Google Git
Sign in
quiche / quiche / d3a29d6b1954abc7487d66bfccb492f152d17027^! / .
commitd3a29d6b1954abc7487d66bfccb492f152d17027[log] [tgz]
authorQUICHE team <quiche-dev@google.com>Mon Jun 05 14:14:12 2023 -0700
committerCopybara-Service <copybara-worker@google.com>Mon Jun 05 14:15:28 2023 -0700
tree078d859d9141f4a33a25e76a9a0ebcde2528205e
parentf0cc8dd5c89d7c7fa55401f62d9623a6136cc631 [diff]
Update phosphor and token spend apis to expose and accept binary public metadata

PiperOrigin-RevId: 537978580

diff --git a/quiche/blind_sign_auth/proto/auth_and_sign.proto b/quiche/blind_sign_auth/proto/auth_and_sign.proto
index 38f82d1..7089dfb 100644
--- a/quiche/blind_sign_auth/proto/auth_and_sign.proto
+++ b/quiche/blind_sign_auth/proto/auth_and_sign.proto

@@ -21,7 +21,7 @@
 import "quiche/blind_sign_auth/proto/public_metadata.proto";
 
 // Client is requesting to auth using the provided auth token.
-// Next ID: 9
+// Next ID: 14
 message AuthAndSignRequest {
   reserved 3;
 
@@ -56,6 +56,9 @@
   // Indicates which key to use for signing. Only set if key type is
   // PUBLIC_METADATA.
   int64 key_version = 12 ;
+
+  // Only set one of this or public_metadata_info.
+  bytes binary_public_metadata = 13 ;
 }
 
 message AuthAndSignResponse {

diff --git a/quiche/blind_sign_auth/proto/get_initial_data.proto b/quiche/blind_sign_auth/proto/get_initial_data.proto
index bd6cc34..bcbd834 100644
--- a/quiche/blind_sign_auth/proto/get_initial_data.proto
+++ b/quiche/blind_sign_auth/proto/get_initial_data.proto

@@ -51,11 +51,14 @@
   private_membership.anonymous_tokens.RSABlindSignaturePublicKey
       at_public_metadata_public_key = 1;
 
-  // Metadata to associate with the token. Version will match the validation
-  // version in the request.
+  // Version will match the validation version in the request.
   privacy.ppn.PublicMetadataInfo public_metadata_info = 2;
 
   // Data needed to set up attestation, included if use_attestation is true or
   // if the service_type input requires it.
   privacy.ppn.PrepareAttestationData attestation = 3;
+
+  // General public metadata. Use metadata deserializer to inspect. Only set one
+  // of this or public_metadata_info.
+  bytes binary_public_metadata = 4 ;
 }

diff --git a/quiche/blind_sign_auth/proto/spend_token_data.proto b/quiche/blind_sign_auth/proto/spend_token_data.proto
index 68c2e6c..0fbca27 100644
--- a/quiche/blind_sign_auth/proto/spend_token_data.proto
+++ b/quiche/blind_sign_auth/proto/spend_token_data.proto

@@ -35,4 +35,7 @@
   private_membership.anonymous_tokens.AnonymousTokensUseCase use_case = 5;
   // Nonce used to mask plaintext message before cryptographic verification.
   bytes message_mask = 6;
+  // General public metadata. Use deserializer to inspect. Only set one of this
+  // or public_metadata.
+  bytes binary_public_metadata = 7;
 }