-
Notifications
You must be signed in to change notification settings - Fork 385
/
Copy pathtrillian.proto
77 lines (65 loc) · 2.17 KB
/
trillian.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
syntax = "proto3";
package trillian;
// What goes in here?
// Things which are exposed through the public trillian APIs.
// This defines the way empty / node / leaf hashes are constructed incorporating
// preimage protection, which can be application specific.
enum TreeHasherPreimageType {
// For Certificate transparency leaf hash prefix = 0x00, node prefix = 0x01, empty hash
// is digest([]byte{}) as defined in the specification
RFC_6962_PREIMAGE = 0;
}
// Supported signature algorithms. The numbering space is the same as for TLS,
// given in RFC 5246 s7.4.1.4.1 and at:
// http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
enum SignatureAlgorithm {
ANONYMOUS = 0;
RSA = 1;
ECDSA = 3;
}
// Supported hash algorithms. The numbering space is the same as for TLS,
// given in RFC 5246 s7.4.1.4.1 and at:
// http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
enum HashAlgorithm {
NONE = 0;
SHA256 = 4;
}
// Protocol buffer encoding of the TLS DigitallySigned type, from
// RFC 5246 s4.7.
message DigitallySigned {
SignatureAlgorithm signature_algorithm = 1;
HashAlgorithm hash_algorithm = 2;
bytes signature = 3;
}
message SignedEntryTimestamp {
int64 timestamp_nanos = 1;
int64 log_id = 2;
DigitallySigned signature = 3;
}
// SignedLogRoot represents a commitment by a Log to a particular tree.
message SignedLogRoot {
// epoch nanoseconds, good until 2500ish
int64 timestamp_nanos = 1;
bytes root_hash = 2;
// TreeSize is the number of entries in the tree.
int64 tree_size = 3;
// TODO(al): define serialized format for the signature scheme.
DigitallySigned signature = 4;
int64 log_id = 5;
int64 tree_revision = 6;
}
message MapperMetadata {
bytes source_log_id = 1;
int64 highest_fully_completed_seq = 2;
int64 highest_partially_completed_seq = 3;
}
// SignedMapRoot represents a commitment by a Map to a particular tree.
message SignedMapRoot {
int64 timestamp_nanos = 1;
bytes root_hash = 2;
MapperMetadata metadata = 3;
// TODO(al): define serialized format for the signature scheme.
DigitallySigned signature = 4;
int64 map_id = 5;
int64 map_revision = 6;
}