From ae3b13426f44847d98eb379cd209e3e673592563 Mon Sep 17 00:00:00 2001 From: SecAgg Team Date: Sun, 24 May 2026 23:12:16 -0700 Subject: [PATCH] No public description PiperOrigin-RevId: 920784388 --- willow/proto/willow/BUILD | 7 +++--- willow/proto/willow/decryptor.proto | 39 ++++++++++++++++++++++++++++- 2 files changed, 41 insertions(+), 5 deletions(-) diff --git a/willow/proto/willow/BUILD b/willow/proto/willow/BUILD index 33569aa..ec0214d 100644 --- a/willow/proto/willow/BUILD +++ b/willow/proto/willow/BUILD @@ -40,10 +40,6 @@ cc_proto_library( proto_library( name = "aggregation_config_proto", srcs = ["aggregation_config.proto"], - deps = [ - "//willow/proto/shell:shell_ciphertexts_proto", - "//willow/proto/zk:proofs_proto", - ], ) cc_proto_library( @@ -59,6 +55,9 @@ rust_proto_library( proto_library( name = "decryptor_proto", srcs = ["decryptor.proto"], + deps = [ + "@protobuf//:timestamp_proto", + ], ) cc_proto_library( diff --git a/willow/proto/willow/decryptor.proto b/willow/proto/willow/decryptor.proto index ff70c34..c3cc4ad 100644 --- a/willow/proto/willow/decryptor.proto +++ b/willow/proto/willow/decryptor.proto @@ -16,6 +16,8 @@ syntax = "proto3"; package secure_aggregation.willow; +import "google/protobuf/timestamp.proto"; + option java_multiple_files = true; option java_outer_classname = "DecryptorProto"; @@ -23,20 +25,49 @@ message GenerateKeyRequest { // The key ID to use for the generated key. If the key with the given ID // already exists, it will be returned instead. bytes key_id = 1; + + // A permanent session_tag that is shared across all keys mapped to the same + // logical recurring task. To avoid race condition in a potentially costly, + // key generation operation, only one key per session tag can be generated at + // a time. + string session_tag = 2; + + // The timestamp (without timezone information) that indicates when the key + // server innitiated the key generation. This is used to distinguish keys in + // the same series and it is verified to be monotonically increasing. Rolling + // back the clock will be rejected. + google.protobuf.Timestamp created_timestamp = 3; + + // The timestamp (without timezone information) that indicates when the key + // expires. Keys that have expired will not be returned by ListKeys or be + // usable for decryption. + google.protobuf.Timestamp expiration_timestamp = 4; } message GenerateKeyResponse { // The serialized bytes of the public key. bytes public_key = 1; + + // The key_id of the generated key. + bytes key_id = 2; } message DecryptRequest { // The serialized bytes of the message to decrypt. bytes decryption_request = 1; + // The serialized bytes of the public key as returned by GenerateKey. bytes public_key = 2 [deprecated = true]; - // The key ID of the public key that was used in the GenerateKey call. + + // The key ID of the public key that was used in the GenerateKey call. Each + // key can only be used once and will be marked as consumed after successful + // decryption use. bytes key_id = 3; + + // Session tag associated with the key. It is used for diagnostic purposes + // and must match the session tag associated with the key on the Decryptor + // side. + string session_tag = 4; } message DecryptResponse { @@ -46,7 +77,10 @@ message DecryptResponse { // Error status. message Status { + // The error code. int32 code = 1; + + // The error message. string message = 2; } @@ -58,6 +92,7 @@ message DecryptorRequest { // Creates a new key pair for encrypting messages with asymmetric // encryption. GenerateKeyRequest generate_key = 1; + // Decrypts a message encrypted with a generated public key. DecryptRequest decrypt = 2; } @@ -67,8 +102,10 @@ message DecryptorResponse { oneof msg { // Response for GenerateKeyRequest. GenerateKeyResponse generate_key = 1; + // Response for DecryptRequest. DecryptResponse decrypt = 2; + // Error status shared among requests. Status error = 3; }