Google Git
Sign in
fuchsia / third_party / tink / refs/heads/upstream/1.5 / . / proto / testing / testing_api.proto
blob: 2cd523cb4ad797733bf039a54b378e7c59eacdc9 [file] [log] [blame]
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package tink_testing_api;
option java_package = "com.google.crypto.tink.proto.testing";
option java_multiple_files = true;
// Service providing metadata about the server.
service Metadata {
// Returns some server information. A test may use this information to verify
// that it is talking to the right server.
rpc GetServerInfo(ServerInfoRequest) returns (ServerInfoResponse) {}
}
message ServerInfoRequest {}
message ServerInfoResponse {
string tink_version = 1; // For example '1.4'
string language = 2; // For example 'cc', 'java', 'go' or 'python'.
}
// Service for Keyset operations.
service Keyset {
// Generates a new keyset from a template.
rpc Generate(KeysetGenerateRequest) returns (KeysetGenerateResponse) {}
// Generates a public-key keyset from a private-key keyset.
rpc Public(KeysetPublicRequest) returns (KeysetPublicResponse) {}
// Converts a Keyset from Binary to Json Format
rpc ToJson(KeysetToJsonRequest) returns (KeysetToJsonResponse) {}
// Converts a Keyset from Json to Binary Format
rpc FromJson(KeysetFromJsonRequest) returns (KeysetFromJsonResponse) {}
}
message KeysetGenerateRequest {
bytes template = 1; // serialized google.crypto.tink.KeyTemplate.
}
message KeysetGenerateResponse {
oneof result {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
string err = 2;
}
}
message KeysetPublicRequest {
bytes private_keyset = 1; // serialized google.crypto.tink.Keyset.
}
message KeysetPublicResponse {
oneof result {
bytes public_keyset = 1; // serialized google.crypto.tink.Keyset.
string err = 2;
}
}
message KeysetToJsonRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
}
message KeysetToJsonResponse {
oneof result {
string json_keyset = 1;
string err = 2;
}
}
message KeysetFromJsonRequest {
string json_keyset = 1;
}
message KeysetFromJsonResponse {
oneof result {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
string err = 2;
}
}
// Service for AEAD encryption and decryption
service Aead {
// Encrypts a plaintext with the provided keyset
rpc Encrypt(AeadEncryptRequest) returns (AeadEncryptResponse) {}
// Decrypts a ciphertext with the provided keyset
rpc Decrypt(AeadDecryptRequest) returns (AeadDecryptResponse) {}
}
message AeadEncryptRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes plaintext = 2;
bytes associated_data = 3;
}
message AeadEncryptResponse {
oneof result {
bytes ciphertext = 1;
string err = 2;
}
}
message AeadDecryptRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes ciphertext = 2;
bytes associated_data = 3;
}
message AeadDecryptResponse {
oneof result {
bytes plaintext = 1;
string err = 2;
}
}
// Service for Deterministic AEAD encryption and decryption
service DeterministicAead {
// Encrypts a plaintext with the provided keyset
rpc EncryptDeterministically(DeterministicAeadEncryptRequest)
returns (DeterministicAeadEncryptResponse) {}
// Decrypts a ciphertext with the provided keyset
rpc DecryptDeterministically(DeterministicAeadDecryptRequest)
returns (DeterministicAeadDecryptResponse) {
}
}
message DeterministicAeadEncryptRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes plaintext = 2;
bytes associated_data = 3;
}
message DeterministicAeadEncryptResponse {
oneof result {
bytes ciphertext = 1;
string err = 2;
}
}
message DeterministicAeadDecryptRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes ciphertext = 2;
bytes associated_data = 3;
}
message DeterministicAeadDecryptResponse {
oneof result {
bytes plaintext = 1;
string err = 2;
}
}
// Service for Streaming AEAD encryption and decryption
service StreamingAead {
// Encrypts a plaintext with the provided keyset
rpc Encrypt(StreamingAeadEncryptRequest)
returns (StreamingAeadEncryptResponse) {}
// Decrypts a ciphertext with the provided keyset
rpc Decrypt(StreamingAeadDecryptRequest)
returns (StreamingAeadDecryptResponse) {}
}
message StreamingAeadEncryptRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes plaintext = 2;
bytes associated_data = 3;
}
message StreamingAeadEncryptResponse {
oneof result {
bytes ciphertext = 1;
string err = 2;
}
}
message StreamingAeadDecryptRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes ciphertext = 2;
bytes associated_data = 3;
}
message StreamingAeadDecryptResponse {
oneof result {
bytes plaintext = 1;
string err = 2;
}
}
// Service to compute and verify MACs
service Mac {
// Computes a MAC for given data
rpc ComputeMac(ComputeMacRequest) returns (ComputeMacResponse) {}
// Verifies the validity of the MAC value, no error means success
rpc VerifyMac(VerifyMacRequest) returns (VerifyMacResponse) {}
}
message ComputeMacRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes data = 2;
}
message ComputeMacResponse {
oneof result {
bytes mac_value = 1;
string err = 2;
}
}
message VerifyMacRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
bytes mac_value = 2;
bytes data = 3;
}
message VerifyMacResponse {
string err = 1;
}
// Service to hybrid encrypt and decrypt
service Hybrid {
// Encrypts plaintext binding context_info to the resulting ciphertext
rpc Encrypt(HybridEncryptRequest) returns (HybridEncryptResponse) {}
// Decrypts ciphertext verifying the integrity of context_info
rpc Decrypt(HybridDecryptRequest) returns (HybridDecryptResponse) {}
}
message HybridEncryptRequest {
bytes public_keyset = 1; // serialized google.crypto.tink.Keyset.
bytes plaintext = 2;
bytes context_info = 3;
}
message HybridEncryptResponse {
oneof result {
bytes ciphertext = 1;
string err = 2;
}
}
message HybridDecryptRequest {
bytes private_keyset = 1; // serialized google.crypto.tink.Keyset.
bytes ciphertext = 2;
bytes context_info = 3;
}
message HybridDecryptResponse {
oneof result {
bytes plaintext = 1;
string err = 2;
}
}
// Service to sign and verify signatures.
service Signature {
// Computes the signature for data
rpc Sign(SignatureSignRequest) returns (SignatureSignResponse) {}
// Verifies that signature is a digital signature for data
rpc Verify(SignatureVerifyRequest) returns (SignatureVerifyResponse) {}
}
message SignatureSignRequest {
bytes private_keyset = 1; // serialized google.crypto.tink.Keyset.
bytes data = 2;
}
message SignatureSignResponse {
oneof result {
bytes signature = 1;
string err = 2;
}
}
message SignatureVerifyRequest {
bytes public_keyset = 1; // serialized google.crypto.tink.Keyset.
bytes signature = 2;
bytes data = 3;
}
message SignatureVerifyResponse {
string err = 1;
}
// Service for PrfSet computation
service PrfSet {
// Returns the key ids and the primary key id in the keyset.
rpc KeyIds(PrfSetKeyIdsRequest) returns (PrfSetKeyIdsResponse) {}
// Computes the output of the PRF with the given key_id in the PrfSet.
rpc Compute(PrfSetComputeRequest) returns (PrfSetComputeResponse) {}
}
message PrfSetKeyIdsRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
}
message PrfSetKeyIdsResponse {
message Output {
uint32 primary_key_id = 1;
repeated uint32 key_id = 2;
}
oneof result {
Output output = 1;
string err = 2;
}
}
message PrfSetComputeRequest {
bytes keyset = 1; // serialized google.crypto.tink.Keyset.
uint32 key_id = 2;
bytes input_data = 3;
int32 output_length = 4;
}
message PrfSetComputeResponse {
oneof result {
bytes output = 1;
string err = 2;
}
}