bgpwtf/cccampix/proto: add PGPEncryptor service

Change-Id: I932ce6bf5fdb792eb83945a8e46551f169e51c97
2025-03-21 13:44:53 +00:00 · 2019-07-23 00:53:50 +02:00 · 2019-07-23 00:53:50 +02:00 · 0e223ec77f
commit 0e223ec77f
parent d07861b7df
1 changed files with 57 additions and 0 deletions
--- a/bgpwtf/cccampix/proto/ix.proto
+++ b/bgpwtf/cccampix/proto/ix.proto
@ -81,3 +81,60 @@ service IRR {
    // Query returns parsed RPSL data from supported IRRs for a given aut-num.
    rpc Query(IRRQueryRequest) returns (IRRQueryResponse);
 }
+
+message KeyInfoRequest {
+    // Public key fingerprint. 20 bytes.
+    bytes fingerprint = 1;
+    enum Caching {
+        CACHING_INVALID = 0;
+        // Contact keyservers only if not locally (positively or negatively) cached.
+        CACHING_AUTO = 1;
+        // Force contacting keyservers.
+        CACHING_FORCE_REMOTE = 2;
+        // Force not contacting keyservers.
+        CACHING_FORCE_LOCAL = 3;
+    };
+    Caching caching = 2;
+}
+
+message KeyInfoResponse {
+    // Currently no data is returned. An error will be returned if the key doesn't exist.
+}
+
+message EncryptRequest {
+    // A chunk of plaintext data. Small enough to fit in gRPC message (<<2 MiB).
+    bytes data = 1;
+    enum ChunkInfo {
+        CHUNK_INFO_INVALID = 0;
+        // More data to come after this chunked.
+        CHUNK_INFO_MORE = 1;
+        // Last chunk.
+        CHUNK_LAST = 2;
+    };
+    ChunkInfo info = 2;
+    // Fingerprint of key to encrypt with. Only the first chunk is consulted,
+    // the key in the rest of the chunks are ignored. 20 bytes.
+    bytes fingerprint = 3;
+}
+
+message EncryptResponse {
+    // A chunk of encrypted data. Small enough to fit in gRPC message (<<2 MiB).
+    bytes data = 1;
+    enum ChunkInfo {
+        CHUNK_INFO_INVALID = 0;
+        // More data to come after this chunked.
+        CHUNK_INFO_MORE = 1;
+        // Last chunk.
+        CHUNK_LAST = 2;
+    };
+    ChunkInfo info = 2;
+}
+
+service PGPEncryptor {
+    // KeyInfo returns information about a given key from the public keyserver infrastructure.
+    // If key doesn't exist, error (NotFound).
+    rpc KeyInfo(KeyInfoRequest) returns (KeyInfoResponse);
+    // Encrypt encrypts a given data blob with a given key from public keyserver infrastructure.
+    // If key doesn't exist, error (NotFound).
+    rpc Encrypt(stream EncryptRequest) returns (stream EncryptResponse);
+}