mirror of https://github.com/vacp2p/rfc.git
362 lines
13 KiB
HTML
362 lines
13 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en" dir="ltr">
|
|
|
|
<head>
|
|
<meta name="generator" content="Hugo 0.106.0">
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<meta name="description" content="This specification describes the encryption, decryption and signing of the content in the data field used in Waku.
|
|
Specification # The data field is used within the waku envelope, the field MUST contain the encrypted payload of the envelope.
|
|
The fields that are concatenated and encrypted as part of the data field are:
|
|
flags auxiliary field payload padding signature In case of symmetric encryption, a salt (a.k.a. AES Nonce, 12 bytes) field MUST be appended.">
|
|
<meta name="theme-color" content="#FFFFFF"><meta property="og:title" content="7/WAKU-DATA" />
|
|
<meta property="og:description" content="This specification describes the encryption, decryption and signing of the content in the data field used in Waku.
|
|
Specification # The data field is used within the waku envelope, the field MUST contain the encrypted payload of the envelope.
|
|
The fields that are concatenated and encrypted as part of the data field are:
|
|
flags auxiliary field payload padding signature In case of symmetric encryption, a salt (a.k.a. AES Nonce, 12 bytes) field MUST be appended." />
|
|
<meta property="og:type" content="article" />
|
|
<meta property="og:url" content="https://rfc.vac.dev/spec/7/" /><meta property="article:section" content="docs" />
|
|
|
|
|
|
|
|
<title>7/WAKU-DATA | Vac RFC</title>
|
|
<link rel="manifest" href="/manifest.json">
|
|
<link rel="icon" href="/favicon.png" type="image/x-icon">
|
|
<link rel="stylesheet" href="/book.min.e935e20bd0d469378cb482f0958edf258c731a4f895dccd55799c6fbc8043f23.css" integrity="sha256-6TXiC9DUaTeMtILwlY7fJYxzGk+JXczVV5nG+8gEPyM=">
|
|
<script defer src="/en.search.min.9332452670516db05dbb4efeb10551244d4f144cc86393ce2bf4b04b790a0af4.js" integrity="sha256-kzJFJnBRbbBdu07+sQVRJE1PFEzIY5POK/SwS3kKCvQ="></script>
|
|
<!--
|
|
Made with Book Theme
|
|
https://github.com/alex-shpak/hugo-book
|
|
-->
|
|
|
|
|
|
</head>
|
|
|
|
<body dir="ltr">
|
|
<input type="checkbox" class="hidden toggle" id="menu-control" />
|
|
<input type="checkbox" class="hidden toggle" id="toc-control" />
|
|
<main class="container flex">
|
|
<aside class="book-menu">
|
|
<div class="book-menu-content">
|
|
|
|
<nav>
|
|
<h2 class="book-brand">
|
|
<a href="/"><span>Vac RFC</span>
|
|
</a>
|
|
</h2>
|
|
|
|
|
|
<div class="book-search">
|
|
<input type="text" id="book-search-input" placeholder="Search" aria-label="Search" maxlength="64" data-hotkeys="s/" />
|
|
<div class="book-search-spinner hidden"></div>
|
|
<ul id="book-search-results"></ul>
|
|
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<ul>
|
|
<li>Raw
|
|
<ul>
|
|
<li><a href="/spec/20/">20/TOY-ETH-PM</a></li>
|
|
<li><a href="/spec/24/">24/STATUS-CURATION</a></li>
|
|
<li><a href="/spec/28/">28/STATUS-FEATURING</a></li>
|
|
<li><a href="/spec/31/">31/WAKU2-ENR</a></li>
|
|
<li><a href="/spec/32/">32/RLN-V1</a></li>
|
|
<li><a href="/spec/34/">34/WAKU2-PEER-EXCHANGE</a></li>
|
|
<li><a href="/spec/35/">35/WAKU2-NOISE</a></li>
|
|
<li><a href="/spec/37/">37/WAKU2-NOISE-SESSIONS</a></li>
|
|
<li><a href="/spec/38/">38/CONSENSUS-CLARO</a></li>
|
|
<li><a href="/spec/43/">43/WAKU2-NOISE-PAIRING</a></li>
|
|
<li><a href="/spec/44/">44/WAKU2-DANDELION</a></li>
|
|
<li><a href="/spec/45/">45/WAKU2-ADVERSARIAL-MODELS</a></li>
|
|
<li><a href="/spec/46/">46/GOSSIPSUB-TOR-PUSH</a></li>
|
|
<li><a href="/spec/47/">47/WAKU2-TOR-PUSH</a></li>
|
|
<li><a href="/spec/48/">48/RLN-INTEREP-SPEC</a></li>
|
|
<li><a href="/spec/51/">51/WAKU2-RELAY-SHARDING</a></li>
|
|
<li><a href="/spec/52/">52/WAKU2-RELAY-STATIC-SHARD-ALLOC</a></li>
|
|
<li><a href="/spec/57/">57/STATUS-Simple-Scaling</a></li>
|
|
<li><a href="/spec/58/">58/RLN-V2</a></li>
|
|
</ul>
|
|
</li>
|
|
<li>Draft
|
|
<ul>
|
|
<li><a href="/spec/1/">1/COSS</a></li>
|
|
<li><a href="/spec/3/">3/REMOTE-LOG</a></li>
|
|
<li><a href="/spec/4/">4/MVDS-META</a></li>
|
|
<li><a href="/spec/10/">10/WAKU2</a></li>
|
|
<li><a href="/spec/12/">12/WAKU2-FILTER</a></li>
|
|
<li><a href="/spec/13/">13/WAKU2-STORE</a></li>
|
|
<li><a href="/spec/14/">14/WAKU2-MESSAGE</a></li>
|
|
<li><a href="/spec/15/">15/WAKU2-BRIDGE</a></li>
|
|
<li><a href="/spec/16/">16/WAKU2-RPC</a></li>
|
|
<li><a href="/spec/17/">17/WAKU2-RLN-RELAY</a></li>
|
|
<li><a href="/spec/18/">18/WAKU2-SWAP</a></li>
|
|
<li><a href="/spec/19/">19/WAKU2-LIGHTPUSH</a></li>
|
|
<li><a href="/spec/21/">21/WAKU2-FTSTORE</a></li>
|
|
<li><a href="/spec/22/">22/TOY-CHAT</a></li>
|
|
<li><a href="/spec/23/">23/WAKU2-TOPICS</a></li>
|
|
<li><a href="/spec/26/">26/WAKU2-PAYLOAD</a></li>
|
|
<li><a href="/spec/27/">27/WAKU2-PEERS</a></li>
|
|
<li><a href="/spec/29/">29/WAKU2-CONFIG</a></li>
|
|
<li><a href="/spec/30/">30/ADAPTIVE-NODES</a></li>
|
|
<li><a href="/spec/33/">33/WAKU2-DISCV5</a></li>
|
|
<li><a href="/spec/36/">36/WAKU2-BINDINGS-API</a></li>
|
|
<li><a href="/spec/53/">53/WAKU2-X3DH</a></li>
|
|
<li><a href="/spec/54/">54/WAKU2-X3DH-SESSIONS</a></li>
|
|
<li><a href="/spec/55/">55/STATUS-1TO1-CHAT</a></li>
|
|
<li><a href="/spec/56/">56/STATUS-COMMUNITIES</a></li>
|
|
</ul>
|
|
</li>
|
|
<li>Stable
|
|
<ul>
|
|
<li><a href="/spec/2/">2/MVDS</a></li>
|
|
<li><a href="/spec/6/">6/WAKU1</a></li>
|
|
<li><a href="/spec/7/"class=active>7/WAKU-DATA</a></li>
|
|
<li><a href="/spec/8/">8/WAKU-MAIL</a></li>
|
|
<li><a href="/spec/9/">9/WAKU-RPC</a></li>
|
|
<li><a href="/spec/11/">11/WAKU2-RELAY</a></li>
|
|
</ul>
|
|
</li>
|
|
<li>Deprecated
|
|
<ul>
|
|
<li><a href="/spec/5/">5/WAKU0</a></li>
|
|
</ul>
|
|
</li>
|
|
<li>Retired</li>
|
|
</ul>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</nav>
|
|
|
|
|
|
|
|
|
|
<script>(function(){var e=document.querySelector("aside.book-menu nav");addEventListener("beforeunload",function(){localStorage.setItem("menu.scrollTop",e.scrollTop)}),e.scrollTop=localStorage.getItem("menu.scrollTop")})()</script>
|
|
|
|
|
|
|
|
</div>
|
|
</aside>
|
|
|
|
<div class="book-page">
|
|
<header class="book-header">
|
|
|
|
<div class="flex align-center justify-between">
|
|
<label for="menu-control">
|
|
<img src="/svg/menu.svg" class="book-icon" alt="Menu" />
|
|
</label>
|
|
|
|
<strong>7/WAKU-DATA</strong>
|
|
|
|
<label for="toc-control">
|
|
|
|
<img src="/svg/toc.svg" class="book-icon" alt="Table of Contents" />
|
|
|
|
</label>
|
|
</div>
|
|
|
|
|
|
|
|
<aside class="hidden clearfix">
|
|
|
|
|
|
<nav id="TableOfContents">
|
|
<ul>
|
|
<li><a href="#specification">Specification</a>
|
|
<ul>
|
|
<li><a href="#abnf">ABNF</a></li>
|
|
<li><a href="#signature">Signature</a></li>
|
|
<li><a href="#padding">Padding</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#copyright">Copyright</a></li>
|
|
</ul>
|
|
</nav>
|
|
|
|
|
|
|
|
</aside>
|
|
|
|
|
|
</header>
|
|
|
|
|
|
|
|
<article class="markdown">
|
|
<h1 id="7waku-data">
|
|
7/WAKU-DATA
|
|
<a class="anchor" href="#7waku-data">#</a>
|
|
</h1>
|
|
|
|
|
|
<h1 id="waku-envelope-data-field">
|
|
Waku Envelope data field
|
|
<a class="anchor" href="#waku-envelope-data-field">#</a>
|
|
</h1>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<img src="https://img.shields.io/badge/status-stable-brightgreen?style=flat-square" />
|
|
|
|
|
|
|
|
|
|
<ul>
|
|
<li>Status: stable</li>
|
|
<li>Editor: Oskar Thorén <a href="mailto:oskar@status.im">oskar@status.im</a></li>
|
|
|
|
<li>Contributors:
|
|
|
|
|
|
Dean Eigenmann <a href="mailto:dean@status.im">dean@status.im</a>
|
|
|
|
,
|
|
Kim De Mey <a href="mailto:kimdemey@status.im">kimdemey@status.im</a>
|
|
|
|
</li>
|
|
|
|
</ul><p>This specification describes the encryption, decryption and signing of the content in the <a href="/spec/6/#abnf-specification">data field used in Waku</a>.</p>
|
|
<h2 id="specification">
|
|
Specification
|
|
<a class="anchor" href="#specification">#</a>
|
|
</h2>
|
|
<p>The <code>data</code> field is used within the <code>waku envelope</code>, the field MUST contain the encrypted payload of the envelope.</p>
|
|
<p>The fields that are concatenated and encrypted as part of the <code>data</code> field are:</p>
|
|
<ul>
|
|
<li>flags</li>
|
|
<li>auxiliary field</li>
|
|
<li>payload</li>
|
|
<li>padding</li>
|
|
<li>signature</li>
|
|
</ul>
|
|
<p>In case of symmetric encryption, a <code>salt</code> (a.k.a. AES Nonce, 12 bytes) field MUST be appended.</p>
|
|
<h3 id="abnf">
|
|
ABNF
|
|
<a class="anchor" href="#abnf">#</a>
|
|
</h3>
|
|
<p>Using <a href="https://tools.ietf.org/html/rfc5234">Augmented Backus-Naur form (ABNF)</a> we have the following format:</p>
|
|
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-abnf" data-lang="abnf"><span style="display:flex;"><span><span style="color:#75715e">; 1 byte; first two bits contain the size of auxiliary field, </span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#75715e">; third bit indicates whether the signature is present.</span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#a6e22e">flags</span> <span style="color:#f92672">=</span> <span style="color:#f92672">1</span><span style="color:#66d9ef">OCTET</span>
|
|
</span></span><span style="display:flex;"><span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#75715e">; contains the size of payload.</span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#a6e22e">auxiliary-field</span> <span style="color:#f92672">=</span> <span style="color:#f92672">4*</span><span style="color:#66d9ef">OCTET</span>
|
|
</span></span><span style="display:flex;"><span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#75715e">; byte array of arbitrary size (may be zero)</span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#a6e22e">payload</span> <span style="color:#f92672">=</span> <span style="color:#f92672">*</span><span style="color:#66d9ef">OCTET</span>
|
|
</span></span><span style="display:flex;"><span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#75715e">; byte array of arbitrary size (may be zero).</span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#a6e22e">padding</span> <span style="color:#f92672">=</span> <span style="color:#f92672">*</span><span style="color:#66d9ef">OCTET</span>
|
|
</span></span><span style="display:flex;"><span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#75715e">; 65 bytes, if present.</span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#a6e22e">signature</span> <span style="color:#f92672">=</span> <span style="color:#f92672">65</span><span style="color:#66d9ef">OCTET</span>
|
|
</span></span><span style="display:flex;"><span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#75715e">; 2 bytes, if present (in case of symmetric encryption).</span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#a6e22e">salt</span> <span style="color:#f92672">=</span> <span style="color:#f92672">2</span><span style="color:#66d9ef">OCTET</span>
|
|
</span></span><span style="display:flex;"><span>
|
|
</span></span><span style="display:flex;"><span><span style="color:#a6e22e">data</span> <span style="color:#f92672">=</span> <span style="color:#a6e22e">flags</span> <span style="color:#a6e22e">auxiliary-field</span> <span style="color:#a6e22e">payload</span> <span style="color:#a6e22e">padding</span> [<span style="color:#a6e22e">signature</span>] [<span style="color:#a6e22e">salt</span>]
|
|
</span></span></code></pre></div><h3 id="signature">
|
|
Signature
|
|
<a class="anchor" href="#signature">#</a>
|
|
</h3>
|
|
<p>Those unable to decrypt the envelope data are also unable to access the signature. The signature, if provided, is the ECDSA signature of the Keccak-256 hash of the unencrypted data using the secret key of the originator identity. The signature is serialized as the concatenation of the <code>R</code>, <code>S</code> and <code>V</code> parameters of the SECP-256k1 ECDSA signature, in that order. <code>R</code> and <code>S</code> MUST be big-endian encoded, fixed-width 256-bit unsigned. <code>V</code> MUST be an 8-bit big-endian encoded, non-normalized and should be either 27 or 28.</p>
|
|
<h3 id="padding">
|
|
Padding
|
|
<a class="anchor" href="#padding">#</a>
|
|
</h3>
|
|
<p>The padding field is used to align data size, since data size alone might reveal important metainformation. Padding can be arbitrary size. However, it is recommended that the size of Data Field (excluding the Salt) before encryption (i.e. plain text) SHOULD be factor of 256 bytes.</p>
|
|
<h2 id="copyright">
|
|
Copyright
|
|
<a class="anchor" href="#copyright">#</a>
|
|
</h2>
|
|
<p>Copyright and related rights waived via <a href="https://creativecommons.org/publicdomain/zero/1.0/">CC0</a>.</p>
|
|
</article>
|
|
|
|
|
|
|
|
<footer class="book-footer">
|
|
|
|
<div class="flex flex-wrap justify-between">
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
</footer>
|
|
|
|
|
|
|
|
<div class="book-comments">
|
|
|
|
</div>
|
|
|
|
|
|
|
|
<label for="menu-control" class="hidden book-menu-overlay"></label>
|
|
</div>
|
|
|
|
|
|
<aside class="book-toc">
|
|
<div class="book-toc-content">
|
|
|
|
|
|
<nav id="TableOfContents">
|
|
<ul>
|
|
<li><a href="#specification">Specification</a>
|
|
<ul>
|
|
<li><a href="#abnf">ABNF</a></li>
|
|
<li><a href="#signature">Signature</a></li>
|
|
<li><a href="#padding">Padding</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#copyright">Copyright</a></li>
|
|
</ul>
|
|
</nav>
|
|
|
|
|
|
|
|
</div>
|
|
</aside>
|
|
|
|
</main>
|
|
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|