diff --git a/docs/grpc/index.html b/docs/grpc/index.html
index 62bd58f13c..e4329f9e4b 100644
--- a/docs/grpc/index.html
+++ b/docs/grpc/index.html
@@ -293,6 +293,14 @@ Table of Contents
MResourceMappingGroup
+
+ MSimpleKasKey
+
+
+
+ MSimpleKasPublicKey
+
+
MSubjectConditionSet
@@ -1187,14 +1195,6 @@ Table of Contents
MSetBaseKeyResponse
-
- MSimpleKasKey
-
-
-
- MSimpleKasPublicKey
-
-
MUpdateKeyAccessServerRequest
@@ -2264,7 +2264,7 @@ Attribute
| kas_keys |
- KasKey |
+ SimpleKasKey |
repeated |
Keys associated with the attribute |
@@ -2556,7 +2556,7 @@ KeyAccessServer
| kas_keys |
- KasKey |
+ SimpleKasKey |
repeated |
Kas keys associated with this KAS |
@@ -2683,7 +2683,7 @@ Namespace
| kas_keys |
- KasKey |
+ SimpleKasKey |
repeated |
Keys for the namespace |
@@ -3027,6 +3027,82 @@ ResourceMappingGroup
+ SimpleKasKey
+
+
+
+
+
+ | Field | Type | Label | Description |
+
+
+
+
+ | kas_uri |
+ string |
+ |
+ The URL of the Key Access Server |
+
+
+
+ | public_key |
+ SimpleKasPublicKey |
+ |
+ The public key of the Key that belongs to the KAS |
+
+
+
+ | kas_id |
+ string |
+ |
+ The ID of the Key Access Server |
+
+
+
+
+
+
+
+
+
+ SimpleKasPublicKey
+
+
+
+
+
+ | Field | Type | Label | Description |
+
+
+
+
+ | algorithm |
+ Algorithm |
+ |
+ |
+
+
+
+ | kid |
+ string |
+ |
+ |
+
+
+
+ | pem |
+ string |
+ |
+ |
+
+
+
+
+
+
+
+
+
SubjectConditionSet
A container for multiple Subject Sets, each containing Condition Groups, each
containing Conditions. Multiple Subject Sets in a SubjectConditionSet are
evaluated with AND logic. As each Subject Mapping has only one Attribute
Value, the SubjectConditionSet is reusable across multiple Subject Mappings /
Attribute Values and is an independent unit.
@@ -3300,7 +3376,7 @@ Value
| kas_keys |
- KasKey |
+ SimpleKasKey |
repeated |
|
@@ -8982,7 +9058,7 @@ GetBaseKeyResponse
| base_key |
- SimpleKasKey |
+ policy.SimpleKasKey |
|
The current base key |
@@ -10059,14 +10135,14 @@ SetBaseKeyResponse
| new_base_key |
- SimpleKasKey |
+ policy.SimpleKasKey |
|
The key that was set as base |
| previous_base_key |
- SimpleKasKey |
+ policy.SimpleKasKey |
|
The previous base key, if any |
@@ -10078,75 +10154,6 @@ SetBaseKeyResponse
- SimpleKasKey
-
-
-
-
-
- | Field | Type | Label | Description |
-
-
-
-
- | kas_uri |
- string |
- |
- The URL of the Key Access Server |
-
-
-
- | public_key |
- SimpleKasPublicKey |
- |
- The public key of the Key that belongs to the KAS |
-
-
-
-
-
-
-
-
-
- SimpleKasPublicKey
-
-
-
-
-
-
-
-
-
UpdateKeyAccessServerRequest
diff --git a/docs/openapi/policy/actions/actions.openapi.yaml b/docs/openapi/policy/actions/actions.openapi.yaml
index 1b883a4a00..619dcd242f 100644
--- a/docs/openapi/policy/actions/actions.openapi.yaml
+++ b/docs/openapi/policy/actions/actions.openapi.yaml
@@ -229,24 +229,6 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1
- policy.KeyMode:
- type: string
- title: KeyMode
- enum:
- - KEY_MODE_UNSPECIFIED
- - KEY_MODE_CONFIG_ROOT_KEY
- - KEY_MODE_PROVIDER_ROOT_KEY
- - KEY_MODE_REMOTE
- - KEY_MODE_PUBLIC_KEY_ONLY
- description: Describes the management and operational mode of a cryptographic key.
- policy.KeyStatus:
- type: string
- title: KeyStatus
- enum:
- - KEY_STATUS_UNSPECIFIED
- - KEY_STATUS_ACTIVE
- - KEY_STATUS_ROTATED
- description: The status of the key
policy.SourceType:
type: string
title: SourceType
@@ -453,47 +435,6 @@ components:
title: Action
additionalProperties: false
description: An action an entity can take
- policy.AsymmetricKey:
- type: object
- properties:
- id:
- type: string
- title: id
- description: Required
- keyId:
- type: string
- title: key_id
- description: Required
- keyAlgorithm:
- title: key_algorithm
- description: Required
- $ref: '#/components/schemas/policy.Algorithm'
- keyStatus:
- title: key_status
- description: Required
- $ref: '#/components/schemas/policy.KeyStatus'
- keyMode:
- title: key_mode
- description: Required Specifies how the key is managed (local or remote)
- $ref: '#/components/schemas/policy.KeyMode'
- publicKeyCtx:
- title: public_key_ctx
- description: Required Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PublicKeyCtx'
- privateKeyCtx:
- title: private_key_ctx
- description: Optional Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PrivateKeyCtx'
- providerConfig:
- title: provider_config
- description: Optional Configuration for the key provider
- $ref: '#/components/schemas/policy.KeyProviderConfig'
- metadata:
- title: metadata
- description: Common metadata fields
- $ref: '#/components/schemas/common.Metadata'
- title: AsymmetricKey
- additionalProperties: false
policy.Attribute:
type: object
properties:
@@ -533,7 +474,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys associated with the attribute
metadata:
@@ -595,20 +536,6 @@ components:
- booleanOperator
additionalProperties: false
description: A collection of Conditions evaluated by the boolean_operator provided
- policy.KasKey:
- type: object
- properties:
- kasId:
- type: string
- title: kas_id
- key:
- title: key
- $ref: '#/components/schemas/policy.AsymmetricKey'
- kasUri:
- type: string
- title: kas_uri
- title: KasKey
- additionalProperties: false
policy.KasPublicKey:
type: object
properties:
@@ -679,7 +606,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -695,25 +622,6 @@ components:
title: KeyAccessServer
additionalProperties: false
description: Key Access Server Registry
- policy.KeyProviderConfig:
- type: object
- properties:
- id:
- type: string
- title: id
- name:
- type: string
- title: name
- configJson:
- type: string
- title: config_json
- format: byte
- metadata:
- title: metadata
- description: Common metadata
- $ref: '#/components/schemas/common.Metadata'
- title: KeyProviderConfig
- additionalProperties: false
policy.Namespace:
type: object
properties:
@@ -746,7 +654,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
@@ -793,20 +701,6 @@ components:
description: Total count of entire list
title: PageResponse
additionalProperties: false
- policy.PrivateKeyCtx:
- type: object
- properties:
- keyId:
- type: string
- title: key_id
- minLength: 1
- description: Required Key ID for the symmetric key wrapping this key.
- wrappedKey:
- type: string
- title: wrapped_key
- description: Optional Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
- title: PrivateKeyCtx
- additionalProperties: false
policy.PublicKey:
type: object
oneOf:
@@ -835,16 +729,6 @@ components:
title: PublicKey
additionalProperties: false
description: Deprecated
- policy.PublicKeyCtx:
- type: object
- properties:
- pem:
- type: string
- title: pem
- minLength: 1
- description: Required Base64 encoded public key in PEM format
- title: PublicKeyCtx
- additionalProperties: false
policy.ResourceMapping:
type: object
properties:
@@ -900,6 +784,37 @@ components:
description: |-
Resource Mapping Groups are namespaced collections of Resource Mappings
associated under a common group name.
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.SubjectConditionSet:
type: object
properties:
@@ -1001,7 +916,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
resourceMappings:
type: array
diff --git a/docs/openapi/policy/actions/actions.swagger.json b/docs/openapi/policy/actions/actions.swagger.json
index 037f64ba58..45ed7bfb58 100644
--- a/docs/openapi/policy/actions/actions.swagger.json
+++ b/docs/openapi/policy/actions/actions.swagger.json
@@ -171,51 +171,6 @@
"default": "ALGORITHM_UNSPECIFIED",
"description": "Supported key algorithms."
},
- "policyAsymmetricKey": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "title": "Required"
- },
- "keyId": {
- "type": "string",
- "title": "Required"
- },
- "keyAlgorithm": {
- "$ref": "#/definitions/policyAlgorithm",
- "title": "Required"
- },
- "keyStatus": {
- "$ref": "#/definitions/policyKeyStatus",
- "title": "Required"
- },
- "keyMode": {
- "$ref": "#/definitions/policyKeyMode",
- "description": "Specifies how the key is managed (local or remote)",
- "title": "Required"
- },
- "publicKeyCtx": {
- "$ref": "#/definitions/policyPublicKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Required"
- },
- "privateKeyCtx": {
- "$ref": "#/definitions/policyPrivateKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Optional"
- },
- "providerConfig": {
- "$ref": "#/definitions/policyKeyProviderConfig",
- "description": "Configuration for the key provider",
- "title": "Optional"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata fields"
- }
- }
- },
"policyAttribute": {
"type": "object",
"properties": {
@@ -260,7 +215,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys associated with the attribute"
},
@@ -327,20 +282,6 @@
},
"title": "A collection of Conditions evaluated by the boolean_operator provided"
},
- "policyKasKey": {
- "type": "object",
- "properties": {
- "kasId": {
- "type": "string"
- },
- "key": {
- "$ref": "#/definitions/policyAsymmetricKey"
- },
- "kasUri": {
- "type": "string"
- }
- }
- },
"policyKasPublicKey": {
"type": "object",
"properties": {
@@ -406,7 +347,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -421,47 +362,6 @@
},
"title": "Key Access Server Registry"
},
- "policyKeyMode": {
- "type": "string",
- "enum": [
- "KEY_MODE_UNSPECIFIED",
- "KEY_MODE_CONFIG_ROOT_KEY",
- "KEY_MODE_PROVIDER_ROOT_KEY",
- "KEY_MODE_REMOTE",
- "KEY_MODE_PUBLIC_KEY_ONLY"
- ],
- "default": "KEY_MODE_UNSPECIFIED",
- "description": "Describes the management and operational mode of a cryptographic key.\n\n - KEY_MODE_UNSPECIFIED: KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.\n - KEY_MODE_CONFIG_ROOT_KEY: KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nsourced from local configuration. Unwrapping and all cryptographic operations are performed locally.\n - KEY_MODE_PROVIDER_ROOT_KEY: KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nmanaged by an external provider (e.g., a Hardware Security Module or Cloud KMS).\nKey unwrapping is delegated to the external provider; subsequent cryptographic operations\nare performed locally using the unwrapped key.\n - KEY_MODE_REMOTE: KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic\noperations are performed by, a remote Key Management Service (KMS) or HSM.\nThe private key material never leaves the secure boundary of the remote system.\n - KEY_MODE_PUBLIC_KEY_ONLY: KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,\ntypically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).\nThe corresponding private key is not managed or accessible by this system."
- },
- "policyKeyProviderConfig": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "configJson": {
- "type": "string",
- "format": "byte"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata"
- }
- }
- },
- "policyKeyStatus": {
- "type": "string",
- "enum": [
- "KEY_STATUS_UNSPECIFIED",
- "KEY_STATUS_ACTIVE",
- "KEY_STATUS_ROTATED"
- ],
- "default": "KEY_STATUS_UNSPECIFIED",
- "title": "The status of the key"
- },
"policyNamespace": {
"type": "object",
"properties": {
@@ -495,7 +395,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys for the namespace"
}
@@ -536,21 +436,6 @@
}
}
},
- "policyPrivateKeyCtx": {
- "type": "object",
- "properties": {
- "keyId": {
- "type": "string",
- "description": "Key ID for the symmetric key wrapping this key.",
- "title": "Required"
- },
- "wrappedKey": {
- "type": "string",
- "description": "Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.",
- "title": "Optional"
- }
- }
- },
"policyPublicKey": {
"type": "object",
"properties": {
@@ -565,16 +450,6 @@
},
"title": "Deprecated"
},
- "policyPublicKeyCtx": {
- "type": "object",
- "properties": {
- "pem": {
- "type": "string",
- "description": "Base64 encoded public key in PEM format",
- "title": "Required"
- }
- }
- },
"policyResourceMapping": {
"type": "object",
"properties": {
@@ -620,6 +495,37 @@
},
"description": "Resource Mapping Groups are namespaced collections of Resource Mappings\nassociated under a common group name."
},
+ "policySimpleKasKey": {
+ "type": "object",
+ "properties": {
+ "kasUri": {
+ "type": "string",
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
+ }
+ }
+ },
"policySourceType": {
"type": "string",
"enum": [
@@ -742,7 +648,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
}
},
"resourceMappings": {
diff --git a/docs/openapi/policy/attributes/attributes.openapi.yaml b/docs/openapi/policy/attributes/attributes.openapi.yaml
index 8c6239a57a..7bdb5d458e 100644
--- a/docs/openapi/policy/attributes/attributes.openapi.yaml
+++ b/docs/openapi/policy/attributes/attributes.openapi.yaml
@@ -762,24 +762,6 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1
- policy.KeyMode:
- type: string
- title: KeyMode
- enum:
- - KEY_MODE_UNSPECIFIED
- - KEY_MODE_CONFIG_ROOT_KEY
- - KEY_MODE_PROVIDER_ROOT_KEY
- - KEY_MODE_REMOTE
- - KEY_MODE_PUBLIC_KEY_ONLY
- description: Describes the management and operational mode of a cryptographic key.
- policy.KeyStatus:
- type: string
- title: KeyStatus
- enum:
- - KEY_STATUS_UNSPECIFIED
- - KEY_STATUS_ACTIVE
- - KEY_STATUS_ROTATED
- description: The status of the key
policy.SourceType:
type: string
title: SourceType
@@ -986,47 +968,6 @@ components:
title: Action
additionalProperties: false
description: An action an entity can take
- policy.AsymmetricKey:
- type: object
- properties:
- id:
- type: string
- title: id
- description: Required
- keyId:
- type: string
- title: key_id
- description: Required
- keyAlgorithm:
- title: key_algorithm
- description: Required
- $ref: '#/components/schemas/policy.Algorithm'
- keyStatus:
- title: key_status
- description: Required
- $ref: '#/components/schemas/policy.KeyStatus'
- keyMode:
- title: key_mode
- description: Required Specifies how the key is managed (local or remote)
- $ref: '#/components/schemas/policy.KeyMode'
- publicKeyCtx:
- title: public_key_ctx
- description: Required Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PublicKeyCtx'
- privateKeyCtx:
- title: private_key_ctx
- description: Optional Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PrivateKeyCtx'
- providerConfig:
- title: provider_config
- description: Optional Configuration for the key provider
- $ref: '#/components/schemas/policy.KeyProviderConfig'
- metadata:
- title: metadata
- description: Common metadata fields
- $ref: '#/components/schemas/common.Metadata'
- title: AsymmetricKey
- additionalProperties: false
policy.Attribute:
type: object
properties:
@@ -1066,7 +1007,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys associated with the attribute
metadata:
@@ -1160,20 +1101,6 @@ components:
- booleanOperator
additionalProperties: false
description: A collection of Conditions evaluated by the boolean_operator provided
- policy.KasKey:
- type: object
- properties:
- kasId:
- type: string
- title: kas_id
- key:
- title: key
- $ref: '#/components/schemas/policy.AsymmetricKey'
- kasUri:
- type: string
- title: kas_uri
- title: KasKey
- additionalProperties: false
policy.KasPublicKey:
type: object
properties:
@@ -1244,7 +1171,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -1260,25 +1187,6 @@ components:
title: KeyAccessServer
additionalProperties: false
description: Key Access Server Registry
- policy.KeyProviderConfig:
- type: object
- properties:
- id:
- type: string
- title: id
- name:
- type: string
- title: name
- configJson:
- type: string
- title: config_json
- format: byte
- metadata:
- title: metadata
- description: Common metadata
- $ref: '#/components/schemas/common.Metadata'
- title: KeyProviderConfig
- additionalProperties: false
policy.Namespace:
type: object
properties:
@@ -1311,7 +1219,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
@@ -1358,20 +1266,6 @@ components:
description: Total count of entire list
title: PageResponse
additionalProperties: false
- policy.PrivateKeyCtx:
- type: object
- properties:
- keyId:
- type: string
- title: key_id
- minLength: 1
- description: Required Key ID for the symmetric key wrapping this key.
- wrappedKey:
- type: string
- title: wrapped_key
- description: Optional Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
- title: PrivateKeyCtx
- additionalProperties: false
policy.PublicKey:
type: object
oneOf:
@@ -1400,16 +1294,6 @@ components:
title: PublicKey
additionalProperties: false
description: Deprecated
- policy.PublicKeyCtx:
- type: object
- properties:
- pem:
- type: string
- title: pem
- minLength: 1
- description: Required Base64 encoded public key in PEM format
- title: PublicKeyCtx
- additionalProperties: false
policy.ResourceMapping:
type: object
properties:
@@ -1465,6 +1349,37 @@ components:
description: |-
Resource Mapping Groups are namespaced collections of Resource Mappings
associated under a common group name.
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.SubjectConditionSet:
type: object
properties:
@@ -1566,7 +1481,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
resourceMappings:
type: array
diff --git a/docs/openapi/policy/attributes/attributes.swagger.json b/docs/openapi/policy/attributes/attributes.swagger.json
index 2e394d6396..780da3650c 100644
--- a/docs/openapi/policy/attributes/attributes.swagger.json
+++ b/docs/openapi/policy/attributes/attributes.swagger.json
@@ -420,51 +420,6 @@
"default": "ALGORITHM_UNSPECIFIED",
"description": "Supported key algorithms."
},
- "policyAsymmetricKey": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "title": "Required"
- },
- "keyId": {
- "type": "string",
- "title": "Required"
- },
- "keyAlgorithm": {
- "$ref": "#/definitions/policyAlgorithm",
- "title": "Required"
- },
- "keyStatus": {
- "$ref": "#/definitions/policyKeyStatus",
- "title": "Required"
- },
- "keyMode": {
- "$ref": "#/definitions/policyKeyMode",
- "description": "Specifies how the key is managed (local or remote)",
- "title": "Required"
- },
- "publicKeyCtx": {
- "$ref": "#/definitions/policyPublicKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Required"
- },
- "privateKeyCtx": {
- "$ref": "#/definitions/policyPrivateKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Optional"
- },
- "providerConfig": {
- "$ref": "#/definitions/policyKeyProviderConfig",
- "description": "Configuration for the key provider",
- "title": "Optional"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata fields"
- }
- }
- },
"policyAttribute": {
"type": "object",
"properties": {
@@ -509,7 +464,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys associated with the attribute"
},
@@ -604,20 +559,6 @@
},
"title": "A collection of Conditions evaluated by the boolean_operator provided"
},
- "policyKasKey": {
- "type": "object",
- "properties": {
- "kasId": {
- "type": "string"
- },
- "key": {
- "$ref": "#/definitions/policyAsymmetricKey"
- },
- "kasUri": {
- "type": "string"
- }
- }
- },
"policyKasPublicKey": {
"type": "object",
"properties": {
@@ -683,7 +624,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -698,47 +639,6 @@
},
"title": "Key Access Server Registry"
},
- "policyKeyMode": {
- "type": "string",
- "enum": [
- "KEY_MODE_UNSPECIFIED",
- "KEY_MODE_CONFIG_ROOT_KEY",
- "KEY_MODE_PROVIDER_ROOT_KEY",
- "KEY_MODE_REMOTE",
- "KEY_MODE_PUBLIC_KEY_ONLY"
- ],
- "default": "KEY_MODE_UNSPECIFIED",
- "description": "Describes the management and operational mode of a cryptographic key.\n\n - KEY_MODE_UNSPECIFIED: KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.\n - KEY_MODE_CONFIG_ROOT_KEY: KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nsourced from local configuration. Unwrapping and all cryptographic operations are performed locally.\n - KEY_MODE_PROVIDER_ROOT_KEY: KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nmanaged by an external provider (e.g., a Hardware Security Module or Cloud KMS).\nKey unwrapping is delegated to the external provider; subsequent cryptographic operations\nare performed locally using the unwrapped key.\n - KEY_MODE_REMOTE: KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic\noperations are performed by, a remote Key Management Service (KMS) or HSM.\nThe private key material never leaves the secure boundary of the remote system.\n - KEY_MODE_PUBLIC_KEY_ONLY: KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,\ntypically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).\nThe corresponding private key is not managed or accessible by this system."
- },
- "policyKeyProviderConfig": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "configJson": {
- "type": "string",
- "format": "byte"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata"
- }
- }
- },
- "policyKeyStatus": {
- "type": "string",
- "enum": [
- "KEY_STATUS_UNSPECIFIED",
- "KEY_STATUS_ACTIVE",
- "KEY_STATUS_ROTATED"
- ],
- "default": "KEY_STATUS_UNSPECIFIED",
- "title": "The status of the key"
- },
"policyNamespace": {
"type": "object",
"properties": {
@@ -772,7 +672,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys for the namespace"
}
@@ -813,21 +713,6 @@
}
}
},
- "policyPrivateKeyCtx": {
- "type": "object",
- "properties": {
- "keyId": {
- "type": "string",
- "description": "Key ID for the symmetric key wrapping this key.",
- "title": "Required"
- },
- "wrappedKey": {
- "type": "string",
- "description": "Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.",
- "title": "Optional"
- }
- }
- },
"policyPublicKey": {
"type": "object",
"properties": {
@@ -842,16 +727,6 @@
},
"title": "Deprecated"
},
- "policyPublicKeyCtx": {
- "type": "object",
- "properties": {
- "pem": {
- "type": "string",
- "description": "Base64 encoded public key in PEM format",
- "title": "Required"
- }
- }
- },
"policyResourceMapping": {
"type": "object",
"properties": {
@@ -897,6 +772,37 @@
},
"description": "Resource Mapping Groups are namespaced collections of Resource Mappings\nassociated under a common group name."
},
+ "policySimpleKasKey": {
+ "type": "object",
+ "properties": {
+ "kasUri": {
+ "type": "string",
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
+ }
+ }
+ },
"policySourceType": {
"type": "string",
"enum": [
@@ -1019,7 +925,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
}
},
"resourceMappings": {
diff --git a/docs/openapi/policy/kasregistry/key_access_server_registry.openapi.yaml b/docs/openapi/policy/kasregistry/key_access_server_registry.openapi.yaml
index 6fa230212c..d311651f8a 100644
--- a/docs/openapi/policy/kasregistry/key_access_server_registry.openapi.yaml
+++ b/docs/openapi/policy/kasregistry/key_access_server_registry.openapi.yaml
@@ -841,7 +841,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -970,6 +970,37 @@ components:
description: Required Base64 encoded public key in PEM format
title: PublicKeyCtx
additionalProperties: false
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.kasregistry.ActivatePublicKeyRequest:
type: object
properties:
@@ -1200,7 +1231,7 @@ components:
baseKey:
title: base_key
description: The current base key
- $ref: '#/components/schemas/policy.kasregistry.SimpleKasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: GetBaseKeyResponse
additionalProperties: false
policy.kasregistry.GetKeyAccessServerRequest:
@@ -1864,40 +1895,13 @@ components:
newBaseKey:
title: new_base_key
description: The key that was set as base
- $ref: '#/components/schemas/policy.kasregistry.SimpleKasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
previousBaseKey:
title: previous_base_key
description: The previous base key, if any
- $ref: '#/components/schemas/policy.kasregistry.SimpleKasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: SetBaseKeyResponse
additionalProperties: false
- policy.kasregistry.SimpleKasKey:
- type: object
- properties:
- kasUri:
- type: string
- title: kas_uri
- description: The URL of the Key Access Server
- publicKey:
- title: public_key
- description: The public key of the Key that belongs to the KAS
- $ref: '#/components/schemas/policy.kasregistry.SimpleKasPublicKey'
- title: SimpleKasKey
- additionalProperties: false
- policy.kasregistry.SimpleKasPublicKey:
- type: object
- properties:
- algorithm:
- title: algorithm
- $ref: '#/components/schemas/policy.Algorithm'
- kid:
- type: string
- title: kid
- pem:
- type: string
- title: pem
- title: SimpleKasPublicKey
- additionalProperties: false
policy.kasregistry.UpdateKeyAccessServerRequest:
type: object
properties:
diff --git a/docs/openapi/policy/kasregistry/key_access_server_registry.swagger.json b/docs/openapi/policy/kasregistry/key_access_server_registry.swagger.json
index 79471c3d73..118f1ea91f 100644
--- a/docs/openapi/policy/kasregistry/key_access_server_registry.swagger.json
+++ b/docs/openapi/policy/kasregistry/key_access_server_registry.swagger.json
@@ -179,7 +179,7 @@
"type": "object",
"properties": {
"baseKey": {
- "$ref": "#/definitions/kasregistrySimpleKasKey",
+ "$ref": "#/definitions/policySimpleKasKey",
"title": "The current base key"
}
}
@@ -361,42 +361,15 @@
"type": "object",
"properties": {
"newBaseKey": {
- "$ref": "#/definitions/kasregistrySimpleKasKey",
+ "$ref": "#/definitions/policySimpleKasKey",
"title": "The key that was set as base"
},
"previousBaseKey": {
- "$ref": "#/definitions/kasregistrySimpleKasKey",
+ "$ref": "#/definitions/policySimpleKasKey",
"title": "The previous base key, if any"
}
}
},
- "kasregistrySimpleKasKey": {
- "type": "object",
- "properties": {
- "kasUri": {
- "type": "string",
- "title": "The URL of the Key Access Server"
- },
- "publicKey": {
- "$ref": "#/definitions/kasregistrySimpleKasPublicKey",
- "title": "The public key of the Key that belongs to the KAS"
- }
- }
- },
- "kasregistrySimpleKasPublicKey": {
- "type": "object",
- "properties": {
- "algorithm": {
- "$ref": "#/definitions/policyAlgorithm"
- },
- "kid": {
- "type": "string"
- },
- "pem": {
- "type": "string"
- }
- }
- },
"kasregistryUpdateKeyAccessServerResponse": {
"type": "object",
"properties": {
@@ -552,7 +525,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -682,6 +655,37 @@
}
}
},
+ "policySimpleKasKey": {
+ "type": "object",
+ "properties": {
+ "kasUri": {
+ "type": "string",
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
+ }
+ }
+ },
"policySourceType": {
"type": "string",
"enum": [
diff --git a/docs/openapi/policy/namespaces/namespaces.openapi.yaml b/docs/openapi/policy/namespaces/namespaces.openapi.yaml
index 3652c61aa5..a33a2be8cd 100644
--- a/docs/openapi/policy/namespaces/namespaces.openapi.yaml
+++ b/docs/openapi/policy/namespaces/namespaces.openapi.yaml
@@ -364,24 +364,6 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1
- policy.KeyMode:
- type: string
- title: KeyMode
- enum:
- - KEY_MODE_UNSPECIFIED
- - KEY_MODE_CONFIG_ROOT_KEY
- - KEY_MODE_PROVIDER_ROOT_KEY
- - KEY_MODE_REMOTE
- - KEY_MODE_PUBLIC_KEY_ONLY
- description: Describes the management and operational mode of a cryptographic key.
- policy.KeyStatus:
- type: string
- title: KeyStatus
- enum:
- - KEY_STATUS_UNSPECIFIED
- - KEY_STATUS_ACTIVE
- - KEY_STATUS_ROTATED
- description: The status of the key
policy.SourceType:
type: string
title: SourceType
@@ -547,61 +529,6 @@ components:
the Joda Time's [`ISODateTimeFormat.dateTime()`](
http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime()
) to obtain a formatter capable of generating timestamps in this format.
- policy.AsymmetricKey:
- type: object
- properties:
- id:
- type: string
- title: id
- description: Required
- keyId:
- type: string
- title: key_id
- description: Required
- keyAlgorithm:
- title: key_algorithm
- description: Required
- $ref: '#/components/schemas/policy.Algorithm'
- keyStatus:
- title: key_status
- description: Required
- $ref: '#/components/schemas/policy.KeyStatus'
- keyMode:
- title: key_mode
- description: Required Specifies how the key is managed (local or remote)
- $ref: '#/components/schemas/policy.KeyMode'
- publicKeyCtx:
- title: public_key_ctx
- description: Required Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PublicKeyCtx'
- privateKeyCtx:
- title: private_key_ctx
- description: Optional Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PrivateKeyCtx'
- providerConfig:
- title: provider_config
- description: Optional Configuration for the key provider
- $ref: '#/components/schemas/policy.KeyProviderConfig'
- metadata:
- title: metadata
- description: Common metadata fields
- $ref: '#/components/schemas/common.Metadata'
- title: AsymmetricKey
- additionalProperties: false
- policy.KasKey:
- type: object
- properties:
- kasId:
- type: string
- title: kas_id
- key:
- title: key
- $ref: '#/components/schemas/policy.AsymmetricKey'
- kasUri:
- type: string
- title: kas_uri
- title: KasKey
- additionalProperties: false
policy.KasPublicKey:
type: object
properties:
@@ -672,7 +599,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -688,25 +615,6 @@ components:
title: KeyAccessServer
additionalProperties: false
description: Key Access Server Registry
- policy.KeyProviderConfig:
- type: object
- properties:
- id:
- type: string
- title: id
- name:
- type: string
- title: name
- configJson:
- type: string
- title: config_json
- format: byte
- metadata:
- title: metadata
- description: Common metadata
- $ref: '#/components/schemas/common.Metadata'
- title: KeyProviderConfig
- additionalProperties: false
policy.Namespace:
type: object
properties:
@@ -739,7 +647,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
@@ -786,20 +694,6 @@ components:
description: Total count of entire list
title: PageResponse
additionalProperties: false
- policy.PrivateKeyCtx:
- type: object
- properties:
- keyId:
- type: string
- title: key_id
- minLength: 1
- description: Required Key ID for the symmetric key wrapping this key.
- wrappedKey:
- type: string
- title: wrapped_key
- description: Optional Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
- title: PrivateKeyCtx
- additionalProperties: false
policy.PublicKey:
type: object
oneOf:
@@ -828,15 +722,36 @@ components:
title: PublicKey
additionalProperties: false
description: Deprecated
- policy.PublicKeyCtx:
+ policy.SimpleKasKey:
type: object
properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
pem:
type: string
title: pem
- minLength: 1
- description: Required Base64 encoded public key in PEM format
- title: PublicKeyCtx
+ title: SimpleKasPublicKey
additionalProperties: false
policy.namespaces.AssignKeyAccessServerToNamespaceRequest:
type: object
diff --git a/docs/openapi/policy/namespaces/namespaces.swagger.json b/docs/openapi/policy/namespaces/namespaces.swagger.json
index 5fd1843c95..a4e7cb7ade 100644
--- a/docs/openapi/policy/namespaces/namespaces.swagger.json
+++ b/docs/openapi/policy/namespaces/namespaces.swagger.json
@@ -186,65 +186,6 @@
"default": "ALGORITHM_UNSPECIFIED",
"description": "Supported key algorithms."
},
- "policyAsymmetricKey": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "title": "Required"
- },
- "keyId": {
- "type": "string",
- "title": "Required"
- },
- "keyAlgorithm": {
- "$ref": "#/definitions/policyAlgorithm",
- "title": "Required"
- },
- "keyStatus": {
- "$ref": "#/definitions/policyKeyStatus",
- "title": "Required"
- },
- "keyMode": {
- "$ref": "#/definitions/policyKeyMode",
- "description": "Specifies how the key is managed (local or remote)",
- "title": "Required"
- },
- "publicKeyCtx": {
- "$ref": "#/definitions/policyPublicKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Required"
- },
- "privateKeyCtx": {
- "$ref": "#/definitions/policyPrivateKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Optional"
- },
- "providerConfig": {
- "$ref": "#/definitions/policyKeyProviderConfig",
- "description": "Configuration for the key provider",
- "title": "Optional"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata fields"
- }
- }
- },
- "policyKasKey": {
- "type": "object",
- "properties": {
- "kasId": {
- "type": "string"
- },
- "key": {
- "$ref": "#/definitions/policyAsymmetricKey"
- },
- "kasUri": {
- "type": "string"
- }
- }
- },
"policyKasPublicKey": {
"type": "object",
"properties": {
@@ -310,7 +251,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -325,47 +266,6 @@
},
"title": "Key Access Server Registry"
},
- "policyKeyMode": {
- "type": "string",
- "enum": [
- "KEY_MODE_UNSPECIFIED",
- "KEY_MODE_CONFIG_ROOT_KEY",
- "KEY_MODE_PROVIDER_ROOT_KEY",
- "KEY_MODE_REMOTE",
- "KEY_MODE_PUBLIC_KEY_ONLY"
- ],
- "default": "KEY_MODE_UNSPECIFIED",
- "description": "Describes the management and operational mode of a cryptographic key.\n\n - KEY_MODE_UNSPECIFIED: KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.\n - KEY_MODE_CONFIG_ROOT_KEY: KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nsourced from local configuration. Unwrapping and all cryptographic operations are performed locally.\n - KEY_MODE_PROVIDER_ROOT_KEY: KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nmanaged by an external provider (e.g., a Hardware Security Module or Cloud KMS).\nKey unwrapping is delegated to the external provider; subsequent cryptographic operations\nare performed locally using the unwrapped key.\n - KEY_MODE_REMOTE: KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic\noperations are performed by, a remote Key Management Service (KMS) or HSM.\nThe private key material never leaves the secure boundary of the remote system.\n - KEY_MODE_PUBLIC_KEY_ONLY: KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,\ntypically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).\nThe corresponding private key is not managed or accessible by this system."
- },
- "policyKeyProviderConfig": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "configJson": {
- "type": "string",
- "format": "byte"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata"
- }
- }
- },
- "policyKeyStatus": {
- "type": "string",
- "enum": [
- "KEY_STATUS_UNSPECIFIED",
- "KEY_STATUS_ACTIVE",
- "KEY_STATUS_ROTATED"
- ],
- "default": "KEY_STATUS_UNSPECIFIED",
- "title": "The status of the key"
- },
"policyNamespace": {
"type": "object",
"properties": {
@@ -399,7 +299,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys for the namespace"
}
@@ -440,21 +340,6 @@
}
}
},
- "policyPrivateKeyCtx": {
- "type": "object",
- "properties": {
- "keyId": {
- "type": "string",
- "description": "Key ID for the symmetric key wrapping this key.",
- "title": "Required"
- },
- "wrappedKey": {
- "type": "string",
- "description": "Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.",
- "title": "Optional"
- }
- }
- },
"policyPublicKey": {
"type": "object",
"properties": {
@@ -469,13 +354,34 @@
},
"title": "Deprecated"
},
- "policyPublicKeyCtx": {
+ "policySimpleKasKey": {
"type": "object",
"properties": {
- "pem": {
+ "kasUri": {
"type": "string",
- "description": "Base64 encoded public key in PEM format",
- "title": "Required"
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
}
}
},
diff --git a/docs/openapi/policy/objects.openapi.yaml b/docs/openapi/policy/objects.openapi.yaml
index 9a3f689ae2..d2b2c9ed7a 100644
--- a/docs/openapi/policy/objects.openapi.yaml
+++ b/docs/openapi/policy/objects.openapi.yaml
@@ -328,7 +328,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys associated with the attribute
metadata:
@@ -499,7 +499,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -566,7 +566,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
@@ -739,6 +739,37 @@ components:
description: |-
Resource Mapping Groups are namespaced collections of Resource Mappings
associated under a common group name.
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.SubjectConditionSet:
type: object
properties:
@@ -896,7 +927,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
resourceMappings:
type: array
diff --git a/docs/openapi/policy/registeredresources/registered_resources.openapi.yaml b/docs/openapi/policy/registeredresources/registered_resources.openapi.yaml
index 24e40308d9..3f531841d5 100644
--- a/docs/openapi/policy/registeredresources/registered_resources.openapi.yaml
+++ b/docs/openapi/policy/registeredresources/registered_resources.openapi.yaml
@@ -439,24 +439,6 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1
- policy.KeyMode:
- type: string
- title: KeyMode
- enum:
- - KEY_MODE_UNSPECIFIED
- - KEY_MODE_CONFIG_ROOT_KEY
- - KEY_MODE_PROVIDER_ROOT_KEY
- - KEY_MODE_REMOTE
- - KEY_MODE_PUBLIC_KEY_ONLY
- description: Describes the management and operational mode of a cryptographic key.
- policy.KeyStatus:
- type: string
- title: KeyStatus
- enum:
- - KEY_STATUS_UNSPECIFIED
- - KEY_STATUS_ACTIVE
- - KEY_STATUS_ROTATED
- description: The status of the key
policy.SourceType:
type: string
title: SourceType
@@ -663,47 +645,6 @@ components:
title: Action
additionalProperties: false
description: An action an entity can take
- policy.AsymmetricKey:
- type: object
- properties:
- id:
- type: string
- title: id
- description: Required
- keyId:
- type: string
- title: key_id
- description: Required
- keyAlgorithm:
- title: key_algorithm
- description: Required
- $ref: '#/components/schemas/policy.Algorithm'
- keyStatus:
- title: key_status
- description: Required
- $ref: '#/components/schemas/policy.KeyStatus'
- keyMode:
- title: key_mode
- description: Required Specifies how the key is managed (local or remote)
- $ref: '#/components/schemas/policy.KeyMode'
- publicKeyCtx:
- title: public_key_ctx
- description: Required Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PublicKeyCtx'
- privateKeyCtx:
- title: private_key_ctx
- description: Optional Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PrivateKeyCtx'
- providerConfig:
- title: provider_config
- description: Optional Configuration for the key provider
- $ref: '#/components/schemas/policy.KeyProviderConfig'
- metadata:
- title: metadata
- description: Common metadata fields
- $ref: '#/components/schemas/common.Metadata'
- title: AsymmetricKey
- additionalProperties: false
policy.Attribute:
type: object
properties:
@@ -743,7 +684,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys associated with the attribute
metadata:
@@ -805,20 +746,6 @@ components:
- booleanOperator
additionalProperties: false
description: A collection of Conditions evaluated by the boolean_operator provided
- policy.KasKey:
- type: object
- properties:
- kasId:
- type: string
- title: kas_id
- key:
- title: key
- $ref: '#/components/schemas/policy.AsymmetricKey'
- kasUri:
- type: string
- title: kas_uri
- title: KasKey
- additionalProperties: false
policy.KasPublicKey:
type: object
properties:
@@ -889,7 +816,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -905,25 +832,6 @@ components:
title: KeyAccessServer
additionalProperties: false
description: Key Access Server Registry
- policy.KeyProviderConfig:
- type: object
- properties:
- id:
- type: string
- title: id
- name:
- type: string
- title: name
- configJson:
- type: string
- title: config_json
- format: byte
- metadata:
- title: metadata
- description: Common metadata
- $ref: '#/components/schemas/common.Metadata'
- title: KeyProviderConfig
- additionalProperties: false
policy.Namespace:
type: object
properties:
@@ -956,7 +864,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
@@ -1003,20 +911,6 @@ components:
description: Total count of entire list
title: PageResponse
additionalProperties: false
- policy.PrivateKeyCtx:
- type: object
- properties:
- keyId:
- type: string
- title: key_id
- minLength: 1
- description: Required Key ID for the symmetric key wrapping this key.
- wrappedKey:
- type: string
- title: wrapped_key
- description: Optional Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
- title: PrivateKeyCtx
- additionalProperties: false
policy.PublicKey:
type: object
oneOf:
@@ -1045,16 +939,6 @@ components:
title: PublicKey
additionalProperties: false
description: Deprecated
- policy.PublicKeyCtx:
- type: object
- properties:
- pem:
- type: string
- title: pem
- minLength: 1
- description: Required Base64 encoded public key in PEM format
- title: PublicKeyCtx
- additionalProperties: false
policy.RegisteredResource:
type: object
properties:
@@ -1171,6 +1055,37 @@ components:
description: |-
Resource Mapping Groups are namespaced collections of Resource Mappings
associated under a common group name.
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.SubjectConditionSet:
type: object
properties:
@@ -1272,7 +1187,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
resourceMappings:
type: array
diff --git a/docs/openapi/policy/registeredresources/registered_resources.swagger.json b/docs/openapi/policy/registeredresources/registered_resources.swagger.json
index c6075478bf..70307e2be1 100644
--- a/docs/openapi/policy/registeredresources/registered_resources.swagger.json
+++ b/docs/openapi/policy/registeredresources/registered_resources.swagger.json
@@ -109,51 +109,6 @@
"default": "ALGORITHM_UNSPECIFIED",
"description": "Supported key algorithms."
},
- "policyAsymmetricKey": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "title": "Required"
- },
- "keyId": {
- "type": "string",
- "title": "Required"
- },
- "keyAlgorithm": {
- "$ref": "#/definitions/policyAlgorithm",
- "title": "Required"
- },
- "keyStatus": {
- "$ref": "#/definitions/policyKeyStatus",
- "title": "Required"
- },
- "keyMode": {
- "$ref": "#/definitions/policyKeyMode",
- "description": "Specifies how the key is managed (local or remote)",
- "title": "Required"
- },
- "publicKeyCtx": {
- "$ref": "#/definitions/policyPublicKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Required"
- },
- "privateKeyCtx": {
- "$ref": "#/definitions/policyPrivateKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Optional"
- },
- "providerConfig": {
- "$ref": "#/definitions/policyKeyProviderConfig",
- "description": "Configuration for the key provider",
- "title": "Optional"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata fields"
- }
- }
- },
"policyAttribute": {
"type": "object",
"properties": {
@@ -198,7 +153,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys associated with the attribute"
},
@@ -265,20 +220,6 @@
},
"title": "A collection of Conditions evaluated by the boolean_operator provided"
},
- "policyKasKey": {
- "type": "object",
- "properties": {
- "kasId": {
- "type": "string"
- },
- "key": {
- "$ref": "#/definitions/policyAsymmetricKey"
- },
- "kasUri": {
- "type": "string"
- }
- }
- },
"policyKasPublicKey": {
"type": "object",
"properties": {
@@ -344,7 +285,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -359,47 +300,6 @@
},
"title": "Key Access Server Registry"
},
- "policyKeyMode": {
- "type": "string",
- "enum": [
- "KEY_MODE_UNSPECIFIED",
- "KEY_MODE_CONFIG_ROOT_KEY",
- "KEY_MODE_PROVIDER_ROOT_KEY",
- "KEY_MODE_REMOTE",
- "KEY_MODE_PUBLIC_KEY_ONLY"
- ],
- "default": "KEY_MODE_UNSPECIFIED",
- "description": "Describes the management and operational mode of a cryptographic key.\n\n - KEY_MODE_UNSPECIFIED: KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.\n - KEY_MODE_CONFIG_ROOT_KEY: KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nsourced from local configuration. Unwrapping and all cryptographic operations are performed locally.\n - KEY_MODE_PROVIDER_ROOT_KEY: KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nmanaged by an external provider (e.g., a Hardware Security Module or Cloud KMS).\nKey unwrapping is delegated to the external provider; subsequent cryptographic operations\nare performed locally using the unwrapped key.\n - KEY_MODE_REMOTE: KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic\noperations are performed by, a remote Key Management Service (KMS) or HSM.\nThe private key material never leaves the secure boundary of the remote system.\n - KEY_MODE_PUBLIC_KEY_ONLY: KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,\ntypically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).\nThe corresponding private key is not managed or accessible by this system."
- },
- "policyKeyProviderConfig": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "configJson": {
- "type": "string",
- "format": "byte"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata"
- }
- }
- },
- "policyKeyStatus": {
- "type": "string",
- "enum": [
- "KEY_STATUS_UNSPECIFIED",
- "KEY_STATUS_ACTIVE",
- "KEY_STATUS_ROTATED"
- ],
- "default": "KEY_STATUS_UNSPECIFIED",
- "title": "The status of the key"
- },
"policyNamespace": {
"type": "object",
"properties": {
@@ -433,7 +333,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys for the namespace"
}
@@ -474,21 +374,6 @@
}
}
},
- "policyPrivateKeyCtx": {
- "type": "object",
- "properties": {
- "keyId": {
- "type": "string",
- "description": "Key ID for the symmetric key wrapping this key.",
- "title": "Required"
- },
- "wrappedKey": {
- "type": "string",
- "description": "Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.",
- "title": "Optional"
- }
- }
- },
"policyPublicKey": {
"type": "object",
"properties": {
@@ -503,16 +388,6 @@
},
"title": "Deprecated"
},
- "policyPublicKeyCtx": {
- "type": "object",
- "properties": {
- "pem": {
- "type": "string",
- "description": "Base64 encoded public key in PEM format",
- "title": "Required"
- }
- }
- },
"policyRegisteredResource": {
"type": "object",
"properties": {
@@ -623,6 +498,37 @@
},
"description": "Resource Mapping Groups are namespaced collections of Resource Mappings\nassociated under a common group name."
},
+ "policySimpleKasKey": {
+ "type": "object",
+ "properties": {
+ "kasUri": {
+ "type": "string",
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
+ }
+ }
+ },
"policySourceType": {
"type": "string",
"enum": [
@@ -745,7 +651,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
}
},
"resourceMappings": {
diff --git a/docs/openapi/policy/resourcemapping/resource_mapping.openapi.yaml b/docs/openapi/policy/resourcemapping/resource_mapping.openapi.yaml
index 58dd9e4fc8..f8134a64a1 100644
--- a/docs/openapi/policy/resourcemapping/resource_mapping.openapi.yaml
+++ b/docs/openapi/policy/resourcemapping/resource_mapping.openapi.yaml
@@ -439,24 +439,6 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1
- policy.KeyMode:
- type: string
- title: KeyMode
- enum:
- - KEY_MODE_UNSPECIFIED
- - KEY_MODE_CONFIG_ROOT_KEY
- - KEY_MODE_PROVIDER_ROOT_KEY
- - KEY_MODE_REMOTE
- - KEY_MODE_PUBLIC_KEY_ONLY
- description: Describes the management and operational mode of a cryptographic key.
- policy.KeyStatus:
- type: string
- title: KeyStatus
- enum:
- - KEY_STATUS_UNSPECIFIED
- - KEY_STATUS_ACTIVE
- - KEY_STATUS_ROTATED
- description: The status of the key
policy.SourceType:
type: string
title: SourceType
@@ -663,47 +645,6 @@ components:
title: Action
additionalProperties: false
description: An action an entity can take
- policy.AsymmetricKey:
- type: object
- properties:
- id:
- type: string
- title: id
- description: Required
- keyId:
- type: string
- title: key_id
- description: Required
- keyAlgorithm:
- title: key_algorithm
- description: Required
- $ref: '#/components/schemas/policy.Algorithm'
- keyStatus:
- title: key_status
- description: Required
- $ref: '#/components/schemas/policy.KeyStatus'
- keyMode:
- title: key_mode
- description: Required Specifies how the key is managed (local or remote)
- $ref: '#/components/schemas/policy.KeyMode'
- publicKeyCtx:
- title: public_key_ctx
- description: Required Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PublicKeyCtx'
- privateKeyCtx:
- title: private_key_ctx
- description: Optional Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PrivateKeyCtx'
- providerConfig:
- title: provider_config
- description: Optional Configuration for the key provider
- $ref: '#/components/schemas/policy.KeyProviderConfig'
- metadata:
- title: metadata
- description: Common metadata fields
- $ref: '#/components/schemas/common.Metadata'
- title: AsymmetricKey
- additionalProperties: false
policy.Attribute:
type: object
properties:
@@ -743,7 +684,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys associated with the attribute
metadata:
@@ -805,20 +746,6 @@ components:
- booleanOperator
additionalProperties: false
description: A collection of Conditions evaluated by the boolean_operator provided
- policy.KasKey:
- type: object
- properties:
- kasId:
- type: string
- title: kas_id
- key:
- title: key
- $ref: '#/components/schemas/policy.AsymmetricKey'
- kasUri:
- type: string
- title: kas_uri
- title: KasKey
- additionalProperties: false
policy.KasPublicKey:
type: object
properties:
@@ -889,7 +816,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -905,25 +832,6 @@ components:
title: KeyAccessServer
additionalProperties: false
description: Key Access Server Registry
- policy.KeyProviderConfig:
- type: object
- properties:
- id:
- type: string
- title: id
- name:
- type: string
- title: name
- configJson:
- type: string
- title: config_json
- format: byte
- metadata:
- title: metadata
- description: Common metadata
- $ref: '#/components/schemas/common.Metadata'
- title: KeyProviderConfig
- additionalProperties: false
policy.Namespace:
type: object
properties:
@@ -956,7 +864,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
@@ -1003,20 +911,6 @@ components:
description: Total count of entire list
title: PageResponse
additionalProperties: false
- policy.PrivateKeyCtx:
- type: object
- properties:
- keyId:
- type: string
- title: key_id
- minLength: 1
- description: Required Key ID for the symmetric key wrapping this key.
- wrappedKey:
- type: string
- title: wrapped_key
- description: Optional Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
- title: PrivateKeyCtx
- additionalProperties: false
policy.PublicKey:
type: object
oneOf:
@@ -1045,16 +939,6 @@ components:
title: PublicKey
additionalProperties: false
description: Deprecated
- policy.PublicKeyCtx:
- type: object
- properties:
- pem:
- type: string
- title: pem
- minLength: 1
- description: Required Base64 encoded public key in PEM format
- title: PublicKeyCtx
- additionalProperties: false
policy.ResourceMapping:
type: object
properties:
@@ -1110,6 +994,37 @@ components:
description: |-
Resource Mapping Groups are namespaced collections of Resource Mappings
associated under a common group name.
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.SubjectConditionSet:
type: object
properties:
@@ -1211,7 +1126,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
resourceMappings:
type: array
diff --git a/docs/openapi/policy/resourcemapping/resource_mapping.swagger.json b/docs/openapi/policy/resourcemapping/resource_mapping.swagger.json
index a8390868eb..c976295142 100644
--- a/docs/openapi/policy/resourcemapping/resource_mapping.swagger.json
+++ b/docs/openapi/policy/resourcemapping/resource_mapping.swagger.json
@@ -109,51 +109,6 @@
"default": "ALGORITHM_UNSPECIFIED",
"description": "Supported key algorithms."
},
- "policyAsymmetricKey": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "title": "Required"
- },
- "keyId": {
- "type": "string",
- "title": "Required"
- },
- "keyAlgorithm": {
- "$ref": "#/definitions/policyAlgorithm",
- "title": "Required"
- },
- "keyStatus": {
- "$ref": "#/definitions/policyKeyStatus",
- "title": "Required"
- },
- "keyMode": {
- "$ref": "#/definitions/policyKeyMode",
- "description": "Specifies how the key is managed (local or remote)",
- "title": "Required"
- },
- "publicKeyCtx": {
- "$ref": "#/definitions/policyPublicKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Required"
- },
- "privateKeyCtx": {
- "$ref": "#/definitions/policyPrivateKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Optional"
- },
- "providerConfig": {
- "$ref": "#/definitions/policyKeyProviderConfig",
- "description": "Configuration for the key provider",
- "title": "Optional"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata fields"
- }
- }
- },
"policyAttribute": {
"type": "object",
"properties": {
@@ -198,7 +153,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys associated with the attribute"
},
@@ -265,20 +220,6 @@
},
"title": "A collection of Conditions evaluated by the boolean_operator provided"
},
- "policyKasKey": {
- "type": "object",
- "properties": {
- "kasId": {
- "type": "string"
- },
- "key": {
- "$ref": "#/definitions/policyAsymmetricKey"
- },
- "kasUri": {
- "type": "string"
- }
- }
- },
"policyKasPublicKey": {
"type": "object",
"properties": {
@@ -344,7 +285,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -359,47 +300,6 @@
},
"title": "Key Access Server Registry"
},
- "policyKeyMode": {
- "type": "string",
- "enum": [
- "KEY_MODE_UNSPECIFIED",
- "KEY_MODE_CONFIG_ROOT_KEY",
- "KEY_MODE_PROVIDER_ROOT_KEY",
- "KEY_MODE_REMOTE",
- "KEY_MODE_PUBLIC_KEY_ONLY"
- ],
- "default": "KEY_MODE_UNSPECIFIED",
- "description": "Describes the management and operational mode of a cryptographic key.\n\n - KEY_MODE_UNSPECIFIED: KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.\n - KEY_MODE_CONFIG_ROOT_KEY: KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nsourced from local configuration. Unwrapping and all cryptographic operations are performed locally.\n - KEY_MODE_PROVIDER_ROOT_KEY: KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nmanaged by an external provider (e.g., a Hardware Security Module or Cloud KMS).\nKey unwrapping is delegated to the external provider; subsequent cryptographic operations\nare performed locally using the unwrapped key.\n - KEY_MODE_REMOTE: KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic\noperations are performed by, a remote Key Management Service (KMS) or HSM.\nThe private key material never leaves the secure boundary of the remote system.\n - KEY_MODE_PUBLIC_KEY_ONLY: KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,\ntypically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).\nThe corresponding private key is not managed or accessible by this system."
- },
- "policyKeyProviderConfig": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "configJson": {
- "type": "string",
- "format": "byte"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata"
- }
- }
- },
- "policyKeyStatus": {
- "type": "string",
- "enum": [
- "KEY_STATUS_UNSPECIFIED",
- "KEY_STATUS_ACTIVE",
- "KEY_STATUS_ROTATED"
- ],
- "default": "KEY_STATUS_UNSPECIFIED",
- "title": "The status of the key"
- },
"policyNamespace": {
"type": "object",
"properties": {
@@ -433,7 +333,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys for the namespace"
}
@@ -474,21 +374,6 @@
}
}
},
- "policyPrivateKeyCtx": {
- "type": "object",
- "properties": {
- "keyId": {
- "type": "string",
- "description": "Key ID for the symmetric key wrapping this key.",
- "title": "Required"
- },
- "wrappedKey": {
- "type": "string",
- "description": "Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.",
- "title": "Optional"
- }
- }
- },
"policyPublicKey": {
"type": "object",
"properties": {
@@ -503,16 +388,6 @@
},
"title": "Deprecated"
},
- "policyPublicKeyCtx": {
- "type": "object",
- "properties": {
- "pem": {
- "type": "string",
- "description": "Base64 encoded public key in PEM format",
- "title": "Required"
- }
- }
- },
"policyResourceMapping": {
"type": "object",
"properties": {
@@ -558,6 +433,37 @@
},
"description": "Resource Mapping Groups are namespaced collections of Resource Mappings\nassociated under a common group name."
},
+ "policySimpleKasKey": {
+ "type": "object",
+ "properties": {
+ "kasUri": {
+ "type": "string",
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
+ }
+ }
+ },
"policySourceType": {
"type": "string",
"enum": [
@@ -680,7 +586,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
}
},
"resourceMappings": {
diff --git a/docs/openapi/policy/subjectmapping/subject_mapping.openapi.yaml b/docs/openapi/policy/subjectmapping/subject_mapping.openapi.yaml
index 1f997c651c..ca1b88fbf5 100644
--- a/docs/openapi/policy/subjectmapping/subject_mapping.openapi.yaml
+++ b/docs/openapi/policy/subjectmapping/subject_mapping.openapi.yaml
@@ -475,24 +475,6 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1
- policy.KeyMode:
- type: string
- title: KeyMode
- enum:
- - KEY_MODE_UNSPECIFIED
- - KEY_MODE_CONFIG_ROOT_KEY
- - KEY_MODE_PROVIDER_ROOT_KEY
- - KEY_MODE_REMOTE
- - KEY_MODE_PUBLIC_KEY_ONLY
- description: Describes the management and operational mode of a cryptographic key.
- policy.KeyStatus:
- type: string
- title: KeyStatus
- enum:
- - KEY_STATUS_UNSPECIFIED
- - KEY_STATUS_ACTIVE
- - KEY_STATUS_ROTATED
- description: The status of the key
policy.SourceType:
type: string
title: SourceType
@@ -699,47 +681,6 @@ components:
title: Action
additionalProperties: false
description: An action an entity can take
- policy.AsymmetricKey:
- type: object
- properties:
- id:
- type: string
- title: id
- description: Required
- keyId:
- type: string
- title: key_id
- description: Required
- keyAlgorithm:
- title: key_algorithm
- description: Required
- $ref: '#/components/schemas/policy.Algorithm'
- keyStatus:
- title: key_status
- description: Required
- $ref: '#/components/schemas/policy.KeyStatus'
- keyMode:
- title: key_mode
- description: Required Specifies how the key is managed (local or remote)
- $ref: '#/components/schemas/policy.KeyMode'
- publicKeyCtx:
- title: public_key_ctx
- description: Required Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PublicKeyCtx'
- privateKeyCtx:
- title: private_key_ctx
- description: Optional Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PrivateKeyCtx'
- providerConfig:
- title: provider_config
- description: Optional Configuration for the key provider
- $ref: '#/components/schemas/policy.KeyProviderConfig'
- metadata:
- title: metadata
- description: Common metadata fields
- $ref: '#/components/schemas/common.Metadata'
- title: AsymmetricKey
- additionalProperties: false
policy.Attribute:
type: object
properties:
@@ -779,7 +720,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys associated with the attribute
metadata:
@@ -841,20 +782,6 @@ components:
- booleanOperator
additionalProperties: false
description: A collection of Conditions evaluated by the boolean_operator provided
- policy.KasKey:
- type: object
- properties:
- kasId:
- type: string
- title: kas_id
- key:
- title: key
- $ref: '#/components/schemas/policy.AsymmetricKey'
- kasUri:
- type: string
- title: kas_uri
- title: KasKey
- additionalProperties: false
policy.KasPublicKey:
type: object
properties:
@@ -925,7 +852,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -941,25 +868,6 @@ components:
title: KeyAccessServer
additionalProperties: false
description: Key Access Server Registry
- policy.KeyProviderConfig:
- type: object
- properties:
- id:
- type: string
- title: id
- name:
- type: string
- title: name
- configJson:
- type: string
- title: config_json
- format: byte
- metadata:
- title: metadata
- description: Common metadata
- $ref: '#/components/schemas/common.Metadata'
- title: KeyProviderConfig
- additionalProperties: false
policy.Namespace:
type: object
properties:
@@ -992,7 +900,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
@@ -1039,20 +947,6 @@ components:
description: Total count of entire list
title: PageResponse
additionalProperties: false
- policy.PrivateKeyCtx:
- type: object
- properties:
- keyId:
- type: string
- title: key_id
- minLength: 1
- description: Required Key ID for the symmetric key wrapping this key.
- wrappedKey:
- type: string
- title: wrapped_key
- description: Optional Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
- title: PrivateKeyCtx
- additionalProperties: false
policy.PublicKey:
type: object
oneOf:
@@ -1081,16 +975,6 @@ components:
title: PublicKey
additionalProperties: false
description: Deprecated
- policy.PublicKeyCtx:
- type: object
- properties:
- pem:
- type: string
- title: pem
- minLength: 1
- description: Required Base64 encoded public key in PEM format
- title: PublicKeyCtx
- additionalProperties: false
policy.ResourceMapping:
type: object
properties:
@@ -1146,6 +1030,37 @@ components:
description: |-
Resource Mapping Groups are namespaced collections of Resource Mappings
associated under a common group name.
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.SubjectConditionSet:
type: object
properties:
@@ -1272,7 +1187,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
resourceMappings:
type: array
diff --git a/docs/openapi/policy/subjectmapping/subject_mapping.swagger.json b/docs/openapi/policy/subjectmapping/subject_mapping.swagger.json
index 280ead0ecf..d2e8d9fda8 100644
--- a/docs/openapi/policy/subjectmapping/subject_mapping.swagger.json
+++ b/docs/openapi/policy/subjectmapping/subject_mapping.swagger.json
@@ -109,51 +109,6 @@
"default": "ALGORITHM_UNSPECIFIED",
"description": "Supported key algorithms."
},
- "policyAsymmetricKey": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "title": "Required"
- },
- "keyId": {
- "type": "string",
- "title": "Required"
- },
- "keyAlgorithm": {
- "$ref": "#/definitions/policyAlgorithm",
- "title": "Required"
- },
- "keyStatus": {
- "$ref": "#/definitions/policyKeyStatus",
- "title": "Required"
- },
- "keyMode": {
- "$ref": "#/definitions/policyKeyMode",
- "description": "Specifies how the key is managed (local or remote)",
- "title": "Required"
- },
- "publicKeyCtx": {
- "$ref": "#/definitions/policyPublicKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Required"
- },
- "privateKeyCtx": {
- "$ref": "#/definitions/policyPrivateKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Optional"
- },
- "providerConfig": {
- "$ref": "#/definitions/policyKeyProviderConfig",
- "description": "Configuration for the key provider",
- "title": "Optional"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata fields"
- }
- }
- },
"policyAttribute": {
"type": "object",
"properties": {
@@ -198,7 +153,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys associated with the attribute"
},
@@ -265,20 +220,6 @@
},
"title": "A collection of Conditions evaluated by the boolean_operator provided"
},
- "policyKasKey": {
- "type": "object",
- "properties": {
- "kasId": {
- "type": "string"
- },
- "key": {
- "$ref": "#/definitions/policyAsymmetricKey"
- },
- "kasUri": {
- "type": "string"
- }
- }
- },
"policyKasPublicKey": {
"type": "object",
"properties": {
@@ -344,7 +285,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -359,47 +300,6 @@
},
"title": "Key Access Server Registry"
},
- "policyKeyMode": {
- "type": "string",
- "enum": [
- "KEY_MODE_UNSPECIFIED",
- "KEY_MODE_CONFIG_ROOT_KEY",
- "KEY_MODE_PROVIDER_ROOT_KEY",
- "KEY_MODE_REMOTE",
- "KEY_MODE_PUBLIC_KEY_ONLY"
- ],
- "default": "KEY_MODE_UNSPECIFIED",
- "description": "Describes the management and operational mode of a cryptographic key.\n\n - KEY_MODE_UNSPECIFIED: KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.\n - KEY_MODE_CONFIG_ROOT_KEY: KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nsourced from local configuration. Unwrapping and all cryptographic operations are performed locally.\n - KEY_MODE_PROVIDER_ROOT_KEY: KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nmanaged by an external provider (e.g., a Hardware Security Module or Cloud KMS).\nKey unwrapping is delegated to the external provider; subsequent cryptographic operations\nare performed locally using the unwrapped key.\n - KEY_MODE_REMOTE: KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic\noperations are performed by, a remote Key Management Service (KMS) or HSM.\nThe private key material never leaves the secure boundary of the remote system.\n - KEY_MODE_PUBLIC_KEY_ONLY: KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,\ntypically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).\nThe corresponding private key is not managed or accessible by this system."
- },
- "policyKeyProviderConfig": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "configJson": {
- "type": "string",
- "format": "byte"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata"
- }
- }
- },
- "policyKeyStatus": {
- "type": "string",
- "enum": [
- "KEY_STATUS_UNSPECIFIED",
- "KEY_STATUS_ACTIVE",
- "KEY_STATUS_ROTATED"
- ],
- "default": "KEY_STATUS_UNSPECIFIED",
- "title": "The status of the key"
- },
"policyNamespace": {
"type": "object",
"properties": {
@@ -433,7 +333,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys for the namespace"
}
@@ -474,21 +374,6 @@
}
}
},
- "policyPrivateKeyCtx": {
- "type": "object",
- "properties": {
- "keyId": {
- "type": "string",
- "description": "Key ID for the symmetric key wrapping this key.",
- "title": "Required"
- },
- "wrappedKey": {
- "type": "string",
- "description": "Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.",
- "title": "Optional"
- }
- }
- },
"policyPublicKey": {
"type": "object",
"properties": {
@@ -503,16 +388,6 @@
},
"title": "Deprecated"
},
- "policyPublicKeyCtx": {
- "type": "object",
- "properties": {
- "pem": {
- "type": "string",
- "description": "Base64 encoded public key in PEM format",
- "title": "Required"
- }
- }
- },
"policyResourceMapping": {
"type": "object",
"properties": {
@@ -558,6 +433,37 @@
},
"description": "Resource Mapping Groups are namespaced collections of Resource Mappings\nassociated under a common group name."
},
+ "policySimpleKasKey": {
+ "type": "object",
+ "properties": {
+ "kasUri": {
+ "type": "string",
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
+ }
+ }
+ },
"policySourceType": {
"type": "string",
"enum": [
@@ -692,7 +598,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
}
},
"resourceMappings": {
diff --git a/docs/openapi/policy/unsafe/unsafe.openapi.yaml b/docs/openapi/policy/unsafe/unsafe.openapi.yaml
index 4fbddc45b5..875c41c555 100644
--- a/docs/openapi/policy/unsafe/unsafe.openapi.yaml
+++ b/docs/openapi/policy/unsafe/unsafe.openapi.yaml
@@ -413,24 +413,6 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
- KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1
- policy.KeyMode:
- type: string
- title: KeyMode
- enum:
- - KEY_MODE_UNSPECIFIED
- - KEY_MODE_CONFIG_ROOT_KEY
- - KEY_MODE_PROVIDER_ROOT_KEY
- - KEY_MODE_REMOTE
- - KEY_MODE_PUBLIC_KEY_ONLY
- description: Describes the management and operational mode of a cryptographic key.
- policy.KeyStatus:
- type: string
- title: KeyStatus
- enum:
- - KEY_STATUS_UNSPECIFIED
- - KEY_STATUS_ACTIVE
- - KEY_STATUS_ROTATED
- description: The status of the key
policy.SourceType:
type: string
title: SourceType
@@ -614,47 +596,6 @@ components:
title: Action
additionalProperties: false
description: An action an entity can take
- policy.AsymmetricKey:
- type: object
- properties:
- id:
- type: string
- title: id
- description: Required
- keyId:
- type: string
- title: key_id
- description: Required
- keyAlgorithm:
- title: key_algorithm
- description: Required
- $ref: '#/components/schemas/policy.Algorithm'
- keyStatus:
- title: key_status
- description: Required
- $ref: '#/components/schemas/policy.KeyStatus'
- keyMode:
- title: key_mode
- description: Required Specifies how the key is managed (local or remote)
- $ref: '#/components/schemas/policy.KeyMode'
- publicKeyCtx:
- title: public_key_ctx
- description: Required Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PublicKeyCtx'
- privateKeyCtx:
- title: private_key_ctx
- description: Optional Specific structure based on key provider implementation
- $ref: '#/components/schemas/policy.PrivateKeyCtx'
- providerConfig:
- title: provider_config
- description: Optional Configuration for the key provider
- $ref: '#/components/schemas/policy.KeyProviderConfig'
- metadata:
- title: metadata
- description: Common metadata fields
- $ref: '#/components/schemas/common.Metadata'
- title: AsymmetricKey
- additionalProperties: false
policy.Attribute:
type: object
properties:
@@ -694,7 +635,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys associated with the attribute
metadata:
@@ -756,20 +697,6 @@ components:
- booleanOperator
additionalProperties: false
description: A collection of Conditions evaluated by the boolean_operator provided
- policy.KasKey:
- type: object
- properties:
- kasId:
- type: string
- title: kas_id
- key:
- title: key
- $ref: '#/components/schemas/policy.AsymmetricKey'
- kasUri:
- type: string
- title: kas_uri
- title: KasKey
- additionalProperties: false
policy.KasPublicKey:
type: object
properties:
@@ -865,7 +792,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Kas keys associated with this KAS
name:
@@ -881,25 +808,6 @@ components:
title: KeyAccessServer
additionalProperties: false
description: Key Access Server Registry
- policy.KeyProviderConfig:
- type: object
- properties:
- id:
- type: string
- title: id
- name:
- type: string
- title: name
- configJson:
- type: string
- title: config_json
- format: byte
- metadata:
- title: metadata
- description: Common metadata
- $ref: '#/components/schemas/common.Metadata'
- title: KeyProviderConfig
- additionalProperties: false
policy.Namespace:
type: object
properties:
@@ -932,25 +840,11 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
description: Keys for the namespace
title: Namespace
additionalProperties: false
- policy.PrivateKeyCtx:
- type: object
- properties:
- keyId:
- type: string
- title: key_id
- minLength: 1
- description: Required Key ID for the symmetric key wrapping this key.
- wrappedKey:
- type: string
- title: wrapped_key
- description: Optional Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
- title: PrivateKeyCtx
- additionalProperties: false
policy.PublicKey:
type: object
oneOf:
@@ -979,16 +873,6 @@ components:
title: PublicKey
additionalProperties: false
description: Deprecated
- policy.PublicKeyCtx:
- type: object
- properties:
- pem:
- type: string
- title: pem
- minLength: 1
- description: Required Base64 encoded public key in PEM format
- title: PublicKeyCtx
- additionalProperties: false
policy.ResourceMapping:
type: object
properties:
@@ -1044,6 +928,37 @@ components:
description: |-
Resource Mapping Groups are namespaced collections of Resource Mappings
associated under a common group name.
+ policy.SimpleKasKey:
+ type: object
+ properties:
+ kasUri:
+ type: string
+ title: kas_uri
+ description: The URL of the Key Access Server
+ publicKey:
+ title: public_key
+ description: The public key of the Key that belongs to the KAS
+ $ref: '#/components/schemas/policy.SimpleKasPublicKey'
+ kasId:
+ type: string
+ title: kas_id
+ description: The ID of the Key Access Server
+ title: SimpleKasKey
+ additionalProperties: false
+ policy.SimpleKasPublicKey:
+ type: object
+ properties:
+ algorithm:
+ title: algorithm
+ $ref: '#/components/schemas/policy.Algorithm'
+ kid:
+ type: string
+ title: kid
+ pem:
+ type: string
+ title: pem
+ title: SimpleKasPublicKey
+ additionalProperties: false
policy.SubjectConditionSet:
type: object
properties:
@@ -1145,7 +1060,7 @@ components:
kasKeys:
type: array
items:
- $ref: '#/components/schemas/policy.KasKey'
+ $ref: '#/components/schemas/policy.SimpleKasKey'
title: kas_keys
resourceMappings:
type: array
diff --git a/docs/openapi/policy/unsafe/unsafe.swagger.json b/docs/openapi/policy/unsafe/unsafe.swagger.json
index 02690ca5f7..2a81e583d2 100644
--- a/docs/openapi/policy/unsafe/unsafe.swagger.json
+++ b/docs/openapi/policy/unsafe/unsafe.swagger.json
@@ -87,51 +87,6 @@
"default": "ALGORITHM_UNSPECIFIED",
"description": "Supported key algorithms."
},
- "policyAsymmetricKey": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string",
- "title": "Required"
- },
- "keyId": {
- "type": "string",
- "title": "Required"
- },
- "keyAlgorithm": {
- "$ref": "#/definitions/policyAlgorithm",
- "title": "Required"
- },
- "keyStatus": {
- "$ref": "#/definitions/policyKeyStatus",
- "title": "Required"
- },
- "keyMode": {
- "$ref": "#/definitions/policyKeyMode",
- "description": "Specifies how the key is managed (local or remote)",
- "title": "Required"
- },
- "publicKeyCtx": {
- "$ref": "#/definitions/policyPublicKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Required"
- },
- "privateKeyCtx": {
- "$ref": "#/definitions/policyPrivateKeyCtx",
- "description": "Specific structure based on key provider implementation",
- "title": "Optional"
- },
- "providerConfig": {
- "$ref": "#/definitions/policyKeyProviderConfig",
- "description": "Configuration for the key provider",
- "title": "Optional"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata fields"
- }
- }
- },
"policyAttribute": {
"type": "object",
"properties": {
@@ -176,7 +131,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys associated with the attribute"
},
@@ -243,20 +198,6 @@
},
"title": "A collection of Conditions evaluated by the boolean_operator provided"
},
- "policyKasKey": {
- "type": "object",
- "properties": {
- "kasId": {
- "type": "string"
- },
- "key": {
- "$ref": "#/definitions/policyAsymmetricKey"
- },
- "kasUri": {
- "type": "string"
- }
- }
- },
"policyKasPublicKey": {
"type": "object",
"properties": {
@@ -347,7 +288,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Kas keys associated with this KAS"
},
@@ -362,47 +303,6 @@
},
"title": "Key Access Server Registry"
},
- "policyKeyMode": {
- "type": "string",
- "enum": [
- "KEY_MODE_UNSPECIFIED",
- "KEY_MODE_CONFIG_ROOT_KEY",
- "KEY_MODE_PROVIDER_ROOT_KEY",
- "KEY_MODE_REMOTE",
- "KEY_MODE_PUBLIC_KEY_ONLY"
- ],
- "default": "KEY_MODE_UNSPECIFIED",
- "description": "Describes the management and operational mode of a cryptographic key.\n\n - KEY_MODE_UNSPECIFIED: KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.\n - KEY_MODE_CONFIG_ROOT_KEY: KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nsourced from local configuration. Unwrapping and all cryptographic operations are performed locally.\n - KEY_MODE_PROVIDER_ROOT_KEY: KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)\nmanaged by an external provider (e.g., a Hardware Security Module or Cloud KMS).\nKey unwrapping is delegated to the external provider; subsequent cryptographic operations\nare performed locally using the unwrapped key.\n - KEY_MODE_REMOTE: KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic\noperations are performed by, a remote Key Management Service (KMS) or HSM.\nThe private key material never leaves the secure boundary of the remote system.\n - KEY_MODE_PUBLIC_KEY_ONLY: KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,\ntypically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).\nThe corresponding private key is not managed or accessible by this system."
- },
- "policyKeyProviderConfig": {
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
- },
- "name": {
- "type": "string"
- },
- "configJson": {
- "type": "string",
- "format": "byte"
- },
- "metadata": {
- "$ref": "#/definitions/commonMetadata",
- "title": "Common metadata"
- }
- }
- },
- "policyKeyStatus": {
- "type": "string",
- "enum": [
- "KEY_STATUS_UNSPECIFIED",
- "KEY_STATUS_ACTIVE",
- "KEY_STATUS_ROTATED"
- ],
- "default": "KEY_STATUS_UNSPECIFIED",
- "title": "The status of the key"
- },
"policyNamespace": {
"type": "object",
"properties": {
@@ -436,27 +336,12 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
},
"title": "Keys for the namespace"
}
}
},
- "policyPrivateKeyCtx": {
- "type": "object",
- "properties": {
- "keyId": {
- "type": "string",
- "description": "Key ID for the symmetric key wrapping this key.",
- "title": "Required"
- },
- "wrappedKey": {
- "type": "string",
- "description": "Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.",
- "title": "Optional"
- }
- }
- },
"policyPublicKey": {
"type": "object",
"properties": {
@@ -471,16 +356,6 @@
},
"title": "Deprecated"
},
- "policyPublicKeyCtx": {
- "type": "object",
- "properties": {
- "pem": {
- "type": "string",
- "description": "Base64 encoded public key in PEM format",
- "title": "Required"
- }
- }
- },
"policyResourceMapping": {
"type": "object",
"properties": {
@@ -526,6 +401,37 @@
},
"description": "Resource Mapping Groups are namespaced collections of Resource Mappings\nassociated under a common group name."
},
+ "policySimpleKasKey": {
+ "type": "object",
+ "properties": {
+ "kasUri": {
+ "type": "string",
+ "title": "The URL of the Key Access Server"
+ },
+ "publicKey": {
+ "$ref": "#/definitions/policySimpleKasPublicKey",
+ "title": "The public key of the Key that belongs to the KAS"
+ },
+ "kasId": {
+ "type": "string",
+ "title": "The ID of the Key Access Server"
+ }
+ }
+ },
+ "policySimpleKasPublicKey": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "$ref": "#/definitions/policyAlgorithm"
+ },
+ "kid": {
+ "type": "string"
+ },
+ "pem": {
+ "type": "string"
+ }
+ }
+ },
"policySourceType": {
"type": "string",
"enum": [
@@ -648,7 +554,7 @@
"type": "array",
"items": {
"type": "object",
- "$ref": "#/definitions/policyKasKey"
+ "$ref": "#/definitions/policySimpleKasKey"
}
},
"resourceMappings": {
diff --git a/protocol/go/policy/kasregistry/key_access_server_registry.pb.go b/protocol/go/policy/kasregistry/key_access_server_registry.pb.go
index 544ac8c208..1f40fba672 100644
--- a/protocol/go/policy/kasregistry/key_access_server_registry.pb.go
+++ b/protocol/go/policy/kasregistry/key_access_server_registry.pb.go
@@ -2846,124 +2846,6 @@ func (*SetBaseKeyRequest_Id) isSetBaseKeyRequest_ActiveKey() {}
func (*SetBaseKeyRequest_Key) isSetBaseKeyRequest_ActiveKey() {}
-type SimpleKasPublicKey struct {
- state protoimpl.MessageState
- sizeCache protoimpl.SizeCache
- unknownFields protoimpl.UnknownFields
-
- Algorithm policy.Algorithm `protobuf:"varint,1,opt,name=algorithm,proto3,enum=policy.Algorithm" json:"algorithm,omitempty"`
- Kid string `protobuf:"bytes,2,opt,name=kid,proto3" json:"kid,omitempty"`
- Pem string `protobuf:"bytes,3,opt,name=pem,proto3" json:"pem,omitempty"`
-}
-
-func (x *SimpleKasPublicKey) Reset() {
- *x = SimpleKasPublicKey{}
- if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[42]
- ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
- ms.StoreMessageInfo(mi)
- }
-}
-
-func (x *SimpleKasPublicKey) String() string {
- return protoimpl.X.MessageStringOf(x)
-}
-
-func (*SimpleKasPublicKey) ProtoMessage() {}
-
-func (x *SimpleKasPublicKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[42]
- if protoimpl.UnsafeEnabled && x != nil {
- ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
- if ms.LoadMessageInfo() == nil {
- ms.StoreMessageInfo(mi)
- }
- return ms
- }
- return mi.MessageOf(x)
-}
-
-// Deprecated: Use SimpleKasPublicKey.ProtoReflect.Descriptor instead.
-func (*SimpleKasPublicKey) Descriptor() ([]byte, []int) {
- return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{42}
-}
-
-func (x *SimpleKasPublicKey) GetAlgorithm() policy.Algorithm {
- if x != nil {
- return x.Algorithm
- }
- return policy.Algorithm(0)
-}
-
-func (x *SimpleKasPublicKey) GetKid() string {
- if x != nil {
- return x.Kid
- }
- return ""
-}
-
-func (x *SimpleKasPublicKey) GetPem() string {
- if x != nil {
- return x.Pem
- }
- return ""
-}
-
-type SimpleKasKey struct {
- state protoimpl.MessageState
- sizeCache protoimpl.SizeCache
- unknownFields protoimpl.UnknownFields
-
- KasUri string `protobuf:"bytes,1,opt,name=kas_uri,json=kasUri,proto3" json:"kas_uri,omitempty"` // The URL of the Key Access Server
- PublicKey *SimpleKasPublicKey `protobuf:"bytes,2,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` // The public key of the Key that belongs to the KAS
-}
-
-func (x *SimpleKasKey) Reset() {
- *x = SimpleKasKey{}
- if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[43]
- ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
- ms.StoreMessageInfo(mi)
- }
-}
-
-func (x *SimpleKasKey) String() string {
- return protoimpl.X.MessageStringOf(x)
-}
-
-func (*SimpleKasKey) ProtoMessage() {}
-
-func (x *SimpleKasKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[43]
- if protoimpl.UnsafeEnabled && x != nil {
- ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
- if ms.LoadMessageInfo() == nil {
- ms.StoreMessageInfo(mi)
- }
- return ms
- }
- return mi.MessageOf(x)
-}
-
-// Deprecated: Use SimpleKasKey.ProtoReflect.Descriptor instead.
-func (*SimpleKasKey) Descriptor() ([]byte, []int) {
- return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{43}
-}
-
-func (x *SimpleKasKey) GetKasUri() string {
- if x != nil {
- return x.KasUri
- }
- return ""
-}
-
-func (x *SimpleKasKey) GetPublicKey() *SimpleKasPublicKey {
- if x != nil {
- return x.PublicKey
- }
- return nil
-}
-
type GetBaseKeyRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
@@ -2973,7 +2855,7 @@ type GetBaseKeyRequest struct {
func (x *GetBaseKeyRequest) Reset() {
*x = GetBaseKeyRequest{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[44]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[42]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2986,7 +2868,7 @@ func (x *GetBaseKeyRequest) String() string {
func (*GetBaseKeyRequest) ProtoMessage() {}
func (x *GetBaseKeyRequest) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[44]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[42]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2999,7 +2881,7 @@ func (x *GetBaseKeyRequest) ProtoReflect() protoreflect.Message {
// Deprecated: Use GetBaseKeyRequest.ProtoReflect.Descriptor instead.
func (*GetBaseKeyRequest) Descriptor() ([]byte, []int) {
- return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{44}
+ return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{42}
}
type GetBaseKeyResponse struct {
@@ -3007,13 +2889,13 @@ type GetBaseKeyResponse struct {
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
- BaseKey *SimpleKasKey `protobuf:"bytes,1,opt,name=base_key,json=baseKey,proto3" json:"base_key,omitempty"` // The current base key
+ BaseKey *policy.SimpleKasKey `protobuf:"bytes,1,opt,name=base_key,json=baseKey,proto3" json:"base_key,omitempty"` // The current base key
}
func (x *GetBaseKeyResponse) Reset() {
*x = GetBaseKeyResponse{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[45]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[43]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -3026,7 +2908,7 @@ func (x *GetBaseKeyResponse) String() string {
func (*GetBaseKeyResponse) ProtoMessage() {}
func (x *GetBaseKeyResponse) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[45]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[43]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -3039,10 +2921,10 @@ func (x *GetBaseKeyResponse) ProtoReflect() protoreflect.Message {
// Deprecated: Use GetBaseKeyResponse.ProtoReflect.Descriptor instead.
func (*GetBaseKeyResponse) Descriptor() ([]byte, []int) {
- return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{45}
+ return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{43}
}
-func (x *GetBaseKeyResponse) GetBaseKey() *SimpleKasKey {
+func (x *GetBaseKeyResponse) GetBaseKey() *policy.SimpleKasKey {
if x != nil {
return x.BaseKey
}
@@ -3054,14 +2936,14 @@ type SetBaseKeyResponse struct {
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
- NewBaseKey *SimpleKasKey `protobuf:"bytes,1,opt,name=new_base_key,json=newBaseKey,proto3" json:"new_base_key,omitempty"` // The key that was set as base
- PreviousBaseKey *SimpleKasKey `protobuf:"bytes,2,opt,name=previous_base_key,json=previousBaseKey,proto3" json:"previous_base_key,omitempty"` // The previous base key, if any
+ NewBaseKey *policy.SimpleKasKey `protobuf:"bytes,1,opt,name=new_base_key,json=newBaseKey,proto3" json:"new_base_key,omitempty"` // The key that was set as base
+ PreviousBaseKey *policy.SimpleKasKey `protobuf:"bytes,2,opt,name=previous_base_key,json=previousBaseKey,proto3" json:"previous_base_key,omitempty"` // The previous base key, if any
}
func (x *SetBaseKeyResponse) Reset() {
*x = SetBaseKeyResponse{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[46]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[44]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -3074,7 +2956,7 @@ func (x *SetBaseKeyResponse) String() string {
func (*SetBaseKeyResponse) ProtoMessage() {}
func (x *SetBaseKeyResponse) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[46]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[44]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -3087,17 +2969,17 @@ func (x *SetBaseKeyResponse) ProtoReflect() protoreflect.Message {
// Deprecated: Use SetBaseKeyResponse.ProtoReflect.Descriptor instead.
func (*SetBaseKeyResponse) Descriptor() ([]byte, []int) {
- return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{46}
+ return file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP(), []int{44}
}
-func (x *SetBaseKeyResponse) GetNewBaseKey() *SimpleKasKey {
+func (x *SetBaseKeyResponse) GetNewBaseKey() *policy.SimpleKasKey {
if x != nil {
return x.NewBaseKey
}
return nil
}
-func (x *SetBaseKeyResponse) GetPreviousBaseKey() *SimpleKasKey {
+func (x *SetBaseKeyResponse) GetPreviousBaseKey() *policy.SimpleKasKey {
if x != nil {
return x.PreviousBaseKey
}
@@ -3118,7 +3000,7 @@ type ListPublicKeyMappingResponse_PublicKeyMapping struct {
func (x *ListPublicKeyMappingResponse_PublicKeyMapping) Reset() {
*x = ListPublicKeyMappingResponse_PublicKeyMapping{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[47]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[45]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -3131,7 +3013,7 @@ func (x *ListPublicKeyMappingResponse_PublicKeyMapping) String() string {
func (*ListPublicKeyMappingResponse_PublicKeyMapping) ProtoMessage() {}
func (x *ListPublicKeyMappingResponse_PublicKeyMapping) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[47]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[45]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -3189,7 +3071,7 @@ type ListPublicKeyMappingResponse_PublicKey struct {
func (x *ListPublicKeyMappingResponse_PublicKey) Reset() {
*x = ListPublicKeyMappingResponse_PublicKey{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[48]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[46]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -3202,7 +3084,7 @@ func (x *ListPublicKeyMappingResponse_PublicKey) String() string {
func (*ListPublicKeyMappingResponse_PublicKey) ProtoMessage() {}
func (x *ListPublicKeyMappingResponse_PublicKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[48]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[46]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -3258,7 +3140,7 @@ type ListPublicKeyMappingResponse_Association struct {
func (x *ListPublicKeyMappingResponse_Association) Reset() {
*x = ListPublicKeyMappingResponse_Association{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[49]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[47]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -3271,7 +3153,7 @@ func (x *ListPublicKeyMappingResponse_Association) String() string {
func (*ListPublicKeyMappingResponse_Association) ProtoMessage() {}
func (x *ListPublicKeyMappingResponse_Association) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[49]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[47]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -3326,7 +3208,7 @@ type RotateKeyRequest_NewKey struct {
func (x *RotateKeyRequest_NewKey) Reset() {
*x = RotateKeyRequest_NewKey{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[50]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[48]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -3339,7 +3221,7 @@ func (x *RotateKeyRequest_NewKey) String() string {
func (*RotateKeyRequest_NewKey) ProtoMessage() {}
func (x *RotateKeyRequest_NewKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[50]
+ mi := &file_policy_kasregistry_key_access_server_registry_proto_msgTypes[48]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -4174,145 +4056,129 @@ var file_policy_kasregistry_key_access_server_registry_proto_rawDesc = []byte{
0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79,
0x2e, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65,
0x72, 0x48, 0x00, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x42, 0x13, 0x0a, 0x0a, 0x61, 0x63, 0x74, 0x69,
- 0x76, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x12, 0x05, 0xba, 0x48, 0x02, 0x08, 0x01, 0x22, 0x69, 0x0a,
- 0x12, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63,
- 0x4b, 0x65, 0x79, 0x12, 0x2f, 0x0a, 0x09, 0x61, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d,
- 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x52, 0x09, 0x61, 0x6c, 0x67, 0x6f, 0x72,
- 0x69, 0x74, 0x68, 0x6d, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
- 0x09, 0x52, 0x03, 0x6b, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x70, 0x65, 0x6d, 0x18, 0x03, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x03, 0x70, 0x65, 0x6d, 0x22, 0x6e, 0x0a, 0x0c, 0x53, 0x69, 0x6d, 0x70,
- 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x12, 0x17, 0x0a, 0x07, 0x6b, 0x61, 0x73, 0x5f,
- 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6b, 0x61, 0x73, 0x55, 0x72,
- 0x69, 0x12, 0x45, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18,
- 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b,
- 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c,
- 0x65, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x70,
- 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x22, 0x13, 0x0a, 0x11, 0x47, 0x65, 0x74, 0x42,
- 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x51, 0x0a,
- 0x12, 0x47, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f,
- 0x6e, 0x73, 0x65, 0x12, 0x3b, 0x0a, 0x08, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18,
- 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b,
- 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c,
- 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52, 0x07, 0x62, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79,
- 0x22, 0xa6, 0x01, 0x0a, 0x12, 0x53, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52,
- 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x42, 0x0a, 0x0c, 0x6e, 0x65, 0x77, 0x5f, 0x62,
- 0x61, 0x73, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52,
- 0x0a, 0x6e, 0x65, 0x77, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x4c, 0x0a, 0x11, 0x70,
- 0x72, 0x65, 0x76, 0x69, 0x6f, 0x75, 0x73, 0x5f, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x6b, 0x65, 0x79,
- 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70,
- 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52, 0x0f, 0x70, 0x72, 0x65, 0x76, 0x69, 0x6f,
- 0x75, 0x73, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x32, 0xc4, 0x0b, 0x0a, 0x1e, 0x4b, 0x65,
- 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x67,
- 0x69, 0x73, 0x74, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x99, 0x01, 0x0a,
- 0x14, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65,
- 0x72, 0x76, 0x65, 0x72, 0x73, 0x12, 0x2f, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b,
- 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b,
- 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52,
- 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x30, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
+ 0x76, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x12, 0x05, 0xba, 0x48, 0x02, 0x08, 0x01, 0x22, 0x13, 0x0a,
+ 0x11, 0x47, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65,
+ 0x73, 0x74, 0x22, 0x45, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79,
+ 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2f, 0x0a, 0x08, 0x62, 0x61, 0x73, 0x65,
+ 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c,
+ 0x69, 0x63, 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79,
+ 0x52, 0x07, 0x62, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x22, 0x8e, 0x01, 0x0a, 0x12, 0x53, 0x65,
+ 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+ 0x12, 0x36, 0x0a, 0x0c, 0x6e, 0x65, 0x77, 0x5f, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x6b, 0x65, 0x79,
+ 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
+ 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52, 0x0a, 0x6e, 0x65,
+ 0x77, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x40, 0x0a, 0x11, 0x70, 0x72, 0x65, 0x76,
+ 0x69, 0x6f, 0x75, 0x73, 0x5f, 0x62, 0x61, 0x73, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20,
+ 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x69, 0x6d,
+ 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52, 0x0f, 0x70, 0x72, 0x65, 0x76, 0x69,
+ 0x6f, 0x75, 0x73, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x32, 0xc4, 0x0b, 0x0a, 0x1e, 0x4b,
+ 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65,
+ 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x99, 0x01,
+ 0x0a, 0x14, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53,
+ 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x12, 0x2f, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74,
0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73,
- 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x15,
- 0x12, 0x13, 0x2f, 0x6b, 0x65, 0x79, 0x2d, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x2d, 0x73, 0x65,
- 0x72, 0x76, 0x65, 0x72, 0x73, 0x90, 0x02, 0x01, 0x12, 0x78, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x4b,
- 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x2d,
+ 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x30, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+ 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73,
+ 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
+ 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3, 0xe4, 0x93, 0x02,
+ 0x15, 0x12, 0x13, 0x2f, 0x6b, 0x65, 0x79, 0x2d, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x2d, 0x73,
+ 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x90, 0x02, 0x01, 0x12, 0x78, 0x0a, 0x12, 0x47, 0x65, 0x74,
+ 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12,
+ 0x2d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69,
+ 0x73, 0x74, 0x72, 0x79, 0x2e, 0x47, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73,
+ 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e,
0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73,
0x74, 0x72, 0x79, 0x2e, 0x47, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
- 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0x2e, 0x47, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53,
- 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x03, 0x90,
- 0x02, 0x01, 0x12, 0x7e, 0x0a, 0x15, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41,
- 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x30, 0x2e, 0x70, 0x6f,
- 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79,
- 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
- 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65,
- 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
- 0x22, 0x00, 0x12, 0x7e, 0x0a, 0x15, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41,
- 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x30, 0x2e, 0x70, 0x6f,
- 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79,
- 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
- 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65,
- 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
- 0x22, 0x00, 0x12, 0x7e, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41,
- 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x30, 0x2e, 0x70, 0x6f,
- 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79,
- 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
- 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65,
- 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
- 0x22, 0x00, 0x12, 0x8d, 0x01, 0x0a, 0x19, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63,
+ 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x03,
+ 0x90, 0x02, 0x01, 0x12, 0x7e, 0x0a, 0x15, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79,
+ 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x30, 0x2e, 0x70,
+ 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72,
+ 0x79, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73,
+ 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31,
+ 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73,
+ 0x74, 0x72, 0x79, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63,
+ 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x65, 0x22, 0x00, 0x12, 0x7e, 0x0a, 0x15, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79,
+ 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x30, 0x2e, 0x70,
+ 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72,
+ 0x79, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73,
+ 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31,
+ 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73,
+ 0x74, 0x72, 0x79, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63,
+ 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x65, 0x22, 0x00, 0x12, 0x7e, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4b, 0x65, 0x79,
+ 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x30, 0x2e, 0x70,
+ 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72,
+ 0x79, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73,
+ 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31,
+ 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73,
+ 0x74, 0x72, 0x79, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63,
+ 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x65, 0x22, 0x00, 0x12, 0x8d, 0x01, 0x0a, 0x19, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x41,
+ 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x47, 0x72, 0x61, 0x6e, 0x74,
+ 0x73, 0x12, 0x34, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65,
+ 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63,
0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x73,
- 0x12, 0x34, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67,
- 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63,
- 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x52,
- 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x35, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74,
- 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x47,
- 0x72, 0x61, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x03, 0x90,
- 0x02, 0x01, 0x12, 0x5a, 0x0a, 0x09, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12,
- 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69,
- 0x73, 0x74, 0x72, 0x79, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65,
- 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b,
- 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74,
- 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x51,
- 0x0a, 0x06, 0x47, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
- 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x47, 0x65,
- 0x74, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x70, 0x6f,
- 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79,
- 0x2e, 0x47, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
- 0x00, 0x12, 0x57, 0x0a, 0x08, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x23, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
- 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72,
- 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x73,
- 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x5a, 0x0a, 0x09, 0x55, 0x70,
- 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
- 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x55, 0x70, 0x64,
- 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70,
- 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x5a, 0x0a, 0x09, 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65,
- 0x4b, 0x65, 0x79, 0x12, 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73,
- 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65, 0x4b,
- 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x70, 0x6f, 0x6c, 0x69,
- 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x52,
- 0x6f, 0x74, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
- 0x22, 0x00, 0x12, 0x5d, 0x0a, 0x0a, 0x53, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79,
+ 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x35, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+ 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73,
+ 0x74, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
+ 0x47, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x03,
+ 0x90, 0x02, 0x01, 0x12, 0x5a, 0x0a, 0x09, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79,
+ 0x12, 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67,
+ 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52,
+ 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
+ 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x43, 0x72, 0x65, 0x61,
+ 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12,
+ 0x51, 0x0a, 0x06, 0x47, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x70, 0x6f, 0x6c, 0x69,
+ 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x47,
+ 0x65, 0x74, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x70,
+ 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72,
+ 0x79, 0x2e, 0x47, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+ 0x22, 0x00, 0x12, 0x57, 0x0a, 0x08, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x23,
+ 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73,
+ 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75,
+ 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73,
+ 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4b, 0x65, 0x79,
+ 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x5a, 0x0a, 0x09, 0x55,
+ 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x55, 0x70,
+ 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25,
+ 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73,
+ 0x74, 0x72, 0x79, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73,
+ 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x5a, 0x0a, 0x09, 0x52, 0x6f, 0x74, 0x61, 0x74,
+ 0x65, 0x4b, 0x65, 0x79, 0x12, 0x24, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61,
+ 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65,
+ 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x70, 0x6f, 0x6c,
+ 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e,
+ 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x65, 0x22, 0x00, 0x12, 0x5d, 0x0a, 0x0a, 0x53, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65,
+ 0x79, 0x12, 0x25, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65,
+ 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x53, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65,
+ 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x53, 0x65,
+ 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+ 0x22, 0x00, 0x12, 0x5d, 0x0a, 0x0a, 0x47, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79,
0x12, 0x25, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67,
- 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x53, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79,
+ 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x47, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79,
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
- 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x53, 0x65, 0x74,
+ 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x47, 0x65, 0x74,
0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
- 0x00, 0x12, 0x5d, 0x0a, 0x0a, 0x47, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x12,
- 0x25, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69,
- 0x73, 0x74, 0x72, 0x79, 0x2e, 0x47, 0x65, 0x74, 0x42, 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52,
- 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x2e, 0x47, 0x65, 0x74, 0x42,
- 0x61, 0x73, 0x65, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00,
- 0x42, 0xdb, 0x01, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x42, 0x1c, 0x4b, 0x65, 0x79,
- 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x67, 0x69,
- 0x73, 0x74, 0x72, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3a, 0x67, 0x69, 0x74,
- 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x64, 0x66, 0x2f,
- 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
- 0x6c, 0x2f, 0x67, 0x6f, 0x2f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2f, 0x6b, 0x61, 0x73, 0x72,
- 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0xa2, 0x02, 0x03, 0x50, 0x4b, 0x58, 0xaa, 0x02, 0x12,
- 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
- 0x72, 0x79, 0xca, 0x02, 0x12, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5c, 0x4b, 0x61, 0x73, 0x72,
- 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0xe2, 0x02, 0x1e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
- 0x5c, 0x4b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x5c, 0x47, 0x50, 0x42,
- 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x13, 0x50, 0x6f, 0x6c, 0x69, 0x63,
- 0x79, 0x3a, 0x3a, 0x4b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x62, 0x06,
- 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+ 0x00, 0x42, 0xdb, 0x01, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+ 0x2e, 0x6b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x42, 0x1c, 0x4b, 0x65,
+ 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x67,
+ 0x69, 0x73, 0x74, 0x72, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3a, 0x67, 0x69,
+ 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x64, 0x66,
+ 0x2f, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63,
+ 0x6f, 0x6c, 0x2f, 0x67, 0x6f, 0x2f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2f, 0x6b, 0x61, 0x73,
+ 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0xa2, 0x02, 0x03, 0x50, 0x4b, 0x58, 0xaa, 0x02,
+ 0x12, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73,
+ 0x74, 0x72, 0x79, 0xca, 0x02, 0x12, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5c, 0x4b, 0x61, 0x73,
+ 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0xe2, 0x02, 0x1e, 0x50, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x5c, 0x4b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x5c, 0x47, 0x50,
+ 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x13, 0x50, 0x6f, 0x6c, 0x69,
+ 0x63, 0x79, 0x3a, 0x3a, 0x4b, 0x61, 0x73, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x62,
+ 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (
@@ -4327,7 +4193,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_rawDescGZIP() []by
return file_policy_kasregistry_key_access_server_registry_proto_rawDescData
}
-var file_policy_kasregistry_key_access_server_registry_proto_msgTypes = make([]protoimpl.MessageInfo, 51)
+var file_policy_kasregistry_key_access_server_registry_proto_msgTypes = make([]protoimpl.MessageInfo, 49)
var file_policy_kasregistry_key_access_server_registry_proto_goTypes = []interface{}{
(*GetKeyAccessServerRequest)(nil), // 0: policy.kasregistry.GetKeyAccessServerRequest
(*GetKeyAccessServerResponse)(nil), // 1: policy.kasregistry.GetKeyAccessServerResponse
@@ -4371,137 +4237,134 @@ var file_policy_kasregistry_key_access_server_registry_proto_goTypes = []interfa
(*RotatedResources)(nil), // 39: policy.kasregistry.RotatedResources
(*RotateKeyResponse)(nil), // 40: policy.kasregistry.RotateKeyResponse
(*SetBaseKeyRequest)(nil), // 41: policy.kasregistry.SetBaseKeyRequest
- (*SimpleKasPublicKey)(nil), // 42: policy.kasregistry.SimpleKasPublicKey
- (*SimpleKasKey)(nil), // 43: policy.kasregistry.SimpleKasKey
- (*GetBaseKeyRequest)(nil), // 44: policy.kasregistry.GetBaseKeyRequest
- (*GetBaseKeyResponse)(nil), // 45: policy.kasregistry.GetBaseKeyResponse
- (*SetBaseKeyResponse)(nil), // 46: policy.kasregistry.SetBaseKeyResponse
- (*ListPublicKeyMappingResponse_PublicKeyMapping)(nil), // 47: policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMapping
- (*ListPublicKeyMappingResponse_PublicKey)(nil), // 48: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey
- (*ListPublicKeyMappingResponse_Association)(nil), // 49: policy.kasregistry.ListPublicKeyMappingResponse.Association
- (*RotateKeyRequest_NewKey)(nil), // 50: policy.kasregistry.RotateKeyRequest.NewKey
- (*policy.KeyAccessServer)(nil), // 51: policy.KeyAccessServer
- (*policy.PageRequest)(nil), // 52: policy.PageRequest
- (*policy.PageResponse)(nil), // 53: policy.PageResponse
- (*policy.PublicKey)(nil), // 54: policy.PublicKey
- (policy.SourceType)(0), // 55: policy.SourceType
- (*common.MetadataMutable)(nil), // 56: common.MetadataMutable
- (common.MetadataUpdateEnum)(0), // 57: common.MetadataUpdateEnum
- (*policy.KasPublicKey)(nil), // 58: policy.KasPublicKey
- (*policy.Key)(nil), // 59: policy.Key
- (policy.Algorithm)(0), // 60: policy.Algorithm
- (policy.KeyMode)(0), // 61: policy.KeyMode
- (*policy.PublicKeyCtx)(nil), // 62: policy.PublicKeyCtx
- (*policy.PrivateKeyCtx)(nil), // 63: policy.PrivateKeyCtx
- (*policy.KasKey)(nil), // 64: policy.KasKey
+ (*GetBaseKeyRequest)(nil), // 42: policy.kasregistry.GetBaseKeyRequest
+ (*GetBaseKeyResponse)(nil), // 43: policy.kasregistry.GetBaseKeyResponse
+ (*SetBaseKeyResponse)(nil), // 44: policy.kasregistry.SetBaseKeyResponse
+ (*ListPublicKeyMappingResponse_PublicKeyMapping)(nil), // 45: policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMapping
+ (*ListPublicKeyMappingResponse_PublicKey)(nil), // 46: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey
+ (*ListPublicKeyMappingResponse_Association)(nil), // 47: policy.kasregistry.ListPublicKeyMappingResponse.Association
+ (*RotateKeyRequest_NewKey)(nil), // 48: policy.kasregistry.RotateKeyRequest.NewKey
+ (*policy.KeyAccessServer)(nil), // 49: policy.KeyAccessServer
+ (*policy.PageRequest)(nil), // 50: policy.PageRequest
+ (*policy.PageResponse)(nil), // 51: policy.PageResponse
+ (*policy.PublicKey)(nil), // 52: policy.PublicKey
+ (policy.SourceType)(0), // 53: policy.SourceType
+ (*common.MetadataMutable)(nil), // 54: common.MetadataMutable
+ (common.MetadataUpdateEnum)(0), // 55: common.MetadataUpdateEnum
+ (*policy.KasPublicKey)(nil), // 56: policy.KasPublicKey
+ (*policy.Key)(nil), // 57: policy.Key
+ (policy.Algorithm)(0), // 58: policy.Algorithm
+ (policy.KeyMode)(0), // 59: policy.KeyMode
+ (*policy.PublicKeyCtx)(nil), // 60: policy.PublicKeyCtx
+ (*policy.PrivateKeyCtx)(nil), // 61: policy.PrivateKeyCtx
+ (*policy.KasKey)(nil), // 62: policy.KasKey
+ (*policy.SimpleKasKey)(nil), // 63: policy.SimpleKasKey
}
var file_policy_kasregistry_key_access_server_registry_proto_depIdxs = []int32{
- 51, // 0: policy.kasregistry.GetKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
- 52, // 1: policy.kasregistry.ListKeyAccessServersRequest.pagination:type_name -> policy.PageRequest
- 51, // 2: policy.kasregistry.ListKeyAccessServersResponse.key_access_servers:type_name -> policy.KeyAccessServer
- 53, // 3: policy.kasregistry.ListKeyAccessServersResponse.pagination:type_name -> policy.PageResponse
- 54, // 4: policy.kasregistry.CreateKeyAccessServerRequest.public_key:type_name -> policy.PublicKey
- 55, // 5: policy.kasregistry.CreateKeyAccessServerRequest.source_type:type_name -> policy.SourceType
- 56, // 6: policy.kasregistry.CreateKeyAccessServerRequest.metadata:type_name -> common.MetadataMutable
- 51, // 7: policy.kasregistry.CreateKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
- 54, // 8: policy.kasregistry.UpdateKeyAccessServerRequest.public_key:type_name -> policy.PublicKey
- 55, // 9: policy.kasregistry.UpdateKeyAccessServerRequest.source_type:type_name -> policy.SourceType
- 56, // 10: policy.kasregistry.UpdateKeyAccessServerRequest.metadata:type_name -> common.MetadataMutable
- 57, // 11: policy.kasregistry.UpdateKeyAccessServerRequest.metadata_update_behavior:type_name -> common.MetadataUpdateEnum
- 51, // 12: policy.kasregistry.UpdateKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
- 51, // 13: policy.kasregistry.DeleteKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
- 51, // 14: policy.kasregistry.KeyAccessServerGrants.key_access_server:type_name -> policy.KeyAccessServer
+ 49, // 0: policy.kasregistry.GetKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
+ 50, // 1: policy.kasregistry.ListKeyAccessServersRequest.pagination:type_name -> policy.PageRequest
+ 49, // 2: policy.kasregistry.ListKeyAccessServersResponse.key_access_servers:type_name -> policy.KeyAccessServer
+ 51, // 3: policy.kasregistry.ListKeyAccessServersResponse.pagination:type_name -> policy.PageResponse
+ 52, // 4: policy.kasregistry.CreateKeyAccessServerRequest.public_key:type_name -> policy.PublicKey
+ 53, // 5: policy.kasregistry.CreateKeyAccessServerRequest.source_type:type_name -> policy.SourceType
+ 54, // 6: policy.kasregistry.CreateKeyAccessServerRequest.metadata:type_name -> common.MetadataMutable
+ 49, // 7: policy.kasregistry.CreateKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
+ 52, // 8: policy.kasregistry.UpdateKeyAccessServerRequest.public_key:type_name -> policy.PublicKey
+ 53, // 9: policy.kasregistry.UpdateKeyAccessServerRequest.source_type:type_name -> policy.SourceType
+ 54, // 10: policy.kasregistry.UpdateKeyAccessServerRequest.metadata:type_name -> common.MetadataMutable
+ 55, // 11: policy.kasregistry.UpdateKeyAccessServerRequest.metadata_update_behavior:type_name -> common.MetadataUpdateEnum
+ 49, // 12: policy.kasregistry.UpdateKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
+ 49, // 13: policy.kasregistry.DeleteKeyAccessServerResponse.key_access_server:type_name -> policy.KeyAccessServer
+ 49, // 14: policy.kasregistry.KeyAccessServerGrants.key_access_server:type_name -> policy.KeyAccessServer
10, // 15: policy.kasregistry.KeyAccessServerGrants.namespace_grants:type_name -> policy.kasregistry.GrantedPolicyObject
10, // 16: policy.kasregistry.KeyAccessServerGrants.attribute_grants:type_name -> policy.kasregistry.GrantedPolicyObject
10, // 17: policy.kasregistry.KeyAccessServerGrants.value_grants:type_name -> policy.kasregistry.GrantedPolicyObject
- 58, // 18: policy.kasregistry.CreatePublicKeyRequest.key:type_name -> policy.KasPublicKey
- 56, // 19: policy.kasregistry.CreatePublicKeyRequest.metadata:type_name -> common.MetadataMutable
- 59, // 20: policy.kasregistry.CreatePublicKeyResponse.key:type_name -> policy.Key
- 59, // 21: policy.kasregistry.GetPublicKeyResponse.key:type_name -> policy.Key
- 52, // 22: policy.kasregistry.ListPublicKeysRequest.pagination:type_name -> policy.PageRequest
- 59, // 23: policy.kasregistry.ListPublicKeysResponse.keys:type_name -> policy.Key
- 53, // 24: policy.kasregistry.ListPublicKeysResponse.pagination:type_name -> policy.PageResponse
- 52, // 25: policy.kasregistry.ListPublicKeyMappingRequest.pagination:type_name -> policy.PageRequest
- 47, // 26: policy.kasregistry.ListPublicKeyMappingResponse.public_key_mappings:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMapping
- 53, // 27: policy.kasregistry.ListPublicKeyMappingResponse.pagination:type_name -> policy.PageResponse
- 56, // 28: policy.kasregistry.UpdatePublicKeyRequest.metadata:type_name -> common.MetadataMutable
- 57, // 29: policy.kasregistry.UpdatePublicKeyRequest.metadata_update_behavior:type_name -> common.MetadataUpdateEnum
- 59, // 30: policy.kasregistry.UpdatePublicKeyResponse.key:type_name -> policy.Key
- 59, // 31: policy.kasregistry.DeactivatePublicKeyResponse.key:type_name -> policy.Key
- 59, // 32: policy.kasregistry.ActivatePublicKeyResponse.key:type_name -> policy.Key
- 52, // 33: policy.kasregistry.ListKeyAccessServerGrantsRequest.pagination:type_name -> policy.PageRequest
+ 56, // 18: policy.kasregistry.CreatePublicKeyRequest.key:type_name -> policy.KasPublicKey
+ 54, // 19: policy.kasregistry.CreatePublicKeyRequest.metadata:type_name -> common.MetadataMutable
+ 57, // 20: policy.kasregistry.CreatePublicKeyResponse.key:type_name -> policy.Key
+ 57, // 21: policy.kasregistry.GetPublicKeyResponse.key:type_name -> policy.Key
+ 50, // 22: policy.kasregistry.ListPublicKeysRequest.pagination:type_name -> policy.PageRequest
+ 57, // 23: policy.kasregistry.ListPublicKeysResponse.keys:type_name -> policy.Key
+ 51, // 24: policy.kasregistry.ListPublicKeysResponse.pagination:type_name -> policy.PageResponse
+ 50, // 25: policy.kasregistry.ListPublicKeyMappingRequest.pagination:type_name -> policy.PageRequest
+ 45, // 26: policy.kasregistry.ListPublicKeyMappingResponse.public_key_mappings:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMapping
+ 51, // 27: policy.kasregistry.ListPublicKeyMappingResponse.pagination:type_name -> policy.PageResponse
+ 54, // 28: policy.kasregistry.UpdatePublicKeyRequest.metadata:type_name -> common.MetadataMutable
+ 55, // 29: policy.kasregistry.UpdatePublicKeyRequest.metadata_update_behavior:type_name -> common.MetadataUpdateEnum
+ 57, // 30: policy.kasregistry.UpdatePublicKeyResponse.key:type_name -> policy.Key
+ 57, // 31: policy.kasregistry.DeactivatePublicKeyResponse.key:type_name -> policy.Key
+ 57, // 32: policy.kasregistry.ActivatePublicKeyResponse.key:type_name -> policy.Key
+ 50, // 33: policy.kasregistry.ListKeyAccessServerGrantsRequest.pagination:type_name -> policy.PageRequest
11, // 34: policy.kasregistry.ListKeyAccessServerGrantsResponse.grants:type_name -> policy.kasregistry.KeyAccessServerGrants
- 53, // 35: policy.kasregistry.ListKeyAccessServerGrantsResponse.pagination:type_name -> policy.PageResponse
- 60, // 36: policy.kasregistry.CreateKeyRequest.key_algorithm:type_name -> policy.Algorithm
- 61, // 37: policy.kasregistry.CreateKeyRequest.key_mode:type_name -> policy.KeyMode
- 62, // 38: policy.kasregistry.CreateKeyRequest.public_key_ctx:type_name -> policy.PublicKeyCtx
- 63, // 39: policy.kasregistry.CreateKeyRequest.private_key_ctx:type_name -> policy.PrivateKeyCtx
- 56, // 40: policy.kasregistry.CreateKeyRequest.metadata:type_name -> common.MetadataMutable
- 64, // 41: policy.kasregistry.CreateKeyResponse.kas_key:type_name -> policy.KasKey
+ 51, // 35: policy.kasregistry.ListKeyAccessServerGrantsResponse.pagination:type_name -> policy.PageResponse
+ 58, // 36: policy.kasregistry.CreateKeyRequest.key_algorithm:type_name -> policy.Algorithm
+ 59, // 37: policy.kasregistry.CreateKeyRequest.key_mode:type_name -> policy.KeyMode
+ 60, // 38: policy.kasregistry.CreateKeyRequest.public_key_ctx:type_name -> policy.PublicKeyCtx
+ 61, // 39: policy.kasregistry.CreateKeyRequest.private_key_ctx:type_name -> policy.PrivateKeyCtx
+ 54, // 40: policy.kasregistry.CreateKeyRequest.metadata:type_name -> common.MetadataMutable
+ 62, // 41: policy.kasregistry.CreateKeyResponse.kas_key:type_name -> policy.KasKey
36, // 42: policy.kasregistry.GetKeyRequest.key:type_name -> policy.kasregistry.KasKeyIdentifier
- 64, // 43: policy.kasregistry.GetKeyResponse.kas_key:type_name -> policy.KasKey
- 60, // 44: policy.kasregistry.ListKeysRequest.key_algorithm:type_name -> policy.Algorithm
- 52, // 45: policy.kasregistry.ListKeysRequest.pagination:type_name -> policy.PageRequest
- 64, // 46: policy.kasregistry.ListKeysResponse.kas_keys:type_name -> policy.KasKey
- 53, // 47: policy.kasregistry.ListKeysResponse.pagination:type_name -> policy.PageResponse
- 56, // 48: policy.kasregistry.UpdateKeyRequest.metadata:type_name -> common.MetadataMutable
- 57, // 49: policy.kasregistry.UpdateKeyRequest.metadata_update_behavior:type_name -> common.MetadataUpdateEnum
- 64, // 50: policy.kasregistry.UpdateKeyResponse.kas_key:type_name -> policy.KasKey
+ 62, // 43: policy.kasregistry.GetKeyResponse.kas_key:type_name -> policy.KasKey
+ 58, // 44: policy.kasregistry.ListKeysRequest.key_algorithm:type_name -> policy.Algorithm
+ 50, // 45: policy.kasregistry.ListKeysRequest.pagination:type_name -> policy.PageRequest
+ 62, // 46: policy.kasregistry.ListKeysResponse.kas_keys:type_name -> policy.KasKey
+ 51, // 47: policy.kasregistry.ListKeysResponse.pagination:type_name -> policy.PageResponse
+ 54, // 48: policy.kasregistry.UpdateKeyRequest.metadata:type_name -> common.MetadataMutable
+ 55, // 49: policy.kasregistry.UpdateKeyRequest.metadata_update_behavior:type_name -> common.MetadataUpdateEnum
+ 62, // 50: policy.kasregistry.UpdateKeyResponse.kas_key:type_name -> policy.KasKey
36, // 51: policy.kasregistry.RotateKeyRequest.key:type_name -> policy.kasregistry.KasKeyIdentifier
- 50, // 52: policy.kasregistry.RotateKeyRequest.new_key:type_name -> policy.kasregistry.RotateKeyRequest.NewKey
- 64, // 53: policy.kasregistry.RotatedResources.rotated_out_key:type_name -> policy.KasKey
+ 48, // 52: policy.kasregistry.RotateKeyRequest.new_key:type_name -> policy.kasregistry.RotateKeyRequest.NewKey
+ 62, // 53: policy.kasregistry.RotatedResources.rotated_out_key:type_name -> policy.KasKey
38, // 54: policy.kasregistry.RotatedResources.attribute_definition_mappings:type_name -> policy.kasregistry.ChangeMappings
38, // 55: policy.kasregistry.RotatedResources.attribute_value_mappings:type_name -> policy.kasregistry.ChangeMappings
38, // 56: policy.kasregistry.RotatedResources.namespace_mappings:type_name -> policy.kasregistry.ChangeMappings
- 64, // 57: policy.kasregistry.RotateKeyResponse.kas_key:type_name -> policy.KasKey
+ 62, // 57: policy.kasregistry.RotateKeyResponse.kas_key:type_name -> policy.KasKey
39, // 58: policy.kasregistry.RotateKeyResponse.rotated_resources:type_name -> policy.kasregistry.RotatedResources
36, // 59: policy.kasregistry.SetBaseKeyRequest.key:type_name -> policy.kasregistry.KasKeyIdentifier
- 60, // 60: policy.kasregistry.SimpleKasPublicKey.algorithm:type_name -> policy.Algorithm
- 42, // 61: policy.kasregistry.SimpleKasKey.public_key:type_name -> policy.kasregistry.SimpleKasPublicKey
- 43, // 62: policy.kasregistry.GetBaseKeyResponse.base_key:type_name -> policy.kasregistry.SimpleKasKey
- 43, // 63: policy.kasregistry.SetBaseKeyResponse.new_base_key:type_name -> policy.kasregistry.SimpleKasKey
- 43, // 64: policy.kasregistry.SetBaseKeyResponse.previous_base_key:type_name -> policy.kasregistry.SimpleKasKey
- 48, // 65: policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMapping.public_keys:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.PublicKey
- 59, // 66: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.key:type_name -> policy.Key
- 49, // 67: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.values:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.Association
- 49, // 68: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.definitions:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.Association
- 49, // 69: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.namespaces:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.Association
- 60, // 70: policy.kasregistry.RotateKeyRequest.NewKey.algorithm:type_name -> policy.Algorithm
- 61, // 71: policy.kasregistry.RotateKeyRequest.NewKey.key_mode:type_name -> policy.KeyMode
- 62, // 72: policy.kasregistry.RotateKeyRequest.NewKey.public_key_ctx:type_name -> policy.PublicKeyCtx
- 63, // 73: policy.kasregistry.RotateKeyRequest.NewKey.private_key_ctx:type_name -> policy.PrivateKeyCtx
- 56, // 74: policy.kasregistry.RotateKeyRequest.NewKey.metadata:type_name -> common.MetadataMutable
- 2, // 75: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServers:input_type -> policy.kasregistry.ListKeyAccessServersRequest
- 0, // 76: policy.kasregistry.KeyAccessServerRegistryService.GetKeyAccessServer:input_type -> policy.kasregistry.GetKeyAccessServerRequest
- 4, // 77: policy.kasregistry.KeyAccessServerRegistryService.CreateKeyAccessServer:input_type -> policy.kasregistry.CreateKeyAccessServerRequest
- 6, // 78: policy.kasregistry.KeyAccessServerRegistryService.UpdateKeyAccessServer:input_type -> policy.kasregistry.UpdateKeyAccessServerRequest
- 8, // 79: policy.kasregistry.KeyAccessServerRegistryService.DeleteKeyAccessServer:input_type -> policy.kasregistry.DeleteKeyAccessServerRequest
- 26, // 80: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServerGrants:input_type -> policy.kasregistry.ListKeyAccessServerGrantsRequest
- 28, // 81: policy.kasregistry.KeyAccessServerRegistryService.CreateKey:input_type -> policy.kasregistry.CreateKeyRequest
- 30, // 82: policy.kasregistry.KeyAccessServerRegistryService.GetKey:input_type -> policy.kasregistry.GetKeyRequest
- 32, // 83: policy.kasregistry.KeyAccessServerRegistryService.ListKeys:input_type -> policy.kasregistry.ListKeysRequest
- 34, // 84: policy.kasregistry.KeyAccessServerRegistryService.UpdateKey:input_type -> policy.kasregistry.UpdateKeyRequest
- 37, // 85: policy.kasregistry.KeyAccessServerRegistryService.RotateKey:input_type -> policy.kasregistry.RotateKeyRequest
- 41, // 86: policy.kasregistry.KeyAccessServerRegistryService.SetBaseKey:input_type -> policy.kasregistry.SetBaseKeyRequest
- 44, // 87: policy.kasregistry.KeyAccessServerRegistryService.GetBaseKey:input_type -> policy.kasregistry.GetBaseKeyRequest
- 3, // 88: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServers:output_type -> policy.kasregistry.ListKeyAccessServersResponse
- 1, // 89: policy.kasregistry.KeyAccessServerRegistryService.GetKeyAccessServer:output_type -> policy.kasregistry.GetKeyAccessServerResponse
- 5, // 90: policy.kasregistry.KeyAccessServerRegistryService.CreateKeyAccessServer:output_type -> policy.kasregistry.CreateKeyAccessServerResponse
- 7, // 91: policy.kasregistry.KeyAccessServerRegistryService.UpdateKeyAccessServer:output_type -> policy.kasregistry.UpdateKeyAccessServerResponse
- 9, // 92: policy.kasregistry.KeyAccessServerRegistryService.DeleteKeyAccessServer:output_type -> policy.kasregistry.DeleteKeyAccessServerResponse
- 27, // 93: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServerGrants:output_type -> policy.kasregistry.ListKeyAccessServerGrantsResponse
- 29, // 94: policy.kasregistry.KeyAccessServerRegistryService.CreateKey:output_type -> policy.kasregistry.CreateKeyResponse
- 31, // 95: policy.kasregistry.KeyAccessServerRegistryService.GetKey:output_type -> policy.kasregistry.GetKeyResponse
- 33, // 96: policy.kasregistry.KeyAccessServerRegistryService.ListKeys:output_type -> policy.kasregistry.ListKeysResponse
- 35, // 97: policy.kasregistry.KeyAccessServerRegistryService.UpdateKey:output_type -> policy.kasregistry.UpdateKeyResponse
- 40, // 98: policy.kasregistry.KeyAccessServerRegistryService.RotateKey:output_type -> policy.kasregistry.RotateKeyResponse
- 46, // 99: policy.kasregistry.KeyAccessServerRegistryService.SetBaseKey:output_type -> policy.kasregistry.SetBaseKeyResponse
- 45, // 100: policy.kasregistry.KeyAccessServerRegistryService.GetBaseKey:output_type -> policy.kasregistry.GetBaseKeyResponse
- 88, // [88:101] is the sub-list for method output_type
- 75, // [75:88] is the sub-list for method input_type
- 75, // [75:75] is the sub-list for extension type_name
- 75, // [75:75] is the sub-list for extension extendee
- 0, // [0:75] is the sub-list for field type_name
+ 63, // 60: policy.kasregistry.GetBaseKeyResponse.base_key:type_name -> policy.SimpleKasKey
+ 63, // 61: policy.kasregistry.SetBaseKeyResponse.new_base_key:type_name -> policy.SimpleKasKey
+ 63, // 62: policy.kasregistry.SetBaseKeyResponse.previous_base_key:type_name -> policy.SimpleKasKey
+ 46, // 63: policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMapping.public_keys:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.PublicKey
+ 57, // 64: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.key:type_name -> policy.Key
+ 47, // 65: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.values:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.Association
+ 47, // 66: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.definitions:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.Association
+ 47, // 67: policy.kasregistry.ListPublicKeyMappingResponse.PublicKey.namespaces:type_name -> policy.kasregistry.ListPublicKeyMappingResponse.Association
+ 58, // 68: policy.kasregistry.RotateKeyRequest.NewKey.algorithm:type_name -> policy.Algorithm
+ 59, // 69: policy.kasregistry.RotateKeyRequest.NewKey.key_mode:type_name -> policy.KeyMode
+ 60, // 70: policy.kasregistry.RotateKeyRequest.NewKey.public_key_ctx:type_name -> policy.PublicKeyCtx
+ 61, // 71: policy.kasregistry.RotateKeyRequest.NewKey.private_key_ctx:type_name -> policy.PrivateKeyCtx
+ 54, // 72: policy.kasregistry.RotateKeyRequest.NewKey.metadata:type_name -> common.MetadataMutable
+ 2, // 73: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServers:input_type -> policy.kasregistry.ListKeyAccessServersRequest
+ 0, // 74: policy.kasregistry.KeyAccessServerRegistryService.GetKeyAccessServer:input_type -> policy.kasregistry.GetKeyAccessServerRequest
+ 4, // 75: policy.kasregistry.KeyAccessServerRegistryService.CreateKeyAccessServer:input_type -> policy.kasregistry.CreateKeyAccessServerRequest
+ 6, // 76: policy.kasregistry.KeyAccessServerRegistryService.UpdateKeyAccessServer:input_type -> policy.kasregistry.UpdateKeyAccessServerRequest
+ 8, // 77: policy.kasregistry.KeyAccessServerRegistryService.DeleteKeyAccessServer:input_type -> policy.kasregistry.DeleteKeyAccessServerRequest
+ 26, // 78: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServerGrants:input_type -> policy.kasregistry.ListKeyAccessServerGrantsRequest
+ 28, // 79: policy.kasregistry.KeyAccessServerRegistryService.CreateKey:input_type -> policy.kasregistry.CreateKeyRequest
+ 30, // 80: policy.kasregistry.KeyAccessServerRegistryService.GetKey:input_type -> policy.kasregistry.GetKeyRequest
+ 32, // 81: policy.kasregistry.KeyAccessServerRegistryService.ListKeys:input_type -> policy.kasregistry.ListKeysRequest
+ 34, // 82: policy.kasregistry.KeyAccessServerRegistryService.UpdateKey:input_type -> policy.kasregistry.UpdateKeyRequest
+ 37, // 83: policy.kasregistry.KeyAccessServerRegistryService.RotateKey:input_type -> policy.kasregistry.RotateKeyRequest
+ 41, // 84: policy.kasregistry.KeyAccessServerRegistryService.SetBaseKey:input_type -> policy.kasregistry.SetBaseKeyRequest
+ 42, // 85: policy.kasregistry.KeyAccessServerRegistryService.GetBaseKey:input_type -> policy.kasregistry.GetBaseKeyRequest
+ 3, // 86: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServers:output_type -> policy.kasregistry.ListKeyAccessServersResponse
+ 1, // 87: policy.kasregistry.KeyAccessServerRegistryService.GetKeyAccessServer:output_type -> policy.kasregistry.GetKeyAccessServerResponse
+ 5, // 88: policy.kasregistry.KeyAccessServerRegistryService.CreateKeyAccessServer:output_type -> policy.kasregistry.CreateKeyAccessServerResponse
+ 7, // 89: policy.kasregistry.KeyAccessServerRegistryService.UpdateKeyAccessServer:output_type -> policy.kasregistry.UpdateKeyAccessServerResponse
+ 9, // 90: policy.kasregistry.KeyAccessServerRegistryService.DeleteKeyAccessServer:output_type -> policy.kasregistry.DeleteKeyAccessServerResponse
+ 27, // 91: policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServerGrants:output_type -> policy.kasregistry.ListKeyAccessServerGrantsResponse
+ 29, // 92: policy.kasregistry.KeyAccessServerRegistryService.CreateKey:output_type -> policy.kasregistry.CreateKeyResponse
+ 31, // 93: policy.kasregistry.KeyAccessServerRegistryService.GetKey:output_type -> policy.kasregistry.GetKeyResponse
+ 33, // 94: policy.kasregistry.KeyAccessServerRegistryService.ListKeys:output_type -> policy.kasregistry.ListKeysResponse
+ 35, // 95: policy.kasregistry.KeyAccessServerRegistryService.UpdateKey:output_type -> policy.kasregistry.UpdateKeyResponse
+ 40, // 96: policy.kasregistry.KeyAccessServerRegistryService.RotateKey:output_type -> policy.kasregistry.RotateKeyResponse
+ 44, // 97: policy.kasregistry.KeyAccessServerRegistryService.SetBaseKey:output_type -> policy.kasregistry.SetBaseKeyResponse
+ 43, // 98: policy.kasregistry.KeyAccessServerRegistryService.GetBaseKey:output_type -> policy.kasregistry.GetBaseKeyResponse
+ 86, // [86:99] is the sub-list for method output_type
+ 73, // [73:86] is the sub-list for method input_type
+ 73, // [73:73] is the sub-list for extension type_name
+ 73, // [73:73] is the sub-list for extension extendee
+ 0, // [0:73] is the sub-list for field type_name
}
func init() { file_policy_kasregistry_key_access_server_registry_proto_init() }
@@ -5015,30 +4878,6 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
}
}
file_policy_kasregistry_key_access_server_registry_proto_msgTypes[42].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*SimpleKasPublicKey); i {
- case 0:
- return &v.state
- case 1:
- return &v.sizeCache
- case 2:
- return &v.unknownFields
- default:
- return nil
- }
- }
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[43].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*SimpleKasKey); i {
- case 0:
- return &v.state
- case 1:
- return &v.sizeCache
- case 2:
- return &v.unknownFields
- default:
- return nil
- }
- }
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[44].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*GetBaseKeyRequest); i {
case 0:
return &v.state
@@ -5050,7 +4889,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
return nil
}
}
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[45].Exporter = func(v interface{}, i int) interface{} {
+ file_policy_kasregistry_key_access_server_registry_proto_msgTypes[43].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*GetBaseKeyResponse); i {
case 0:
return &v.state
@@ -5062,7 +4901,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
return nil
}
}
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[46].Exporter = func(v interface{}, i int) interface{} {
+ file_policy_kasregistry_key_access_server_registry_proto_msgTypes[44].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*SetBaseKeyResponse); i {
case 0:
return &v.state
@@ -5074,7 +4913,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
return nil
}
}
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[47].Exporter = func(v interface{}, i int) interface{} {
+ file_policy_kasregistry_key_access_server_registry_proto_msgTypes[45].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ListPublicKeyMappingResponse_PublicKeyMapping); i {
case 0:
return &v.state
@@ -5086,7 +4925,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
return nil
}
}
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[48].Exporter = func(v interface{}, i int) interface{} {
+ file_policy_kasregistry_key_access_server_registry_proto_msgTypes[46].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ListPublicKeyMappingResponse_PublicKey); i {
case 0:
return &v.state
@@ -5098,7 +4937,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
return nil
}
}
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[49].Exporter = func(v interface{}, i int) interface{} {
+ file_policy_kasregistry_key_access_server_registry_proto_msgTypes[47].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ListPublicKeyMappingResponse_Association); i {
case 0:
return &v.state
@@ -5110,7 +4949,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
return nil
}
}
- file_policy_kasregistry_key_access_server_registry_proto_msgTypes[50].Exporter = func(v interface{}, i int) interface{} {
+ file_policy_kasregistry_key_access_server_registry_proto_msgTypes[48].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*RotateKeyRequest_NewKey); i {
case 0:
return &v.state
@@ -5169,7 +5008,7 @@ func file_policy_kasregistry_key_access_server_registry_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_policy_kasregistry_key_access_server_registry_proto_rawDesc,
NumEnums: 0,
- NumMessages: 51,
+ NumMessages: 49,
NumExtensions: 0,
NumServices: 1,
},
diff --git a/protocol/go/policy/objects.pb.go b/protocol/go/policy/objects.pb.go
index 83c556505e..70a5002bd3 100644
--- a/protocol/go/policy/objects.pb.go
+++ b/protocol/go/policy/objects.pb.go
@@ -520,7 +520,133 @@ func (x Action_StandardAction) Number() protoreflect.EnumNumber {
// Deprecated: Use Action_StandardAction.Descriptor instead.
func (Action_StandardAction) EnumDescriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{4, 0}
+ return file_policy_objects_proto_rawDescGZIP(), []int{6, 0}
+}
+
+type SimpleKasPublicKey struct {
+ state protoimpl.MessageState
+ sizeCache protoimpl.SizeCache
+ unknownFields protoimpl.UnknownFields
+
+ Algorithm Algorithm `protobuf:"varint,1,opt,name=algorithm,proto3,enum=policy.Algorithm" json:"algorithm,omitempty"`
+ Kid string `protobuf:"bytes,2,opt,name=kid,proto3" json:"kid,omitempty"`
+ Pem string `protobuf:"bytes,3,opt,name=pem,proto3" json:"pem,omitempty"`
+}
+
+func (x *SimpleKasPublicKey) Reset() {
+ *x = SimpleKasPublicKey{}
+ if protoimpl.UnsafeEnabled {
+ mi := &file_policy_objects_proto_msgTypes[0]
+ ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+ ms.StoreMessageInfo(mi)
+ }
+}
+
+func (x *SimpleKasPublicKey) String() string {
+ return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SimpleKasPublicKey) ProtoMessage() {}
+
+func (x *SimpleKasPublicKey) ProtoReflect() protoreflect.Message {
+ mi := &file_policy_objects_proto_msgTypes[0]
+ if protoimpl.UnsafeEnabled && x != nil {
+ ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+ if ms.LoadMessageInfo() == nil {
+ ms.StoreMessageInfo(mi)
+ }
+ return ms
+ }
+ return mi.MessageOf(x)
+}
+
+// Deprecated: Use SimpleKasPublicKey.ProtoReflect.Descriptor instead.
+func (*SimpleKasPublicKey) Descriptor() ([]byte, []int) {
+ return file_policy_objects_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *SimpleKasPublicKey) GetAlgorithm() Algorithm {
+ if x != nil {
+ return x.Algorithm
+ }
+ return Algorithm_ALGORITHM_UNSPECIFIED
+}
+
+func (x *SimpleKasPublicKey) GetKid() string {
+ if x != nil {
+ return x.Kid
+ }
+ return ""
+}
+
+func (x *SimpleKasPublicKey) GetPem() string {
+ if x != nil {
+ return x.Pem
+ }
+ return ""
+}
+
+type SimpleKasKey struct {
+ state protoimpl.MessageState
+ sizeCache protoimpl.SizeCache
+ unknownFields protoimpl.UnknownFields
+
+ KasUri string `protobuf:"bytes,1,opt,name=kas_uri,json=kasUri,proto3" json:"kas_uri,omitempty"` // The URL of the Key Access Server
+ PublicKey *SimpleKasPublicKey `protobuf:"bytes,2,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` // The public key of the Key that belongs to the KAS
+ KasId string `protobuf:"bytes,3,opt,name=kas_id,json=kasId,proto3" json:"kas_id,omitempty"` // The ID of the Key Access Server
+}
+
+func (x *SimpleKasKey) Reset() {
+ *x = SimpleKasKey{}
+ if protoimpl.UnsafeEnabled {
+ mi := &file_policy_objects_proto_msgTypes[1]
+ ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+ ms.StoreMessageInfo(mi)
+ }
+}
+
+func (x *SimpleKasKey) String() string {
+ return protoimpl.X.MessageStringOf(x)
+}
+
+func (*SimpleKasKey) ProtoMessage() {}
+
+func (x *SimpleKasKey) ProtoReflect() protoreflect.Message {
+ mi := &file_policy_objects_proto_msgTypes[1]
+ if protoimpl.UnsafeEnabled && x != nil {
+ ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+ if ms.LoadMessageInfo() == nil {
+ ms.StoreMessageInfo(mi)
+ }
+ return ms
+ }
+ return mi.MessageOf(x)
+}
+
+// Deprecated: Use SimpleKasKey.ProtoReflect.Descriptor instead.
+func (*SimpleKasKey) Descriptor() ([]byte, []int) {
+ return file_policy_objects_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *SimpleKasKey) GetKasUri() string {
+ if x != nil {
+ return x.KasUri
+ }
+ return ""
+}
+
+func (x *SimpleKasKey) GetPublicKey() *SimpleKasPublicKey {
+ if x != nil {
+ return x.PublicKey
+ }
+ return nil
+}
+
+func (x *SimpleKasKey) GetKasId() string {
+ if x != nil {
+ return x.KasId
+ }
+ return ""
}
type KeyProviderConfig struct {
@@ -538,7 +664,7 @@ type KeyProviderConfig struct {
func (x *KeyProviderConfig) Reset() {
*x = KeyProviderConfig{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[0]
+ mi := &file_policy_objects_proto_msgTypes[2]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -551,7 +677,7 @@ func (x *KeyProviderConfig) String() string {
func (*KeyProviderConfig) ProtoMessage() {}
func (x *KeyProviderConfig) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[0]
+ mi := &file_policy_objects_proto_msgTypes[2]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -564,7 +690,7 @@ func (x *KeyProviderConfig) ProtoReflect() protoreflect.Message {
// Deprecated: Use KeyProviderConfig.ProtoReflect.Descriptor instead.
func (*KeyProviderConfig) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{0}
+ return file_policy_objects_proto_rawDescGZIP(), []int{2}
}
func (x *KeyProviderConfig) GetId() string {
@@ -612,13 +738,13 @@ type Namespace struct {
// KAS grants for the namespace
Grants []*KeyAccessServer `protobuf:"bytes,6,rep,name=grants,proto3" json:"grants,omitempty"`
// Keys for the namespace
- KasKeys []*KasKey `protobuf:"bytes,7,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
+ KasKeys []*SimpleKasKey `protobuf:"bytes,7,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
}
func (x *Namespace) Reset() {
*x = Namespace{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[1]
+ mi := &file_policy_objects_proto_msgTypes[3]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -631,7 +757,7 @@ func (x *Namespace) String() string {
func (*Namespace) ProtoMessage() {}
func (x *Namespace) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[1]
+ mi := &file_policy_objects_proto_msgTypes[3]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -644,7 +770,7 @@ func (x *Namespace) ProtoReflect() protoreflect.Message {
// Deprecated: Use Namespace.ProtoReflect.Descriptor instead.
func (*Namespace) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{1}
+ return file_policy_objects_proto_rawDescGZIP(), []int{3}
}
func (x *Namespace) GetId() string {
@@ -689,7 +815,7 @@ func (x *Namespace) GetGrants() []*KeyAccessServer {
return nil
}
-func (x *Namespace) GetKasKeys() []*KasKey {
+func (x *Namespace) GetKasKeys() []*SimpleKasKey {
if x != nil {
return x.KasKeys
}
@@ -715,7 +841,7 @@ type Attribute struct {
// active by default until explicitly deactivated
Active *wrapperspb.BoolValue `protobuf:"bytes,8,opt,name=active,proto3" json:"active,omitempty"`
// Keys associated with the attribute
- KasKeys []*KasKey `protobuf:"bytes,9,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
+ KasKeys []*SimpleKasKey `protobuf:"bytes,9,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
// Common metadata
Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
}
@@ -723,7 +849,7 @@ type Attribute struct {
func (x *Attribute) Reset() {
*x = Attribute{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[2]
+ mi := &file_policy_objects_proto_msgTypes[4]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -736,7 +862,7 @@ func (x *Attribute) String() string {
func (*Attribute) ProtoMessage() {}
func (x *Attribute) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[2]
+ mi := &file_policy_objects_proto_msgTypes[4]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -749,7 +875,7 @@ func (x *Attribute) ProtoReflect() protoreflect.Message {
// Deprecated: Use Attribute.ProtoReflect.Descriptor instead.
func (*Attribute) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{2}
+ return file_policy_objects_proto_rawDescGZIP(), []int{4}
}
func (x *Attribute) GetId() string {
@@ -808,7 +934,7 @@ func (x *Attribute) GetActive() *wrapperspb.BoolValue {
return nil
}
-func (x *Attribute) GetKasKeys() []*KasKey {
+func (x *Attribute) GetKasKeys() []*SimpleKasKey {
if x != nil {
return x.KasKeys
}
@@ -839,7 +965,7 @@ type Value struct {
Active *wrapperspb.BoolValue `protobuf:"bytes,7,opt,name=active,proto3" json:"active,omitempty"`
// subject mapping
SubjectMappings []*SubjectMapping `protobuf:"bytes,8,rep,name=subject_mappings,json=subjectMappings,proto3" json:"subject_mappings,omitempty"`
- KasKeys []*KasKey `protobuf:"bytes,9,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
+ KasKeys []*SimpleKasKey `protobuf:"bytes,9,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
ResourceMappings []*ResourceMapping `protobuf:"bytes,10,rep,name=resource_mappings,json=resourceMappings,proto3" json:"resource_mappings,omitempty"`
// Common metadata
Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
@@ -848,7 +974,7 @@ type Value struct {
func (x *Value) Reset() {
*x = Value{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[3]
+ mi := &file_policy_objects_proto_msgTypes[5]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -861,7 +987,7 @@ func (x *Value) String() string {
func (*Value) ProtoMessage() {}
func (x *Value) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[3]
+ mi := &file_policy_objects_proto_msgTypes[5]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -874,7 +1000,7 @@ func (x *Value) ProtoReflect() protoreflect.Message {
// Deprecated: Use Value.ProtoReflect.Descriptor instead.
func (*Value) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{3}
+ return file_policy_objects_proto_rawDescGZIP(), []int{5}
}
func (x *Value) GetId() string {
@@ -926,7 +1052,7 @@ func (x *Value) GetSubjectMappings() []*SubjectMapping {
return nil
}
-func (x *Value) GetKasKeys() []*KasKey {
+func (x *Value) GetKasKeys() []*SimpleKasKey {
if x != nil {
return x.KasKeys
}
@@ -969,7 +1095,7 @@ type Action struct {
func (x *Action) Reset() {
*x = Action{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[4]
+ mi := &file_policy_objects_proto_msgTypes[6]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -982,7 +1108,7 @@ func (x *Action) String() string {
func (*Action) ProtoMessage() {}
func (x *Action) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[4]
+ mi := &file_policy_objects_proto_msgTypes[6]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -995,7 +1121,7 @@ func (x *Action) ProtoReflect() protoreflect.Message {
// Deprecated: Use Action.ProtoReflect.Descriptor instead.
func (*Action) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{4}
+ return file_policy_objects_proto_rawDescGZIP(), []int{6}
}
func (x *Action) GetId() string {
@@ -1078,7 +1204,7 @@ type SubjectMapping struct {
func (x *SubjectMapping) Reset() {
*x = SubjectMapping{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[5]
+ mi := &file_policy_objects_proto_msgTypes[7]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1091,7 +1217,7 @@ func (x *SubjectMapping) String() string {
func (*SubjectMapping) ProtoMessage() {}
func (x *SubjectMapping) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[5]
+ mi := &file_policy_objects_proto_msgTypes[7]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1104,7 +1230,7 @@ func (x *SubjectMapping) ProtoReflect() protoreflect.Message {
// Deprecated: Use SubjectMapping.ProtoReflect.Descriptor instead.
func (*SubjectMapping) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{5}
+ return file_policy_objects_proto_rawDescGZIP(), []int{7}
}
func (x *SubjectMapping) GetId() string {
@@ -1164,7 +1290,7 @@ type Condition struct {
func (x *Condition) Reset() {
*x = Condition{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[6]
+ mi := &file_policy_objects_proto_msgTypes[8]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1177,7 +1303,7 @@ func (x *Condition) String() string {
func (*Condition) ProtoMessage() {}
func (x *Condition) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[6]
+ mi := &file_policy_objects_proto_msgTypes[8]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1190,7 +1316,7 @@ func (x *Condition) ProtoReflect() protoreflect.Message {
// Deprecated: Use Condition.ProtoReflect.Descriptor instead.
func (*Condition) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{6}
+ return file_policy_objects_proto_rawDescGZIP(), []int{8}
}
func (x *Condition) GetSubjectExternalSelectorValue() string {
@@ -1228,7 +1354,7 @@ type ConditionGroup struct {
func (x *ConditionGroup) Reset() {
*x = ConditionGroup{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[7]
+ mi := &file_policy_objects_proto_msgTypes[9]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1241,7 +1367,7 @@ func (x *ConditionGroup) String() string {
func (*ConditionGroup) ProtoMessage() {}
func (x *ConditionGroup) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[7]
+ mi := &file_policy_objects_proto_msgTypes[9]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1254,7 +1380,7 @@ func (x *ConditionGroup) ProtoReflect() protoreflect.Message {
// Deprecated: Use ConditionGroup.ProtoReflect.Descriptor instead.
func (*ConditionGroup) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{7}
+ return file_policy_objects_proto_rawDescGZIP(), []int{9}
}
func (x *ConditionGroup) GetConditions() []*Condition {
@@ -1284,7 +1410,7 @@ type SubjectSet struct {
func (x *SubjectSet) Reset() {
*x = SubjectSet{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[8]
+ mi := &file_policy_objects_proto_msgTypes[10]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1297,7 +1423,7 @@ func (x *SubjectSet) String() string {
func (*SubjectSet) ProtoMessage() {}
func (x *SubjectSet) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[8]
+ mi := &file_policy_objects_proto_msgTypes[10]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1310,7 +1436,7 @@ func (x *SubjectSet) ProtoReflect() protoreflect.Message {
// Deprecated: Use SubjectSet.ProtoReflect.Descriptor instead.
func (*SubjectSet) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{8}
+ return file_policy_objects_proto_rawDescGZIP(), []int{10}
}
func (x *SubjectSet) GetConditionGroups() []*ConditionGroup {
@@ -1338,7 +1464,7 @@ type SubjectConditionSet struct {
func (x *SubjectConditionSet) Reset() {
*x = SubjectConditionSet{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[9]
+ mi := &file_policy_objects_proto_msgTypes[11]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1351,7 +1477,7 @@ func (x *SubjectConditionSet) String() string {
func (*SubjectConditionSet) ProtoMessage() {}
func (x *SubjectConditionSet) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[9]
+ mi := &file_policy_objects_proto_msgTypes[11]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1364,7 +1490,7 @@ func (x *SubjectConditionSet) ProtoReflect() protoreflect.Message {
// Deprecated: Use SubjectConditionSet.ProtoReflect.Descriptor instead.
func (*SubjectConditionSet) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{9}
+ return file_policy_objects_proto_rawDescGZIP(), []int{11}
}
func (x *SubjectConditionSet) GetId() string {
@@ -1410,7 +1536,7 @@ type SubjectProperty struct {
func (x *SubjectProperty) Reset() {
*x = SubjectProperty{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[10]
+ mi := &file_policy_objects_proto_msgTypes[12]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1423,7 +1549,7 @@ func (x *SubjectProperty) String() string {
func (*SubjectProperty) ProtoMessage() {}
func (x *SubjectProperty) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[10]
+ mi := &file_policy_objects_proto_msgTypes[12]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1436,7 +1562,7 @@ func (x *SubjectProperty) ProtoReflect() protoreflect.Message {
// Deprecated: Use SubjectProperty.ProtoReflect.Descriptor instead.
func (*SubjectProperty) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{10}
+ return file_policy_objects_proto_rawDescGZIP(), []int{12}
}
func (x *SubjectProperty) GetExternalSelectorValue() string {
@@ -1473,7 +1599,7 @@ type ResourceMappingGroup struct {
func (x *ResourceMappingGroup) Reset() {
*x = ResourceMappingGroup{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[11]
+ mi := &file_policy_objects_proto_msgTypes[13]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1486,7 +1612,7 @@ func (x *ResourceMappingGroup) String() string {
func (*ResourceMappingGroup) ProtoMessage() {}
func (x *ResourceMappingGroup) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[11]
+ mi := &file_policy_objects_proto_msgTypes[13]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1499,7 +1625,7 @@ func (x *ResourceMappingGroup) ProtoReflect() protoreflect.Message {
// Deprecated: Use ResourceMappingGroup.ProtoReflect.Descriptor instead.
func (*ResourceMappingGroup) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{11}
+ return file_policy_objects_proto_rawDescGZIP(), []int{13}
}
func (x *ResourceMappingGroup) GetId() string {
@@ -1547,7 +1673,7 @@ type ResourceMapping struct {
func (x *ResourceMapping) Reset() {
*x = ResourceMapping{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[12]
+ mi := &file_policy_objects_proto_msgTypes[14]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1560,7 +1686,7 @@ func (x *ResourceMapping) String() string {
func (*ResourceMapping) ProtoMessage() {}
func (x *ResourceMapping) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[12]
+ mi := &file_policy_objects_proto_msgTypes[14]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1573,7 +1699,7 @@ func (x *ResourceMapping) ProtoReflect() protoreflect.Message {
// Deprecated: Use ResourceMapping.ProtoReflect.Descriptor instead.
func (*ResourceMapping) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{12}
+ return file_policy_objects_proto_rawDescGZIP(), []int{14}
}
func (x *ResourceMapping) GetId() string {
@@ -1625,7 +1751,7 @@ type KeyAccessServer struct {
// The source of the KAS: (INTERNAL, EXTERNAL)
SourceType SourceType `protobuf:"varint,4,opt,name=source_type,json=sourceType,proto3,enum=policy.SourceType" json:"source_type,omitempty"`
// Kas keys associated with this KAS
- KasKeys []*KasKey `protobuf:"bytes,5,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
+ KasKeys []*SimpleKasKey `protobuf:"bytes,5,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
// Optional
// Unique name of the KAS instance
Name string `protobuf:"bytes,20,opt,name=name,proto3" json:"name,omitempty"`
@@ -1636,7 +1762,7 @@ type KeyAccessServer struct {
func (x *KeyAccessServer) Reset() {
*x = KeyAccessServer{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[13]
+ mi := &file_policy_objects_proto_msgTypes[15]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1649,7 +1775,7 @@ func (x *KeyAccessServer) String() string {
func (*KeyAccessServer) ProtoMessage() {}
func (x *KeyAccessServer) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[13]
+ mi := &file_policy_objects_proto_msgTypes[15]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1662,7 +1788,7 @@ func (x *KeyAccessServer) ProtoReflect() protoreflect.Message {
// Deprecated: Use KeyAccessServer.ProtoReflect.Descriptor instead.
func (*KeyAccessServer) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{13}
+ return file_policy_objects_proto_rawDescGZIP(), []int{15}
}
func (x *KeyAccessServer) GetId() string {
@@ -1693,7 +1819,7 @@ func (x *KeyAccessServer) GetSourceType() SourceType {
return SourceType_SOURCE_TYPE_UNSPECIFIED
}
-func (x *KeyAccessServer) GetKasKeys() []*KasKey {
+func (x *KeyAccessServer) GetKasKeys() []*SimpleKasKey {
if x != nil {
return x.KasKeys
}
@@ -1732,7 +1858,7 @@ type Key struct {
func (x *Key) Reset() {
*x = Key{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[14]
+ mi := &file_policy_objects_proto_msgTypes[16]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1745,7 +1871,7 @@ func (x *Key) String() string {
func (*Key) ProtoMessage() {}
func (x *Key) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[14]
+ mi := &file_policy_objects_proto_msgTypes[16]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1758,7 +1884,7 @@ func (x *Key) ProtoReflect() protoreflect.Message {
// Deprecated: Use Key.ProtoReflect.Descriptor instead.
func (*Key) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{14}
+ return file_policy_objects_proto_rawDescGZIP(), []int{16}
}
func (x *Key) GetId() string {
@@ -1823,7 +1949,7 @@ type KasPublicKey struct {
func (x *KasPublicKey) Reset() {
*x = KasPublicKey{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[15]
+ mi := &file_policy_objects_proto_msgTypes[17]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1836,7 +1962,7 @@ func (x *KasPublicKey) String() string {
func (*KasPublicKey) ProtoMessage() {}
func (x *KasPublicKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[15]
+ mi := &file_policy_objects_proto_msgTypes[17]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1849,7 +1975,7 @@ func (x *KasPublicKey) ProtoReflect() protoreflect.Message {
// Deprecated: Use KasPublicKey.ProtoReflect.Descriptor instead.
func (*KasPublicKey) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{15}
+ return file_policy_objects_proto_rawDescGZIP(), []int{17}
}
func (x *KasPublicKey) GetPem() string {
@@ -1886,7 +2012,7 @@ type KasPublicKeySet struct {
func (x *KasPublicKeySet) Reset() {
*x = KasPublicKeySet{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[16]
+ mi := &file_policy_objects_proto_msgTypes[18]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1899,7 +2025,7 @@ func (x *KasPublicKeySet) String() string {
func (*KasPublicKeySet) ProtoMessage() {}
func (x *KasPublicKeySet) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[16]
+ mi := &file_policy_objects_proto_msgTypes[18]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1912,7 +2038,7 @@ func (x *KasPublicKeySet) ProtoReflect() protoreflect.Message {
// Deprecated: Use KasPublicKeySet.ProtoReflect.Descriptor instead.
func (*KasPublicKeySet) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{16}
+ return file_policy_objects_proto_rawDescGZIP(), []int{18}
}
func (x *KasPublicKeySet) GetKeys() []*KasPublicKey {
@@ -1938,7 +2064,7 @@ type PublicKey struct {
func (x *PublicKey) Reset() {
*x = PublicKey{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[17]
+ mi := &file_policy_objects_proto_msgTypes[19]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -1951,7 +2077,7 @@ func (x *PublicKey) String() string {
func (*PublicKey) ProtoMessage() {}
func (x *PublicKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[17]
+ mi := &file_policy_objects_proto_msgTypes[19]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -1964,7 +2090,7 @@ func (x *PublicKey) ProtoReflect() protoreflect.Message {
// Deprecated: Use PublicKey.ProtoReflect.Descriptor instead.
func (*PublicKey) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{17}
+ return file_policy_objects_proto_rawDescGZIP(), []int{19}
}
func (m *PublicKey) GetPublicKey() isPublicKey_PublicKey {
@@ -2021,7 +2147,7 @@ type RegisteredResource struct {
func (x *RegisteredResource) Reset() {
*x = RegisteredResource{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[18]
+ mi := &file_policy_objects_proto_msgTypes[20]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2034,7 +2160,7 @@ func (x *RegisteredResource) String() string {
func (*RegisteredResource) ProtoMessage() {}
func (x *RegisteredResource) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[18]
+ mi := &file_policy_objects_proto_msgTypes[20]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2047,7 +2173,7 @@ func (x *RegisteredResource) ProtoReflect() protoreflect.Message {
// Deprecated: Use RegisteredResource.ProtoReflect.Descriptor instead.
func (*RegisteredResource) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{18}
+ return file_policy_objects_proto_rawDescGZIP(), []int{20}
}
func (x *RegisteredResource) GetId() string {
@@ -2094,7 +2220,7 @@ type RegisteredResourceValue struct {
func (x *RegisteredResourceValue) Reset() {
*x = RegisteredResourceValue{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[19]
+ mi := &file_policy_objects_proto_msgTypes[21]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2107,7 +2233,7 @@ func (x *RegisteredResourceValue) String() string {
func (*RegisteredResourceValue) ProtoMessage() {}
func (x *RegisteredResourceValue) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[19]
+ mi := &file_policy_objects_proto_msgTypes[21]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2120,7 +2246,7 @@ func (x *RegisteredResourceValue) ProtoReflect() protoreflect.Message {
// Deprecated: Use RegisteredResourceValue.ProtoReflect.Descriptor instead.
func (*RegisteredResourceValue) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{19}
+ return file_policy_objects_proto_rawDescGZIP(), []int{21}
}
func (x *RegisteredResourceValue) GetId() string {
@@ -2171,7 +2297,7 @@ type KasKey struct {
func (x *KasKey) Reset() {
*x = KasKey{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[20]
+ mi := &file_policy_objects_proto_msgTypes[22]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2184,7 +2310,7 @@ func (x *KasKey) String() string {
func (*KasKey) ProtoMessage() {}
func (x *KasKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[20]
+ mi := &file_policy_objects_proto_msgTypes[22]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2197,7 +2323,7 @@ func (x *KasKey) ProtoReflect() protoreflect.Message {
// Deprecated: Use KasKey.ProtoReflect.Descriptor instead.
func (*KasKey) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{20}
+ return file_policy_objects_proto_rawDescGZIP(), []int{22}
}
func (x *KasKey) GetKasId() string {
@@ -2233,7 +2359,7 @@ type PublicKeyCtx struct {
func (x *PublicKeyCtx) Reset() {
*x = PublicKeyCtx{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[21]
+ mi := &file_policy_objects_proto_msgTypes[23]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2246,7 +2372,7 @@ func (x *PublicKeyCtx) String() string {
func (*PublicKeyCtx) ProtoMessage() {}
func (x *PublicKeyCtx) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[21]
+ mi := &file_policy_objects_proto_msgTypes[23]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2259,7 +2385,7 @@ func (x *PublicKeyCtx) ProtoReflect() protoreflect.Message {
// Deprecated: Use PublicKeyCtx.ProtoReflect.Descriptor instead.
func (*PublicKeyCtx) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{21}
+ return file_policy_objects_proto_rawDescGZIP(), []int{23}
}
func (x *PublicKeyCtx) GetPem() string {
@@ -2283,7 +2409,7 @@ type PrivateKeyCtx struct {
func (x *PrivateKeyCtx) Reset() {
*x = PrivateKeyCtx{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[22]
+ mi := &file_policy_objects_proto_msgTypes[24]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2296,7 +2422,7 @@ func (x *PrivateKeyCtx) String() string {
func (*PrivateKeyCtx) ProtoMessage() {}
func (x *PrivateKeyCtx) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[22]
+ mi := &file_policy_objects_proto_msgTypes[24]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2309,7 +2435,7 @@ func (x *PrivateKeyCtx) ProtoReflect() protoreflect.Message {
// Deprecated: Use PrivateKeyCtx.ProtoReflect.Descriptor instead.
func (*PrivateKeyCtx) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{22}
+ return file_policy_objects_proto_rawDescGZIP(), []int{24}
}
func (x *PrivateKeyCtx) GetKeyId() string {
@@ -2354,7 +2480,7 @@ type AsymmetricKey struct {
func (x *AsymmetricKey) Reset() {
*x = AsymmetricKey{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[23]
+ mi := &file_policy_objects_proto_msgTypes[25]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2367,7 +2493,7 @@ func (x *AsymmetricKey) String() string {
func (*AsymmetricKey) ProtoMessage() {}
func (x *AsymmetricKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[23]
+ mi := &file_policy_objects_proto_msgTypes[25]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2380,7 +2506,7 @@ func (x *AsymmetricKey) ProtoReflect() protoreflect.Message {
// Deprecated: Use AsymmetricKey.ProtoReflect.Descriptor instead.
func (*AsymmetricKey) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{23}
+ return file_policy_objects_proto_rawDescGZIP(), []int{25}
}
func (x *AsymmetricKey) GetId() string {
@@ -2464,7 +2590,7 @@ type SymmetricKey struct {
func (x *SymmetricKey) Reset() {
*x = SymmetricKey{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[24]
+ mi := &file_policy_objects_proto_msgTypes[26]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2477,7 +2603,7 @@ func (x *SymmetricKey) String() string {
func (*SymmetricKey) ProtoMessage() {}
func (x *SymmetricKey) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[24]
+ mi := &file_policy_objects_proto_msgTypes[26]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2490,7 +2616,7 @@ func (x *SymmetricKey) ProtoReflect() protoreflect.Message {
// Deprecated: Use SymmetricKey.ProtoReflect.Descriptor instead.
func (*SymmetricKey) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{24}
+ return file_policy_objects_proto_rawDescGZIP(), []int{26}
}
func (x *SymmetricKey) GetId() string {
@@ -2557,7 +2683,7 @@ type RegisteredResourceValue_ActionAttributeValue struct {
func (x *RegisteredResourceValue_ActionAttributeValue) Reset() {
*x = RegisteredResourceValue_ActionAttributeValue{}
if protoimpl.UnsafeEnabled {
- mi := &file_policy_objects_proto_msgTypes[25]
+ mi := &file_policy_objects_proto_msgTypes[27]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@@ -2570,7 +2696,7 @@ func (x *RegisteredResourceValue_ActionAttributeValue) String() string {
func (*RegisteredResourceValue_ActionAttributeValue) ProtoMessage() {}
func (x *RegisteredResourceValue_ActionAttributeValue) ProtoReflect() protoreflect.Message {
- mi := &file_policy_objects_proto_msgTypes[25]
+ mi := &file_policy_objects_proto_msgTypes[27]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@@ -2583,7 +2709,7 @@ func (x *RegisteredResourceValue_ActionAttributeValue) ProtoReflect() protorefle
// Deprecated: Use RegisteredResourceValue_ActionAttributeValue.ProtoReflect.Descriptor instead.
func (*RegisteredResourceValue_ActionAttributeValue) Descriptor() ([]byte, []int) {
- return file_policy_objects_proto_rawDescGZIP(), []int{19, 0}
+ return file_policy_objects_proto_rawDescGZIP(), []int{21, 0}
}
func (x *RegisteredResourceValue_ActionAttributeValue) GetId() string {
@@ -2624,481 +2750,497 @@ var file_policy_objects_proto_rawDesc = []byte{
0x6d, 0x6f, 0x6e, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
- 0x22, 0x86, 0x01, 0x0a, 0x11, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
- 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01,
- 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02,
- 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6f,
- 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52,
- 0x0a, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x73, 0x6f, 0x6e, 0x12, 0x2c, 0x0a, 0x08, 0x6d,
- 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e,
- 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52,
- 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xff, 0x01, 0x0a, 0x09, 0x4e, 0x61,
- 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
- 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x66,
- 0x71, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x66, 0x71, 0x6e, 0x12, 0x32, 0x0a,
- 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
- 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
- 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76,
- 0x65, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20,
+ 0x22, 0x69, 0x0a, 0x12, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62,
+ 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x2f, 0x0a, 0x09, 0x61, 0x6c, 0x67, 0x6f, 0x72, 0x69,
+ 0x74, 0x68, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69,
+ 0x63, 0x79, 0x2e, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x52, 0x09, 0x61, 0x6c,
+ 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x69, 0x64, 0x18, 0x02,
+ 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x70, 0x65, 0x6d,
+ 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x70, 0x65, 0x6d, 0x22, 0x79, 0x0a, 0x0c, 0x53,
+ 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x12, 0x17, 0x0a, 0x07, 0x6b,
+ 0x61, 0x73, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6b, 0x61,
+ 0x73, 0x55, 0x72, 0x69, 0x12, 0x39, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b,
+ 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69,
+ 0x63, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12,
+ 0x15, 0x0a, 0x06, 0x6b, 0x61, 0x73, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
+ 0x05, 0x6b, 0x61, 0x73, 0x49, 0x64, 0x22, 0x86, 0x01, 0x0a, 0x11, 0x4b, 0x65, 0x79, 0x50, 0x72,
+ 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x0e, 0x0a, 0x02,
+ 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04,
+ 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+ 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x18,
+ 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x73, 0x6f,
+ 0x6e, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20,
0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74,
- 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12,
- 0x2f, 0x0a, 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32,
- 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65,
- 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73,
- 0x12, 0x29, 0x0a, 0x08, 0x6b, 0x61, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x07, 0x20, 0x03,
- 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x4b,
- 0x65, 0x79, 0x52, 0x07, 0x6b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x73, 0x22, 0x97, 0x03, 0x0a, 0x09,
- 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18,
- 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x2f, 0x0a, 0x09, 0x6e, 0x61, 0x6d,
- 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x70,
- 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x52,
- 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
- 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3e,
- 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1d, 0x2e, 0x70,
- 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x52,
- 0x75, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65, 0x45, 0x6e, 0x75, 0x6d, 0x42, 0x0b, 0xba, 0x48, 0x08,
- 0xc8, 0x01, 0x01, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x25,
- 0x0a, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0d,
- 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x76,
- 0x61, 0x6c, 0x75, 0x65, 0x73, 0x12, 0x2f, 0x0a, 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x18,
+ 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22,
+ 0x85, 0x02, 0x0a, 0x09, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x0e, 0x0a,
+ 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a,
+ 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
+ 0x65, 0x12, 0x10, 0x0a, 0x03, 0x66, 0x71, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03,
+ 0x66, 0x71, 0x6e, 0x12, 0x32, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x04, 0x20,
+ 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+ 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+ 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
+ 0x61, 0x74, 0x61, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d,
+ 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74,
+ 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x2f, 0x0a, 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x18,
0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b,
0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x06,
- 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x66, 0x71, 0x6e, 0x18, 0x07, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x03, 0x66, 0x71, 0x6e, 0x12, 0x32, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69,
- 0x76, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
- 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56,
- 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x29, 0x0a, 0x08,
- 0x6b, 0x61, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0e,
- 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52, 0x07,
- 0x6b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
+ 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x12, 0x2f, 0x0a, 0x08, 0x6b, 0x61, 0x73, 0x5f, 0x6b, 0x65,
+ 0x79, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52, 0x07,
+ 0x6b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x73, 0x22, 0x9d, 0x03, 0x0a, 0x09, 0x41, 0x74, 0x74, 0x72,
+ 0x69, 0x62, 0x75, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
+ 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x2f, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61,
+ 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x52, 0x09, 0x6e, 0x61, 0x6d,
+ 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03,
+ 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x04, 0x72, 0x75,
+ 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x54,
+ 0x79, 0x70, 0x65, 0x45, 0x6e, 0x75, 0x6d, 0x42, 0x0b, 0xba, 0x48, 0x08, 0xc8, 0x01, 0x01, 0x82,
+ 0x01, 0x02, 0x10, 0x01, 0x52, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x25, 0x0a, 0x06, 0x76, 0x61,
+ 0x6c, 0x75, 0x65, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0d, 0x2e, 0x70, 0x6f, 0x6c,
+ 0x69, 0x63, 0x79, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65,
+ 0x73, 0x12, 0x2f, 0x0a, 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28,
+ 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x41, 0x63,
+ 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x06, 0x67, 0x72, 0x61, 0x6e,
+ 0x74, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x66, 0x71, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52,
+ 0x03, 0x66, 0x71, 0x6e, 0x12, 0x32, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x08,
+ 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+ 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+ 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x2f, 0x0a, 0x08, 0x6b, 0x61, 0x73, 0x5f,
+ 0x6b, 0x65, 0x79, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c,
+ 0x69, 0x63, 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79,
+ 0x52, 0x07, 0x6b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74,
+ 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f,
+ 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d,
+ 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xcc, 0x03, 0x0a, 0x05, 0x56, 0x61, 0x6c, 0x75,
+ 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
+ 0x64, 0x12, 0x2f, 0x0a, 0x09, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x18, 0x02,
+ 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x74,
+ 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x52, 0x09, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75,
+ 0x74, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
+ 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2f, 0x0a, 0x06, 0x67, 0x72, 0x61, 0x6e,
+ 0x74, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65,
+ 0x72, 0x52, 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x66, 0x71, 0x6e,
+ 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x66, 0x71, 0x6e, 0x12, 0x32, 0x0a, 0x06, 0x61,
+ 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+ 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f,
+ 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12,
+ 0x41, 0x0a, 0x10, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6d, 0x61, 0x70, 0x70, 0x69,
+ 0x6e, 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x70, 0x6f, 0x6c, 0x69,
+ 0x63, 0x79, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e,
+ 0x67, 0x52, 0x0f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e,
+ 0x67, 0x73, 0x12, 0x2f, 0x0a, 0x08, 0x6b, 0x61, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x09,
+ 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x69,
+ 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x52, 0x07, 0x6b, 0x61, 0x73, 0x4b,
+ 0x65, 0x79, 0x73, 0x12, 0x44, 0x0a, 0x11, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f,
+ 0x6d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17,
+ 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+ 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52, 0x10, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63,
+ 0x65, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74,
+ 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f,
+ 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d,
+ 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x52, 0x07, 0x6d,
+ 0x65, 0x6d, 0x62, 0x65, 0x72, 0x73, 0x22, 0xa8, 0x02, 0x0a, 0x06, 0x41, 0x63, 0x74, 0x69, 0x6f,
+ 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
+ 0x64, 0x12, 0x3b, 0x0a, 0x08, 0x73, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x18, 0x01, 0x20,
+ 0x01, 0x28, 0x0e, 0x32, 0x1d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x63, 0x74,
+ 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x41, 0x63, 0x74, 0x69,
+ 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x08, 0x73, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x12, 0x18,
+ 0x0a, 0x06, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00,
+ 0x52, 0x06, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+ 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x08,
+ 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10,
+ 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+ 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x6c, 0x0a, 0x0e, 0x53, 0x74,
+ 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1f, 0x0a, 0x1b,
+ 0x53, 0x54, 0x41, 0x4e, 0x44, 0x41, 0x52, 0x44, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f,
+ 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1b, 0x0a,
+ 0x17, 0x53, 0x54, 0x41, 0x4e, 0x44, 0x41, 0x52, 0x44, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e,
+ 0x5f, 0x44, 0x45, 0x43, 0x52, 0x59, 0x50, 0x54, 0x10, 0x01, 0x12, 0x1c, 0x0a, 0x18, 0x53, 0x54,
+ 0x41, 0x4e, 0x44, 0x41, 0x52, 0x44, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52,
+ 0x41, 0x4e, 0x53, 0x4d, 0x49, 0x54, 0x10, 0x02, 0x42, 0x07, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
+ 0x65, 0x22, 0x81, 0x02, 0x0a, 0x0e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70,
+ 0x70, 0x69, 0x6e, 0x67, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+ 0x52, 0x02, 0x69, 0x64, 0x12, 0x36, 0x0a, 0x0f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74,
+ 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0d, 0x2e,
+ 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x61, 0x74,
+ 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x4f, 0x0a, 0x15,
+ 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f,
+ 0x6e, 0x5f, 0x73, 0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x70, 0x6f,
+ 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x64,
+ 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x74, 0x52, 0x13, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63,
+ 0x74, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x74, 0x12, 0x28, 0x0a,
+ 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0e,
+ 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07,
+ 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d,
0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74,
- 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xc6, 0x03, 0x0a, 0x05, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12,
- 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12,
- 0x2f, 0x0a, 0x09, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01,
- 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x74, 0x74, 0x72,
- 0x69, 0x62, 0x75, 0x74, 0x65, 0x52, 0x09, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65,
- 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52,
- 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2f, 0x0a, 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73,
- 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52,
- 0x06, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x66, 0x71, 0x6e, 0x18, 0x06,
- 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x66, 0x71, 0x6e, 0x12, 0x32, 0x0a, 0x06, 0x61, 0x63, 0x74,
- 0x69, 0x76, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
- 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c,
- 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x41, 0x0a,
- 0x10, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67,
- 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
- 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52,
- 0x0f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x73,
- 0x12, 0x29, 0x0a, 0x08, 0x6b, 0x61, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x09, 0x20, 0x03,
- 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x4b,
- 0x65, 0x79, 0x52, 0x07, 0x6b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x44, 0x0a, 0x11, 0x72,
- 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x73,
- 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52,
- 0x10, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67,
- 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20,
- 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74,
- 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4a,
- 0x04, 0x08, 0x04, 0x10, 0x05, 0x52, 0x07, 0x6d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x73, 0x22, 0xa8,
- 0x02, 0x0a, 0x06, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18,
- 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x3b, 0x0a, 0x08, 0x73, 0x74, 0x61,
- 0x6e, 0x64, 0x61, 0x72, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1d, 0x2e, 0x70, 0x6f,
- 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x74, 0x61, 0x6e,
- 0x64, 0x61, 0x72, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x08, 0x73, 0x74,
- 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x12, 0x18, 0x0a, 0x06, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d,
- 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d,
- 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
- 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
- 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e,
- 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
- 0x74, 0x61, 0x22, 0x6c, 0x0a, 0x0e, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x41, 0x63,
- 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1f, 0x0a, 0x1b, 0x53, 0x54, 0x41, 0x4e, 0x44, 0x41, 0x52, 0x44,
- 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46,
- 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1b, 0x0a, 0x17, 0x53, 0x54, 0x41, 0x4e, 0x44, 0x41, 0x52,
- 0x44, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x44, 0x45, 0x43, 0x52, 0x59, 0x50, 0x54,
- 0x10, 0x01, 0x12, 0x1c, 0x0a, 0x18, 0x53, 0x54, 0x41, 0x4e, 0x44, 0x41, 0x52, 0x44, 0x5f, 0x41,
- 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52, 0x41, 0x4e, 0x53, 0x4d, 0x49, 0x54, 0x10, 0x02,
- 0x42, 0x07, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x81, 0x02, 0x0a, 0x0e, 0x53, 0x75,
- 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x0e, 0x0a, 0x02,
- 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x36, 0x0a, 0x0f,
- 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18,
- 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x56,
- 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56,
- 0x61, 0x6c, 0x75, 0x65, 0x12, 0x4f, 0x0a, 0x15, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f,
- 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x65, 0x74, 0x18, 0x03, 0x20,
- 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x75, 0x62,
- 0x6a, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x74,
- 0x52, 0x13, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69,
- 0x6f, 0x6e, 0x53, 0x65, 0x74, 0x12, 0x28, 0x0a, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73,
- 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12,
+ 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xe9, 0x01, 0x0a, 0x09, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74,
+ 0x69, 0x6f, 0x6e, 0x12, 0x4d, 0x0a, 0x1f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x65,
+ 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72,
+ 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x06, 0xba, 0x48,
+ 0x03, 0xc8, 0x01, 0x01, 0x52, 0x1c, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x45, 0x78, 0x74,
+ 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x56, 0x61, 0x6c,
+ 0x75, 0x65, 0x12, 0x4b, 0x0a, 0x08, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x02,
+ 0x20, 0x01, 0x28, 0x0e, 0x32, 0x22, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x75,
+ 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x4f, 0x70, 0x65, 0x72,
+ 0x61, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x75, 0x6d, 0x42, 0x0b, 0xba, 0x48, 0x08, 0xc8, 0x01, 0x01,
+ 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12,
+ 0x40, 0x0a, 0x17, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72,
+ 0x6e, 0x61, 0x6c, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09,
+ 0x42, 0x08, 0xba, 0x48, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x15, 0x73, 0x75, 0x62, 0x6a,
+ 0x65, 0x63, 0x74, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+ 0x73, 0x22, 0xa7, 0x01, 0x0a, 0x0e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x47,
+ 0x72, 0x6f, 0x75, 0x70, 0x12, 0x3b, 0x0a, 0x0a, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f,
+ 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
+ 0x79, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xba, 0x48, 0x05,
+ 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e,
+ 0x73, 0x12, 0x58, 0x0a, 0x10, 0x62, 0x6f, 0x6f, 0x6c, 0x65, 0x61, 0x6e, 0x5f, 0x6f, 0x70, 0x65,
+ 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e, 0x70, 0x6f,
+ 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x6f,
+ 0x6f, 0x6c, 0x65, 0x61, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x45, 0x6e, 0x75, 0x6d, 0x42, 0x0b, 0xba,
+ 0x48, 0x08, 0xc8, 0x01, 0x01, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x0f, 0x62, 0x6f, 0x6f, 0x6c,
+ 0x65, 0x61, 0x6e, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x22, 0x59, 0x0a, 0x0a, 0x53,
+ 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x53, 0x65, 0x74, 0x12, 0x4b, 0x0a, 0x10, 0x63, 0x6f, 0x6e,
+ 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x18, 0x01, 0x20,
+ 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e,
+ 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x42, 0x08, 0xba, 0x48, 0x05,
+ 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0f, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e,
+ 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x22, 0x94, 0x01, 0x0a, 0x13, 0x53, 0x75, 0x62, 0x6a, 0x65,
+ 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x74, 0x12, 0x0e,
+ 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x3f,
+ 0x0a, 0x0c, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x73, 0x18, 0x03,
+ 0x20, 0x03, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x75,
+ 0x62, 0x6a, 0x65, 0x63, 0x74, 0x53, 0x65, 0x74, 0x42, 0x08, 0xba, 0x48, 0x05, 0x92, 0x01, 0x02,
+ 0x08, 0x01, 0x52, 0x0b, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x53, 0x65, 0x74, 0x73, 0x12,
0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28,
0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64,
- 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xe9, 0x01,
- 0x0a, 0x09, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x4d, 0x0a, 0x1f, 0x73,
- 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f,
- 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01,
- 0x20, 0x01, 0x28, 0x09, 0x42, 0x06, 0xba, 0x48, 0x03, 0xc8, 0x01, 0x01, 0x52, 0x1c, 0x73, 0x75,
- 0x62, 0x6a, 0x65, 0x63, 0x74, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x53, 0x65, 0x6c,
- 0x65, 0x63, 0x74, 0x6f, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x4b, 0x0a, 0x08, 0x6f, 0x70,
- 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x22, 0x2e, 0x70,
- 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70,
- 0x70, 0x69, 0x6e, 0x67, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x75, 0x6d,
- 0x42, 0x0b, 0xba, 0x48, 0x08, 0xc8, 0x01, 0x01, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x08, 0x6f,
- 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x40, 0x0a, 0x17, 0x73, 0x75, 0x62, 0x6a, 0x65,
- 0x63, 0x74, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x76, 0x61, 0x6c, 0x75,
- 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x92, 0x01, 0x02,
- 0x08, 0x01, 0x52, 0x15, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x45, 0x78, 0x74, 0x65, 0x72,
- 0x6e, 0x61, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x22, 0xa7, 0x01, 0x0a, 0x0e, 0x43, 0x6f,
- 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x3b, 0x0a, 0x0a,
- 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
- 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74,
- 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xba, 0x48, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0a, 0x63,
- 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x10, 0x62, 0x6f, 0x6f,
- 0x6c, 0x65, 0x61, 0x6e, 0x5f, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20,
- 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e,
- 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x6f, 0x6f, 0x6c, 0x65, 0x61, 0x6e, 0x54, 0x79, 0x70,
- 0x65, 0x45, 0x6e, 0x75, 0x6d, 0x42, 0x0b, 0xba, 0x48, 0x08, 0xc8, 0x01, 0x01, 0x82, 0x01, 0x02,
- 0x10, 0x01, 0x52, 0x0f, 0x62, 0x6f, 0x6f, 0x6c, 0x65, 0x61, 0x6e, 0x4f, 0x70, 0x65, 0x72, 0x61,
- 0x74, 0x6f, 0x72, 0x22, 0x59, 0x0a, 0x0a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x53, 0x65,
- 0x74, 0x12, 0x4b, 0x0a, 0x10, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x67,
- 0x72, 0x6f, 0x75, 0x70, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x70, 0x6f,
- 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x47, 0x72,
- 0x6f, 0x75, 0x70, 0x42, 0x08, 0xba, 0x48, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0f, 0x63,
- 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x22, 0x94,
- 0x01, 0x0a, 0x13, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74,
- 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01,
- 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x3f, 0x0a, 0x0c, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63,
- 0x74, 0x5f, 0x73, 0x65, 0x74, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x70,
- 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x53, 0x65, 0x74,
- 0x42, 0x08, 0xba, 0x48, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x73, 0x75, 0x62, 0x6a,
- 0x65, 0x63, 0x74, 0x53, 0x65, 0x74, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
- 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d,
- 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74,
- 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x7c, 0x0a, 0x0f, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74,
- 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x79, 0x12, 0x42, 0x0a, 0x17, 0x65, 0x78, 0x74, 0x65,
- 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x76, 0x61,
- 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0xc8, 0x01,
- 0x01, 0x72, 0x02, 0x10, 0x01, 0x52, 0x15, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x53,
- 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x25, 0x0a, 0x0e,
- 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02,
- 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x56, 0x61,
- 0x6c, 0x75, 0x65, 0x22, 0x9b, 0x01, 0x0a, 0x14, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
- 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x0e, 0x0a, 0x02,
- 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x29, 0x0a, 0x0c,
- 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01,
- 0x28, 0x09, 0x42, 0x06, 0xba, 0x48, 0x03, 0xc8, 0x01, 0x01, 0x52, 0x0b, 0x6e, 0x61, 0x6d, 0x65,
- 0x73, 0x70, 0x61, 0x63, 0x65, 0x49, 0x64, 0x12, 0x1a, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
- 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x06, 0xba, 0x48, 0x03, 0xc8, 0x01, 0x01, 0x52, 0x04, 0x6e,
- 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18,
- 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d,
- 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
- 0x61, 0x22, 0xd9, 0x01, 0x0a, 0x0f, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x61,
- 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
- 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
- 0x61, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
- 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64,
- 0x61, 0x74, 0x61, 0x12, 0x3e, 0x0a, 0x0f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65,
- 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0d, 0x2e, 0x70,
- 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x06, 0xba, 0x48, 0x03,
- 0xc8, 0x01, 0x01, 0x52, 0x0e, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61,
- 0x6c, 0x75, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x65, 0x72, 0x6d, 0x73, 0x18, 0x04, 0x20, 0x03,
- 0x28, 0x09, 0x52, 0x05, 0x74, 0x65, 0x72, 0x6d, 0x73, 0x12, 0x32, 0x0a, 0x05, 0x67, 0x72, 0x6f,
- 0x75, 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
- 0x79, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e,
- 0x67, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x05, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0xff, 0x04,
- 0x0a, 0x0f, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65,
- 0x72, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
- 0x64, 0x12, 0x87, 0x03, 0x0a, 0x03, 0x75, 0x72, 0x69, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42,
- 0xf4, 0x02, 0xba, 0x48, 0xf0, 0x02, 0xba, 0x01, 0xec, 0x02, 0x0a, 0x0a, 0x75, 0x72, 0x69, 0x5f,
- 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0xcf, 0x01, 0x55, 0x52, 0x49, 0x20, 0x6d, 0x75, 0x73,
- 0x74, 0x20, 0x62, 0x65, 0x20, 0x61, 0x20, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x20, 0x55, 0x52, 0x4c,
- 0x20, 0x28, 0x65, 0x2e, 0x67, 0x2e, 0x2c, 0x20, 0x27, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f,
- 0x2f, 0x64, 0x65, 0x6d, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x27, 0x29, 0x20, 0x66, 0x6f, 0x6c,
- 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x20, 0x62, 0x79, 0x20, 0x61, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f,
- 0x6e, 0x61, 0x6c, 0x20, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x20, 0x45, 0x61,
- 0x63, 0x68, 0x20, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6d, 0x75, 0x73, 0x74, 0x20,
- 0x73, 0x74, 0x61, 0x72, 0x74, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x65, 0x6e, 0x64, 0x20, 0x77, 0x69,
- 0x74, 0x68, 0x20, 0x61, 0x6e, 0x20, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x6e, 0x75, 0x6d, 0x65, 0x72,
- 0x69, 0x63, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x2c, 0x20, 0x63, 0x61,
- 0x6e, 0x20, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x20, 0x68, 0x79, 0x70, 0x68, 0x65, 0x6e,
- 0x73, 0x2c, 0x20, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x69, 0x63, 0x20,
- 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x73, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20,
- 0x73, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x2e, 0x1a, 0x8b, 0x01, 0x74, 0x68, 0x69, 0x73, 0x2e,
- 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x28, 0x27, 0x5e, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3f,
- 0x3a, 0x2f, 0x2f, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28, 0x5b,
- 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30, 0x2c,
- 0x36, 0x31, 0x7d, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29, 0x3f,
- 0x28, 0x5c, 0x5c, 0x2e, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28,
- 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30,
- 0x2c, 0x36, 0x31, 0x7d, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29,
- 0x3f, 0x29, 0x2a, 0x28, 0x3a, 0x5b, 0x30, 0x2d, 0x39, 0x5d, 0x2b, 0x29, 0x3f, 0x28, 0x2f, 0x2e,
- 0x2a, 0x29, 0x3f, 0x24, 0x27, 0x29, 0x52, 0x03, 0x75, 0x72, 0x69, 0x12, 0x30, 0x0a, 0x0a, 0x70,
- 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32,
- 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b,
- 0x65, 0x79, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x33, 0x0a,
- 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01,
- 0x28, 0x0e, 0x32, 0x12, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x6f, 0x75, 0x72,
- 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0a, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79,
- 0x70, 0x65, 0x12, 0x29, 0x0a, 0x08, 0x6b, 0x61, 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x05,
- 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61,
- 0x73, 0x4b, 0x65, 0x79, 0x52, 0x07, 0x6b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x12, 0x0a,
- 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
- 0x65, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20,
- 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74,
- 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22,
- 0x97, 0x02, 0x0a, 0x03, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x37, 0x0a, 0x09, 0x69, 0x73, 0x5f, 0x61, 0x63,
- 0x74, 0x69, 0x76, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
- 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f,
- 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x69, 0x73, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65,
- 0x12, 0x39, 0x0a, 0x0a, 0x77, 0x61, 0x73, 0x5f, 0x6d, 0x61, 0x70, 0x70, 0x65, 0x64, 0x18, 0x03,
- 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
- 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65,
- 0x52, 0x09, 0x77, 0x61, 0x73, 0x4d, 0x61, 0x70, 0x70, 0x65, 0x64, 0x12, 0x33, 0x0a, 0x0a, 0x70,
- 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
- 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c,
- 0x69, 0x63, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79,
- 0x12, 0x29, 0x0a, 0x03, 0x6b, 0x61, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
- 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x03, 0x6b, 0x61, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d,
+ 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x7c, 0x0a,
+ 0x0f, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x50, 0x72, 0x6f, 0x70, 0x65, 0x72, 0x74, 0x79,
+ 0x12, 0x42, 0x0a, 0x17, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x5f, 0x73, 0x65, 0x6c,
+ 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28,
+ 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0xc8, 0x01, 0x01, 0x72, 0x02, 0x10, 0x01, 0x52, 0x15, 0x65,
+ 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x56,
+ 0x61, 0x6c, 0x75, 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c,
+ 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x65, 0x78,
+ 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x9b, 0x01, 0x0a, 0x14,
+ 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x47,
+ 0x72, 0x6f, 0x75, 0x70, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+ 0x52, 0x02, 0x69, 0x64, 0x12, 0x29, 0x0a, 0x0c, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63,
+ 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x06, 0xba, 0x48, 0x03, 0xc8,
+ 0x01, 0x01, 0x52, 0x0b, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x49, 0x64, 0x12,
+ 0x1a, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x06, 0xba,
+ 0x48, 0x03, 0xc8, 0x01, 0x01, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x2c, 0x0a, 0x08, 0x6d,
0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e,
0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52,
- 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x84, 0x01, 0x0a, 0x0c, 0x4b, 0x61,
- 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x1c, 0x0a, 0x03, 0x70, 0x65,
- 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0x72, 0x05, 0x10, 0x01,
- 0x18, 0x80, 0x40, 0x52, 0x03, 0x70, 0x65, 0x6d, 0x12, 0x1b, 0x0a, 0x03, 0x6b, 0x69, 0x64, 0x18,
- 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x09, 0xba, 0x48, 0x06, 0x72, 0x04, 0x10, 0x01, 0x18, 0x20,
- 0x52, 0x03, 0x6b, 0x69, 0x64, 0x12, 0x39, 0x0a, 0x03, 0x61, 0x6c, 0x67, 0x18, 0x03, 0x20, 0x01,
- 0x28, 0x0e, 0x32, 0x1b, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50,
- 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x41, 0x6c, 0x67, 0x45, 0x6e, 0x75, 0x6d, 0x42,
- 0x0a, 0xba, 0x48, 0x07, 0x82, 0x01, 0x04, 0x10, 0x01, 0x20, 0x00, 0x52, 0x03, 0x61, 0x6c, 0x67,
- 0x22, 0x3b, 0x0a, 0x0f, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79,
- 0x53, 0x65, 0x74, 0x12, 0x28, 0x0a, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28,
- 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50, 0x75,
- 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x52, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x22, 0xe0, 0x03,
- 0x0a, 0x09, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x84, 0x03, 0x0a, 0x06,
- 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0xe9, 0x02, 0xba,
- 0x48, 0xe5, 0x02, 0xba, 0x01, 0xe1, 0x02, 0x0a, 0x0a, 0x75, 0x72, 0x69, 0x5f, 0x66, 0x6f, 0x72,
- 0x6d, 0x61, 0x74, 0x12, 0xcf, 0x01, 0x55, 0x52, 0x49, 0x20, 0x6d, 0x75, 0x73, 0x74, 0x20, 0x62,
- 0x65, 0x20, 0x61, 0x20, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x20, 0x55, 0x52, 0x4c, 0x20, 0x28, 0x65,
- 0x2e, 0x67, 0x2e, 0x2c, 0x20, 0x27, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x64, 0x65,
- 0x6d, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x27, 0x29, 0x20, 0x66, 0x6f, 0x6c, 0x6c, 0x6f, 0x77,
- 0x65, 0x64, 0x20, 0x62, 0x79, 0x20, 0x61, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c,
- 0x20, 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x20, 0x45, 0x61, 0x63, 0x68, 0x20,
- 0x73, 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6d, 0x75, 0x73, 0x74, 0x20, 0x73, 0x74, 0x61,
- 0x72, 0x74, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x65, 0x6e, 0x64, 0x20, 0x77, 0x69, 0x74, 0x68, 0x20,
- 0x61, 0x6e, 0x20, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x69, 0x63, 0x20,
- 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x2c, 0x20, 0x63, 0x61, 0x6e, 0x20, 0x63,
- 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x20, 0x68, 0x79, 0x70, 0x68, 0x65, 0x6e, 0x73, 0x2c, 0x20,
- 0x61, 0x6c, 0x70, 0x68, 0x61, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x69, 0x63, 0x20, 0x63, 0x68, 0x61,
- 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x73, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x73, 0x6c, 0x61,
- 0x73, 0x68, 0x65, 0x73, 0x2e, 0x1a, 0x80, 0x01, 0x74, 0x68, 0x69, 0x73, 0x2e, 0x6d, 0x61, 0x74,
- 0x63, 0x68, 0x65, 0x73, 0x28, 0x27, 0x5e, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x5b,
- 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28, 0x5b, 0x61, 0x2d, 0x7a, 0x41,
- 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30, 0x2c, 0x36, 0x31, 0x7d, 0x5b,
- 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29, 0x3f, 0x28, 0x5c, 0x5c, 0x2e,
- 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28, 0x5b, 0x61, 0x2d, 0x7a,
- 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30, 0x2c, 0x36, 0x31, 0x7d,
- 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29, 0x3f, 0x29, 0x2a, 0x28,
- 0x2f, 0x2e, 0x2a, 0x29, 0x3f, 0x24, 0x27, 0x29, 0x48, 0x00, 0x52, 0x06, 0x72, 0x65, 0x6d, 0x6f,
- 0x74, 0x65, 0x12, 0x31, 0x0a, 0x06, 0x63, 0x61, 0x63, 0x68, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01,
- 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50,
- 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x06, 0x63,
- 0x61, 0x63, 0x68, 0x65, 0x64, 0x42, 0x0c, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f,
- 0x6b, 0x65, 0x79, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x05, 0x6c, 0x6f, 0x63, 0x61, 0x6c,
- 0x22, 0x9f, 0x01, 0x0a, 0x12, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52,
- 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
- 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x06, 0x76,
- 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x70, 0x6f,
+ 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xd9, 0x01, 0x0a, 0x0f, 0x52, 0x65,
+ 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x0e, 0x0a,
+ 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x2c, 0x0a,
+ 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+ 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+ 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3e, 0x0a, 0x0f, 0x61,
+ 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03,
+ 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x56, 0x61,
+ 0x6c, 0x75, 0x65, 0x42, 0x06, 0xba, 0x48, 0x03, 0xc8, 0x01, 0x01, 0x52, 0x0e, 0x61, 0x74, 0x74,
+ 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x74,
+ 0x65, 0x72, 0x6d, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x74, 0x65, 0x72, 0x6d,
+ 0x73, 0x12, 0x32, 0x0a, 0x05, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
+ 0x32, 0x1c, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72,
+ 0x63, 0x65, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x05,
+ 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0x85, 0x05, 0x0a, 0x0f, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63,
+ 0x65, 0x73, 0x73, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18,
+ 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x87, 0x03, 0x0a, 0x03, 0x75, 0x72,
+ 0x69, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0xf4, 0x02, 0xba, 0x48, 0xf0, 0x02, 0xba, 0x01,
+ 0xec, 0x02, 0x0a, 0x0a, 0x75, 0x72, 0x69, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0xcf,
+ 0x01, 0x55, 0x52, 0x49, 0x20, 0x6d, 0x75, 0x73, 0x74, 0x20, 0x62, 0x65, 0x20, 0x61, 0x20, 0x76,
+ 0x61, 0x6c, 0x69, 0x64, 0x20, 0x55, 0x52, 0x4c, 0x20, 0x28, 0x65, 0x2e, 0x67, 0x2e, 0x2c, 0x20,
+ 0x27, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x64, 0x65, 0x6d, 0x6f, 0x2e, 0x63, 0x6f,
+ 0x6d, 0x2f, 0x27, 0x29, 0x20, 0x66, 0x6f, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x20, 0x62, 0x79,
+ 0x20, 0x61, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x20, 0x73, 0x65, 0x67, 0x6d,
+ 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x20, 0x45, 0x61, 0x63, 0x68, 0x20, 0x73, 0x65, 0x67, 0x6d, 0x65,
+ 0x6e, 0x74, 0x20, 0x6d, 0x75, 0x73, 0x74, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74, 0x20, 0x61, 0x6e,
+ 0x64, 0x20, 0x65, 0x6e, 0x64, 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x61, 0x6e, 0x20, 0x61, 0x6c,
+ 0x70, 0x68, 0x61, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x69, 0x63, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61,
+ 0x63, 0x74, 0x65, 0x72, 0x2c, 0x20, 0x63, 0x61, 0x6e, 0x20, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69,
+ 0x6e, 0x20, 0x68, 0x79, 0x70, 0x68, 0x65, 0x6e, 0x73, 0x2c, 0x20, 0x61, 0x6c, 0x70, 0x68, 0x61,
+ 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x69, 0x63, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61, 0x63, 0x74, 0x65,
+ 0x72, 0x73, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x73, 0x6c, 0x61, 0x73, 0x68, 0x65, 0x73, 0x2e,
+ 0x1a, 0x8b, 0x01, 0x74, 0x68, 0x69, 0x73, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x28,
+ 0x27, 0x5e, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3f, 0x3a, 0x2f, 0x2f, 0x5b, 0x61, 0x2d, 0x7a, 0x41,
+ 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d,
+ 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30, 0x2c, 0x36, 0x31, 0x7d, 0x5b, 0x61, 0x2d, 0x7a, 0x41,
+ 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29, 0x3f, 0x28, 0x5c, 0x5c, 0x2e, 0x5b, 0x61, 0x2d, 0x7a,
+ 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30,
+ 0x2d, 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30, 0x2c, 0x36, 0x31, 0x7d, 0x5b, 0x61, 0x2d, 0x7a,
+ 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29, 0x3f, 0x29, 0x2a, 0x28, 0x3a, 0x5b, 0x30, 0x2d,
+ 0x39, 0x5d, 0x2b, 0x29, 0x3f, 0x28, 0x2f, 0x2e, 0x2a, 0x29, 0x3f, 0x24, 0x27, 0x29, 0x52, 0x03,
+ 0x75, 0x72, 0x69, 0x12, 0x30, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65,
+ 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
+ 0x2e, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c,
+ 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x33, 0x0a, 0x0b, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f,
+ 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x12, 0x2e, 0x70, 0x6f, 0x6c,
+ 0x69, 0x63, 0x79, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0a,
+ 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2f, 0x0a, 0x08, 0x6b, 0x61,
+ 0x73, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70,
+ 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x4b, 0x61, 0x73, 0x4b,
+ 0x65, 0x79, 0x52, 0x07, 0x6b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e,
+ 0x61, 0x6d, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+ 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28,
+ 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64,
+ 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x97, 0x02,
+ 0x0a, 0x03, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
+ 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x37, 0x0a, 0x09, 0x69, 0x73, 0x5f, 0x61, 0x63, 0x74, 0x69,
+ 0x76, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+ 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56,
+ 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x69, 0x73, 0x41, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x39,
+ 0x0a, 0x0a, 0x77, 0x61, 0x73, 0x5f, 0x6d, 0x61, 0x70, 0x70, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01,
+ 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+ 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x09,
+ 0x77, 0x61, 0x73, 0x4d, 0x61, 0x70, 0x70, 0x65, 0x64, 0x12, 0x33, 0x0a, 0x0a, 0x70, 0x75, 0x62,
+ 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e,
+ 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63,
+ 0x4b, 0x65, 0x79, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x29,
+ 0x0a, 0x03, 0x6b, 0x61, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x70, 0x6f,
+ 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x53, 0x65,
+ 0x72, 0x76, 0x65, 0x72, 0x52, 0x03, 0x6b, 0x61, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74,
+ 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f,
+ 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d,
+ 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x84, 0x01, 0x0a, 0x0c, 0x4b, 0x61, 0x73, 0x50,
+ 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x1c, 0x0a, 0x03, 0x70, 0x65, 0x6d, 0x18,
+ 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0x72, 0x05, 0x10, 0x01, 0x18, 0x80,
+ 0x40, 0x52, 0x03, 0x70, 0x65, 0x6d, 0x12, 0x1b, 0x0a, 0x03, 0x6b, 0x69, 0x64, 0x18, 0x02, 0x20,
+ 0x01, 0x28, 0x09, 0x42, 0x09, 0xba, 0x48, 0x06, 0x72, 0x04, 0x10, 0x01, 0x18, 0x20, 0x52, 0x03,
+ 0x6b, 0x69, 0x64, 0x12, 0x39, 0x0a, 0x03, 0x61, 0x6c, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e,
+ 0x32, 0x1b, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62,
+ 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x41, 0x6c, 0x67, 0x45, 0x6e, 0x75, 0x6d, 0x42, 0x0a, 0xba,
+ 0x48, 0x07, 0x82, 0x01, 0x04, 0x10, 0x01, 0x20, 0x00, 0x52, 0x03, 0x61, 0x6c, 0x67, 0x22, 0x3b,
+ 0x0a, 0x0f, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x53, 0x65,
+ 0x74, 0x12, 0x28, 0x0a, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
+ 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c,
+ 0x69, 0x63, 0x4b, 0x65, 0x79, 0x52, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x22, 0xe0, 0x03, 0x0a, 0x09,
+ 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x84, 0x03, 0x0a, 0x06, 0x72, 0x65,
+ 0x6d, 0x6f, 0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0xe9, 0x02, 0xba, 0x48, 0xe5,
+ 0x02, 0xba, 0x01, 0xe1, 0x02, 0x0a, 0x0a, 0x75, 0x72, 0x69, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61,
+ 0x74, 0x12, 0xcf, 0x01, 0x55, 0x52, 0x49, 0x20, 0x6d, 0x75, 0x73, 0x74, 0x20, 0x62, 0x65, 0x20,
+ 0x61, 0x20, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x20, 0x55, 0x52, 0x4c, 0x20, 0x28, 0x65, 0x2e, 0x67,
+ 0x2e, 0x2c, 0x20, 0x27, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x64, 0x65, 0x6d, 0x6f,
+ 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x27, 0x29, 0x20, 0x66, 0x6f, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64,
+ 0x20, 0x62, 0x79, 0x20, 0x61, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x20, 0x73,
+ 0x65, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x20, 0x45, 0x61, 0x63, 0x68, 0x20, 0x73, 0x65,
+ 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x20, 0x6d, 0x75, 0x73, 0x74, 0x20, 0x73, 0x74, 0x61, 0x72, 0x74,
+ 0x20, 0x61, 0x6e, 0x64, 0x20, 0x65, 0x6e, 0x64, 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x61, 0x6e,
+ 0x20, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x69, 0x63, 0x20, 0x63, 0x68,
+ 0x61, 0x72, 0x61, 0x63, 0x74, 0x65, 0x72, 0x2c, 0x20, 0x63, 0x61, 0x6e, 0x20, 0x63, 0x6f, 0x6e,
+ 0x74, 0x61, 0x69, 0x6e, 0x20, 0x68, 0x79, 0x70, 0x68, 0x65, 0x6e, 0x73, 0x2c, 0x20, 0x61, 0x6c,
+ 0x70, 0x68, 0x61, 0x6e, 0x75, 0x6d, 0x65, 0x72, 0x69, 0x63, 0x20, 0x63, 0x68, 0x61, 0x72, 0x61,
+ 0x63, 0x74, 0x65, 0x72, 0x73, 0x2c, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x73, 0x6c, 0x61, 0x73, 0x68,
+ 0x65, 0x73, 0x2e, 0x1a, 0x80, 0x01, 0x74, 0x68, 0x69, 0x73, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68,
+ 0x65, 0x73, 0x28, 0x27, 0x5e, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x5b, 0x61, 0x2d,
+ 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d, 0x5a,
+ 0x30, 0x2d, 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30, 0x2c, 0x36, 0x31, 0x7d, 0x5b, 0x61, 0x2d,
+ 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29, 0x3f, 0x28, 0x5c, 0x5c, 0x2e, 0x5b, 0x61,
+ 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x28, 0x5b, 0x61, 0x2d, 0x7a, 0x41, 0x2d,
+ 0x5a, 0x30, 0x2d, 0x39, 0x5c, 0x5c, 0x2d, 0x5d, 0x7b, 0x30, 0x2c, 0x36, 0x31, 0x7d, 0x5b, 0x61,
+ 0x2d, 0x7a, 0x41, 0x2d, 0x5a, 0x30, 0x2d, 0x39, 0x5d, 0x29, 0x3f, 0x29, 0x2a, 0x28, 0x2f, 0x2e,
+ 0x2a, 0x29, 0x3f, 0x24, 0x27, 0x29, 0x48, 0x00, 0x52, 0x06, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65,
+ 0x12, 0x31, 0x0a, 0x06, 0x63, 0x61, 0x63, 0x68, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+ 0x32, 0x17, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62,
+ 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x06, 0x63, 0x61, 0x63,
+ 0x68, 0x65, 0x64, 0x42, 0x0c, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65,
+ 0x79, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x05, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x22, 0x9f,
+ 0x01, 0x0a, 0x12, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52, 0x65, 0x73,
+ 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
+ 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20,
+ 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x06, 0x76, 0x61, 0x6c,
+ 0x75, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x70, 0x6f, 0x6c, 0x69,
+ 0x63, 0x79, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52, 0x65, 0x73,
+ 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x76, 0x61, 0x6c, 0x75,
+ 0x65, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64,
+ 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65,
+ 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+ 0x22, 0xca, 0x03, 0x0a, 0x17, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52,
+ 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x0e, 0x0a, 0x02,
+ 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05,
+ 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c,
+ 0x75, 0x65, 0x12, 0x36, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x03,
+ 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65,
+ 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+ 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x6c, 0x0a, 0x17, 0x61, 0x63,
+ 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x5f, 0x76,
+ 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x70, 0x6f,
0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52,
- 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, 0x76, 0x61,
- 0x6c, 0x75, 0x65, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
- 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e,
- 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61,
- 0x74, 0x61, 0x22, 0xca, 0x03, 0x0a, 0x17, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65,
- 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x0e,
- 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14,
- 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76,
- 0x61, 0x6c, 0x75, 0x65, 0x12, 0x36, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
- 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72,
- 0x63, 0x65, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x6c, 0x0a, 0x17,
- 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65,
- 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x34, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65,
- 0x64, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x2e, 0x41,
- 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61,
- 0x6c, 0x75, 0x65, 0x52, 0x15, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69,
- 0x62, 0x75, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65,
- 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63,
- 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08,
- 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x1a, 0xb4, 0x01, 0x0a, 0x14, 0x41, 0x63, 0x74,
+ 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x2e, 0x41, 0x63, 0x74,
0x69, 0x6f, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75,
- 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
- 0x64, 0x12, 0x26, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28,
- 0x0b, 0x32, 0x0e, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f,
- 0x6e, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x0f, 0x61, 0x74, 0x74,
- 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01,
- 0x28, 0x0b, 0x32, 0x0d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x56, 0x61, 0x6c, 0x75,
- 0x65, 0x52, 0x0e, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75,
- 0x65, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20,
- 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74,
- 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22,
- 0x61, 0x0a, 0x06, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x12, 0x15, 0x0a, 0x06, 0x6b, 0x61, 0x73,
- 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x61, 0x73, 0x49, 0x64,
- 0x12, 0x27, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e,
- 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x73, 0x79, 0x6d, 0x6d, 0x65, 0x74, 0x72, 0x69,
- 0x63, 0x4b, 0x65, 0x79, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x17, 0x0a, 0x07, 0x6b, 0x61, 0x73,
- 0x5f, 0x75, 0x72, 0x69, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6b, 0x61, 0x73, 0x55,
- 0x72, 0x69, 0x22, 0x29, 0x0a, 0x0c, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x43,
- 0x74, 0x78, 0x12, 0x19, 0x0a, 0x03, 0x70, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
- 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x03, 0x70, 0x65, 0x6d, 0x22, 0x50, 0x0a,
- 0x0d, 0x50, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x1e,
- 0x0a, 0x06, 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07,
- 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1f,
- 0x0a, 0x0b, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x0a, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x22,
- 0xb9, 0x03, 0x0a, 0x0d, 0x41, 0x73, 0x79, 0x6d, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x4b, 0x65,
- 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
- 0x64, 0x12, 0x15, 0x0a, 0x06, 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
- 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x36, 0x0a, 0x0d, 0x6b, 0x65, 0x79, 0x5f,
- 0x61, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32,
- 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74,
- 0x68, 0x6d, 0x52, 0x0c, 0x6b, 0x65, 0x79, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d,
- 0x12, 0x30, 0x0a, 0x0a, 0x6b, 0x65, 0x79, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04,
- 0x20, 0x01, 0x28, 0x0e, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65,
- 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x09, 0x6b, 0x65, 0x79, 0x53, 0x74, 0x61, 0x74,
- 0x75, 0x73, 0x12, 0x2a, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05,
- 0x20, 0x01, 0x28, 0x0e, 0x32, 0x0f, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65,
- 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x52, 0x07, 0x6b, 0x65, 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x3a,
- 0x0a, 0x0e, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x74, 0x78,
- 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e,
- 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x52, 0x0c, 0x70, 0x75,
- 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x3d, 0x0a, 0x0f, 0x70, 0x72,
- 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x74, 0x78, 0x18, 0x07, 0x20,
- 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x50, 0x72, 0x69,
- 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x52, 0x0d, 0x70, 0x72, 0x69, 0x76,
- 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x42, 0x0a, 0x0f, 0x70, 0x72, 0x6f,
- 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x08, 0x20, 0x01,
- 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x50,
- 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x70,
- 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x0a,
- 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32,
- 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
- 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x9e, 0x02, 0x0a, 0x0c,
- 0x53, 0x79, 0x6d, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a, 0x02,
- 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x15, 0x0a, 0x06,
- 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65,
- 0x79, 0x49, 0x64, 0x12, 0x30, 0x0a, 0x0a, 0x6b, 0x65, 0x79, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75,
- 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
- 0x2e, 0x4b, 0x65, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x09, 0x6b, 0x65, 0x79, 0x53,
- 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x2a, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x5f, 0x6d, 0x6f, 0x64,
- 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x0f, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79,
- 0x2e, 0x4b, 0x65, 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x52, 0x07, 0x6b, 0x65, 0x79, 0x4d, 0x6f, 0x64,
- 0x65, 0x12, 0x17, 0x0a, 0x07, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x74, 0x78, 0x18, 0x05, 0x20, 0x01,
- 0x28, 0x0c, 0x52, 0x06, 0x6b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x42, 0x0a, 0x0f, 0x70, 0x72,
- 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20,
- 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79,
- 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e,
- 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c,
- 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b,
- 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61,
- 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2a, 0xb3, 0x01, 0x0a,
- 0x15, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x54, 0x79,
- 0x70, 0x65, 0x45, 0x6e, 0x75, 0x6d, 0x12, 0x28, 0x0a, 0x24, 0x41, 0x54, 0x54, 0x52, 0x49, 0x42,
- 0x55, 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4c, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e,
- 0x55, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00,
- 0x12, 0x23, 0x0a, 0x1f, 0x41, 0x54, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x45, 0x5f, 0x52, 0x55,
- 0x4c, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x41, 0x4c, 0x4c,
- 0x5f, 0x4f, 0x46, 0x10, 0x01, 0x12, 0x23, 0x0a, 0x1f, 0x41, 0x54, 0x54, 0x52, 0x49, 0x42, 0x55,
- 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4c, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55,
- 0x4d, 0x5f, 0x41, 0x4e, 0x59, 0x5f, 0x4f, 0x46, 0x10, 0x02, 0x12, 0x26, 0x0a, 0x22, 0x41, 0x54,
- 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4c, 0x45, 0x5f, 0x54, 0x59, 0x50,
- 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x48, 0x49, 0x45, 0x52, 0x41, 0x52, 0x43, 0x48, 0x59,
- 0x10, 0x03, 0x2a, 0xca, 0x01, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61,
- 0x70, 0x70, 0x69, 0x6e, 0x67, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x75,
- 0x6d, 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x4d, 0x41, 0x50,
- 0x50, 0x49, 0x4e, 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x4f, 0x52, 0x5f, 0x45, 0x4e,
- 0x55, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00,
- 0x12, 0x24, 0x0a, 0x20, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x4d, 0x41, 0x50, 0x50,
- 0x49, 0x4e, 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x4f, 0x52, 0x5f, 0x45, 0x4e, 0x55,
- 0x4d, 0x5f, 0x49, 0x4e, 0x10, 0x01, 0x12, 0x28, 0x0a, 0x24, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43,
- 0x54, 0x5f, 0x4d, 0x41, 0x50, 0x50, 0x49, 0x4e, 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54,
- 0x4f, 0x52, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x49, 0x4e, 0x10, 0x02,
- 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x4d, 0x41, 0x50, 0x50,
- 0x49, 0x4e, 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x4f, 0x52, 0x5f, 0x45, 0x4e, 0x55,
- 0x4d, 0x5f, 0x49, 0x4e, 0x5f, 0x43, 0x4f, 0x4e, 0x54, 0x41, 0x49, 0x4e, 0x53, 0x10, 0x03, 0x2a,
- 0x90, 0x01, 0x0a, 0x18, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x6f, 0x6f,
- 0x6c, 0x65, 0x61, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x45, 0x6e, 0x75, 0x6d, 0x12, 0x2b, 0x0a, 0x27,
+ 0x65, 0x52, 0x15, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75,
+ 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x12, 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61,
+ 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d,
+ 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65,
+ 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x1a, 0xb4, 0x01, 0x0a, 0x14, 0x41, 0x63, 0x74, 0x69, 0x6f,
+ 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12,
+ 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12,
+ 0x26, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
+ 0x0e, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+ 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x0f, 0x61, 0x74, 0x74, 0x72, 0x69,
+ 0x62, 0x75, 0x74, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b,
+ 0x32, 0x0d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52,
+ 0x0e, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12,
+ 0x2c, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28,
+ 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64,
+ 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x61, 0x0a,
+ 0x06, 0x4b, 0x61, 0x73, 0x4b, 0x65, 0x79, 0x12, 0x15, 0x0a, 0x06, 0x6b, 0x61, 0x73, 0x5f, 0x69,
+ 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x61, 0x73, 0x49, 0x64, 0x12, 0x27,
+ 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x70, 0x6f,
+ 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x73, 0x79, 0x6d, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x4b,
+ 0x65, 0x79, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x17, 0x0a, 0x07, 0x6b, 0x61, 0x73, 0x5f, 0x75,
+ 0x72, 0x69, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6b, 0x61, 0x73, 0x55, 0x72, 0x69,
+ 0x22, 0x29, 0x0a, 0x0c, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78,
+ 0x12, 0x19, 0x0a, 0x03, 0x70, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba,
+ 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x03, 0x70, 0x65, 0x6d, 0x22, 0x50, 0x0a, 0x0d, 0x50,
+ 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x1e, 0x0a, 0x06,
+ 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48,
+ 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1f, 0x0a, 0x0b,
+ 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28,
+ 0x09, 0x52, 0x0a, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x22, 0xb9, 0x03,
+ 0x0a, 0x0d, 0x41, 0x73, 0x79, 0x6d, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12,
+ 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12,
+ 0x15, 0x0a, 0x06, 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+ 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x36, 0x0a, 0x0d, 0x6b, 0x65, 0x79, 0x5f, 0x61, 0x6c,
+ 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x11, 0x2e,
+ 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d,
+ 0x52, 0x0c, 0x6b, 0x65, 0x79, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x30,
+ 0x0a, 0x0a, 0x6b, 0x65, 0x79, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, 0x20, 0x01,
+ 0x28, 0x0e, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x53,
+ 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x09, 0x6b, 0x65, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73,
+ 0x12, 0x2a, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x18, 0x05, 0x20, 0x01,
+ 0x28, 0x0e, 0x32, 0x0f, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x4d,
+ 0x6f, 0x64, 0x65, 0x52, 0x07, 0x6b, 0x65, 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x3a, 0x0a, 0x0e,
+ 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x74, 0x78, 0x18, 0x06,
+ 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x50, 0x75,
+ 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x52, 0x0c, 0x70, 0x75, 0x62, 0x6c,
+ 0x69, 0x63, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x3d, 0x0a, 0x0f, 0x70, 0x72, 0x69, 0x76,
+ 0x61, 0x74, 0x65, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x74, 0x78, 0x18, 0x07, 0x20, 0x01, 0x28,
+ 0x0b, 0x32, 0x15, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x50, 0x72, 0x69, 0x76, 0x61,
+ 0x74, 0x65, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x52, 0x0d, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74,
+ 0x65, 0x4b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x42, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x76, 0x69,
+ 0x64, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b,
+ 0x32, 0x19, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x50, 0x72, 0x6f,
+ 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x70, 0x72, 0x6f,
+ 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x0a, 0x08, 0x6d,
+ 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e,
+ 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52,
+ 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x9e, 0x02, 0x0a, 0x0c, 0x53, 0x79,
+ 0x6d, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64,
+ 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x15, 0x0a, 0x06, 0x6b, 0x65,
+ 0x79, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49,
+ 0x64, 0x12, 0x30, 0x0a, 0x0a, 0x6b, 0x65, 0x79, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18,
+ 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x11, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b,
+ 0x65, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x09, 0x6b, 0x65, 0x79, 0x53, 0x74, 0x61,
+ 0x74, 0x75, 0x73, 0x12, 0x2a, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x18,
+ 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x0f, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b,
+ 0x65, 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x52, 0x07, 0x6b, 0x65, 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x12,
+ 0x17, 0x0a, 0x07, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x74, 0x78, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c,
+ 0x52, 0x06, 0x6b, 0x65, 0x79, 0x43, 0x74, 0x78, 0x12, 0x42, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x76,
+ 0x69, 0x64, 0x65, 0x72, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28,
+ 0x0b, 0x32, 0x19, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x4b, 0x65, 0x79, 0x50, 0x72,
+ 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0e, 0x70, 0x72,
+ 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x0a, 0x08,
+ 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x64, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10,
+ 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
+ 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2a, 0xb3, 0x01, 0x0a, 0x15, 0x41,
+ 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x52, 0x75, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65,
+ 0x45, 0x6e, 0x75, 0x6d, 0x12, 0x28, 0x0a, 0x24, 0x41, 0x54, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54,
+ 0x45, 0x5f, 0x52, 0x55, 0x4c, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d,
+ 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x23,
+ 0x0a, 0x1f, 0x41, 0x54, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4c, 0x45,
+ 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x41, 0x4c, 0x4c, 0x5f, 0x4f,
+ 0x46, 0x10, 0x01, 0x12, 0x23, 0x0a, 0x1f, 0x41, 0x54, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x45,
+ 0x5f, 0x52, 0x55, 0x4c, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f,
+ 0x41, 0x4e, 0x59, 0x5f, 0x4f, 0x46, 0x10, 0x02, 0x12, 0x26, 0x0a, 0x22, 0x41, 0x54, 0x54, 0x52,
+ 0x49, 0x42, 0x55, 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4c, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f,
+ 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x48, 0x49, 0x45, 0x52, 0x41, 0x52, 0x43, 0x48, 0x59, 0x10, 0x03,
+ 0x2a, 0xca, 0x01, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4d, 0x61, 0x70, 0x70,
+ 0x69, 0x6e, 0x67, 0x4f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x45, 0x6e, 0x75, 0x6d, 0x12,
+ 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x4d, 0x41, 0x50, 0x50, 0x49,
+ 0x4e, 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x4f, 0x52, 0x5f, 0x45, 0x4e, 0x55, 0x4d,
+ 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x24,
+ 0x0a, 0x20, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x4d, 0x41, 0x50, 0x50, 0x49, 0x4e,
+ 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x4f, 0x52, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f,
+ 0x49, 0x4e, 0x10, 0x01, 0x12, 0x28, 0x0a, 0x24, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f,
+ 0x4d, 0x41, 0x50, 0x50, 0x49, 0x4e, 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x4f, 0x52,
+ 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x49, 0x4e, 0x10, 0x02, 0x12, 0x2d,
+ 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x4d, 0x41, 0x50, 0x50, 0x49, 0x4e,
+ 0x47, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, 0x54, 0x4f, 0x52, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f,
+ 0x49, 0x4e, 0x5f, 0x43, 0x4f, 0x4e, 0x54, 0x41, 0x49, 0x4e, 0x53, 0x10, 0x03, 0x2a, 0x90, 0x01,
+ 0x0a, 0x18, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x6f, 0x6f, 0x6c, 0x65,
+ 0x61, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x45, 0x6e, 0x75, 0x6d, 0x12, 0x2b, 0x0a, 0x27, 0x43, 0x4f,
+ 0x4e, 0x44, 0x49, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x42, 0x4f, 0x4f, 0x4c, 0x45, 0x41, 0x4e, 0x5f,
+ 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43,
+ 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x23, 0x0a, 0x1f, 0x43, 0x4f, 0x4e, 0x44, 0x49,
+ 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x42, 0x4f, 0x4f, 0x4c, 0x45, 0x41, 0x4e, 0x5f, 0x54, 0x59, 0x50,
+ 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x41, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x22, 0x0a, 0x1e,
0x43, 0x4f, 0x4e, 0x44, 0x49, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x42, 0x4f, 0x4f, 0x4c, 0x45, 0x41,
- 0x4e, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50,
- 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x23, 0x0a, 0x1f, 0x43, 0x4f, 0x4e,
- 0x44, 0x49, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x42, 0x4f, 0x4f, 0x4c, 0x45, 0x41, 0x4e, 0x5f, 0x54,
- 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x41, 0x4e, 0x44, 0x10, 0x01, 0x12, 0x22,
- 0x0a, 0x1e, 0x43, 0x4f, 0x4e, 0x44, 0x49, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x42, 0x4f, 0x4f, 0x4c,
- 0x45, 0x41, 0x4e, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x4f, 0x52,
- 0x10, 0x02, 0x2a, 0x5d, 0x0a, 0x0a, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65,
- 0x12, 0x1b, 0x0a, 0x17, 0x53, 0x4f, 0x55, 0x52, 0x43, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f,
- 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x18, 0x0a,
- 0x14, 0x53, 0x4f, 0x55, 0x52, 0x43, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54,
- 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, 0x18, 0x0a, 0x14, 0x53, 0x4f, 0x55, 0x52, 0x43,
- 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x58, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10,
- 0x02, 0x2a, 0x88, 0x02, 0x0a, 0x13, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b,
- 0x65, 0x79, 0x41, 0x6c, 0x67, 0x45, 0x6e, 0x75, 0x6d, 0x12, 0x27, 0x0a, 0x23, 0x4b, 0x41, 0x53,
- 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f,
- 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44,
- 0x10, 0x00, 0x12, 0x24, 0x0a, 0x20, 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43,
- 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x52, 0x53,
- 0x41, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x10, 0x01, 0x12, 0x24, 0x0a, 0x20, 0x4b, 0x41, 0x53, 0x5f,
- 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45,
- 0x4e, 0x55, 0x4d, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x34, 0x30, 0x39, 0x36, 0x10, 0x02, 0x12, 0x28,
- 0x0a, 0x24, 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59,
- 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x53, 0x45, 0x43,
- 0x50, 0x32, 0x35, 0x36, 0x52, 0x31, 0x10, 0x05, 0x12, 0x28, 0x0a, 0x24, 0x4b, 0x41, 0x53, 0x5f,
- 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45,
- 0x4e, 0x55, 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x53, 0x45, 0x43, 0x50, 0x33, 0x38, 0x34, 0x52, 0x31,
- 0x10, 0x06, 0x12, 0x28, 0x0a, 0x24, 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43,
- 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x45, 0x43,
- 0x5f, 0x53, 0x45, 0x43, 0x50, 0x35, 0x32, 0x31, 0x52, 0x31, 0x10, 0x07, 0x2a, 0x9b, 0x01, 0x0a,
- 0x09, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x19, 0x0a, 0x15, 0x41, 0x4c,
- 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46,
- 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54,
- 0x48, 0x4d, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x10, 0x01, 0x12, 0x16, 0x0a,
- 0x12, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x34,
- 0x30, 0x39, 0x36, 0x10, 0x02, 0x12, 0x15, 0x0a, 0x11, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54,
- 0x48, 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x10, 0x03, 0x12, 0x15, 0x0a, 0x11,
- 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x50, 0x33, 0x38,
- 0x34, 0x10, 0x04, 0x12, 0x15, 0x0a, 0x11, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d,
- 0x5f, 0x45, 0x43, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x10, 0x05, 0x2a, 0x56, 0x0a, 0x09, 0x4b, 0x65,
- 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x45, 0x59, 0x5f, 0x53,
- 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45,
- 0x44, 0x10, 0x00, 0x12, 0x15, 0x0a, 0x11, 0x4b, 0x45, 0x59, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55,
- 0x53, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x56, 0x45, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x4b, 0x45,
- 0x59, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x52, 0x4f, 0x54, 0x41, 0x54, 0x45, 0x44,
- 0x10, 0x02, 0x2a, 0x94, 0x01, 0x0a, 0x07, 0x4b, 0x65, 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x18,
- 0x0a, 0x14, 0x4b, 0x45, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45,
- 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x45, 0x59, 0x5f,
- 0x4d, 0x4f, 0x44, 0x45, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47, 0x5f, 0x52, 0x4f, 0x4f, 0x54,
- 0x5f, 0x4b, 0x45, 0x59, 0x10, 0x01, 0x12, 0x1e, 0x0a, 0x1a, 0x4b, 0x45, 0x59, 0x5f, 0x4d, 0x4f,
- 0x44, 0x45, 0x5f, 0x50, 0x52, 0x4f, 0x56, 0x49, 0x44, 0x45, 0x52, 0x5f, 0x52, 0x4f, 0x4f, 0x54,
- 0x5f, 0x4b, 0x45, 0x59, 0x10, 0x02, 0x12, 0x13, 0x0a, 0x0f, 0x4b, 0x45, 0x59, 0x5f, 0x4d, 0x4f,
- 0x44, 0x45, 0x5f, 0x52, 0x45, 0x4d, 0x4f, 0x54, 0x45, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b,
- 0x45, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x45, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b,
- 0x45, 0x59, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10, 0x04, 0x42, 0x82, 0x01, 0x0a, 0x0a, 0x63, 0x6f,
- 0x6d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x0c, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74,
- 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62,
- 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x64, 0x66, 0x2f, 0x70, 0x6c, 0x61,
- 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x67,
- 0x6f, 0x2f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0xa2, 0x02, 0x03, 0x50, 0x58, 0x58, 0xaa, 0x02,
- 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0xca, 0x02, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79,
- 0xe2, 0x02, 0x12, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74,
- 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x62, 0x06,
- 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+ 0x4e, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x4f, 0x52, 0x10, 0x02,
+ 0x2a, 0x5d, 0x0a, 0x0a, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1b,
+ 0x0a, 0x17, 0x53, 0x4f, 0x55, 0x52, 0x43, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e,
+ 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x18, 0x0a, 0x14, 0x53,
+ 0x4f, 0x55, 0x52, 0x43, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x45, 0x52,
+ 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, 0x18, 0x0a, 0x14, 0x53, 0x4f, 0x55, 0x52, 0x43, 0x45, 0x5f,
+ 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x58, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10, 0x02, 0x2a,
+ 0x88, 0x02, 0x0a, 0x13, 0x4b, 0x61, 0x73, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79,
+ 0x41, 0x6c, 0x67, 0x45, 0x6e, 0x75, 0x6d, 0x12, 0x27, 0x0a, 0x23, 0x4b, 0x41, 0x53, 0x5f, 0x50,
+ 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e,
+ 0x55, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00,
+ 0x12, 0x24, 0x0a, 0x20, 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b,
+ 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x52, 0x53, 0x41, 0x5f,
+ 0x32, 0x30, 0x34, 0x38, 0x10, 0x01, 0x12, 0x24, 0x0a, 0x20, 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55,
+ 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55,
+ 0x4d, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x34, 0x30, 0x39, 0x36, 0x10, 0x02, 0x12, 0x28, 0x0a, 0x24,
+ 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41,
+ 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x53, 0x45, 0x43, 0x50, 0x32,
+ 0x35, 0x36, 0x52, 0x31, 0x10, 0x05, 0x12, 0x28, 0x0a, 0x24, 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55,
+ 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55,
+ 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x53, 0x45, 0x43, 0x50, 0x33, 0x38, 0x34, 0x52, 0x31, 0x10, 0x06,
+ 0x12, 0x28, 0x0a, 0x24, 0x4b, 0x41, 0x53, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b,
+ 0x45, 0x59, 0x5f, 0x41, 0x4c, 0x47, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x53,
+ 0x45, 0x43, 0x50, 0x35, 0x32, 0x31, 0x52, 0x31, 0x10, 0x07, 0x2a, 0x9b, 0x01, 0x0a, 0x09, 0x41,
+ 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x19, 0x0a, 0x15, 0x41, 0x4c, 0x47, 0x4f,
+ 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45,
+ 0x44, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d,
+ 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x41,
+ 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x34, 0x30, 0x39,
+ 0x36, 0x10, 0x02, 0x12, 0x15, 0x0a, 0x11, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d,
+ 0x5f, 0x45, 0x43, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x10, 0x03, 0x12, 0x15, 0x0a, 0x11, 0x41, 0x4c,
+ 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x45, 0x43, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x10,
+ 0x04, 0x12, 0x15, 0x0a, 0x11, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x45,
+ 0x43, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x10, 0x05, 0x2a, 0x56, 0x0a, 0x09, 0x4b, 0x65, 0x79, 0x53,
+ 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x45, 0x59, 0x5f, 0x53, 0x54, 0x41,
+ 0x54, 0x55, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10,
+ 0x00, 0x12, 0x15, 0x0a, 0x11, 0x4b, 0x45, 0x59, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f,
+ 0x41, 0x43, 0x54, 0x49, 0x56, 0x45, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x4b, 0x45, 0x59, 0x5f,
+ 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x52, 0x4f, 0x54, 0x41, 0x54, 0x45, 0x44, 0x10, 0x02,
+ 0x2a, 0x94, 0x01, 0x0a, 0x07, 0x4b, 0x65, 0x79, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x18, 0x0a, 0x14,
+ 0x4b, 0x45, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49,
+ 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x45, 0x59, 0x5f, 0x4d, 0x4f,
+ 0x44, 0x45, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47, 0x5f, 0x52, 0x4f, 0x4f, 0x54, 0x5f, 0x4b,
+ 0x45, 0x59, 0x10, 0x01, 0x12, 0x1e, 0x0a, 0x1a, 0x4b, 0x45, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x45,
+ 0x5f, 0x50, 0x52, 0x4f, 0x56, 0x49, 0x44, 0x45, 0x52, 0x5f, 0x52, 0x4f, 0x4f, 0x54, 0x5f, 0x4b,
+ 0x45, 0x59, 0x10, 0x02, 0x12, 0x13, 0x0a, 0x0f, 0x4b, 0x45, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x45,
+ 0x5f, 0x52, 0x45, 0x4d, 0x4f, 0x54, 0x45, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x45, 0x59,
+ 0x5f, 0x4d, 0x4f, 0x44, 0x45, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59,
+ 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10, 0x04, 0x42, 0x82, 0x01, 0x0a, 0x0a, 0x63, 0x6f, 0x6d, 0x2e,
+ 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x42, 0x0c, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x50,
+ 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x2e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63,
+ 0x6f, 0x6d, 0x2f, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x64, 0x66, 0x2f, 0x70, 0x6c, 0x61, 0x74, 0x66,
+ 0x6f, 0x72, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x67, 0x6f, 0x2f,
+ 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0xa2, 0x02, 0x03, 0x50, 0x58, 0x58, 0xaa, 0x02, 0x06, 0x50,
+ 0x6f, 0x6c, 0x69, 0x63, 0x79, 0xca, 0x02, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0xe2, 0x02,
+ 0x12, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64,
+ 0x61, 0x74, 0x61, 0xea, 0x02, 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x62, 0x06, 0x70, 0x72,
+ 0x6f, 0x74, 0x6f, 0x33,
}
var (
@@ -3114,7 +3256,7 @@ func file_policy_objects_proto_rawDescGZIP() []byte {
}
var file_policy_objects_proto_enumTypes = make([]protoimpl.EnumInfo, 9)
-var file_policy_objects_proto_msgTypes = make([]protoimpl.MessageInfo, 26)
+var file_policy_objects_proto_msgTypes = make([]protoimpl.MessageInfo, 28)
var file_policy_objects_proto_goTypes = []interface{}{
(AttributeRuleTypeEnum)(0), // 0: policy.AttributeRuleTypeEnum
(SubjectMappingOperatorEnum)(0), // 1: policy.SubjectMappingOperatorEnum
@@ -3125,108 +3267,112 @@ var file_policy_objects_proto_goTypes = []interface{}{
(KeyStatus)(0), // 6: policy.KeyStatus
(KeyMode)(0), // 7: policy.KeyMode
(Action_StandardAction)(0), // 8: policy.Action.StandardAction
- (*KeyProviderConfig)(nil), // 9: policy.KeyProviderConfig
- (*Namespace)(nil), // 10: policy.Namespace
- (*Attribute)(nil), // 11: policy.Attribute
- (*Value)(nil), // 12: policy.Value
- (*Action)(nil), // 13: policy.Action
- (*SubjectMapping)(nil), // 14: policy.SubjectMapping
- (*Condition)(nil), // 15: policy.Condition
- (*ConditionGroup)(nil), // 16: policy.ConditionGroup
- (*SubjectSet)(nil), // 17: policy.SubjectSet
- (*SubjectConditionSet)(nil), // 18: policy.SubjectConditionSet
- (*SubjectProperty)(nil), // 19: policy.SubjectProperty
- (*ResourceMappingGroup)(nil), // 20: policy.ResourceMappingGroup
- (*ResourceMapping)(nil), // 21: policy.ResourceMapping
- (*KeyAccessServer)(nil), // 22: policy.KeyAccessServer
- (*Key)(nil), // 23: policy.Key
- (*KasPublicKey)(nil), // 24: policy.KasPublicKey
- (*KasPublicKeySet)(nil), // 25: policy.KasPublicKeySet
- (*PublicKey)(nil), // 26: policy.PublicKey
- (*RegisteredResource)(nil), // 27: policy.RegisteredResource
- (*RegisteredResourceValue)(nil), // 28: policy.RegisteredResourceValue
- (*KasKey)(nil), // 29: policy.KasKey
- (*PublicKeyCtx)(nil), // 30: policy.PublicKeyCtx
- (*PrivateKeyCtx)(nil), // 31: policy.PrivateKeyCtx
- (*AsymmetricKey)(nil), // 32: policy.AsymmetricKey
- (*SymmetricKey)(nil), // 33: policy.SymmetricKey
- (*RegisteredResourceValue_ActionAttributeValue)(nil), // 34: policy.RegisteredResourceValue.ActionAttributeValue
- (*common.Metadata)(nil), // 35: common.Metadata
- (*wrapperspb.BoolValue)(nil), // 36: google.protobuf.BoolValue
+ (*SimpleKasPublicKey)(nil), // 9: policy.SimpleKasPublicKey
+ (*SimpleKasKey)(nil), // 10: policy.SimpleKasKey
+ (*KeyProviderConfig)(nil), // 11: policy.KeyProviderConfig
+ (*Namespace)(nil), // 12: policy.Namespace
+ (*Attribute)(nil), // 13: policy.Attribute
+ (*Value)(nil), // 14: policy.Value
+ (*Action)(nil), // 15: policy.Action
+ (*SubjectMapping)(nil), // 16: policy.SubjectMapping
+ (*Condition)(nil), // 17: policy.Condition
+ (*ConditionGroup)(nil), // 18: policy.ConditionGroup
+ (*SubjectSet)(nil), // 19: policy.SubjectSet
+ (*SubjectConditionSet)(nil), // 20: policy.SubjectConditionSet
+ (*SubjectProperty)(nil), // 21: policy.SubjectProperty
+ (*ResourceMappingGroup)(nil), // 22: policy.ResourceMappingGroup
+ (*ResourceMapping)(nil), // 23: policy.ResourceMapping
+ (*KeyAccessServer)(nil), // 24: policy.KeyAccessServer
+ (*Key)(nil), // 25: policy.Key
+ (*KasPublicKey)(nil), // 26: policy.KasPublicKey
+ (*KasPublicKeySet)(nil), // 27: policy.KasPublicKeySet
+ (*PublicKey)(nil), // 28: policy.PublicKey
+ (*RegisteredResource)(nil), // 29: policy.RegisteredResource
+ (*RegisteredResourceValue)(nil), // 30: policy.RegisteredResourceValue
+ (*KasKey)(nil), // 31: policy.KasKey
+ (*PublicKeyCtx)(nil), // 32: policy.PublicKeyCtx
+ (*PrivateKeyCtx)(nil), // 33: policy.PrivateKeyCtx
+ (*AsymmetricKey)(nil), // 34: policy.AsymmetricKey
+ (*SymmetricKey)(nil), // 35: policy.SymmetricKey
+ (*RegisteredResourceValue_ActionAttributeValue)(nil), // 36: policy.RegisteredResourceValue.ActionAttributeValue
+ (*common.Metadata)(nil), // 37: common.Metadata
+ (*wrapperspb.BoolValue)(nil), // 38: google.protobuf.BoolValue
}
var file_policy_objects_proto_depIdxs = []int32{
- 35, // 0: policy.KeyProviderConfig.metadata:type_name -> common.Metadata
- 36, // 1: policy.Namespace.active:type_name -> google.protobuf.BoolValue
- 35, // 2: policy.Namespace.metadata:type_name -> common.Metadata
- 22, // 3: policy.Namespace.grants:type_name -> policy.KeyAccessServer
- 29, // 4: policy.Namespace.kas_keys:type_name -> policy.KasKey
- 10, // 5: policy.Attribute.namespace:type_name -> policy.Namespace
- 0, // 6: policy.Attribute.rule:type_name -> policy.AttributeRuleTypeEnum
- 12, // 7: policy.Attribute.values:type_name -> policy.Value
- 22, // 8: policy.Attribute.grants:type_name -> policy.KeyAccessServer
- 36, // 9: policy.Attribute.active:type_name -> google.protobuf.BoolValue
- 29, // 10: policy.Attribute.kas_keys:type_name -> policy.KasKey
- 35, // 11: policy.Attribute.metadata:type_name -> common.Metadata
- 11, // 12: policy.Value.attribute:type_name -> policy.Attribute
- 22, // 13: policy.Value.grants:type_name -> policy.KeyAccessServer
- 36, // 14: policy.Value.active:type_name -> google.protobuf.BoolValue
- 14, // 15: policy.Value.subject_mappings:type_name -> policy.SubjectMapping
- 29, // 16: policy.Value.kas_keys:type_name -> policy.KasKey
- 21, // 17: policy.Value.resource_mappings:type_name -> policy.ResourceMapping
- 35, // 18: policy.Value.metadata:type_name -> common.Metadata
- 8, // 19: policy.Action.standard:type_name -> policy.Action.StandardAction
- 35, // 20: policy.Action.metadata:type_name -> common.Metadata
- 12, // 21: policy.SubjectMapping.attribute_value:type_name -> policy.Value
- 18, // 22: policy.SubjectMapping.subject_condition_set:type_name -> policy.SubjectConditionSet
- 13, // 23: policy.SubjectMapping.actions:type_name -> policy.Action
- 35, // 24: policy.SubjectMapping.metadata:type_name -> common.Metadata
- 1, // 25: policy.Condition.operator:type_name -> policy.SubjectMappingOperatorEnum
- 15, // 26: policy.ConditionGroup.conditions:type_name -> policy.Condition
- 2, // 27: policy.ConditionGroup.boolean_operator:type_name -> policy.ConditionBooleanTypeEnum
- 16, // 28: policy.SubjectSet.condition_groups:type_name -> policy.ConditionGroup
- 17, // 29: policy.SubjectConditionSet.subject_sets:type_name -> policy.SubjectSet
- 35, // 30: policy.SubjectConditionSet.metadata:type_name -> common.Metadata
- 35, // 31: policy.ResourceMappingGroup.metadata:type_name -> common.Metadata
- 35, // 32: policy.ResourceMapping.metadata:type_name -> common.Metadata
- 12, // 33: policy.ResourceMapping.attribute_value:type_name -> policy.Value
- 20, // 34: policy.ResourceMapping.group:type_name -> policy.ResourceMappingGroup
- 26, // 35: policy.KeyAccessServer.public_key:type_name -> policy.PublicKey
- 3, // 36: policy.KeyAccessServer.source_type:type_name -> policy.SourceType
- 29, // 37: policy.KeyAccessServer.kas_keys:type_name -> policy.KasKey
- 35, // 38: policy.KeyAccessServer.metadata:type_name -> common.Metadata
- 36, // 39: policy.Key.is_active:type_name -> google.protobuf.BoolValue
- 36, // 40: policy.Key.was_mapped:type_name -> google.protobuf.BoolValue
- 24, // 41: policy.Key.public_key:type_name -> policy.KasPublicKey
- 22, // 42: policy.Key.kas:type_name -> policy.KeyAccessServer
- 35, // 43: policy.Key.metadata:type_name -> common.Metadata
- 4, // 44: policy.KasPublicKey.alg:type_name -> policy.KasPublicKeyAlgEnum
- 24, // 45: policy.KasPublicKeySet.keys:type_name -> policy.KasPublicKey
- 25, // 46: policy.PublicKey.cached:type_name -> policy.KasPublicKeySet
- 28, // 47: policy.RegisteredResource.values:type_name -> policy.RegisteredResourceValue
- 35, // 48: policy.RegisteredResource.metadata:type_name -> common.Metadata
- 27, // 49: policy.RegisteredResourceValue.resource:type_name -> policy.RegisteredResource
- 34, // 50: policy.RegisteredResourceValue.action_attribute_values:type_name -> policy.RegisteredResourceValue.ActionAttributeValue
- 35, // 51: policy.RegisteredResourceValue.metadata:type_name -> common.Metadata
- 32, // 52: policy.KasKey.key:type_name -> policy.AsymmetricKey
- 5, // 53: policy.AsymmetricKey.key_algorithm:type_name -> policy.Algorithm
- 6, // 54: policy.AsymmetricKey.key_status:type_name -> policy.KeyStatus
- 7, // 55: policy.AsymmetricKey.key_mode:type_name -> policy.KeyMode
- 30, // 56: policy.AsymmetricKey.public_key_ctx:type_name -> policy.PublicKeyCtx
- 31, // 57: policy.AsymmetricKey.private_key_ctx:type_name -> policy.PrivateKeyCtx
- 9, // 58: policy.AsymmetricKey.provider_config:type_name -> policy.KeyProviderConfig
- 35, // 59: policy.AsymmetricKey.metadata:type_name -> common.Metadata
- 6, // 60: policy.SymmetricKey.key_status:type_name -> policy.KeyStatus
- 7, // 61: policy.SymmetricKey.key_mode:type_name -> policy.KeyMode
- 9, // 62: policy.SymmetricKey.provider_config:type_name -> policy.KeyProviderConfig
- 35, // 63: policy.SymmetricKey.metadata:type_name -> common.Metadata
- 13, // 64: policy.RegisteredResourceValue.ActionAttributeValue.action:type_name -> policy.Action
- 12, // 65: policy.RegisteredResourceValue.ActionAttributeValue.attribute_value:type_name -> policy.Value
- 35, // 66: policy.RegisteredResourceValue.ActionAttributeValue.metadata:type_name -> common.Metadata
- 67, // [67:67] is the sub-list for method output_type
- 67, // [67:67] is the sub-list for method input_type
- 67, // [67:67] is the sub-list for extension type_name
- 67, // [67:67] is the sub-list for extension extendee
- 0, // [0:67] is the sub-list for field type_name
+ 5, // 0: policy.SimpleKasPublicKey.algorithm:type_name -> policy.Algorithm
+ 9, // 1: policy.SimpleKasKey.public_key:type_name -> policy.SimpleKasPublicKey
+ 37, // 2: policy.KeyProviderConfig.metadata:type_name -> common.Metadata
+ 38, // 3: policy.Namespace.active:type_name -> google.protobuf.BoolValue
+ 37, // 4: policy.Namespace.metadata:type_name -> common.Metadata
+ 24, // 5: policy.Namespace.grants:type_name -> policy.KeyAccessServer
+ 10, // 6: policy.Namespace.kas_keys:type_name -> policy.SimpleKasKey
+ 12, // 7: policy.Attribute.namespace:type_name -> policy.Namespace
+ 0, // 8: policy.Attribute.rule:type_name -> policy.AttributeRuleTypeEnum
+ 14, // 9: policy.Attribute.values:type_name -> policy.Value
+ 24, // 10: policy.Attribute.grants:type_name -> policy.KeyAccessServer
+ 38, // 11: policy.Attribute.active:type_name -> google.protobuf.BoolValue
+ 10, // 12: policy.Attribute.kas_keys:type_name -> policy.SimpleKasKey
+ 37, // 13: policy.Attribute.metadata:type_name -> common.Metadata
+ 13, // 14: policy.Value.attribute:type_name -> policy.Attribute
+ 24, // 15: policy.Value.grants:type_name -> policy.KeyAccessServer
+ 38, // 16: policy.Value.active:type_name -> google.protobuf.BoolValue
+ 16, // 17: policy.Value.subject_mappings:type_name -> policy.SubjectMapping
+ 10, // 18: policy.Value.kas_keys:type_name -> policy.SimpleKasKey
+ 23, // 19: policy.Value.resource_mappings:type_name -> policy.ResourceMapping
+ 37, // 20: policy.Value.metadata:type_name -> common.Metadata
+ 8, // 21: policy.Action.standard:type_name -> policy.Action.StandardAction
+ 37, // 22: policy.Action.metadata:type_name -> common.Metadata
+ 14, // 23: policy.SubjectMapping.attribute_value:type_name -> policy.Value
+ 20, // 24: policy.SubjectMapping.subject_condition_set:type_name -> policy.SubjectConditionSet
+ 15, // 25: policy.SubjectMapping.actions:type_name -> policy.Action
+ 37, // 26: policy.SubjectMapping.metadata:type_name -> common.Metadata
+ 1, // 27: policy.Condition.operator:type_name -> policy.SubjectMappingOperatorEnum
+ 17, // 28: policy.ConditionGroup.conditions:type_name -> policy.Condition
+ 2, // 29: policy.ConditionGroup.boolean_operator:type_name -> policy.ConditionBooleanTypeEnum
+ 18, // 30: policy.SubjectSet.condition_groups:type_name -> policy.ConditionGroup
+ 19, // 31: policy.SubjectConditionSet.subject_sets:type_name -> policy.SubjectSet
+ 37, // 32: policy.SubjectConditionSet.metadata:type_name -> common.Metadata
+ 37, // 33: policy.ResourceMappingGroup.metadata:type_name -> common.Metadata
+ 37, // 34: policy.ResourceMapping.metadata:type_name -> common.Metadata
+ 14, // 35: policy.ResourceMapping.attribute_value:type_name -> policy.Value
+ 22, // 36: policy.ResourceMapping.group:type_name -> policy.ResourceMappingGroup
+ 28, // 37: policy.KeyAccessServer.public_key:type_name -> policy.PublicKey
+ 3, // 38: policy.KeyAccessServer.source_type:type_name -> policy.SourceType
+ 10, // 39: policy.KeyAccessServer.kas_keys:type_name -> policy.SimpleKasKey
+ 37, // 40: policy.KeyAccessServer.metadata:type_name -> common.Metadata
+ 38, // 41: policy.Key.is_active:type_name -> google.protobuf.BoolValue
+ 38, // 42: policy.Key.was_mapped:type_name -> google.protobuf.BoolValue
+ 26, // 43: policy.Key.public_key:type_name -> policy.KasPublicKey
+ 24, // 44: policy.Key.kas:type_name -> policy.KeyAccessServer
+ 37, // 45: policy.Key.metadata:type_name -> common.Metadata
+ 4, // 46: policy.KasPublicKey.alg:type_name -> policy.KasPublicKeyAlgEnum
+ 26, // 47: policy.KasPublicKeySet.keys:type_name -> policy.KasPublicKey
+ 27, // 48: policy.PublicKey.cached:type_name -> policy.KasPublicKeySet
+ 30, // 49: policy.RegisteredResource.values:type_name -> policy.RegisteredResourceValue
+ 37, // 50: policy.RegisteredResource.metadata:type_name -> common.Metadata
+ 29, // 51: policy.RegisteredResourceValue.resource:type_name -> policy.RegisteredResource
+ 36, // 52: policy.RegisteredResourceValue.action_attribute_values:type_name -> policy.RegisteredResourceValue.ActionAttributeValue
+ 37, // 53: policy.RegisteredResourceValue.metadata:type_name -> common.Metadata
+ 34, // 54: policy.KasKey.key:type_name -> policy.AsymmetricKey
+ 5, // 55: policy.AsymmetricKey.key_algorithm:type_name -> policy.Algorithm
+ 6, // 56: policy.AsymmetricKey.key_status:type_name -> policy.KeyStatus
+ 7, // 57: policy.AsymmetricKey.key_mode:type_name -> policy.KeyMode
+ 32, // 58: policy.AsymmetricKey.public_key_ctx:type_name -> policy.PublicKeyCtx
+ 33, // 59: policy.AsymmetricKey.private_key_ctx:type_name -> policy.PrivateKeyCtx
+ 11, // 60: policy.AsymmetricKey.provider_config:type_name -> policy.KeyProviderConfig
+ 37, // 61: policy.AsymmetricKey.metadata:type_name -> common.Metadata
+ 6, // 62: policy.SymmetricKey.key_status:type_name -> policy.KeyStatus
+ 7, // 63: policy.SymmetricKey.key_mode:type_name -> policy.KeyMode
+ 11, // 64: policy.SymmetricKey.provider_config:type_name -> policy.KeyProviderConfig
+ 37, // 65: policy.SymmetricKey.metadata:type_name -> common.Metadata
+ 15, // 66: policy.RegisteredResourceValue.ActionAttributeValue.action:type_name -> policy.Action
+ 14, // 67: policy.RegisteredResourceValue.ActionAttributeValue.attribute_value:type_name -> policy.Value
+ 37, // 68: policy.RegisteredResourceValue.ActionAttributeValue.metadata:type_name -> common.Metadata
+ 69, // [69:69] is the sub-list for method output_type
+ 69, // [69:69] is the sub-list for method input_type
+ 69, // [69:69] is the sub-list for extension type_name
+ 69, // [69:69] is the sub-list for extension extendee
+ 0, // [0:69] is the sub-list for field type_name
}
func init() { file_policy_objects_proto_init() }
@@ -3236,7 +3382,7 @@ func file_policy_objects_proto_init() {
}
if !protoimpl.UnsafeEnabled {
file_policy_objects_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*KeyProviderConfig); i {
+ switch v := v.(*SimpleKasPublicKey); i {
case 0:
return &v.state
case 1:
@@ -3248,7 +3394,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*Namespace); i {
+ switch v := v.(*SimpleKasKey); i {
case 0:
return &v.state
case 1:
@@ -3260,7 +3406,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*Attribute); i {
+ switch v := v.(*KeyProviderConfig); i {
case 0:
return &v.state
case 1:
@@ -3272,7 +3418,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*Value); i {
+ switch v := v.(*Namespace); i {
case 0:
return &v.state
case 1:
@@ -3284,7 +3430,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*Action); i {
+ switch v := v.(*Attribute); i {
case 0:
return &v.state
case 1:
@@ -3296,7 +3442,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*SubjectMapping); i {
+ switch v := v.(*Value); i {
case 0:
return &v.state
case 1:
@@ -3308,7 +3454,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*Condition); i {
+ switch v := v.(*Action); i {
case 0:
return &v.state
case 1:
@@ -3320,7 +3466,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*ConditionGroup); i {
+ switch v := v.(*SubjectMapping); i {
case 0:
return &v.state
case 1:
@@ -3332,7 +3478,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*SubjectSet); i {
+ switch v := v.(*Condition); i {
case 0:
return &v.state
case 1:
@@ -3344,7 +3490,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*SubjectConditionSet); i {
+ switch v := v.(*ConditionGroup); i {
case 0:
return &v.state
case 1:
@@ -3356,7 +3502,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*SubjectProperty); i {
+ switch v := v.(*SubjectSet); i {
case 0:
return &v.state
case 1:
@@ -3368,7 +3514,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*ResourceMappingGroup); i {
+ switch v := v.(*SubjectConditionSet); i {
case 0:
return &v.state
case 1:
@@ -3380,7 +3526,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*ResourceMapping); i {
+ switch v := v.(*SubjectProperty); i {
case 0:
return &v.state
case 1:
@@ -3392,7 +3538,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*KeyAccessServer); i {
+ switch v := v.(*ResourceMappingGroup); i {
case 0:
return &v.state
case 1:
@@ -3404,7 +3550,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*Key); i {
+ switch v := v.(*ResourceMapping); i {
case 0:
return &v.state
case 1:
@@ -3416,7 +3562,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*KasPublicKey); i {
+ switch v := v.(*KeyAccessServer); i {
case 0:
return &v.state
case 1:
@@ -3428,7 +3574,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*KasPublicKeySet); i {
+ switch v := v.(*Key); i {
case 0:
return &v.state
case 1:
@@ -3440,7 +3586,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*PublicKey); i {
+ switch v := v.(*KasPublicKey); i {
case 0:
return &v.state
case 1:
@@ -3452,7 +3598,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*RegisteredResource); i {
+ switch v := v.(*KasPublicKeySet); i {
case 0:
return &v.state
case 1:
@@ -3464,7 +3610,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*RegisteredResourceValue); i {
+ switch v := v.(*PublicKey); i {
case 0:
return &v.state
case 1:
@@ -3476,7 +3622,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*KasKey); i {
+ switch v := v.(*RegisteredResource); i {
case 0:
return &v.state
case 1:
@@ -3488,7 +3634,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*PublicKeyCtx); i {
+ switch v := v.(*RegisteredResourceValue); i {
case 0:
return &v.state
case 1:
@@ -3500,7 +3646,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*PrivateKeyCtx); i {
+ switch v := v.(*KasKey); i {
case 0:
return &v.state
case 1:
@@ -3512,7 +3658,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*AsymmetricKey); i {
+ switch v := v.(*PublicKeyCtx); i {
case 0:
return &v.state
case 1:
@@ -3524,7 +3670,7 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} {
- switch v := v.(*SymmetricKey); i {
+ switch v := v.(*PrivateKeyCtx); i {
case 0:
return &v.state
case 1:
@@ -3536,6 +3682,30 @@ func file_policy_objects_proto_init() {
}
}
file_policy_objects_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} {
+ switch v := v.(*AsymmetricKey); i {
+ case 0:
+ return &v.state
+ case 1:
+ return &v.sizeCache
+ case 2:
+ return &v.unknownFields
+ default:
+ return nil
+ }
+ }
+ file_policy_objects_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} {
+ switch v := v.(*SymmetricKey); i {
+ case 0:
+ return &v.state
+ case 1:
+ return &v.sizeCache
+ case 2:
+ return &v.unknownFields
+ default:
+ return nil
+ }
+ }
+ file_policy_objects_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*RegisteredResourceValue_ActionAttributeValue); i {
case 0:
return &v.state
@@ -3548,11 +3718,11 @@ func file_policy_objects_proto_init() {
}
}
}
- file_policy_objects_proto_msgTypes[4].OneofWrappers = []interface{}{
+ file_policy_objects_proto_msgTypes[6].OneofWrappers = []interface{}{
(*Action_Standard)(nil),
(*Action_Custom)(nil),
}
- file_policy_objects_proto_msgTypes[17].OneofWrappers = []interface{}{
+ file_policy_objects_proto_msgTypes[19].OneofWrappers = []interface{}{
(*PublicKey_Remote)(nil),
(*PublicKey_Cached)(nil),
}
@@ -3562,7 +3732,7 @@ func file_policy_objects_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_policy_objects_proto_rawDesc,
NumEnums: 9,
- NumMessages: 26,
+ NumMessages: 28,
NumExtensions: 0,
NumServices: 0,
},
diff --git a/service/integration/attribute_fqns_test.go b/service/integration/attribute_fqns_test.go
index f241d10941..8ac32ae088 100644
--- a/service/integration/attribute_fqns_test.go
+++ b/service/integration/attribute_fqns_test.go
@@ -2,6 +2,7 @@ package integration
import (
"context"
+ "encoding/base64"
"fmt"
"log/slog"
"strings"
@@ -233,7 +234,11 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeDefKeysAssociated
s.NotNil(attr)
fullFqn := fqnBuilder(namespace, attributeName, "")
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKeyFixture := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{
+ Id: kasKeyFixture.ID,
+ })
+ s.Require().NoError(err)
attr, err = s.db.PolicyClient.GetAttributeByFqn(s.ctx, fullFqn)
s.Require().NoError(err)
@@ -241,7 +246,7 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeDefKeysAssociated
keyResp, err := s.db.PolicyClient.AssignPublicKeyToAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: attr.GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(keyResp)
@@ -251,16 +256,13 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeDefKeysAssociated
// Key checks
s.Len(attr.GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, attr.GetKasKeys()[0].GetKasId())
- s.Equal(kasKey.ID, attr.GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey.PublicKeyCtx), attr.GetKasKeys()[0])
- s.Empty(attr.GetKasKeys()[0].GetKey().GetProviderConfig())
- s.Empty(attr.GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
+ s.Equal(kasKey.GetKey().GetKeyId(), attr.GetKasKeys()[0].GetPublicKey().GetKid())
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetKasKeys()[0])
// Remove association
_, err = s.db.PolicyClient.RemovePublicKeyFromAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: attr.GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
@@ -275,7 +277,13 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeDefKeysAssociated
func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeValueKeysAssociated() {
fqnFixtureKey := "example.net/attr/attr1"
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKeyFixture := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{
+ Id: kasKeyFixture.ID,
+ })
+ s.Require().NoError(err)
+ s.NotNil(kasKey)
+
fullFqn := "https://" + fqnFixtureKey
attr, err := s.db.PolicyClient.GetAttributeByFqn(s.ctx, fullFqn)
@@ -291,7 +299,7 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeValueKeysAssociat
// Associate key with attribute.
keyResp, err := s.db.PolicyClient.AssignPublicKeyToValue(s.ctx, &attributes.ValueKey{
ValueId: attr.GetValues()[0].GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(keyResp)
@@ -299,7 +307,7 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeValueKeysAssociat
// Associate value 2 with the same key
keyResp, err = s.db.PolicyClient.AssignPublicKeyToValue(s.ctx, &attributes.ValueKey{
ValueId: attr.GetValues()[1].GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(keyResp)
@@ -314,15 +322,11 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeValueKeysAssociat
s.Empty(attr.GetKasKeys())
for _, v := range attr.GetValues() {
s.Len(v.GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, v.GetKasKeys()[0].GetKasId())
- s.Equal(kasKey.ID, v.GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey.PublicKeyCtx), v.GetKasKeys()[0])
- s.Empty(v.GetKasKeys()[0].GetKey().GetProviderConfig())
- s.Empty(v.GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
+ validateSimpleKasKey(&s.Suite, kasKey, v.GetKasKeys()[0])
_, err = s.db.PolicyClient.RemovePublicKeyFromValue(s.ctx, &attributes.ValueKey{
ValueId: v.GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
}
@@ -330,7 +334,11 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithAttributeValueKeysAssociat
func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedWithNamespace() {
fqnFixtureKey := "example.net/attr/attr1"
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKeyFixture := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{
+ Id: kasKeyFixture.ID,
+ })
+ s.Require().NoError(err)
fullFqn := "https://" + fqnFixtureKey
attr, err := s.db.PolicyClient.GetAttributeByFqn(s.ctx, fullFqn)
@@ -343,7 +351,7 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedWithNamespac
// Associate key with attribute.
keyResp, err := s.db.PolicyClient.AssignPublicKeyToNamespace(s.ctx, &namespaces.NamespaceKey{
NamespaceId: attr.GetNamespace().GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(keyResp)
@@ -357,15 +365,11 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedWithNamespac
// Key checks
s.Empty(attr.GetKasKeys())
s.Len(attr.GetNamespace().GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, attr.GetNamespace().GetKasKeys()[0].GetKasId())
- s.Equal(kasKey.ID, attr.GetNamespace().GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey.PublicKeyCtx), attr.GetNamespace().GetKasKeys()[0])
- s.Empty(attr.GetNamespace().GetKasKeys()[0].GetKey().GetProviderConfig())
- s.Empty(attr.GetNamespace().GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetNamespace().GetKasKeys()[0])
_, err = s.db.PolicyClient.RemovePublicKeyFromNamespace(s.ctx, &namespaces.NamespaceKey{
NamespaceId: attr.GetNamespace().GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
}
@@ -373,11 +377,21 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedWithNamespac
func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedAttributes_MultipleAttributes() {
fqnFixtureKey := "example.net/attr/attr1"
fqnFixtureKeyTwo := "example.net/attr/attr2"
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
- kasKey2 := s.f.GetKasRegistryServerKeys("kas_key_2")
fullFqn := "https://" + fqnFixtureKey
fullFqn2 := "https://" + fqnFixtureKeyTwo
+ kasKeyFixture1 := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{
+ Id: kasKeyFixture1.ID,
+ })
+ s.Require().NoError(err)
+
+ kasKeyFixture2 := s.f.GetKasRegistryServerKeys("kas_key_2")
+ kasKey2, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{
+ Id: kasKeyFixture2.ID,
+ })
+ s.Require().NoError(err)
+
attr, err := s.db.PolicyClient.GetAttributeByFqn(s.ctx, fullFqn)
s.Require().NoError(err)
s.Len(attr.GetValues(), 2)
@@ -386,7 +400,7 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedAttributes_M
// Associate key with attribute.
keyResp, err := s.db.PolicyClient.AssignPublicKeyToAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: attr.GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(keyResp)
@@ -399,7 +413,7 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedAttributes_M
// Associate key with attribute.
keyResp, err = s.db.PolicyClient.AssignPublicKeyToAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: attr.GetId(),
- KeyId: kasKey2.ID,
+ KeyId: kasKey2.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(keyResp)
@@ -409,32 +423,24 @@ func (s *AttributeFqnSuite) TestGetAttributeByFqn_WithKeysAssociatedAttributes_M
attrOneID := attr.GetId()
s.Require().NoError(err)
s.Len(attr.GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, attr.GetKasKeys()[0].GetKasId())
- s.Equal(kasKey.ID, attr.GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey.PublicKeyCtx), attr.GetKasKeys()[0])
- s.Empty(attr.GetKasKeys()[0].GetKey().GetProviderConfig())
- s.Empty(attr.GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetKasKeys()[0])
// Get attribute 2
attr, err = s.db.PolicyClient.GetAttributeByFqn(s.ctx, fullFqn2)
attrTwoID := attr.GetId()
s.Require().NoError(err)
s.Len(attr.GetKasKeys(), 1)
- s.Equal(kasKey2.KeyAccessServerID, attr.GetKasKeys()[0].GetKasId())
- s.Equal(kasKey2.ID, attr.GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey2.PublicKeyCtx), attr.GetKasKeys()[0])
- s.Empty(attr.GetKasKeys()[0].GetKey().GetProviderConfig())
- s.Empty(attr.GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
+ validateSimpleKasKey(&s.Suite, kasKey2, attr.GetKasKeys()[0])
_, err = s.db.PolicyClient.RemovePublicKeyFromAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: attrOneID,
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
_, err = s.db.PolicyClient.RemovePublicKeyFromAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: attrTwoID,
- KeyId: kasKey2.ID,
+ KeyId: kasKey2.GetKey().GetId(),
})
s.Require().NoError(err)
}
@@ -1670,12 +1676,10 @@ func (s *AttributeFqnSuite) TestGetAttributesByValueFqns_Fails_WithNonValueFqns(
}
func (s *AttributeFqnSuite) TestGetAttributeByValueFqns_KAS_Keys_Returned() {
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
- fqn := "https://keys.com/attr/kas-key/value/key1"
-
- kasReg, err := s.db.PolicyClient.GetKeyAccessServer(s.ctx, kasKey.KeyAccessServerID)
+ kasKeyFixture := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{Id: kasKeyFixture.ID})
s.Require().NoError(err)
- s.NotNil(kasReg)
+ fqn := "https://keys.com/attr/kas-key/value/key1"
// Create New Namespace
ns, err := s.db.PolicyClient.CreateNamespace(s.ctx, &namespaces.CreateNamespaceRequest{Name: "keys.com"})
@@ -1695,7 +1699,7 @@ func (s *AttributeFqnSuite) TestGetAttributeByValueFqns_KAS_Keys_Returned() {
// Assign Kas Key to namespace
nsKey, err := s.db.PolicyClient.AssignPublicKeyToNamespace(s.ctx, &namespaces.NamespaceKey{
NamespaceId: ns.GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(nsKey)
@@ -1712,14 +1716,13 @@ func (s *AttributeFqnSuite) TestGetAttributeByValueFqns_KAS_Keys_Returned() {
s.Len(attr.GetAttribute().GetNamespace().GetKasKeys(), 1)
s.Empty(attr.GetAttribute().GetKasKeys())
s.Empty(attr.GetValue().GetKasKeys())
- s.Equal(kasKey.KeyAccessServerID, attr.GetAttribute().GetNamespace().GetKasKeys()[0].GetKasId())
- s.Equal(kasReg.GetUri(), attr.GetAttribute().GetNamespace().GetKasKeys()[0].GetKasUri())
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetAttribute().GetNamespace().GetKasKeys()[0])
}
// Assign Kas Key to Attribute
attrKey, err := s.db.PolicyClient.AssignPublicKeyToAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: attr.GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(attrKey)
@@ -1736,16 +1739,14 @@ func (s *AttributeFqnSuite) TestGetAttributeByValueFqns_KAS_Keys_Returned() {
s.Len(attr.GetAttribute().GetNamespace().GetKasKeys(), 1)
s.Len(attr.GetAttribute().GetKasKeys(), 1)
s.Empty(attr.GetValue().GetKasKeys())
- s.Equal(kasKey.KeyAccessServerID, attr.GetAttribute().GetNamespace().GetKasKeys()[0].GetKasId())
- s.Equal(kasReg.GetUri(), attr.GetAttribute().GetNamespace().GetKasKeys()[0].GetKasUri())
- s.Equal(kasKey.KeyAccessServerID, attr.GetAttribute().GetKasKeys()[0].GetKasId())
- s.Equal(kasReg.GetUri(), attr.GetAttribute().GetKasKeys()[0].GetKasUri())
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetAttribute().GetNamespace().GetKasKeys()[0])
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetAttribute().GetKasKeys()[0])
}
// Assign Kas Key to Value
valueKey, err := s.db.PolicyClient.AssignPublicKeyToValue(s.ctx, &attributes.ValueKey{
ValueId: attr.GetValues()[0].GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(valueKey)
@@ -1762,15 +1763,22 @@ func (s *AttributeFqnSuite) TestGetAttributeByValueFqns_KAS_Keys_Returned() {
s.Len(attr.GetAttribute().GetNamespace().GetKasKeys(), 1)
s.Len(attr.GetAttribute().GetKasKeys(), 1)
s.Len(attr.GetValue().GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, attr.GetAttribute().GetNamespace().GetKasKeys()[0].GetKasId())
- s.Equal(kasReg.GetUri(), attr.GetAttribute().GetNamespace().GetKasKeys()[0].GetKasUri())
- s.Equal(kasKey.KeyAccessServerID, attr.GetAttribute().GetKasKeys()[0].GetKasId())
- s.Equal(kasReg.GetUri(), attr.GetAttribute().GetKasKeys()[0].GetKasUri())
- s.Equal(kasKey.KeyAccessServerID, attr.GetValue().GetKasKeys()[0].GetKasId())
- s.Equal(kasReg.GetUri(), attr.GetValue().GetKasKeys()[0].GetKasUri())
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetAttribute().GetNamespace().GetKasKeys()[0])
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetAttribute().GetKasKeys()[0])
+ validateSimpleKasKey(&s.Suite, kasKey, attr.GetValue().GetKasKeys()[0])
}
}
+func validateSimpleKasKey(s *suite.Suite, expected *policy.KasKey, actual *policy.SimpleKasKey) {
+ s.Equal(expected.GetKey().GetKeyId(), actual.GetPublicKey().GetKid())
+ s.Equal(expected.GetKasUri(), actual.GetKasUri())
+ s.Equal(expected.GetKey().GetKeyAlgorithm(), actual.GetPublicKey().GetAlgorithm())
+ s.Equal(expected.GetKasId(), actual.GetKasId())
+ unbase64EncodedPem, err := base64.StdEncoding.DecodeString(expected.GetKey().GetPublicKeyCtx().GetPem())
+ s.Require().NoError(err)
+ s.Equal(string(unbase64EncodedPem), actual.GetPublicKey().GetPem())
+}
+
func (s *AttributeFqnSuite) bigTestSetup(namespaceName string) bigSetup {
// create a new namespace
ns, err := s.db.PolicyClient.CreateNamespace(s.ctx, &namespaces.CreateNamespaceRequest{
diff --git a/service/integration/attribute_values_test.go b/service/integration/attribute_values_test.go
index 513bc8e798..d9a7e55894 100644
--- a/service/integration/attribute_values_test.go
+++ b/service/integration/attribute_values_test.go
@@ -1078,10 +1078,12 @@ func (s *AttributeValuesSuite) Test_AssignPublicKeyToAttributeValue_Succeeds() {
s.NotNil(gotAttrValue)
s.Empty(gotAttrValue.GetKasKeys())
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKeyFixture := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{Id: kasKeyFixture.ID})
+ s.Require().NoError(err)
resp, err := s.db.PolicyClient.AssignPublicKeyToValue(s.ctx, &attributes.ValueKey{
ValueId: gotAttrValue.GetId(),
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(resp)
@@ -1092,22 +1094,11 @@ func (s *AttributeValuesSuite) Test_AssignPublicKeyToAttributeValue_Succeeds() {
s.Require().NoError(err)
s.NotNil(gotAttrValue)
s.Len(gotAttrValue.GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, gotAttrValue.GetKasKeys()[0].GetKasId())
- s.Equal(kasKey.ID, gotAttrValue.GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey.PublicKeyCtx), gotAttrValue.GetKasKeys()[0])
- s.Empty(gotAttrValue.GetKasKeys()[0].GetKey().GetProviderConfig())
- s.Empty(gotAttrValue.GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
-
- // Get the kas server information associated with the key
- kasReg, err := s.db.PolicyClient.GetKeyAccessServer(s.ctx, kasKey.KeyAccessServerID)
- s.Require().NoError(err)
- s.NotNil(kasReg)
-
- s.Equal(kasReg.GetUri(), gotAttrValue.GetKasKeys()[0].GetKasUri())
+ validateSimpleKasKey(&s.Suite, kasKey, gotAttrValue.GetKasKeys()[0])
resp, err = s.db.PolicyClient.RemovePublicKeyFromValue(s.ctx, &attributes.ValueKey{
ValueId: gotAttrValue.GetId(),
- KeyId: gotAttrValue.GetKasKeys()[0].GetKey().GetId(),
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(resp)
diff --git a/service/integration/attributes_test.go b/service/integration/attributes_test.go
index f8bf357a26..b3618a40d3 100644
--- a/service/integration/attributes_test.go
+++ b/service/integration/attributes_test.go
@@ -1413,10 +1413,14 @@ func (s *AttributesSuite) Test_AssociatePublicKeyToAttribute_Succeeds() {
s.Require().NoError(err)
s.NotNil(gotAttr)
s.Empty(gotAttr.GetKasKeys())
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKeyFixture := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{
+ Id: kasKeyFixture.ID,
+ })
+ s.Require().NoError(err)
resp, err := s.db.PolicyClient.AssignPublicKeyToAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: s.f.GetAttributeKey("example.com/attr/attr1").ID,
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(resp)
@@ -1426,18 +1430,7 @@ func (s *AttributesSuite) Test_AssociatePublicKeyToAttribute_Succeeds() {
s.NotNil(gotAttr)
s.Len(gotAttr.GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, gotAttr.GetKasKeys()[0].GetKasId())
- s.Equal(kasKey.ID, gotAttr.GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey.PublicKeyCtx), gotAttr.GetKasKeys()[0])
- s.Empty(gotAttr.GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
- s.Empty(gotAttr.GetKasKeys()[0].GetKey().GetProviderConfig())
-
- // Get the kas server information associated with the key
- kasReg, err := s.db.PolicyClient.GetKeyAccessServer(s.ctx, kasKey.KeyAccessServerID)
- s.Require().NoError(err)
- s.NotNil(kasReg)
-
- s.Equal(kasReg.GetUri(), gotAttr.GetKasKeys()[0].GetKasUri())
+ validateSimpleKasKey(&s.Suite, kasKey, gotAttr.GetKasKeys()[0])
resp, err = s.db.PolicyClient.RemovePublicKeyFromAttribute(s.ctx, &attributes.AttributeKey{
AttributeId: resp.GetAttributeId(),
diff --git a/service/integration/kas_registry_key_test.go b/service/integration/kas_registry_key_test.go
index 3203e5f8e7..89f1ebf706 100644
--- a/service/integration/kas_registry_key_test.go
+++ b/service/integration/kas_registry_key_test.go
@@ -469,13 +469,15 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Multiple_Attributes_Values_Namespac
updatedNs, err := s.db.PolicyClient.GetNamespace(s.ctx, namespaceMap[rotateKey][0].GetId())
s.Require().NoError(err)
s.Len(updatedNs.GetKasKeys(), 1)
- s.Equal(rotatedInKey.GetKasKey().GetKey().GetId(), updatedNs.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(rotatedInKey.GetKasKey().GetKey().GetKeyId(), updatedNs.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(rotatedInKey.GetKasKey().GetKasUri(), updatedNs.GetKasKeys()[0].GetKasUri())
// Verify that namespace which was assigned a key that was not rotated is still intact
nonUpdatedNs, err := s.db.PolicyClient.GetNamespace(s.ctx, namespaceMap[nonRotateKey][0].GetId())
s.Require().NoError(err)
s.Len(nonUpdatedNs.GetKasKeys(), 1)
- s.Equal(keyMap[nonRotateKey].GetKey().GetId(), nonUpdatedNs.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(keyMap[nonRotateKey].GetKey().GetKeyId(), nonUpdatedNs.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(keyMap[nonRotateKey].GetKasUri(), nonUpdatedNs.GetKasKeys()[0].GetKasUri())
// Verify that attribute has the new key
updatedAttr, err := s.db.PolicyClient.GetAttribute(s.ctx, &attributes.GetAttributeRequest_AttributeId{
@@ -483,7 +485,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Multiple_Attributes_Values_Namespac
})
s.Require().NoError(err)
s.Len(updatedAttr.GetKasKeys(), 1)
- s.Equal(rotatedInKey.GetKasKey().GetKey().GetId(), updatedAttr.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(rotatedInKey.GetKasKey().GetKey().GetKeyId(), updatedAttr.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(rotatedInKey.GetKasKey().GetKasUri(), updatedAttr.GetKasKeys()[0].GetKasUri())
// Verify that attribute definition which was assigned a key that was not rotated is still intact
nonUpdatedAttr, err := s.db.PolicyClient.GetAttribute(s.ctx, &attributes.GetAttributeRequest_AttributeId{
@@ -491,7 +494,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Multiple_Attributes_Values_Namespac
})
s.Require().NoError(err)
s.Len(nonUpdatedAttr.GetKasKeys(), 1)
- s.Equal(keyMap[nonRotateKey].GetKey().GetId(), nonUpdatedAttr.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(keyMap[nonRotateKey].GetKey().GetKeyId(), nonUpdatedAttr.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(keyMap[nonRotateKey].GetKasUri(), nonUpdatedAttr.GetKasKeys()[0].GetKasUri())
// Verify that attribute value has the new key
attrValue, err := s.db.PolicyClient.GetAttributeValue(s.ctx, &attributes.GetAttributeValueRequest_ValueId{
@@ -499,7 +503,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Multiple_Attributes_Values_Namespac
})
s.Require().NoError(err)
s.Len(attrValue.GetKasKeys(), 1)
- s.Equal(rotatedInKey.GetKasKey().GetKey().GetId(), attrValue.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(rotatedInKey.GetKasKey().GetKey().GetKeyId(), attrValue.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(rotatedInKey.GetKasKey().GetKasUri(), attrValue.GetKasKeys()[0].GetKasUri())
// Verify that attribute value which was assigned a key that was not rotated is still intact
nonUpdatedAttrValue, err := s.db.PolicyClient.GetAttributeValue(s.ctx, &attributes.GetAttributeValueRequest_ValueId{
@@ -507,7 +512,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Multiple_Attributes_Values_Namespac
})
s.Require().NoError(err)
s.Len(nonUpdatedAttrValue.GetKasKeys(), 1)
- s.Equal(keyMap[nonRotateKey].GetKey().GetId(), nonUpdatedAttrValue.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(keyMap[nonRotateKey].GetKey().GetKeyId(), nonUpdatedAttrValue.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(keyMap[nonRotateKey].GetKasUri(), nonUpdatedAttrValue.GetKasKeys()[0].GetKasUri())
}
func (s *KasRegistryKeySuite) Test_RotateKey_Two_Attribute_Two_Namespace_0_AttributeValue_Success() {
@@ -604,7 +610,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Two_Attribute_Two_Namespace_0_Attri
updatedNs, err := s.db.PolicyClient.GetNamespace(s.ctx, ns.GetId())
s.Require().NoError(err)
s.Len(updatedNs.GetKasKeys(), 1)
- s.Equal(rotatedInKey.GetKasKey().GetKey().GetId(), updatedNs.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(rotatedInKey.GetKasKey().GetKey().GetKeyId(), updatedNs.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(rotatedInKey.GetKasKey().GetKasUri(), updatedNs.GetKasKeys()[0].GetKasUri())
}
// Verify that namespace which was assigned a key that was not rotated is still intact
@@ -612,7 +619,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Two_Attribute_Two_Namespace_0_Attri
nonUpdatedNs, err := s.db.PolicyClient.GetNamespace(s.ctx, ns.GetId())
s.Require().NoError(err)
s.Len(nonUpdatedNs.GetKasKeys(), 1)
- s.Equal(keyMap[nonRotateKey].GetKey().GetId(), nonUpdatedNs.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(keyMap[nonRotateKey].GetKey().GetKeyId(), nonUpdatedNs.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(keyMap[nonRotateKey].GetKasUri(), nonUpdatedNs.GetKasKeys()[0].GetKasUri())
}
// Verify that attribute has the new key
@@ -622,7 +630,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Two_Attribute_Two_Namespace_0_Attri
})
s.Require().NoError(err)
s.Len(updatedAttr.GetKasKeys(), 1)
- s.Equal(rotatedInKey.GetKasKey().GetKey().GetId(), updatedAttr.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(rotatedInKey.GetKasKey().GetKey().GetKeyId(), updatedAttr.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(rotatedInKey.GetKasKey().GetKasUri(), updatedAttr.GetKasKeys()[0].GetKasUri())
}
// Verify that attribute definition which was assigned a key that was not rotated is still intact
@@ -632,7 +641,8 @@ func (s *KasRegistryKeySuite) Test_RotateKey_Two_Attribute_Two_Namespace_0_Attri
})
s.Require().NoError(err)
s.Len(nonUpdatedAttr.GetKasKeys(), 1)
- s.Equal(keyMap[nonRotateKey].GetKey().GetId(), nonUpdatedAttr.GetKasKeys()[0].GetKey().GetId())
+ s.Equal(keyMap[nonRotateKey].GetKey().GetKeyId(), nonUpdatedAttr.GetKasKeys()[0].GetPublicKey().GetKid())
+ s.Equal(keyMap[nonRotateKey].GetKasUri(), nonUpdatedAttr.GetKasKeys()[0].GetKasUri())
}
}
@@ -1347,14 +1357,14 @@ func (s *KasRegistryKeySuite) validateListKeysResponse(resp *kasregistry.ListKey
}
}
-func validatePublicKeyCtx(s *suite.Suite, expectedPubCtx []byte, actual *policy.KasKey) {
+func validatePublicKeyCtx(s *suite.Suite, expectedPubCtx []byte, actual *policy.SimpleKasKey) {
decodedExpectedPubCtx, err := base64.StdEncoding.DecodeString(string(expectedPubCtx))
s.Require().NoError(err)
var expectedPub policy.PublicKeyCtx
err = protojson.Unmarshal(decodedExpectedPubCtx, &expectedPub)
s.Require().NoError(err)
- s.Equal(expectedPub.GetPem(), actual.GetKey().GetPublicKeyCtx().GetPem())
+ s.Equal(expectedPub.GetPem(), actual.GetPublicKey().GetPem())
}
func validatePrivatePublicCtx(s *suite.Suite, expectedPrivCtx, expectedPubCtx []byte, actual *policy.KasKey) {
@@ -1367,5 +1377,10 @@ func validatePrivatePublicCtx(s *suite.Suite, expectedPrivCtx, expectedPubCtx []
s.Equal(expectedPriv.GetKeyId(), actual.GetKey().GetPrivateKeyCtx().GetKeyId())
s.Equal(expectedPriv.GetWrappedKey(), actual.GetKey().GetPrivateKeyCtx().GetWrappedKey())
- validatePublicKeyCtx(s, expectedPubCtx, actual)
+ validatePublicKeyCtx(s, expectedPubCtx, &policy.SimpleKasKey{
+ KasUri: actual.GetKasUri(),
+ PublicKey: &policy.SimpleKasPublicKey{
+ Pem: actual.GetKey().GetPublicKeyCtx().GetPem(),
+ },
+ })
}
diff --git a/service/integration/kas_registry_test.go b/service/integration/kas_registry_test.go
index 1842721a8b..a321c71c2d 100644
--- a/service/integration/kas_registry_test.go
+++ b/service/integration/kas_registry_test.go
@@ -1257,14 +1257,16 @@ func (s *KasRegistrySuite) getKasRegistryServerKeysFixtures() []fixtures.Fixture
}
}
-func (s *KasRegistrySuite) getKasToKeysFixtureMap() map[string][]fixtures.FixtureDataKasRegistryKey {
+func (s *KasRegistrySuite) getKasToKeysFixtureMap() map[string][]*policy.KasKey {
// map kas id to keys
- kasToKeys := make(map[string][]fixtures.FixtureDataKasRegistryKey)
+ kasToKeys := make(map[string][]*policy.KasKey)
for _, k := range s.getKasRegistryServerKeysFixtures() {
if kasToKeys[k.KeyAccessServerID] == nil {
- kasToKeys[k.KeyAccessServerID] = make([]fixtures.FixtureDataKasRegistryKey, 0)
+ kasToKeys[k.KeyAccessServerID] = make([]*policy.KasKey, 0)
}
- kasToKeys[k.KeyAccessServerID] = append(kasToKeys[k.KeyAccessServerID], k)
+ key, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{Id: k.ID})
+ s.Require().NoError(err)
+ kasToKeys[k.KeyAccessServerID] = append(kasToKeys[k.KeyAccessServerID], key)
}
return kasToKeys
}
@@ -1272,22 +1274,19 @@ func (s *KasRegistrySuite) getKasToKeysFixtureMap() map[string][]fixtures.Fixtur
func (s *KasRegistrySuite) validateKasRegistryKeys(kasr *policy.KeyAccessServer) {
kasToKeysFixtures := s.getKasToKeysFixtureMap()
// Check that key is present.
- keysFixtureArr := kasToKeysFixtures[kasr.GetId()]
- s.GreaterOrEqual(len(kasr.GetKasKeys()), len(keysFixtureArr))
+ expectedKasKeys := kasToKeysFixtures[kasr.GetId()]
+ s.GreaterOrEqual(len(kasr.GetKasKeys()), len(expectedKasKeys))
// Check for expected key ids.
matchingKeysCount := 0
for _, kasKey := range kasr.GetKasKeys() {
- for _, f := range keysFixtureArr {
- if kasKey.GetKey().GetId() == f.ID {
- s.Equal(f.KeyAccessServerID, kasKey.GetKasId())
- validatePublicKeyCtx(&s.Suite, []byte(f.PublicKeyCtx), kasKey)
- s.Empty(kasKey.GetKey().GetPrivateKeyCtx())
- s.Empty(kasKey.GetKey().GetProviderConfig())
+ for _, f := range expectedKasKeys {
+ if kasKey.GetPublicKey().GetKid() == f.GetKey().GetKeyId() {
+ validateSimpleKasKey(&s.Suite, f, kasKey)
matchingKeysCount++
}
}
}
- s.Len(keysFixtureArr, matchingKeysCount)
+ s.Len(expectedKasKeys, matchingKeysCount)
}
func TestKasRegistrySuite(t *testing.T) {
diff --git a/service/integration/namespaces_test.go b/service/integration/namespaces_test.go
index 9c37ddc8d6..3b31d5b5a1 100644
--- a/service/integration/namespaces_test.go
+++ b/service/integration/namespaces_test.go
@@ -1263,10 +1263,14 @@ func (s *NamespacesSuite) Test_AssociatePublicKeyToNamespace_Succeeds() {
s.NotNil(gotNS)
s.Empty(gotNS.GetKasKeys())
- kasKey := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKeyFixture := s.f.GetKasRegistryServerKeys("kas_key_1")
+ kasKey, err := s.db.PolicyClient.GetKey(s.ctx, &kasregistry.GetKeyRequest_Id{
+ Id: kasKeyFixture.ID,
+ })
+ s.Require().NoError(err)
resp, err := s.db.PolicyClient.AssignPublicKeyToNamespace(s.ctx, &namespaces.NamespaceKey{
NamespaceId: namespaceFix.ID,
- KeyId: kasKey.ID,
+ KeyId: kasKey.GetKey().GetId(),
})
s.Require().NoError(err)
s.NotNil(resp)
@@ -1277,11 +1281,7 @@ func (s *NamespacesSuite) Test_AssociatePublicKeyToNamespace_Succeeds() {
s.Require().NoError(err)
s.NotNil(gotNS)
s.Len(gotNS.GetKasKeys(), 1)
- s.Equal(kasKey.KeyAccessServerID, gotNS.GetKasKeys()[0].GetKasId())
- s.Equal(kasKey.ID, gotNS.GetKasKeys()[0].GetKey().GetId())
- validatePublicKeyCtx(&s.Suite, []byte(kasKey.PublicKeyCtx), gotNS.GetKasKeys()[0])
- s.Empty(gotNS.GetKasKeys()[0].GetKey().GetPrivateKeyCtx())
- s.Empty(gotNS.GetKasKeys()[0].GetKey().GetProviderConfig())
+ validateSimpleKasKey(&s.Suite, kasKey, gotNS.GetKasKeys()[0])
resp, err = s.db.PolicyClient.RemovePublicKeyFromNamespace(s.ctx, &namespaces.NamespaceKey{
NamespaceId: resp.GetNamespaceId(),
diff --git a/service/pkg/db/marshalHelpers.go b/service/pkg/db/marshalHelpers.go
index 5375f9b42b..7c878c9c67 100644
--- a/service/pkg/db/marshalHelpers.go
+++ b/service/pkg/db/marshalHelpers.go
@@ -142,10 +142,30 @@ func FormatAlg(alg policy.Algorithm) (string, error) {
}
}
-func UnmarshalSimpleKasKey(keysJSON []byte) (*kasregistry.SimpleKasKey, error) {
- var key *kasregistry.SimpleKasKey
+func SimpleKasKeysProtoJSON(keysJSON []byte) ([]*policy.SimpleKasKey, error) {
+ var (
+ keys []*policy.SimpleKasKey
+ raw []json.RawMessage
+ )
+ if err := json.Unmarshal(keysJSON, &raw); err != nil {
+ return nil, err
+ }
+ for _, r := range raw {
+ k, err := UnmarshalSimpleKasKey([]byte(r))
+ if err != nil {
+ return nil, fmt.Errorf("failed to unmarshal simple kas key: %w", err)
+ }
+ if k != nil {
+ keys = append(keys, k)
+ }
+ }
+ return keys, nil
+}
+
+func UnmarshalSimpleKasKey(keysJSON []byte) (*policy.SimpleKasKey, error) {
+ var key *policy.SimpleKasKey
if keysJSON != nil {
- key = &kasregistry.SimpleKasKey{}
+ key = &policy.SimpleKasKey{}
if err := protojson.Unmarshal(keysJSON, key); err != nil {
return nil, err
}
diff --git a/service/policy/db/attribute_values.go b/service/policy/db/attribute_values.go
index d4bb8fe492..931377a9b8 100644
--- a/service/policy/db/attribute_values.go
+++ b/service/policy/db/attribute_values.go
@@ -92,9 +92,9 @@ func (c PolicyDBClient) GetAttributeValue(ctx context.Context, identifier any) (
}
}
- var keys []*policy.KasKey
+ var keys []*policy.SimpleKasKey
if av.Keys != nil {
- keys, err = db.KasKeysProtoJSON(av.Keys)
+ keys, err = db.SimpleKasKeysProtoJSON(av.Keys)
if err != nil {
c.logger.ErrorContext(ctx, "could not unmarshal keys", slog.String("error", err.Error()))
return nil, err
diff --git a/service/policy/db/attributes.go b/service/policy/db/attributes.go
index d778df7207..82aff380e3 100644
--- a/service/policy/db/attributes.go
+++ b/service/policy/db/attributes.go
@@ -271,9 +271,9 @@ func (c PolicyDBClient) GetAttribute(ctx context.Context, identifier any) (*poli
return nil, err
}
- var keys []*policy.KasKey
+ var keys []*policy.SimpleKasKey
if len(attr.Keys) > 0 {
- keys, err = db.KasKeysProtoJSON(attr.Keys)
+ keys, err = db.SimpleKasKeysProtoJSON(attr.Keys)
if err != nil {
return nil, fmt.Errorf("failed to unmarshal keys [%s]: %w", string(attr.Keys), err)
}
@@ -310,9 +310,9 @@ func (c PolicyDBClient) ListAttributesByFqns(ctx context.Context, fqns []string)
}
}
- var keys []*policy.KasKey
+ var keys []*policy.SimpleKasKey
if len(attr.Keys) > 0 {
- keys, err = db.KasKeysProtoJSON(attr.Keys)
+ keys, err = db.SimpleKasKeysProtoJSON(attr.Keys)
if err != nil {
return nil, fmt.Errorf("failed to unmarshal keys [%s]: %w", string(attr.Keys), err)
}
diff --git a/service/policy/db/grant_mappings.go b/service/policy/db/grant_mappings.go
index f887457e1a..2ee3fc6b90 100644
--- a/service/policy/db/grant_mappings.go
+++ b/service/policy/db/grant_mappings.go
@@ -1,20 +1,22 @@
package db
import (
- "encoding/base64"
+ "errors"
"fmt"
"github.com/opentdf/platform/protocol/go/policy"
"github.com/opentdf/platform/service/logger"
)
+var errKasInfoIncomplete = errors.New("kas information is incomplete")
+
func mapAlgorithmToKasPublicKeyAlg(alg policy.Algorithm) policy.KasPublicKeyAlgEnum {
switch alg {
case policy.Algorithm_ALGORITHM_RSA_2048:
return policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048
case policy.Algorithm_ALGORITHM_RSA_4096:
return policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_4096
- case policy.Algorithm_ALGORITHM_EC_P256: // ALGORITHM_EC_P256 is an alias
+ case policy.Algorithm_ALGORITHM_EC_P256:
return policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1
case policy.Algorithm_ALGORITHM_EC_P384: // ALGORITHM_EC_P384 is an alias
return policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1
@@ -27,7 +29,7 @@ func mapAlgorithmToKasPublicKeyAlg(alg policy.Algorithm) policy.KasPublicKeyAlgE
}
}
-func mapKasKeysToGrants(keys []*policy.KasKey, existingGrants []*policy.KeyAccessServer, l *logger.Logger) ([]*policy.KeyAccessServer, error) {
+func mapKasKeysToGrants(keys []*policy.SimpleKasKey, existingGrants []*policy.KeyAccessServer, l *logger.Logger) ([]*policy.KeyAccessServer, error) {
kasMap := make(map[string]*policy.KeyAccessServer)
// Populate the map with existing grants
@@ -39,35 +41,25 @@ func mapKasKeysToGrants(keys []*policy.KasKey, existingGrants []*policy.KeyAcces
for _, key := range keys {
if key == nil {
+ l.Debug("Skipping nil key when mapping keys to grants")
continue
}
- kasURI := key.GetKasUri()
- if kasURI == "" {
- // Skip keys without a URI, as it's essential for mapping
- l.Debug("skipping key without URI", "kid", key.GetKey().GetKeyId())
- continue
+ if key.GetKasUri() == "" || key.GetKasId() == "" {
+ return nil, errKasInfoIncomplete
}
- kasKeyInfo := key.GetKey()
+ kasKeyInfo := key.GetPublicKey()
if kasKeyInfo == nil {
- continue
+ return nil, fmt.Errorf("kas key info is nil for a key with kas uri %s", key.GetKasUri())
}
newKasPublicKey := &policy.KasPublicKey{
- Kid: kasKeyInfo.GetKeyId(),
- Alg: mapAlgorithmToKasPublicKeyAlg(kasKeyInfo.GetKeyAlgorithm()),
- }
-
- if pubKeyCtx := kasKeyInfo.GetPublicKeyCtx(); pubKeyCtx != nil {
- // PEM content in PublicKeyCtx is base64 encoded; decode it for KasPublicKey.Pem.
- pem, err := base64.StdEncoding.DecodeString(pubKeyCtx.GetPem())
- if err != nil {
- return nil, fmt.Errorf("failed to decode PEM for key %s: %w", newKasPublicKey.GetKid(), err)
- }
- newKasPublicKey.Pem = string(pem)
+ Kid: kasKeyInfo.GetKid(),
+ Alg: mapAlgorithmToKasPublicKeyAlg(kasKeyInfo.GetAlgorithm()),
+ Pem: kasKeyInfo.GetPem(),
}
- existingKas, found := kasMap[kasURI]
+ existingKas, found := kasMap[key.GetKasUri()]
if found {
// KAS URI already exists, merge/add the public key
if existingKas.GetPublicKey().GetCached() == nil {
@@ -92,7 +84,7 @@ func mapKasKeysToGrants(keys []*policy.KasKey, existingGrants []*policy.KeyAcces
} else {
// New KAS URI, create a new grant
grant := &policy.KeyAccessServer{
- Uri: kasURI,
+ Uri: key.GetKasUri(),
Id: key.GetKasId(),
PublicKey: &policy.PublicKey{
PublicKey: &policy.PublicKey_Cached{
@@ -100,7 +92,7 @@ func mapKasKeysToGrants(keys []*policy.KasKey, existingGrants []*policy.KeyAcces
},
},
}
- kasMap[kasURI] = grant
+ kasMap[key.GetKasUri()] = grant
}
}
diff --git a/service/policy/db/grant_mappings_test.go b/service/policy/db/grant_mappings_test.go
index 503b06cdc7..9297d56864 100644
--- a/service/policy/db/grant_mappings_test.go
+++ b/service/policy/db/grant_mappings_test.go
@@ -1,7 +1,6 @@
package db
import (
- "encoding/base64"
"sort"
"testing"
@@ -13,11 +12,10 @@ import (
func TestMapKasKeysToGrants(t *testing.T) {
validPem := "VALID_PEM_CONTENT"
- validPemB64 := base64.StdEncoding.EncodeToString([]byte(validPem))
tests := []struct {
name string
- keys []*policy.KasKey
+ keys []*policy.SimpleKasKey
existingGrants []*policy.KeyAccessServer
expectedGrants []*policy.KeyAccessServer
wantErr bool
@@ -25,16 +23,16 @@ func TestMapKasKeysToGrants(t *testing.T) {
}{
{
name: "empty keys and empty existing grants",
- keys: []*policy.KasKey{},
+ keys: []*policy.SimpleKasKey{},
existingGrants: []*policy.KeyAccessServer{},
expectedGrants: []*policy.KeyAccessServer{},
wantErr: false,
},
{
name: "new keys only, no existing grants",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
- {KasId: "kas2", KasUri: "http://kas2.example.com", Key: &policy.AsymmetricKey{KeyId: "kid2", KeyAlgorithm: policy.Algorithm_ALGORITHM_EC_P256, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid1", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}},
+ {KasId: "kas2", KasUri: "http://kas2.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid2", Algorithm: policy.Algorithm_ALGORITHM_EC_P256, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{},
expectedGrants: []*policy.KeyAccessServer{
@@ -45,7 +43,7 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "existing grants only, no new keys",
- keys: []*policy.KasKey{},
+ keys: []*policy.SimpleKasKey{},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas1", Uri: "http://kas1.example.com", PublicKey: &policy.PublicKey{PublicKey: &policy.PublicKey_Cached{Cached: &policy.KasPublicKeySet{Keys: []*policy.KasPublicKey{{Kid: "kid_existing", Alg: policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048, Pem: "existing_pem"}}}}}},
},
@@ -56,8 +54,8 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "add new public key to existing grant",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_new", KeyAlgorithm: policy.Algorithm_ALGORITHM_EC_P256, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_new", Algorithm: policy.Algorithm_ALGORITHM_EC_P256, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas1", Uri: "http://kas1.example.com", PublicKey: &policy.PublicKey{PublicKey: &policy.PublicKey_Cached{Cached: &policy.KasPublicKeySet{Keys: []*policy.KasPublicKey{{Kid: "kid_existing", Alg: policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048, Pem: "existing_pem"}}}}}},
@@ -72,9 +70,9 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "add new grant and new public key to existing grant",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_new_for_kas1", KeyAlgorithm: policy.Algorithm_ALGORITHM_EC_P256, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
- {KasId: "kas2", KasUri: "http://kas2.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_for_kas2", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_new_for_kas1", Algorithm: policy.Algorithm_ALGORITHM_EC_P256, Pem: validPem}},
+ {KasId: "kas2", KasUri: "http://kas2.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_for_kas2", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas1", Uri: "http://kas1.example.com", PublicKey: &policy.PublicKey{PublicKey: &policy.PublicKey_Cached{Cached: &policy.KasPublicKeySet{Keys: []*policy.KasPublicKey{{Kid: "kid_existing_for_kas1", Alg: policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048, Pem: "existing_pem"}}}}}},
@@ -90,8 +88,8 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "deduplicate public key by KID",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_existing", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}}, // Same KID as existing
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_existing", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}}, // Same KID as existing
},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas1", Uri: "http://kas1.example.com", PublicKey: &policy.PublicKey{PublicKey: &policy.PublicKey_Cached{Cached: &policy.KasPublicKeySet{Keys: []*policy.KasPublicKey{{Kid: "kid_existing", Alg: policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048, Pem: "existing_pem"}}}}}},
@@ -103,20 +101,11 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
wantErr: false,
},
- {
- name: "invalid base64 PEM",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: "invalid-b64"}}},
- },
- existingGrants: []*policy.KeyAccessServer{},
- wantErr: true,
- errContains: "failed to decode PEM for key kid1",
- },
{
name: "nil key in keys slice",
- keys: []*policy.KasKey{
+ keys: []*policy.SimpleKasKey{
nil,
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid1", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{},
expectedGrants: []*policy.KeyAccessServer{
@@ -125,38 +114,39 @@ func TestMapKasKeysToGrants(t *testing.T) {
wantErr: false,
},
{
- name: "key with nil KasKeyInfo",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: nil},
+ name: "key with nil kas uri",
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid1", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}}, // Nil URI
},
existingGrants: []*policy.KeyAccessServer{},
expectedGrants: []*policy.KeyAccessServer{},
- wantErr: false,
+ wantErr: true,
+ errContains: errKasInfoIncomplete.Error(),
},
{
- name: "key with nil PublicKeyCtx",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: nil}},
+ name: "key with nil kas id",
+ keys: []*policy.SimpleKasKey{
+ {KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid1", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{},
- expectedGrants: []*policy.KeyAccessServer{
- {Id: "kas1", Uri: "http://kas1.example.com", PublicKey: &policy.PublicKey{PublicKey: &policy.PublicKey_Cached{Cached: &policy.KasPublicKeySet{Keys: []*policy.KasPublicKey{{Kid: "kid1", Alg: policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048, Pem: ""}}}}}},
- },
- wantErr: false,
+ expectedGrants: []*policy.KeyAccessServer{},
+ wantErr: true,
+ errContains: errKasInfoIncomplete.Error(),
},
{
- name: "key with empty KasUri",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "", Key: &policy.AsymmetricKey{KeyId: "kid1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ name: "key with nil public key",
+ keys: []*policy.SimpleKasKey{
+ {KasUri: "http://kas1.example.com", KasId: "kas1"},
},
existingGrants: []*policy.KeyAccessServer{},
expectedGrants: []*policy.KeyAccessServer{},
- wantErr: false,
+ wantErr: true,
+ errContains: "kas key info is nil for a key with kas uri http://kas1.example.com",
},
{
name: "existing grant with nil PublicKey",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_new", KeyAlgorithm: policy.Algorithm_ALGORITHM_EC_P256, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_new", Algorithm: policy.Algorithm_ALGORITHM_EC_P256, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas1", Uri: "http://kas1.example.com", PublicKey: nil},
@@ -170,8 +160,8 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "existing grant with PublicKey but nil Cached part",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_new", KeyAlgorithm: policy.Algorithm_ALGORITHM_EC_P256, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_new", Algorithm: policy.Algorithm_ALGORITHM_EC_P256, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas1", Uri: "http://kas1.example.com", PublicKey: &policy.PublicKey{PublicKey: nil}}, // Simulates PublicKey_Cached being nil
@@ -185,8 +175,8 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "nil grant in existingGrants slice",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid1", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{
nil,
@@ -200,8 +190,8 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "existing grant with empty URI",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid1", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas_empty_uri", Uri: "", PublicKey: &policy.PublicKey{PublicKey: &policy.PublicKey_Cached{Cached: &policy.KasPublicKeySet{Keys: []*policy.KasPublicKey{{Kid: "kid_empty", Alg: policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048, Pem: "empty_pem"}}}}}},
@@ -213,9 +203,9 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "multiple keys for the same new KAS URI",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid1_kas1", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid2_kas1", KeyAlgorithm: policy.Algorithm_ALGORITHM_EC_P256, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid1_kas1", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}},
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid2_kas1", Algorithm: policy.Algorithm_ALGORITHM_EC_P256, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{},
expectedGrants: []*policy.KeyAccessServer{
@@ -228,9 +218,9 @@ func TestMapKasKeysToGrants(t *testing.T) {
},
{
name: "multiple keys for the same existing KAS URI, one new, one duplicate KID",
- keys: []*policy.KasKey{
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_existing", KeyAlgorithm: policy.Algorithm_ALGORITHM_RSA_2048, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}}, // Duplicate KID
- {KasId: "kas1", KasUri: "http://kas1.example.com", Key: &policy.AsymmetricKey{KeyId: "kid_new_for_existing", KeyAlgorithm: policy.Algorithm_ALGORITHM_EC_P256, PublicKeyCtx: &policy.PublicKeyCtx{Pem: validPemB64}}},
+ keys: []*policy.SimpleKasKey{
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_existing", Algorithm: policy.Algorithm_ALGORITHM_RSA_2048, Pem: validPem}}, // Duplicate KID
+ {KasId: "kas1", KasUri: "http://kas1.example.com", PublicKey: &policy.SimpleKasPublicKey{Kid: "kid_new_for_existing", Algorithm: policy.Algorithm_ALGORITHM_EC_P256, Pem: validPem}},
},
existingGrants: []*policy.KeyAccessServer{
{Id: "kas1", Uri: "http://kas1.example.com", PublicKey: &policy.PublicKey{PublicKey: &policy.PublicKey_Cached{Cached: &policy.KasPublicKeySet{Keys: []*policy.KasPublicKey{{Kid: "kid_existing", Alg: policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048, Pem: "existing_pem"}}}}}},
diff --git a/service/policy/db/key_access_server_registry.go b/service/policy/db/key_access_server_registry.go
index de94d12aab..9b289d75b6 100644
--- a/service/policy/db/key_access_server_registry.go
+++ b/service/policy/db/key_access_server_registry.go
@@ -57,9 +57,9 @@ func (c PolicyDBClient) ListKeyAccessServers(ctx context.Context, r *kasregistry
return nil, err
}
- var keys []*policy.KasKey
+ var keys []*policy.SimpleKasKey
if len(kas.Keys) > 0 {
- keys, err = db.KasKeysProtoJSON(kas.Keys)
+ keys, err = db.SimpleKasKeysProtoJSON(kas.Keys)
if err != nil {
return nil, errors.New("failed to unmarshal keys")
}
@@ -147,9 +147,9 @@ func (c PolicyDBClient) GetKeyAccessServer(ctx context.Context, identifier any)
return nil, err
}
- var keys []*policy.KasKey
+ var keys []*policy.SimpleKasKey
if len(kas.Keys) > 0 {
- keys, err = db.KasKeysProtoJSON(kas.Keys)
+ keys, err = db.SimpleKasKeysProtoJSON(kas.Keys)
if err != nil {
return nil, errors.New("failed to unmarshal keys")
}
@@ -698,7 +698,7 @@ func (c PolicyDBClient) RotateKey(ctx context.Context, activeKey *policy.KasKey,
return rotateKeyResp, nil
}
-func (c PolicyDBClient) GetBaseKey(ctx context.Context) (*kasregistry.SimpleKasKey, error) {
+func (c PolicyDBClient) GetBaseKey(ctx context.Context) (*policy.SimpleKasKey, error) {
key, err := c.Queries.getBaseKey(ctx)
if err != nil && !errors.Is(db.WrapIfKnownInvalidQueryErr(err), db.ErrNotFound) {
return nil, db.WrapIfKnownInvalidQueryErr(err)
diff --git a/service/policy/db/namespaces.go b/service/policy/db/namespaces.go
index d49e2511d7..2b3227c7ba 100644
--- a/service/policy/db/namespaces.go
+++ b/service/policy/db/namespaces.go
@@ -61,9 +61,9 @@ func (c PolicyDBClient) GetNamespace(ctx context.Context, identifier any) (*poli
}
}
- var keys []*policy.KasKey
+ var keys []*policy.SimpleKasKey
if len(ns.Keys) > 0 {
- keys, err = db.KasKeysProtoJSON(ns.Keys)
+ keys, err = db.SimpleKasKeysProtoJSON(ns.Keys)
if err != nil {
c.logger.Error("could not unmarshal keys", slog.String("error", err.Error()))
return nil, err
diff --git a/service/policy/db/query.sql b/service/policy/db/query.sql
index a951564091..107b001a94 100644
--- a/service/policy/db/query.sql
+++ b/service/policy/db/query.sql
@@ -88,18 +88,17 @@ LEFT JOIN (
kask.key_access_server_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_uri', kas.uri,
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
FROM key_access_server_keys kask
+ INNER JOIN key_access_servers kas ON kask.key_access_server_id = kas.id
GROUP BY kask.key_access_server_id
) kask_keys ON kas.id = kask_keys.key_access_server_id
LIMIT @limit_
@@ -126,18 +125,17 @@ LEFT JOIN (
kask.key_access_server_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_uri', kas.uri,
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
FROM key_access_server_keys kask
+ INNER JOIN key_access_servers kas ON kask.key_access_server_id = kas.id
GROUP BY kask.key_access_server_id
) kask_keys ON kas.id = kask_keys.key_access_server_id
WHERE (sqlc.narg('id')::uuid IS NULL OR kas.id = sqlc.narg('id')::uuid)
@@ -488,15 +486,12 @@ WITH target_definition AS (
k.definition_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -537,15 +532,12 @@ namespaces AS (
k.namespace_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -657,15 +649,12 @@ values AS (
k.value_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -742,16 +731,13 @@ LEFT JOIN (
k.definition_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
- ),
- 'kas_id', kask.key_access_server_id,
- 'kas_uri', kas.uri
+ 'kas_uri', kas.uri,
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
+ )
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
FROM attribute_definition_public_key_map k
@@ -858,15 +844,12 @@ LEFT JOIN (
k.value_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -1098,15 +1081,12 @@ LEFT JOIN (
k.namespace_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -1726,6 +1706,7 @@ WHERE id = $1;
SELECT
DISTINCT JSONB_BUILD_OBJECT(
'kas_uri', kas.uri,
+ 'kas_id', kas.id,
'public_key', JSONB_BUILD_OBJECT(
'algorithm', kask.key_algorithm::INTEGER,
'kid', kask.key_id,
diff --git a/service/policy/db/query.sql.go b/service/policy/db/query.sql.go
index b2ddb2a0ed..14c4605e42 100644
--- a/service/policy/db/query.sql.go
+++ b/service/policy/db/query.sql.go
@@ -448,16 +448,13 @@ LEFT JOIN (
k.definition_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
- ),
- 'kas_id', kask.key_access_server_id,
- 'kas_uri', kas.uri
+ 'kas_uri', kas.uri,
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
+ )
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
FROM attribute_definition_public_key_map k
@@ -539,16 +536,13 @@ type GetAttributeRow struct {
// k.definition_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
-// ),
-// 'kas_id', kask.key_access_server_id,
-// 'kas_uri', kas.uri
+// 'kas_uri', kas.uri,
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
+// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
// FROM attribute_definition_public_key_map k
@@ -604,15 +598,12 @@ LEFT JOIN (
k.value_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -669,15 +660,12 @@ type GetAttributeValueRow struct {
// k.value_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'kas_id', kask.key_access_server_id,
// 'kas_uri', kas.uri,
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -726,18 +714,17 @@ LEFT JOIN (
kask.key_access_server_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_uri', kas.uri,
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
FROM key_access_server_keys kask
+ INNER JOIN key_access_servers kas ON kask.key_access_server_id = kas.id
GROUP BY kask.key_access_server_id
) kask_keys ON kas.id = kask_keys.key_access_server_id
WHERE ($1::uuid IS NULL OR kas.id = $1::uuid)
@@ -783,18 +770,17 @@ type GetKeyAccessServerRow struct {
// kask.key_access_server_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'kas_id', kask.key_access_server_id,
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
+// 'kas_uri', kas.uri,
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
// FROM key_access_server_keys kask
+// INNER JOIN key_access_servers kas ON kask.key_access_server_id = kas.id
// GROUP BY kask.key_access_server_id
// ) kask_keys ON kas.id = kask_keys.key_access_server_id
// WHERE ($1::uuid IS NULL OR kas.id = $1::uuid)
@@ -838,15 +824,12 @@ LEFT JOIN (
k.namespace_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -900,15 +883,12 @@ type GetNamespaceRow struct {
// k.namespace_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'kas_id', kask.key_access_server_id,
// 'kas_uri', kas.uri,
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -1617,18 +1597,17 @@ LEFT JOIN (
kask.key_access_server_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_uri', kas.uri,
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
FROM key_access_server_keys kask
+ INNER JOIN key_access_servers kas ON kask.key_access_server_id = kas.id
GROUP BY kask.key_access_server_id
) kask_keys ON kas.id = kask_keys.key_access_server_id
LIMIT $2
@@ -1672,18 +1651,17 @@ type ListKeyAccessServersRow struct {
// kask.key_access_server_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'kas_id', kask.key_access_server_id,
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
+// 'kas_uri', kas.uri,
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
// FROM key_access_server_keys kask
+// INNER JOIN key_access_servers kas ON kask.key_access_server_id = kas.id
// GROUP BY kask.key_access_server_id
// ) kask_keys ON kas.id = kask_keys.key_access_server_id
// LIMIT $2
@@ -3430,6 +3408,7 @@ const getBaseKey = `-- name: getBaseKey :one
SELECT
DISTINCT JSONB_BUILD_OBJECT(
'kas_uri', kas.uri,
+ 'kas_id', kas.id,
'public_key', JSONB_BUILD_OBJECT(
'algorithm', kask.key_algorithm::INTEGER,
'kid', kask.key_id,
@@ -3448,6 +3427,7 @@ INNER JOIN key_access_servers kas ON kask.key_access_server_id = kas.id
// SELECT
// DISTINCT JSONB_BUILD_OBJECT(
// 'kas_uri', kas.uri,
+// 'kas_id', kas.id,
// 'public_key', JSONB_BUILD_OBJECT(
// 'algorithm', kask.key_algorithm::INTEGER,
// 'kid', kask.key_id,
@@ -3966,15 +3946,12 @@ WITH target_definition AS (
k.definition_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -4015,15 +3992,12 @@ namespaces AS (
k.namespace_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -4135,15 +4109,12 @@ values AS (
k.value_id,
JSONB_AGG(
DISTINCT JSONB_BUILD_OBJECT(
- 'kas_id', kask.key_access_server_id,
'kas_uri', kas.uri,
- 'key', JSONB_BUILD_OBJECT(
- 'id', kask.id,
- 'key_id', kask.key_id,
- 'key_status', kask.key_status,
- 'key_mode', kask.key_mode,
- 'key_algorithm', kask.key_algorithm,
- 'public_key_ctx', kask.public_key_ctx
+ 'kas_id', kas.id,
+ 'public_key', JSONB_BUILD_OBJECT(
+ 'algorithm', kask.key_algorithm::INTEGER,
+ 'kid', kask.key_id,
+ 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
)
)
) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -4212,15 +4183,12 @@ type listAttributesByDefOrValueFqnsRow struct {
// k.definition_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'kas_id', kask.key_access_server_id,
// 'kas_uri', kas.uri,
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -4261,15 +4229,12 @@ type listAttributesByDefOrValueFqnsRow struct {
// k.namespace_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'kas_id', kask.key_access_server_id,
// 'kas_uri', kas.uri,
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
@@ -4381,15 +4346,12 @@ type listAttributesByDefOrValueFqnsRow struct {
// k.value_id,
// JSONB_AGG(
// DISTINCT JSONB_BUILD_OBJECT(
-// 'kas_id', kask.key_access_server_id,
// 'kas_uri', kas.uri,
-// 'key', JSONB_BUILD_OBJECT(
-// 'id', kask.id,
-// 'key_id', kask.key_id,
-// 'key_status', kask.key_status,
-// 'key_mode', kask.key_mode,
-// 'key_algorithm', kask.key_algorithm,
-// 'public_key_ctx', kask.public_key_ctx
+// 'kas_id', kas.id,
+// 'public_key', JSONB_BUILD_OBJECT(
+// 'algorithm', kask.key_algorithm::INTEGER,
+// 'kid', kask.key_id,
+// 'pem', CONVERT_FROM(DECODE(kask.public_key_ctx ->> 'pem', 'base64'), 'UTF8')
// )
// )
// ) FILTER (WHERE kask.id IS NOT NULL) AS keys
diff --git a/service/policy/kasregistry/key_access_server_registry.proto b/service/policy/kasregistry/key_access_server_registry.proto
index f0d6d3e5a0..5b17d06b35 100644
--- a/service/policy/kasregistry/key_access_server_registry.proto
+++ b/service/policy/kasregistry/key_access_server_registry.proto
@@ -605,17 +605,6 @@ message SetBaseKeyRequest {
}
}
-message SimpleKasPublicKey {
- Algorithm algorithm = 1;
- string kid = 2;
- string pem = 3;
-}
-
-message SimpleKasKey {
- string kas_uri = 1; // The URL of the Key Access Server
- SimpleKasPublicKey public_key = 2; // The public key of the Key that belongs to the KAS
-};
-
message GetBaseKeyRequest {}
message GetBaseKeyResponse {
SimpleKasKey base_key = 1; // The current base key
diff --git a/service/policy/objects.proto b/service/policy/objects.proto
index 6a94e02506..6d046b8e51 100644
--- a/service/policy/objects.proto
+++ b/service/policy/objects.proto
@@ -6,6 +6,18 @@ import "buf/validate/validate.proto";
import "common/common.proto";
import "google/protobuf/wrappers.proto";
+message SimpleKasPublicKey {
+ Algorithm algorithm = 1;
+ string kid = 2;
+ string pem = 3;
+}
+
+message SimpleKasKey {
+ string kas_uri = 1; // The URL of the Key Access Server
+ SimpleKasPublicKey public_key = 2; // The public key of the Key that belongs to the KAS
+ string kas_id = 3; // The ID of the Key Access Server
+};
+
message KeyProviderConfig {
string id = 1;
string name = 2;
@@ -33,7 +45,7 @@ message Namespace {
repeated KeyAccessServer grants = 6;
// Keys for the namespace
- repeated KasKey kas_keys = 7;
+ repeated SimpleKasKey kas_keys = 7;
}
message Attribute {
@@ -62,7 +74,7 @@ message Attribute {
google.protobuf.BoolValue active = 8;
//Keys associated with the attribute
- repeated KasKey kas_keys = 9;
+ repeated SimpleKasKey kas_keys = 9;
// Common metadata
common.Metadata metadata = 100;
@@ -99,7 +111,7 @@ message Value {
// subject mapping
repeated SubjectMapping subject_mappings = 8;
- repeated KasKey kas_keys = 9;
+ repeated SimpleKasKey kas_keys = 9;
repeated ResourceMapping resource_mappings = 10;
@@ -322,7 +334,7 @@ message KeyAccessServer {
// The source of the KAS: (INTERNAL, EXTERNAL)
SourceType source_type = 4;
// Kas keys associated with this KAS
- repeated KasKey kas_keys = 5;
+ repeated SimpleKasKey kas_keys = 5;
// Optional
// Unique name of the KAS instance