74 lines
3.4 KiB
Protocol Buffer
74 lines
3.4 KiB
Protocol Buffer
// Copyright 2019 The Grafeas Authors. All rights reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
syntax = "proto3";
|
|
|
|
package grafeas.v1;
|
|
|
|
import "grafeas/v1/common.proto";
|
|
|
|
option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
|
|
option java_multiple_files = true;
|
|
option java_package = "io.grafeas.v1";
|
|
option objc_class_prefix = "GRA";
|
|
|
|
// An attestation wrapper with a PGP-compatible signature. This message only
|
|
// supports `ATTACHED` signatures, where the payload that is signed is included
|
|
// alongside the signature itself in the same file.
|
|
|
|
// Note kind that represents a logical attestation "role" or "authority". For
|
|
// example, an organization might have one `Authority` for "QA" and one for
|
|
// "build". This note is intended to act strictly as a grouping mechanism for
|
|
// the attached occurrences (Attestations). This grouping mechanism also
|
|
// provides a security boundary, since IAM ACLs gate the ability for a principle
|
|
// to attach an occurrence to a given note. It also provides a single point of
|
|
// lookup to find all attached attestation occurrences, even if they don't all
|
|
// live in the same project.
|
|
message AttestationNote {
|
|
// This submessage provides human-readable hints about the purpose of the
|
|
// authority. Because the name of a note acts as its resource reference, it is
|
|
// important to disambiguate the canonical name of the Note (which might be a
|
|
// UUID for security purposes) from "readable" names more suitable for debug
|
|
// output. Note that these hints should not be used to look up authorities in
|
|
// security sensitive contexts, such as when looking up attestations to
|
|
// verify.
|
|
message Hint {
|
|
// Required. The human readable name of this attestation authority, for
|
|
// example "qa".
|
|
string human_readable_name = 1;
|
|
}
|
|
|
|
// Hint hints at the purpose of the attestation authority.
|
|
Hint hint = 1;
|
|
}
|
|
|
|
// Occurrence that represents a single "attestation". The authenticity of an
|
|
// attestation can be verified using the attached signature. If the verifier
|
|
// trusts the public key of the signer, then verifying the signature is
|
|
// sufficient to establish trust. In this circumstance, the authority to which
|
|
// this attestation is attached is primarily useful for lookup (how to find
|
|
// this attestation if you already know the authority and artifact to be
|
|
// verified) and intent (for which authority this attestation was intended to
|
|
// sign.
|
|
message AttestationOccurrence {
|
|
// Required. The serialized payload that is verified by one or more
|
|
// `signatures`.
|
|
bytes serialized_payload = 1;
|
|
// One or more signatures over `serialized_payload`. Verifier implementations
|
|
// should consider this attestation message verified if at least one
|
|
// `signature` verifies `serialized_payload`. See `Signature` in common.proto
|
|
// for more details on signature structure and verification.
|
|
repeated Signature signatures = 2;
|
|
}
|