Implement end-to-end app payload encryption.

This implements end-to-end encryption between the end-device and
end-application. The encrypted AppSKey or SessionKeyID is forwarded to
the end-application which should be able to decrypt or request the
AppSKey to decrypt the uplink payload. As well the end-application will
be able to enqueue encrypted application payloads.

Using this mechanism, ChirpStack will never have access to the uplink
and downlink application-payloads.

api/python/proto/chirpstack-api/api/device.proto

@@ -165,6 +165,17 @@ service DeviceService {
       get : "/api/devices/{dev_eui}/queue"
     };
   }
+
+  // GetNextFCntDown returns the next FCntDown to use for enqueing encrypted
+  // downlinks. The difference with the DeviceActivation f_cont_down is that
+  // this method takes potential existing queue-items into account.
+  rpc GetNextFCntDown(GetDeviceNextFCntDownRequest)
+      returns (GetDeviceNextFCntDownResponse) {
+    option (google.api.http) = {
+      post : "/api/devices/{dev_eui}/get-next-f-cnt-down"
+      body : "*"
+    };
+  }
 }
 
 message Device {
@@ -504,12 +515,20 @@ message DeviceQueueItem {
   google.protobuf.Struct object = 6;
 
   // Is pending.
-  // This is set to true when the downlink is pending.
+  // This is set by ChirpStack to true when the downlink is pending (e.g. it
+  // has been sent, but a confirmation is still pending).
   bool is_pending = 7;
 
   // Downlink frame-counter.
-  // This is set when the payload has been sent as downlink.
+  // Do not set this for plain-text data payloads. It will be automatically set
+  // by ChirpStack when the payload has been sent as downlink.
   uint32 f_cnt_down = 8;
+
+  // Is encrypted.
+  // This must be set to true if the end-application has already encrypted
+  // the data payload. In this case, the f_cnt_down field must be set to
+  // the corresponding frame-counter which has been used during the encryption.
+  bool is_encrypted = 9;
 }
 
 message EnqueueDeviceQueueItemRequest { DeviceQueueItem queue_item = 1; }
@@ -544,3 +563,13 @@ message FlushDevNoncesRequest {
   // Device EUI (EUI64).
   string dev_eui = 1;
 }
+
+message GetDeviceNextFCntDownRequest {
+  // Device EUI (EUI64).
+  string dev_eui = 1;
+}
+
+message GetDeviceNextFCntDownResponse {
+  // FCntDown.
+  uint32 f_cnt_down = 1;
+}

api/python/proto/chirpstack-api/integration/integration.proto

@@ -55,6 +55,9 @@ enum LogCode {
 
   // Relay new end-device.
   RELAY_NEW_END_DEVICE = 9;
+
+  // Downlink frame-counter.
+  F_CNT_DOWN = 10;
 }
 
 // Device information.
@@ -111,6 +114,15 @@ message UplinkRelayRxInfo {
   uint32 wor_channel = 6;
 }
 
+// Join-Server context.
+message JoinServerContext {
+  // Session-key ID.
+  string session_key_id = 1;
+
+  // AppSKey envelope.
+  common.KeyEnvelope app_s_key = 2;
+}
+
 // UplinkEvent is the message sent when an uplink payload has been received.
 message UplinkEvent {
   // Deduplication ID (UUID).
@@ -155,6 +167,12 @@ message UplinkEvent {
 
   // Relay info.
   UplinkRelayRxInfo relay_rx_info = 14;
+
+  // Join-Server context.
+  // A non-empty value indicatest that ChirpStack does not have access to
+  // the AppSKey and that the encryption / decryption of the payloads is
+  // the responsibility of the end-application.
+  JoinServerContext join_server_context = 15;
 }
 
 // JoinEvent is the message sent when a device joined the network.
@@ -174,6 +192,12 @@ message JoinEvent {
 
   // Relay info.
   UplinkRelayRxInfo relay_rx_info = 5;
+
+  // Join-Server context.
+  // A non-empty value indicatest that ChirpStack does not have access to
+  // the AppSKey and that the encryption / decryption of the payloads is
+  // the responsibility of the end-application.
+  JoinServerContext join_server_context = 6;
 }
 
 // AckEvent is the message sent when a confirmation on a confirmed downlink

api/python/proto/chirpstack-api/internal/internal.proto

@@ -31,6 +31,9 @@ message DeviceSession {
   // AppSKey envelope.
   common.KeyEnvelope app_s_key = 8;
 
+  // JS Session Key ID.
+  bytes js_session_key_id = 42;
+
   // Uplink frame-counter.
   uint32 f_cnt_up = 9;