1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// https://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS-IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package privacy.ppn; 18 19import "quiche/blind_sign_auth/proto/attestation.proto"; 20import "quiche/blind_sign_auth/proto/proxy_layer.proto"; 21import "quiche/blind_sign_auth/proto/public_metadata.proto"; 22import "anonymous_tokens/proto/anonymous_tokens.proto"; 23 24option java_multiple_files = true; 25 26// Request data needed to prepare for AuthAndSign. 27message GetInitialDataRequest { 28 // Whether the client wants to use attestation as part of authentication. 29 bool use_attestation = 1; 30 31 // A string uniquely identifying the strategy this client should be 32 // authenticated with. 33 string service_type = 2; 34 35 enum LocationGranularity { 36 UNKNOWN = 0; 37 COUNTRY = 1; 38 // Geographic area with population greater than 1 million. 39 CITY_GEOS = 2; 40 } 41 // The user selected granularity of exit IP location. 42 LocationGranularity location_granularity = 3; 43 44 // Indicates what validation rules the client uses for public metadata. 45 int64 validation_version = 4; 46 47 // Only set for some service types where multi layer proxies are supported. 48 ProxyLayer proxy_layer = 5; 49} 50 51// Contains data needed to perform blind signing and prepare for calling 52// AuthAndSign. 53message GetInitialDataResponse { 54 reserved 4; 55 56 anonymous_tokens.RSABlindSignaturePublicKey 57 at_public_metadata_public_key = 1; 58 59 // Version will match the validation version in the request. 60 privacy.ppn.PublicMetadataInfo public_metadata_info = 2; 61 62 // Data needed to set up attestation, included if use_attestation is true or 63 // if the service_type input requires it. 64 privacy.ppn.PrepareAttestationData attestation = 3; 65 66 // Data needed to support the privacy pass specification. 67 message PrivacyPassData { 68 bytes token_key_id = 1; 69 bytes public_metadata_extensions = 2; 70 } 71 PrivacyPassData privacy_pass_data = 5; 72} 73