorenz Brun | d13c1c6 | 2022-03-30 19:58:58 +0200 | [diff] [blame] | 13 | .tpm.SealedBytes sealed_key = 1; |
| Lorenz Brun | 662182f | 2022-03-10 14:06:48 +0100 | [diff] [blame] | 14 | // The encrypted box contents. |
| 15 | bytes encrypted_payload = 2; |
| 16 | } |