diff --git a/src/main/proto/wfa/measurement/api/v2alpha/BUILD.bazel b/src/main/proto/wfa/measurement/api/v2alpha/BUILD.bazel index fca4085bc..8a0a1248f 100644 --- a/src/main/proto/wfa/measurement/api/v2alpha/BUILD.bazel +++ b/src/main/proto/wfa/measurement/api/v2alpha/BUILD.bazel @@ -65,6 +65,7 @@ proto_library( ":protocol_config_proto", "@com_google_googleapis//google/api:field_behavior_proto", "@com_google_googleapis//google/api:resource_proto", + "@com_google_protobuf//:any_proto", ], ) diff --git a/src/main/proto/wfa/measurement/api/v2alpha/event_group.proto b/src/main/proto/wfa/measurement/api/v2alpha/event_group.proto index 9d07fdfd5..01e16c6af 100644 --- a/src/main/proto/wfa/measurement/api/v2alpha/event_group.proto +++ b/src/main/proto/wfa/measurement/api/v2alpha/event_group.proto @@ -37,7 +37,7 @@ message EventGroup { plural: "eventGroups" }; - reserved 8; + reserved 3, 4, 8; // Resource name. // @@ -53,23 +53,6 @@ message EventGroup { (google.api.field_behavior) = IMMUTABLE ]; - // Resource name of the `Certificate` belonging to `measurement_consumer`. - // Must be set if `measurement_consumer_public_key` is set. - string measurement_consumer_certificate = 3 - [(google.api.resource_reference).type = "halo.wfanet.org/Certificate"]; - - // Pre-shared serialized `EncryptionPublicKey`, which can be verified using - // `measurement_consumer_certificate`. Must be set if `encrypted_metadata` is - // set. - // - // The version of the `EncryptionPublicKey` message must match the API version - // used to last update this resource. - // - // (-- TODO(@SanjayVas): Include the `message` directly rather than - // wrapping it in a `SignedMessage`. The signature is not needed here, as - // the `DataProvider` should have already verified it. --) - SignedMessage measurement_consumer_public_key = 4; - // ID referencing the `EventGroup` in an external system, provided by the // `DataProvider`. string event_group_reference_id = 5; @@ -114,6 +97,13 @@ message EventGroup { // to last update this resource. EncryptedMessage encrypted_metadata = 10; + // Pre-shared packed `EncryptionPublicKey` Must be set if `encrypted_metadata` + // is set. + // + // The version of the `EncryptionPublicKey` message must match the API version + // used to last update this resource. + google.protobuf.Any measurement_consumer_public_key = 12; + // Possible states of Event Group. enum State { // The default value if state is omitted. Should not be used diff --git a/src/main/proto/wfa/measurement/api/v2alpha/measurement.proto b/src/main/proto/wfa/measurement/api/v2alpha/measurement.proto index e6eddd141..1948eafc5 100644 --- a/src/main/proto/wfa/measurement/api/v2alpha/measurement.proto +++ b/src/main/proto/wfa/measurement/api/v2alpha/measurement.proto @@ -18,6 +18,7 @@ package wfa.measurement.api.v2alpha; import "google/api/field_behavior.proto"; import "google/api/resource.proto"; +import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "wfa/measurement/api/v2alpha/crypto.proto"; import "wfa/measurement/api/v2alpha/direct_computation.proto"; @@ -68,24 +69,24 @@ message Measurement { // Value of a map entry. message Value { - reserved 3; + reserved 2, 3; // Resource name of the `Certificate` belonging to `data_provider`. + // + // (-- + // TODO(world-federation-of-advertisers/cross-media-measurement-api#188): + // Remove this once the certificate is always specified in + // `FulfillDirectRequisitionRequest`. --) string data_provider_certificate = 1 [ (google.api.resource_reference).type = "halo.wfanet.org/Certificate", (google.api.field_behavior) = REQUIRED ]; - // Pre-shared serialized `EncryptionPublicKey`, which can be verified - // using `data_provider_certificate`. + // Pre-shared packed `EncryptionPublicKey`. // // The version of the `EncryptionPublicKey` message type must correspond // to the API version that this resource was created in. - // - // (-- TODO(@SanjayVas): Include the `message` directly rather than - // wrapping it in a `SignedMessage`. The signature is not needed here, as - // the `MeasurementConsumer` should have already verified it. --) - SignedMessage data_provider_public_key = 2 + google.protobuf.Any data_provider_public_key = 6 [(google.api.field_behavior) = REQUIRED]; // Encrypted `SignedMessage` containing the serialized `RequisitionSpec` diff --git a/src/main/proto/wfa/measurement/api/v2alpha/requisition.proto b/src/main/proto/wfa/measurement/api/v2alpha/requisition.proto index 458309836..794fab47d 100644 --- a/src/main/proto/wfa/measurement/api/v2alpha/requisition.proto +++ b/src/main/proto/wfa/measurement/api/v2alpha/requisition.proto @@ -18,6 +18,7 @@ package wfa.measurement.api.v2alpha; import "google/api/field_behavior.proto"; import "google/api/resource.proto"; +import "google/protobuf/any.proto"; import "wfa/measurement/api/v2alpha/crypto.proto"; import "wfa/measurement/api/v2alpha/measurement.proto"; import "wfa/measurement/api/v2alpha/protocol_config.proto"; @@ -75,6 +76,11 @@ message Requisition { // Denormalized `data_provider_certificate` field from the corresponding // `DataProviderEntry` in `measurement`. + // + // (-- + // TODO(world-federation-of-advertisers/cross-media-measurement-api#188): + // Remove this once the certificate is always specified in + // `FulfillDirectRequisitionRequest`. --) string data_provider_certificate = 6 [ (google.api.resource_reference).type = "halo.wfanet.org/Certificate", (google.api.field_behavior) = OUTPUT_ONLY, @@ -83,11 +89,19 @@ message Requisition { // Denormalized `data_provider_public_key` field from the corresponding // `DataProviderEntry` in `measurement`. - SignedMessage data_provider_public_key = 7 [ + google.protobuf.Any data_provider_public_key = 15 [ (google.api.field_behavior) = OUTPUT_ONLY, (google.api.field_behavior) = IMMUTABLE ]; + // Denormalized `data_provider_public_key` field with signature from the + // corresponding `DataProviderEntry` in `measurement`. + // + // Deprecated: The `Measurement` may not have signature for this key. Use + // `data_provider_public_key` instead. + SignedMessage signed_data_provider_public_key = 7 + [(google.api.field_behavior) = OUTPUT_ONLY, deprecated = true]; + // Denormalized `encrypted_requisition_spec` field from the corresponding // `DataProviderEntry` in `measurement`. EncryptedMessage encrypted_requisition_spec = 14 [