Cert interface (#1212)

cert/cert_v1.proto

@@ -0,0 +1,54 @@
+syntax = "proto3";
+package cert;
+
+option go_package = "github.com/slackhq/nebula/cert";
+
+//import "google/protobuf/timestamp.proto";
+
+enum Curve {
+  CURVE25519 = 0;
+  P256 = 1;
+}
+
+message RawNebulaCertificate {
+    RawNebulaCertificateDetails Details = 1;
+    bytes Signature = 2;
+}
+
+message RawNebulaCertificateDetails {
+    string Name = 1;
+
+    // Ips and Subnets are in big endian 32 bit pairs, 1st the ip, 2nd the mask
+    repeated uint32 Ips = 2;
+    repeated uint32 Subnets = 3;
+
+    repeated string Groups = 4;
+    int64 NotBefore = 5;
+    int64 NotAfter = 6;
+    bytes PublicKey = 7;
+
+    bool IsCA = 8;
+
+    // sha-256 of the issuer certificate, if this field is blank the cert is self-signed
+    bytes Issuer = 9;
+
+    Curve curve = 100;
+}
+
+message RawNebulaEncryptedData {
+	RawNebulaEncryptionMetadata EncryptionMetadata = 1;
+	bytes Ciphertext = 2;
+}
+
+message RawNebulaEncryptionMetadata {
+	string EncryptionAlgorithm = 1;
+	RawNebulaArgon2Parameters Argon2Parameters = 2;
+}
+
+message RawNebulaArgon2Parameters {
+	int32 version = 1; // rune in Go
+	uint32 memory = 2;
+	uint32 parallelism = 4; // uint8 in Go
+	uint32 iterations = 3;
+	bytes salt = 5;
+}