bgpwtf/cccampix/proto: add PGPEncryptor service
Change-Id: I932ce6bf5fdb792eb83945a8e46551f169e51c97
diff --git a/bgpwtf/cccampix/proto/ix.proto b/bgpwtf/cccampix/proto/ix.proto
index 01ddc4f..ce84b48 100644
--- a/bgpwtf/cccampix/proto/ix.proto
+++ b/bgpwtf/cccampix/proto/ix.proto
@@ -81,3 +81,60 @@
// Query returns parsed RPSL data from supported IRRs for a given aut-num.
rpc Query(IRRQueryRequest) returns (IRRQueryResponse);
}
+
+message KeyInfoRequest {
+ // Public key fingerprint. 20 bytes.
+ bytes fingerprint = 1;
+ enum Caching {
+ CACHING_INVALID = 0;
+ // Contact keyservers only if not locally (positively or negatively) cached.
+ CACHING_AUTO = 1;
+ // Force contacting keyservers.
+ CACHING_FORCE_REMOTE = 2;
+ // Force not contacting keyservers.
+ CACHING_FORCE_LOCAL = 3;
+ };
+ Caching caching = 2;
+}
+
+message KeyInfoResponse {
+ // Currently no data is returned. An error will be returned if the key doesn't exist.
+}
+
+message EncryptRequest {
+ // A chunk of plaintext data. Small enough to fit in gRPC message (<<2 MiB).
+ bytes data = 1;
+ enum ChunkInfo {
+ CHUNK_INFO_INVALID = 0;
+ // More data to come after this chunked.
+ CHUNK_INFO_MORE = 1;
+ // Last chunk.
+ CHUNK_LAST = 2;
+ };
+ ChunkInfo info = 2;
+ // Fingerprint of key to encrypt with. Only the first chunk is consulted,
+ // the key in the rest of the chunks are ignored. 20 bytes.
+ bytes fingerprint = 3;
+}
+
+message EncryptResponse {
+ // A chunk of encrypted data. Small enough to fit in gRPC message (<<2 MiB).
+ bytes data = 1;
+ enum ChunkInfo {
+ CHUNK_INFO_INVALID = 0;
+ // More data to come after this chunked.
+ CHUNK_INFO_MORE = 1;
+ // Last chunk.
+ CHUNK_LAST = 2;
+ };
+ ChunkInfo info = 2;
+}
+
+service PGPEncryptor {
+ // KeyInfo returns information about a given key from the public keyserver infrastructure.
+ // If key doesn't exist, error (NotFound).
+ rpc KeyInfo(KeyInfoRequest) returns (KeyInfoResponse);
+ // Encrypt encrypts a given data blob with a given key from public keyserver infrastructure.
+ // If key doesn't exist, error (NotFound).
+ rpc Encrypt(stream EncryptRequest) returns (stream EncryptResponse);
+}