1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// https://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS-IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package privacy.ppn; 18 19import "quiche/blind_sign_auth/proto/attestation.proto"; 20import "quiche/blind_sign_auth/proto/proxy_layer.proto"; 21import "quiche/blind_sign_auth/proto/public_metadata.proto"; 22import "anonymous_tokens/proto/anonymous_tokens.proto"; 23 24option java_multiple_files = true; 25option java_package = "com.google.privacy.ppn.proto"; 26 27// Request data needed to prepare for AuthAndSign. 28message GetInitialDataRequest { 29 // Whether the client wants to use attestation as part of authentication. 30 bool use_attestation = 1; 31 32 // A string uniquely identifying the strategy this client should be 33 // authenticated with. 34 string service_type = 2; 35 36 enum LocationGranularity { 37 UNKNOWN = 0; 38 COUNTRY = 1; 39 // Geographic area with population greater than 1 million. 40 CITY_GEOS = 2; 41 } 42 // The user selected granularity of exit IP location. 43 LocationGranularity location_granularity = 3; 44 45 // Indicates what validation rules the client uses for public metadata. 46 int64 validation_version = 4; 47 48 // Only set for some service types where multi layer proxies are supported. 49 ProxyLayer proxy_layer = 5; 50} 51 52// Contains data needed to perform blind signing and prepare for calling 53// AuthAndSign. 54message GetInitialDataResponse { 55 reserved 4; 56 57 anonymous_tokens.RSABlindSignaturePublicKey 58 at_public_metadata_public_key = 1; 59 60 // Version will match the validation version in the request. 61 privacy.ppn.PublicMetadataInfo public_metadata_info = 2; 62 63 // Data needed to set up attestation, included if use_attestation is true or 64 // if the service_type input requires it. 65 privacy.ppn.PrepareAttestationData attestation = 3; 66 67 // Data needed to support the privacy pass specification. 68 message PrivacyPassData { 69 bytes token_key_id = 1; 70 bytes public_metadata_extensions = 2; 71 } 72 PrivacyPassData privacy_pass_data = 5; 73} 74