Commit 1b066559 authored by Peter Waher's avatar Peter Waher

Peer-to-peer communication and End-to-End encryption schemas added.

parent f16da6ee
......@@ -70,6 +70,8 @@ Schemas
* [ProvisioningOwner.xsd](Schemas/ProvisioningOwner.xsd)
* [Syncrhonization.xsd](Schemas/Syncrhonization.xsd)
* [Concentrator.xsd](Schemas/Concentrator.xsd)
* [P2P.xsd](Schemas/P2P.xsd)
* [E2E.xsd](Schemas/E2E.xsd)
Implementations
......
<?xml version='1.0' encoding='UTF-8'?>
<xs:schema
xmlns:xs='http://www.w3.org/2001/XMLSchema'
targetNamespace='urn:ieee:iot:e2e:1.0'
xmlns='urn:ieee:iot:e2e:1.0'
elementFormDefault='qualified'>
<!--
Copyright 2017-2018 The Institute of Electrical and Electronics Engineers,
Incorporated (IEEE).
This work is licensed to The Institute of Electrical and Electronics
Engineers, Incorporated (IEEE) under one or more contributor license
agreements.
See the LICENSE.md file distributed with this work for additional
information regarding copyright ownership. Use of this file is
governed by a BSD-style license, the terms of which are as follows:
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
Redistributions of source code must retain the above copyright
notice, this list of conditions, the following disclaimer, and the
NOTICE file.
Redistributions in binary form must reproduce the above copyright
notice, this list of conditions, the following disclaimer in the
documentation and/or other materials provided with the
distribution, and the NOTICE file.
Neither the name of The Institute of Electrical and Electronics
Engineers, Incorporated (IEEE) nor the names of its contributors
may be used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
SPDX-License-Identifier: BSD-3-Clause
Disclaimer: This open source repository contains material that may be
included-in or referenced by an unapproved draft of a proposed IEEE
Standard. All material in this repository is subject to change. The
material in this repository is presented "as is" and with all faults.
Use of the material is at the sole risk of the user. IEEE specifically
disclaims all warranties and representations with respect to all
material contained in this repository and shall not be liable, under
any theory, for any use of the material. Unapproved drafts of proposed
IEEE standards must not be utilized for any conformance/compliance
purposes.
-->
<xs:element name="e2e">
<xs:annotation>
<xs:documentation>Element added to online presence stanza, to inform peers with presence subscription on how to establish end-to-end encrypted communication with the application.</xs:documentation>
<xs:documentation>Public keys should be regularly changed, and new presence stanzas issued, to protect the forward secrecy of communication.</xs:documentation>
<xs:documentation>If a public/private key pair is broken, it only affects messages using that keypair.</xs:documentation>
<xs:documentation>Update frequency depends on the sensitivity of the data being communicated.</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:choice minOccurs="0" maxOccurs="unbounded">
<xs:element ref="rsaAes"/>
</xs:choice>
</xs:complexType>
</xs:element>
<xs:element name="rsaAes">
<xs:annotation>
<xs:documentation>End-to-End encryption using RSA Public Key cryptography to encrypt shared secrets, that are then used with AES-256 to encrypt the payload.</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attribute name="size" type="xs:positiveInteger" use="required">
<xs:annotation>
<xs:documentation>Size of RSA key, in bits.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="mod" type="xs:base64Binary" use="required">
<xs:annotation>
<xs:documentation>Modulus part of RSA public key.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="exp" type="xs:base64Binary" use="required">
<xs:annotation>
<xs:documentation>Exponent part of RSA public key.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
</xs:element>
<xs:element name="aes">
<xs:annotation>
<xs:documentation>AES-256 encryption of payload, using Cipher Block Chaining (CBC) and PKCS#7 padding.</xs:documentation>
<xs:documentation>Payload must not be accepted if the decryption fails or if the signature does not match the signature generated by the public key of the sender that the receiver has on record.</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:base64Binary">
<xs:attribute name="keyRsa" type="xs:base64Binary">
<xs:annotation>
<xs:documentation>Random AES key is encrypted using the public RSA key of the recipient.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="ivRsa" type="xs:base64Binary">
<xs:annotation>
<xs:documentation>Random Initiation vector is encrypted using the public RSA key of the recipient.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="signRsa" type="xs:base64Binary">
<xs:annotation>
<xs:documentation>Payload signature using the public RSA key of the sender.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:schema>
\ No newline at end of file
<?xml version='1.0' encoding='UTF-8'?>
<xs:schema
xmlns:xs='http://www.w3.org/2001/XMLSchema'
targetNamespace='urn:ieee:iot:p2p:1.0'
xmlns='urn:ieee:iot:p2p:1.0'
elementFormDefault='qualified'>
<!--
Copyright 2017-2018 The Institute of Electrical and Electronics Engineers,
Incorporated (IEEE).
This work is licensed to The Institute of Electrical and Electronics
Engineers, Incorporated (IEEE) under one or more contributor license
agreements.
See the LICENSE.md file distributed with this work for additional
information regarding copyright ownership. Use of this file is
governed by a BSD-style license, the terms of which are as follows:
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
Redistributions of source code must retain the above copyright
notice, this list of conditions, the following disclaimer, and the
NOTICE file.
Redistributions in binary form must reproduce the above copyright
notice, this list of conditions, the following disclaimer in the
documentation and/or other materials provided with the
distribution, and the NOTICE file.
Neither the name of The Institute of Electrical and Electronics
Engineers, Incorporated (IEEE) nor the names of its contributors
may be used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
SPDX-License-Identifier: BSD-3-Clause
Disclaimer: This open source repository contains material that may be
included-in or referenced by an unapproved draft of a proposed IEEE
Standard. All material in this repository is subject to change. The
material in this repository is presented "as is" and with all faults.
Use of the material is at the sole risk of the user. IEEE specifically
disclaims all warranties and representations with respect to all
material contained in this repository and shall not be liable, under
any theory, for any use of the material. Unapproved drafts of proposed
IEEE standards must not be utilized for any conformance/compliance
purposes.
-->
<xs:element name="p2p">
<xs:annotation>
<xs:documentation>Element added to online presence stanza, to inform peers with presence subscription on how to connect directly to the entity using XEP-0174: Serverless Messaging</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attribute name="extIp" type="xs:string" use="required">
<xs:annotation>
<xs:documentation>External IP address, reachable from external networks.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="extPort" type="PortNumber" use="required">
<xs:annotation>
<xs:documentation>External port number, used by external entities to reach the connected application.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="locIp" type="xs:string" use="required">
<xs:annotation>
<xs:documentation>Local IP address, reachable from the local network (by devices having the same external IP address).</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="locPort" type="PortNumber" use="required">
<xs:annotation>
<xs:documentation>Local port number, used on the local network, to reach the connected application.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
</xs:element>
<xs:simpleType name="PortNumber">
<xs:annotation>
<xs:documentation>Represents a port number on the TCP network.</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:nonNegativeInteger">
<xs:maxInclusive value="65535"/>
</xs:restriction>
</xs:simpleType>
</xs:schema>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment