forked from secure-systems-lab/dsse
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathenvelope.proto
34 lines (28 loc) · 944 Bytes
/
envelope.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
syntax = "proto3";
package io.intoto;
// An authenticated message of arbitrary type.
message Envelope {
// Message to be signed. (In JSON, this is encoded as base64.)
// REQUIRED.
bytes payload = 1;
// String unambiguously identifying how to interpret payload.
// REQUIRED.
string payloadType = 2;
// Signature over:
// le64(2) || le64(len(utf8(payloadType))) || utf8(payloadType) ||
// le64(len(payload)) || payload
// where:
// le64(n) := 64-bit little-endian encoding of integer `n`, 0 <= n < 2^63
// len(s) := number of octets in byte sequence `s`
// utf8(s) := UTF-8 encoding of unicode string `s`
// REQUIRED (length >= 1).
repeated Signature signatures = 3;
}
message Signature {
// Signature itself. (In JSON, this is encoded as base64.)
// REQUIRED.
bytes sig = 1;
// *Unauthenticated* hint identifying which public key was used.
// OPTIONAL.
string keyid = 2;
}