From 51892bcaf29f0b18ab7044e17f4bf1ea9903c4ae Mon Sep 17 00:00:00 2001 From: Dennis Neufeld Date: Sun, 13 Oct 2019 20:35:08 +0200 Subject: Modified anastasis.rst to remove rst warnings --- anastasis.rst | 61 +++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 36 insertions(+), 25 deletions(-) (limited to 'anastasis.rst') diff --git a/anastasis.rst b/anastasis.rst index f20433be..a40aabbd 100644 --- a/anastasis.rst +++ b/anastasis.rst @@ -356,7 +356,8 @@ Obtain salt **Response:** Returns a `SaltResponse`_. - + + .. _SaltResponse: .. ts:def:: SaltResponse interface SaltResponse { @@ -378,6 +379,7 @@ Receiving Terms of Service Returns a `EscrowTermsOfServiceResponse`_. + .. _EscrowTermsOfServiceResponse: .. ts:def:: EscrowTermsOfServiceResponse interface EscrowTermsOfServiceResponse { @@ -409,7 +411,7 @@ Receiving Terms of Service // how long until the service expires deposited truth // (unless refreshed via another POST)? - truth_expiration: relative-time; + truth_expiration: RelativeTime; // Payment required to upload truth. To be paid per upload. truth_upload_fee: Amount; @@ -425,6 +427,7 @@ Receiving Terms of Service } + .. _AuthenticationMethod: .. ts:def:: AuthenticationMethod interface AuthenticationMethod { @@ -436,7 +439,7 @@ Receiving Terms of Service } -.. _escrow: +.. _manage-policy: Manage policy @@ -549,24 +552,26 @@ public key using the Crockford base32-encoding. **Details:** + .. _EncryptedRecoveryDocument: .. ts:def:: EncryptedRecoveryDocument interface EncryptedRecoveryDocument { // Nonce used to compute the (iv,key) pair for encryption of the // encrypted_compressed_recovery_document. - nonce: byte[32]; + nonce: [32]; //bytearray // Authentication tag - aes_gcm_tag: byte[16]; + aes_gcm_tag: [16]; //bytearray // Variable-size encrypted recovery document. After decryption, - // this contains a gzip compressed JSON-encoded `RecoveryDocument`_. + // this contains a gzip compressed JSON-encoded RecoveryDocument_. // The nonce of the HKDF for this encryption must include the // string "ERD". - encrypted_compressed_recovery_document: byte[] + encrypted_compressed_recovery_document: []; //bytearray of undefined length } + .. _RecoveryDocument: .. ts:def:: RecoveryDocument interface RecoveryDocument { @@ -575,16 +580,17 @@ public key using the Crockford base32-encoding. // https://sync.taler.net/$BACKUP_ID and // a private key to decrypt the backup. Anastasis is oblivious // to the details of how this is ultimately encoded. - backup_account: byte[]; + backup_account: []; //bytearray of undefined length // List of escrow providers and selected authentication method methods: EscrowMethod[]; // List of possible decryption policies - policy: EscrowPolicy[]; + policy: DecryptionPolicy[]; } + .. _EscrowMethod: .. ts:def:: EscrowMethod interface EscrowMethod { @@ -595,10 +601,10 @@ public key using the Crockford base32-encoding. escrow_method: string; // UUID of the escrow method (see /truth/ API below). - uuid: uuid; + uuid: string; // Salt used to encrypt the truth on the Anastasis server. - truth_salt: byte[32]; + truth_salt: [32]; //bytearray // The challenge to give to the user (i.e. the security question // if this is challenge-response). @@ -609,29 +615,30 @@ public key using the Crockford base32-encoding. // // The plaintext challenge is not revealed to the // Anastasis server. - challenge: byte[]; + challenge: []; //bytearray of undefined length } + .. _DecryptionPolicy: .. ts:def:: DecryptionPolicy interface DecryptionPolicy { // Salt included to encrypt master key share when // using this decryption policy. - policy_salt: byte[32]; + policy_salt: [32]; //bytearray // Master key, AES-encrypted with key derived from // salt and secrets revealed by the following list of // escrow methods identified by UUID. - encrypted_master_key: byte[32]; + encrypted_master_key: [32]; //bytearray // List of escrow methods identified by their uuid - uuid: uuid[]; + uuid: string[]; } -.. _truth: +.. _manage-truth: Managing truth @@ -679,15 +686,16 @@ charge per truth operation using GNU Taler. **Details:** + .. _Truth: .. ts:def:: Truth interface Truth { - // Contains the information of an `interface EncryptedKeyShare`_, but simply + // Contains the information of an interface `EncryptedKeyShare`, but simply // as one binary block (in Crockford Base32 encoding for JSON). - key_share_data: byte[]; + key_share_data: []; //bytearray of undefined length // Key share method, i.e. "security question", "SMS", "e-mail", ... - method: String; + method: string; // ground truth, i.e. H(challenge answer), // phone number, e-mail address, picture, fingerprint, ... @@ -738,14 +746,15 @@ charge per truth operation using GNU Taler. **Details:** + .. _EncryptedKeyShare: .. ts:def:: EncryptedKeyShare interface EncryptedKeyShare { // Nonce used to compute the decryption (iv,key) pair. - nonce_i: byte[32]; + nonce_i: [32]; //bytearray // Authentication tag - aes_gcm_tag_i: byte[16]; + aes_gcm_tag_i: [16]; //bytearray // Encrypted key-share in base32 encoding. // After decryption, this yields a KeyShare_. Note that @@ -758,28 +767,30 @@ charge per truth operation using GNU Taler. // the HKDF may additionally include // bits from the response (i.e. some hash over the // answer to the security question) - encrypted_key_share_i: byte[]; + encrypted_key_share_i: []; //bytearray of undefined length } + .. _KeyShare: .. ts:def:: KeyShare interface KeyShare { // Key material to concatenate with policy_salt and KDF to derive // the key to decrypt the master key. - key_share: byte[32]; + key_share: [32]; //bytearray // Signature over method, uuid, and key_share. - account_sig: EdDSA-Signature; + account_sig: EddsaSignature; } + .. _EscrowChallenge: .. ts:def:: EscrowChallenge interface EscrowChallenge { // ground truth, i.e. challenge question, // phone number, e-mail address, picture, fingerprint, ... - truth: byte[]; + truth: []; //bytearray of undefined length // mime type of truth, i.e. text/ascii, image/jpeg, etc. truth_mime: string; -- cgit v1.2.3