Merge pull request #24 from MarkLodato/protobuf

adityasaky · web-flow · commit 2f22dc43c9b8 · 2021-04-06T17:03:39.000Z
Create a protobuf schema.
diff --git a/envelope.md b/envelope.md
@@ -10,6 +10,9 @@ signatures, which we call the "JSON Envelope". For the protocol/algorithm, see
 
 ## Standard JSON envelope
 
+See [envelope.proto](envelope.proto) for a formal schema. (Protobuf is used only
+to define the schema. JSON is the only recommended encoding.)
+
 The standard data structure for storing a signed message is a JSON message of
 the following form, called the "JSON envelope":
 
diff --git a/envelope.proto b/envelope.proto
@@ -0,0 +1,34 @@
+syntax = "proto3";
+
+package io.intoto;
+
+// An authenticated message of arbitrary type.
+message Envelope {
+  // Message to be signed. (In JSON, this is encoded as base64.)
+  // REQUIRED.
+  bytes payload = 1;
+
+  // String unambiguously identifying how to interpret payload.
+  // REQUIRED.
+  string payloadType = 2;
+
+  // Signature over:
+  //     le64(2) || le64(len(utf8(payloadType))) || utf8(payloadType) ||
+  //         le64(len(payload)) || payload
+  // where:
+  //     le64(n) := 64-bit little-endian encoding of integer `n`, 0 <= n < 2^63
+  //     len(s) := number of octets in byte sequence `s`
+  //     utf8(s) := UTF-8 encoding of unicode string `s`
+  // REQUIRED (length >= 1).
+  repeated Signature signatures = 3;
+}
+
+message Signature {
+  // Signature itself. (In JSON, this is encoded as base64.)
+  // REQUIRED.
+  bytes sig = 1;
+
+  // *Unauthenticated* hint identifying which public key was used.
+  // OPTIONAL.
+  string keyid = 2;
+}
