diff --git a/proto/aes_cmac.proto b/proto/aes_cmac.proto index b5dbd941..106bc117 100644 --- a/proto/aes_cmac.proto +++ b/proto/aes_cmac.proto @@ -29,7 +29,7 @@ message AesCmacParams { // key_type: type.googleapis.com/google.crypto.tink.AesCmacKey message AesCmacKey { uint32 version = 1; - bytes key_value = 2; // Placeholder for ctype. + bytes key_value = 2; // Placeholder for ctype and debug_redact. AesCmacParams params = 3; } diff --git a/proto/aes_cmac_prf.proto b/proto/aes_cmac_prf.proto index 94fe509d..c9942f30 100644 --- a/proto/aes_cmac_prf.proto +++ b/proto/aes_cmac_prf.proto @@ -25,7 +25,7 @@ option go_package = "github.com/tink-crypto/tink-go/v2/proto/aes_cmac_prf_go_pro // key_type: type.googleapis.com/google.crypto.tink.AesCmacPrfKey message AesCmacPrfKey { uint32 version = 1; - bytes key_value = 2; // Placeholder for ctype. + bytes key_value = 2; // Placeholder for ctype and debug_redact. } message AesCmacPrfKeyFormat { diff --git a/proto/aes_ctr.proto b/proto/aes_ctr.proto index 66c0ca1e..80880cb0 100644 --- a/proto/aes_ctr.proto +++ b/proto/aes_ctr.proto @@ -35,5 +35,5 @@ message AesCtrKeyFormat { message AesCtrKey { uint32 version = 1; AesCtrParams params = 2; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } diff --git a/proto/aes_ctr_hmac_streaming.proto b/proto/aes_ctr_hmac_streaming.proto index 7927bde8..1725ee8c 100644 --- a/proto/aes_ctr_hmac_streaming.proto +++ b/proto/aes_ctr_hmac_streaming.proto @@ -42,5 +42,5 @@ message AesCtrHmacStreamingKeyFormat { message AesCtrHmacStreamingKey { uint32 version = 1; AesCtrHmacStreamingParams params = 2; - bytes key_value = 3; // Placeholder for ctype. // the main key, aka. "ikm", input key material + bytes key_value = 3 ; // Placeholder for multi-line ctype and debug_redact. // the main key, aka. "ikm", input key material } diff --git a/proto/aes_eax.proto b/proto/aes_eax.proto index e38b76b9..45a7eb10 100644 --- a/proto/aes_eax.proto +++ b/proto/aes_eax.proto @@ -37,5 +37,5 @@ message AesEaxKeyFormat { message AesEaxKey { uint32 version = 1; AesEaxParams params = 2; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } diff --git a/proto/aes_gcm.proto b/proto/aes_gcm.proto index 3724b0a1..00ef9198 100644 --- a/proto/aes_gcm.proto +++ b/proto/aes_gcm.proto @@ -63,5 +63,5 @@ message AesGcmKeyFormat { message AesGcmKey { uint32 version = 1; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } diff --git a/proto/aes_gcm_hkdf_streaming.proto b/proto/aes_gcm_hkdf_streaming.proto index c5e40236..1ecbc3d9 100644 --- a/proto/aes_gcm_hkdf_streaming.proto +++ b/proto/aes_gcm_hkdf_streaming.proto @@ -42,5 +42,5 @@ message AesGcmHkdfStreamingKeyFormat { message AesGcmHkdfStreamingKey { uint32 version = 1; AesGcmHkdfStreamingParams params = 2; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } diff --git a/proto/aes_gcm_siv.proto b/proto/aes_gcm_siv.proto index fee87d76..50a64066 100644 --- a/proto/aes_gcm_siv.proto +++ b/proto/aes_gcm_siv.proto @@ -32,5 +32,5 @@ message AesGcmSivKeyFormat { // key_type: type.googleapis.com/google.crypto.tink.AesGcmSivKey message AesGcmSivKey { uint32 version = 1; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } diff --git a/proto/aes_siv.proto b/proto/aes_siv.proto index 2c5e013e..3f9d83d0 100644 --- a/proto/aes_siv.proto +++ b/proto/aes_siv.proto @@ -40,5 +40,5 @@ message AesSivKeyFormat { message AesSivKey { uint32 version = 1; // First half is AES-CTR key, second is AES-SIV. - bytes key_value = 2; // Placeholder for ctype. + bytes key_value = 2; // Placeholder for ctype and debug_redact. } diff --git a/proto/chacha20_poly1305.proto b/proto/chacha20_poly1305.proto index 8f26821c..5dea2c4f 100644 --- a/proto/chacha20_poly1305.proto +++ b/proto/chacha20_poly1305.proto @@ -29,5 +29,5 @@ message ChaCha20Poly1305KeyFormat {} // at https://tools.ietf.org/html/rfc7539#section-2.8. message ChaCha20Poly1305Key { uint32 version = 1; - bytes key_value = 2; // Placeholder for ctype. + bytes key_value = 2; // Placeholder for ctype and debug_redact. } diff --git a/proto/ecdsa.proto b/proto/ecdsa.proto index e89783e8..36bfd48c 100644 --- a/proto/ecdsa.proto +++ b/proto/ecdsa.proto @@ -74,7 +74,7 @@ message EcdsaPrivateKey { EcdsaPublicKey public_key = 2; // Unsigned big integer in bigendian representation. // Required. - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } message EcdsaKeyFormat { diff --git a/proto/ecies_aead_hkdf.proto b/proto/ecies_aead_hkdf.proto index fa7eca5f..8997ad4c 100644 --- a/proto/ecies_aead_hkdf.proto +++ b/proto/ecies_aead_hkdf.proto @@ -105,7 +105,7 @@ message EciesAeadHkdfPrivateKey { EciesAeadHkdfPublicKey public_key = 2; // Required. - bytes key_value = 3; // Placeholder for ctype. // Big integer in bigendian representation. + bytes key_value = 3 ; // Placeholder for multi-line ctype and debug_redact. // Big integer in bigendian representation. } message EciesAeadHkdfKeyFormat { diff --git a/proto/ed25519.proto b/proto/ed25519.proto index 8d6234a9..564b4d07 100644 --- a/proto/ed25519.proto +++ b/proto/ed25519.proto @@ -46,7 +46,7 @@ message Ed25519PrivateKey { // The private key is 32 bytes of cryptographically secure random data. // See https://tools.ietf.org/html/rfc8032#section-5.1.5. // Required. - bytes key_value = 2; // Placeholder for ctype. + bytes key_value = 2; // Placeholder for ctype and debug_redact. // The corresponding public key. Ed25519PublicKey public_key = 3; } diff --git a/proto/hkdf_prf.proto b/proto/hkdf_prf.proto index 3b98d06e..2a151e7a 100644 --- a/proto/hkdf_prf.proto +++ b/proto/hkdf_prf.proto @@ -38,7 +38,7 @@ message HkdfPrfParams { message HkdfPrfKey { uint32 version = 1; HkdfPrfParams params = 2; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } message HkdfPrfKeyFormat { diff --git a/proto/hmac.proto b/proto/hmac.proto index bd268f09..1a364146 100644 --- a/proto/hmac.proto +++ b/proto/hmac.proto @@ -33,7 +33,7 @@ message HmacParams { message HmacKey { uint32 version = 1; HmacParams params = 2; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } message HmacKeyFormat { diff --git a/proto/hmac_prf.proto b/proto/hmac_prf.proto index 159d3db5..47adc39c 100644 --- a/proto/hmac_prf.proto +++ b/proto/hmac_prf.proto @@ -32,7 +32,7 @@ message HmacPrfParams { message HmacPrfKey { uint32 version = 1; HmacPrfParams params = 2; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } message HmacPrfKeyFormat { diff --git a/proto/hpke.proto b/proto/hpke.proto index 9c428e31..d4e516dd 100644 --- a/proto/hpke.proto +++ b/proto/hpke.proto @@ -63,7 +63,7 @@ message HpkePrivateKey { HpkePublicKey public_key = 2; // KEM-encoding of private key (i.e., SerializePrivateKey() ) as described in // https://www.rfc-editor.org/rfc/rfc9180.html#name-cryptographic-dependencies. - bytes private_key = 3; + bytes private_key = 3; // Placeholder for debug_redact. } message HpkeKeyFormat { diff --git a/proto/jwt_ecdsa.proto b/proto/jwt_ecdsa.proto index e8f1be24..c0326fdf 100644 --- a/proto/jwt_ecdsa.proto +++ b/proto/jwt_ecdsa.proto @@ -52,7 +52,7 @@ message JwtEcdsaPrivateKey { uint32 version = 1; JwtEcdsaPublicKey public_key = 2; // Unsigned big integer in bigendian representation. - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. } message JwtEcdsaKeyFormat { diff --git a/proto/jwt_hmac.proto b/proto/jwt_hmac.proto index c6293230..496d5383 100644 --- a/proto/jwt_hmac.proto +++ b/proto/jwt_hmac.proto @@ -34,7 +34,7 @@ enum JwtHmacAlgorithm { message JwtHmacKey { uint32 version = 1; JwtHmacAlgorithm algorithm = 2; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. // Optional, custom kid header value to be used with "RAW" keys. // "TINK" keys with this value set will be rejected. diff --git a/proto/tink.proto b/proto/tink.proto index a5a5e509..abe37a25 100644 --- a/proto/tink.proto +++ b/proto/tink.proto @@ -116,7 +116,7 @@ message KeyData { string type_url = 1; // In format type.googleapis.com/packagename.messagename // Required. // Contains specific serialized *Key proto - bytes value = 2; // Placeholder for ctype. + bytes value = 2; // Placeholder for ctype and debug_redact. enum KeyMaterialType { UNKNOWN_KEYMATERIAL = 0; SYMMETRIC = 1; diff --git a/proto/xchacha20_poly1305.proto b/proto/xchacha20_poly1305.proto index d080b779..f102d3fb 100644 --- a/proto/xchacha20_poly1305.proto +++ b/proto/xchacha20_poly1305.proto @@ -29,5 +29,5 @@ message XChaCha20Poly1305KeyFormat { // key_type: type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key message XChaCha20Poly1305Key { uint32 version = 1; - bytes key_value = 3; // Placeholder for ctype. + bytes key_value = 3; // Placeholder for ctype and debug_redact. }