diff --git a/internal/pb/export/export.proto b/internal/pb/export/export.proto index 46bcfa27a..59a7cdcc1 100644 --- a/internal/pb/export/export.proto +++ b/internal/pb/export/export.proto @@ -41,13 +41,21 @@ message TemporaryExposureKeyExport { // Information about signatures repeated SignatureInfo signature_infos = 6; - // The TemporaryExposureKeys themselves + // The TemporaryExposureKeys for initial release of keys. + // Keys should be included in this list for initial release, + // whereas revised or revoked keys should go in revised_keys. repeated TemporaryExposureKey keys = 7; + + // TemporaryExposureKeys that have changed status. + // Keys should be included in this list if they have changed status + // or have been revoked. + repeated TemporaryExposureKey revised_keys = 8; } message SignatureInfo { - // No longer need to set these. Old code that still does will be fine - // as these were largely noops anyway. + // These fields are no longer needed (confirmed with Apple) + // Apple read bundle id from an app's metadata, and we were + // always using calling app package. It's not needed in the file. reserved 1, 2; reserved "app_bundle_id", "android_package"; // Key version for rollovers @@ -55,7 +63,8 @@ message SignatureInfo { optional string verification_key_version = 3; // Alias with which to identify public key to be used for verification // Must be in character class [a-zA-Z0-9_] - // For cross-compatibility with Apple, use MCC (https://en.wikipedia.org/wiki/Mobile_country_code) + // For cross-compatibility with Apple, use MCC + // (https://en.wikipedia.org/wiki/Mobile_country_code). optional string verification_key_id = 4; // ASN.1 OID for Algorithm Identifier. Supported algorithms are // either 1.2.840.10045.4.3.2 or 1.2.840.10045.4.3.4 @@ -64,17 +73,35 @@ message SignatureInfo { message TemporaryExposureKey { // Key of infected user - optional bytes key_data = 1; + optional bytes key_data = 1 + [(nanopb).type = FT_STATIC, (nanopb).max_size = 16]; // Varying risks associated with exposure depending on type of verification - optional int32 transmission_risk_level = 2; + // Ignored by the v1.5 API when report_type is set. + optional int32 transmission_risk_level = 2 [deprecated = true]; // The interval number since epoch for which a key starts optional int32 rolling_start_interval_number = 3; // Increments of 10 minutes describing how long a key is valid - optional int32 rolling_period = 4 - [default = 144]; // defaults to 24 hours + optional int32 rolling_period = 4 [default = 144]; // defaults to 24 hours + + // Data type representing why this key was published. + enum ReportType { + UNKNOWN = 0; // Never returned by the API. + CONFIRMED_TEST = 1; + CONFIRMED_CLINICAL_DIAGNOSIS = 2; + SELF_REPORT = 3; + RECURSIVE = 4; + REVOKED = 5; // Used to revoke a key, never returned by API. + } + + // Type of diagnosis associated with a key. + optional ReportType report_type = 5; + + // Number of days elapsed between symptom onset and the TEK being used. + // E.g. 2 means TEK is 2 days after onset of symptoms. + optional sint32 days_since_onset_of_symptoms = 6; } message TEKSignatureList { @@ -82,9 +109,12 @@ message TEKSignatureList { } message TEKSignature { - // Info about the signing key, version, algorithm, etc + // Info about the signing key, version, algorithm, etc. Only the + // verification_key_id, verification_key_version, and + // signature_algorithm fields within signature_info are read. optional SignatureInfo signature_info = 1; - // E.g., Batch 2 of 10 + // E.g., Batch 2 of 10 - these fields are ignored on android in favor of the + // batch fields within TemporaryExposureKeyExport optional int32 batch_num = 2; optional int32 batch_size = 3; // Signature in X9.62 format (ASN.1 SEQUENCE of two INTEGER fields)