-
Notifications
You must be signed in to change notification settings - Fork 11
/
adscert.proto
95 lines (82 loc) · 3.44 KB
/
adscert.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
syntax = "proto3";
package api;
option go_package = "github.com/IABTechLab/adscert/pkg/adscert/api";
// RequestInfo conveys the basic parameters required for an authenticated
// connections signing or verify operation.
message RequestInfo {
string invoking_domain = 1;
bytes url_hash = 2;
bytes body_hash = 3;
repeated SignatureInfo signature_info = 4;
}
// SignatureInfo captures the signature generated for the signing request. It
// also provides structured metadata about the signature operation, useful in
// the integrating application for diagnostics.
message SignatureInfo {
string signature_message = 1;
string signing_status = 2;
string from_domain = 3;
string from_key = 4;
string invoking_domain = 5;
string to_domain = 6;
string to_key = 7;
}
// RequestVerificationInfo captures the result of a verifying operation against
// the signatures of a request.
message RequestVerificationInfo {
repeated SignatureDecodeStatus signature_decode_status = 1;
}
// AuthenticatedConnectionSignatureRequest contains the parameters for a signing
// request.
message AuthenticatedConnectionSignatureRequest {
RequestInfo request_info = 1;
string timestamp = 2;
string nonce = 3;
}
// AuthenticatedConnectionSignatureResponse contains the results of a signing
// request, including any signature and relevant metadata. Multiple signatures
// can technically be present according to the specification.
message AuthenticatedConnectionSignatureResponse {
SignatureOperationStatus signature_operation_status = 1;
RequestInfo request_info = 2;
}
// AuthenticatedConnectionVerificationRequest contains a request for verifying
// signatures generated by another party.
message AuthenticatedConnectionVerificationRequest {
repeated RequestInfo request_info = 1;
}
// AuthenticatedConnectionVerificationResponse contains the results of verifying
// signatures.
message AuthenticatedConnectionVerificationResponse {
VerificationOperationStatus verification_operation_status = 1;
repeated RequestVerificationInfo verification_info = 2;
}
enum SignatureDecodeStatus {
SIGNATURE_DECODE_STATUS_UNDEFINED = 0;
SIGNATURE_DECODE_STATUS_BODY_AND_URL_VALID = 1;
SIGNATURE_DECODE_STATUS_BODY_VALID = 2;
SIGNATURE_DECODE_STATUS_INVALID_SIGNATURE = 3;
SIGNATURE_DECODE_STATUS_SIGNATURE_NOT_PRESENT = 4;
SIGNATURE_DECODE_STATUS_SIGNATURE_MALFORMED = 5;
SIGNATURE_DECODE_STATUS_UNRELATED_SIGNATURE = 6;
SIGNATURE_DECODE_STATUS_COUNTERPARTY_LOOKUP_ERROR = 7;
SIGNATURE_DECODE_STATUS_NO_SHARED_SECRET_AVAILABLE = 8;
}
enum SignatureOperationStatus {
SIGNATURE_OPERATION_STATUS_UNDEFINED = 0;
SIGNATURE_OPERATION_STATUS_OK = 1;
SIGNATURE_OPERATION_STATUS_SIGNATORY_DEACTIVATED = 2;
SIGNATURE_OPERATION_STATUS_SIGNATORY_INTERNAL_ERROR = 3;
SIGNATURE_OPERATION_STATUS_MALFORMED_REQUEST = 4;
}
enum VerificationOperationStatus {
VERIFICATION_OPERATION_STATUS_UNDEFINED = 0;
VERIFICATION_OPERATION_STATUS_OK = 1;
VERIFICATION_OPERATION_STATUS_SIGNATORY_DEACTIVATED = 2;
VERIFICATION_OPERATION_STATUS_SIGNATORY_INTERNAL_ERROR = 3;
VERIFICATION_OPERATION_STATUS_MALFORMED_REQUEST = 4;
}
service AdsCertSignatory {
rpc SignAuthenticatedConnection(AuthenticatedConnectionSignatureRequest) returns (AuthenticatedConnectionSignatureResponse) {}
rpc VerifyAuthenticatedConnection(AuthenticatedConnectionVerificationRequest) returns (AuthenticatedConnectionVerificationResponse) {}
}