// Copyright IBM Corp. 2020, 2025 // SPDX-License-Identifier: BUSL-1.1 // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.36.11 // protoc (unknown) // source: controller/storage/credential/static/store/v1/static.proto // Package store provides protobufs for storing types in the static // credential package. package store import ( timestamp "github.com/hashicorp/boundary/internal/db/timestamp" _ "github.com/hashicorp/boundary/sdk/pbs/controller/protooptions" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" sync "sync" unsafe "unsafe" ) const ( // Verify that this generated code is sufficiently up-to-date. _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) // Verify that runtime/protoimpl is sufficiently up-to-date. _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) type CredentialStore struct { state protoimpl.MessageState `protogen:"open.v1"` // public_id is a surrogate key suitable for use in a public API. // @inject_tag: `gorm:"primary_key"` PublicId string `protobuf:"bytes,1,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"` // The create_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"` // The update_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` UpdateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"` // name is optional. If set, it must be unique within project_id. // @inject_tag: `gorm:"default:null"` Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"` // description is optional. // @inject_tag: `gorm:"default:null"` Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"` // The project_id of the owning scope. // It must be set. // @inject_tag: `gorm:"not_null"` ProjectId string `protobuf:"bytes,6,opt,name=project_id,json=projectId,proto3" json:"project_id,omitempty" gorm:"not_null"` // version allows optimistic locking of the resource. // @inject_tag: `gorm:"default:null"` Version uint32 `protobuf:"varint,7,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *CredentialStore) Reset() { *x = CredentialStore{} mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[0] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } func (x *CredentialStore) String() string { return protoimpl.X.MessageStringOf(x) } func (*CredentialStore) ProtoMessage() {} func (x *CredentialStore) ProtoReflect() protoreflect.Message { mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[0] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { ms.StoreMessageInfo(mi) } return ms } return mi.MessageOf(x) } // Deprecated: Use CredentialStore.ProtoReflect.Descriptor instead. func (*CredentialStore) Descriptor() ([]byte, []int) { return file_controller_storage_credential_static_store_v1_static_proto_rawDescGZIP(), []int{0} } func (x *CredentialStore) GetPublicId() string { if x != nil { return x.PublicId } return "" } func (x *CredentialStore) GetCreateTime() *timestamp.Timestamp { if x != nil { return x.CreateTime } return nil } func (x *CredentialStore) GetUpdateTime() *timestamp.Timestamp { if x != nil { return x.UpdateTime } return nil } func (x *CredentialStore) GetName() string { if x != nil { return x.Name } return "" } func (x *CredentialStore) GetDescription() string { if x != nil { return x.Description } return "" } func (x *CredentialStore) GetProjectId() string { if x != nil { return x.ProjectId } return "" } func (x *CredentialStore) GetVersion() uint32 { if x != nil { return x.Version } return 0 } type PasswordCredential struct { state protoimpl.MessageState `protogen:"open.v1"` // public_id is a surrogate key suitable for use in a public API. // @inject_tag: `gorm:"primary_key"` PublicId string `protobuf:"bytes,1,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"` // create_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"` // update_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` UpdateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"` // name is optional. If set, it must be unique within project_id. // @inject_tag: `gorm:"default:null"` Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"` // description is optional. // @inject_tag: `gorm:"default:null"` Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"` // store_id of the owning static credential store. // It must be set. // @inject_tag: `gorm:"not_null"` StoreId string `protobuf:"bytes,6,opt,name=store_id,json=storeId,proto3" json:"store_id,omitempty" gorm:"not_null"` // version allows optimistic locking of the resource. // @inject_tag: `gorm:"default:null"` Version uint32 `protobuf:"varint,7,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"` // password is the plain-text of the password associated with the credential. We are // not storing this plain-text password in the database. // @inject_tag: `gorm:"-" wrapping:"pt,password_data"` Password []byte `protobuf:"bytes,8,opt,name=password,proto3" json:"password,omitempty" gorm:"-" wrapping:"pt,password_data"` // ct_password is the ciphertext of the password. It // is stored in the database. // @inject_tag: `gorm:"column:password_encrypted;not_null" wrapping:"ct,password_data"` CtPassword []byte `protobuf:"bytes,9,opt,name=ct_password,json=ctPassword,proto3" json:"ct_password,omitempty" gorm:"column:password_encrypted;not_null" wrapping:"ct,password_data"` // password_hmac is a sha256-hmac of the unencrypted password. It is recalculated // everytime the password is updated. // @inject_tag: `gorm:"not_null"` PasswordHmac []byte `protobuf:"bytes,10,opt,name=password_hmac,json=passwordHmac,proto3" json:"password_hmac,omitempty" gorm:"not_null"` // The key_id of the kms database key used for encrypting this entry. // It must be set. // @inject_tag: `gorm:"not_null"` KeyId string `protobuf:"bytes,11,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *PasswordCredential) Reset() { *x = PasswordCredential{} mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[1] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } func (x *PasswordCredential) String() string { return protoimpl.X.MessageStringOf(x) } func (*PasswordCredential) ProtoMessage() {} func (x *PasswordCredential) ProtoReflect() protoreflect.Message { mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[1] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { ms.StoreMessageInfo(mi) } return ms } return mi.MessageOf(x) } // Deprecated: Use PasswordCredential.ProtoReflect.Descriptor instead. func (*PasswordCredential) Descriptor() ([]byte, []int) { return file_controller_storage_credential_static_store_v1_static_proto_rawDescGZIP(), []int{1} } func (x *PasswordCredential) GetPublicId() string { if x != nil { return x.PublicId } return "" } func (x *PasswordCredential) GetCreateTime() *timestamp.Timestamp { if x != nil { return x.CreateTime } return nil } func (x *PasswordCredential) GetUpdateTime() *timestamp.Timestamp { if x != nil { return x.UpdateTime } return nil } func (x *PasswordCredential) GetName() string { if x != nil { return x.Name } return "" } func (x *PasswordCredential) GetDescription() string { if x != nil { return x.Description } return "" } func (x *PasswordCredential) GetStoreId() string { if x != nil { return x.StoreId } return "" } func (x *PasswordCredential) GetVersion() uint32 { if x != nil { return x.Version } return 0 } func (x *PasswordCredential) GetPassword() []byte { if x != nil { return x.Password } return nil } func (x *PasswordCredential) GetCtPassword() []byte { if x != nil { return x.CtPassword } return nil } func (x *PasswordCredential) GetPasswordHmac() []byte { if x != nil { return x.PasswordHmac } return nil } func (x *PasswordCredential) GetKeyId() string { if x != nil { return x.KeyId } return "" } type UsernamePasswordCredential struct { state protoimpl.MessageState `protogen:"open.v1"` // public_id is a surrogate key suitable for use in a public API. // @inject_tag: `gorm:"primary_key"` PublicId string `protobuf:"bytes,1,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"` // create_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"` // update_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` UpdateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"` // name is optional. If set, it must be unique within project_id. // @inject_tag: `gorm:"default:null"` Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"` // description is optional. // @inject_tag: `gorm:"default:null"` Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"` // store_id of the owning static credential store. // It must be set. // @inject_tag: `gorm:"not_null"` StoreId string `protobuf:"bytes,6,opt,name=store_id,json=storeId,proto3" json:"store_id,omitempty" gorm:"not_null"` // version allows optimistic locking of the resource. // @inject_tag: `gorm:"default:null"` Version uint32 `protobuf:"varint,7,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"` // username is the username associated with the credential. // It must be set. // @inject_tag: `gorm:"not_null"` Username string `protobuf:"bytes,8,opt,name=username,proto3" json:"username,omitempty" gorm:"not_null"` // password is the plain-text of the password associated with the credential. We are // not storing this plain-text password in the database. // @inject_tag: `gorm:"-" wrapping:"pt,password_data"` Password []byte `protobuf:"bytes,9,opt,name=password,proto3" json:"password,omitempty" gorm:"-" wrapping:"pt,password_data"` // ct_password is the ciphertext of the password. It // is stored in the database. // @inject_tag: `gorm:"column:password_encrypted;not_null" wrapping:"ct,password_data"` CtPassword []byte `protobuf:"bytes,10,opt,name=ct_password,json=ctPassword,proto3" json:"ct_password,omitempty" gorm:"column:password_encrypted;not_null" wrapping:"ct,password_data"` // password_hmac is a sha256-hmac of the unencrypted password. It is recalculated // everytime the password is updated. // @inject_tag: `gorm:"not_null"` PasswordHmac []byte `protobuf:"bytes,11,opt,name=password_hmac,json=passwordHmac,proto3" json:"password_hmac,omitempty" gorm:"not_null"` // The key_id of the kms database key used for encrypting this entry. // It must be set. // @inject_tag: `gorm:"not_null"` KeyId string `protobuf:"bytes,12,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *UsernamePasswordCredential) Reset() { *x = UsernamePasswordCredential{} mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[2] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } func (x *UsernamePasswordCredential) String() string { return protoimpl.X.MessageStringOf(x) } func (*UsernamePasswordCredential) ProtoMessage() {} func (x *UsernamePasswordCredential) ProtoReflect() protoreflect.Message { mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[2] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { ms.StoreMessageInfo(mi) } return ms } return mi.MessageOf(x) } // Deprecated: Use UsernamePasswordCredential.ProtoReflect.Descriptor instead. func (*UsernamePasswordCredential) Descriptor() ([]byte, []int) { return file_controller_storage_credential_static_store_v1_static_proto_rawDescGZIP(), []int{2} } func (x *UsernamePasswordCredential) GetPublicId() string { if x != nil { return x.PublicId } return "" } func (x *UsernamePasswordCredential) GetCreateTime() *timestamp.Timestamp { if x != nil { return x.CreateTime } return nil } func (x *UsernamePasswordCredential) GetUpdateTime() *timestamp.Timestamp { if x != nil { return x.UpdateTime } return nil } func (x *UsernamePasswordCredential) GetName() string { if x != nil { return x.Name } return "" } func (x *UsernamePasswordCredential) GetDescription() string { if x != nil { return x.Description } return "" } func (x *UsernamePasswordCredential) GetStoreId() string { if x != nil { return x.StoreId } return "" } func (x *UsernamePasswordCredential) GetVersion() uint32 { if x != nil { return x.Version } return 0 } func (x *UsernamePasswordCredential) GetUsername() string { if x != nil { return x.Username } return "" } func (x *UsernamePasswordCredential) GetPassword() []byte { if x != nil { return x.Password } return nil } func (x *UsernamePasswordCredential) GetCtPassword() []byte { if x != nil { return x.CtPassword } return nil } func (x *UsernamePasswordCredential) GetPasswordHmac() []byte { if x != nil { return x.PasswordHmac } return nil } func (x *UsernamePasswordCredential) GetKeyId() string { if x != nil { return x.KeyId } return "" } type UsernamePasswordDomainCredential struct { state protoimpl.MessageState `protogen:"open.v1"` // public_id is a surrogate key suitable for use in a public API. // @inject_tag: `gorm:"primary_key"` PublicId string `protobuf:"bytes,1,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"` // create_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"` // update_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` UpdateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"` // name is optional. If set, it must be unique within project_id. // @inject_tag: `gorm:"default:null"` Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"` // description is optional. // @inject_tag: `gorm:"default:null"` Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"` // store_id of the owning static credential store. // It must be set. // @inject_tag: `gorm:"not_null"` StoreId string `protobuf:"bytes,6,opt,name=store_id,json=storeId,proto3" json:"store_id,omitempty" gorm:"not_null"` // version allows optimistic locking of the resource. // @inject_tag: `gorm:"default:null"` Version uint32 `protobuf:"varint,7,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"` // username is the username associated with the credential. // It must be set. // @inject_tag: `gorm:"not_null"` Username string `protobuf:"bytes,8,opt,name=username,proto3" json:"username,omitempty" gorm:"not_null"` // password is the plain-text of the password associated with the credential. We are // not storing this plain-text password in the database. // @inject_tag: `gorm:"-" wrapping:"pt,password_data"` Password []byte `protobuf:"bytes,9,opt,name=password,proto3" json:"password,omitempty" gorm:"-" wrapping:"pt,password_data"` // ct_password is the ciphertext of the password. It // is stored in the database. // @inject_tag: `gorm:"column:password_encrypted;not_null" wrapping:"ct,password_data"` CtPassword []byte `protobuf:"bytes,10,opt,name=ct_password,json=ctPassword,proto3" json:"ct_password,omitempty" gorm:"column:password_encrypted;not_null" wrapping:"ct,password_data"` // password_hmac is a sha256-hmac of the unencrypted password. It is recalculated // everytime the password is updated. // @inject_tag: `gorm:"not_null"` PasswordHmac []byte `protobuf:"bytes,11,opt,name=password_hmac,json=passwordHmac,proto3" json:"password_hmac,omitempty" gorm:"not_null"` // The key_id of the kms database key used for encrypting this entry. // It must be set. // @inject_tag: `gorm:"not_null"` KeyId string `protobuf:"bytes,12,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"` // Domain is the domain associated with the credential.. // It must be set. // @inject_tag: `gorm:"not_null"` Domain string `protobuf:"bytes,13,opt,name=domain,proto3" json:"domain,omitempty" gorm:"not_null"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *UsernamePasswordDomainCredential) Reset() { *x = UsernamePasswordDomainCredential{} mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[3] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } func (x *UsernamePasswordDomainCredential) String() string { return protoimpl.X.MessageStringOf(x) } func (*UsernamePasswordDomainCredential) ProtoMessage() {} func (x *UsernamePasswordDomainCredential) ProtoReflect() protoreflect.Message { mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[3] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { ms.StoreMessageInfo(mi) } return ms } return mi.MessageOf(x) } // Deprecated: Use UsernamePasswordDomainCredential.ProtoReflect.Descriptor instead. func (*UsernamePasswordDomainCredential) Descriptor() ([]byte, []int) { return file_controller_storage_credential_static_store_v1_static_proto_rawDescGZIP(), []int{3} } func (x *UsernamePasswordDomainCredential) GetPublicId() string { if x != nil { return x.PublicId } return "" } func (x *UsernamePasswordDomainCredential) GetCreateTime() *timestamp.Timestamp { if x != nil { return x.CreateTime } return nil } func (x *UsernamePasswordDomainCredential) GetUpdateTime() *timestamp.Timestamp { if x != nil { return x.UpdateTime } return nil } func (x *UsernamePasswordDomainCredential) GetName() string { if x != nil { return x.Name } return "" } func (x *UsernamePasswordDomainCredential) GetDescription() string { if x != nil { return x.Description } return "" } func (x *UsernamePasswordDomainCredential) GetStoreId() string { if x != nil { return x.StoreId } return "" } func (x *UsernamePasswordDomainCredential) GetVersion() uint32 { if x != nil { return x.Version } return 0 } func (x *UsernamePasswordDomainCredential) GetUsername() string { if x != nil { return x.Username } return "" } func (x *UsernamePasswordDomainCredential) GetPassword() []byte { if x != nil { return x.Password } return nil } func (x *UsernamePasswordDomainCredential) GetCtPassword() []byte { if x != nil { return x.CtPassword } return nil } func (x *UsernamePasswordDomainCredential) GetPasswordHmac() []byte { if x != nil { return x.PasswordHmac } return nil } func (x *UsernamePasswordDomainCredential) GetKeyId() string { if x != nil { return x.KeyId } return "" } func (x *UsernamePasswordDomainCredential) GetDomain() string { if x != nil { return x.Domain } return "" } type SshPrivateKeyCredential struct { state protoimpl.MessageState `protogen:"open.v1"` // public_id is a surrogate key suitable for use in a public API. // @inject_tag: `gorm:"primary_key"` PublicId string `protobuf:"bytes,1,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"` // create_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"` // update_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` UpdateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"` // name is optional. If set, it must be unique within project_id. // @inject_tag: `gorm:"default:null"` Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"` // description is optional. // @inject_tag: `gorm:"default:null"` Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"` // store_id of the owning static credential store. // It must be set. // @inject_tag: `gorm:"not_null"` StoreId string `protobuf:"bytes,6,opt,name=store_id,json=storeId,proto3" json:"store_id,omitempty" gorm:"not_null"` // version allows optimistic locking of the resource. // @inject_tag: `gorm:"default:null"` Version uint32 `protobuf:"varint,7,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"` // username is the username associated with the credential. // It must be set. // @inject_tag: `gorm:"not_null"` Username string `protobuf:"bytes,8,opt,name=username,proto3" json:"username,omitempty" gorm:"not_null"` // private_key is the plain-text of the private key associated with the // credential. We are not storing this plain-text private key in the database. // @inject_tag: `gorm:"-" wrapping:"pt,private_key"` PrivateKey []byte `protobuf:"bytes,9,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty" gorm:"-" wrapping:"pt,private_key"` // private_key_encrypted is the ciphertext of the private key. It is stored in // the database. // @inject_tag: `gorm:"column:private_key_encrypted;not_null" wrapping:"ct,private_key"` PrivateKeyEncrypted []byte `protobuf:"bytes,10,opt,name=private_key_encrypted,json=privateKeyEncrypted,proto3" json:"private_key_encrypted,omitempty" gorm:"column:private_key_encrypted;not_null" wrapping:"ct,private_key"` // private_key_hmac is a sha256-hmac of the unencrypted private key. It is recalculated // everytime the private key is updated. // @inject_tag: `gorm:"not_null"` PrivateKeyHmac []byte `protobuf:"bytes,11,opt,name=private_key_hmac,json=privateKeyHmac,proto3" json:"private_key_hmac,omitempty" gorm:"not_null"` // The key_id of the kms database key used for encrypting this entry. // It must be set. // @inject_tag: `gorm:"not_null"` KeyId string `protobuf:"bytes,12,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"` // private_key_passphrase is the plain-text of the passphrase of the SSH private // key associated with the credential. We are not storing this plain-text // private key passphrase in the database. // @inject_tag: `gorm:"-"` PrivateKeyPassphrase []byte `protobuf:"bytes,13,opt,name=private_key_passphrase,json=privateKeyPassphrase,proto3" json:"private_key_passphrase,omitempty" gorm:"-"` // private_key_passphrase_encrypted is the ciphertext of the private key passphrase. It is stored in // the database. // @inject_tag: `gorm:"column:private_key_passphrase_encrypted;not_null"` PrivateKeyPassphraseEncrypted []byte `protobuf:"bytes,14,opt,name=private_key_passphrase_encrypted,json=privateKeyPassphraseEncrypted,proto3" json:"private_key_passphrase_encrypted,omitempty" gorm:"column:private_key_passphrase_encrypted;not_null"` // private_key_passphrase_hmac is a sha256-hmac of the unencrypted private key passphrase. It is recalculated // everytime the private key passphrase is updated. // @inject_tag: `gorm:"not_null"` PrivateKeyPassphraseHmac []byte `protobuf:"bytes,15,opt,name=private_key_passphrase_hmac,json=privateKeyPassphraseHmac,proto3" json:"private_key_passphrase_hmac,omitempty" gorm:"not_null"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *SshPrivateKeyCredential) Reset() { *x = SshPrivateKeyCredential{} mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[4] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } func (x *SshPrivateKeyCredential) String() string { return protoimpl.X.MessageStringOf(x) } func (*SshPrivateKeyCredential) ProtoMessage() {} func (x *SshPrivateKeyCredential) ProtoReflect() protoreflect.Message { mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[4] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { ms.StoreMessageInfo(mi) } return ms } return mi.MessageOf(x) } // Deprecated: Use SshPrivateKeyCredential.ProtoReflect.Descriptor instead. func (*SshPrivateKeyCredential) Descriptor() ([]byte, []int) { return file_controller_storage_credential_static_store_v1_static_proto_rawDescGZIP(), []int{4} } func (x *SshPrivateKeyCredential) GetPublicId() string { if x != nil { return x.PublicId } return "" } func (x *SshPrivateKeyCredential) GetCreateTime() *timestamp.Timestamp { if x != nil { return x.CreateTime } return nil } func (x *SshPrivateKeyCredential) GetUpdateTime() *timestamp.Timestamp { if x != nil { return x.UpdateTime } return nil } func (x *SshPrivateKeyCredential) GetName() string { if x != nil { return x.Name } return "" } func (x *SshPrivateKeyCredential) GetDescription() string { if x != nil { return x.Description } return "" } func (x *SshPrivateKeyCredential) GetStoreId() string { if x != nil { return x.StoreId } return "" } func (x *SshPrivateKeyCredential) GetVersion() uint32 { if x != nil { return x.Version } return 0 } func (x *SshPrivateKeyCredential) GetUsername() string { if x != nil { return x.Username } return "" } func (x *SshPrivateKeyCredential) GetPrivateKey() []byte { if x != nil { return x.PrivateKey } return nil } func (x *SshPrivateKeyCredential) GetPrivateKeyEncrypted() []byte { if x != nil { return x.PrivateKeyEncrypted } return nil } func (x *SshPrivateKeyCredential) GetPrivateKeyHmac() []byte { if x != nil { return x.PrivateKeyHmac } return nil } func (x *SshPrivateKeyCredential) GetKeyId() string { if x != nil { return x.KeyId } return "" } func (x *SshPrivateKeyCredential) GetPrivateKeyPassphrase() []byte { if x != nil { return x.PrivateKeyPassphrase } return nil } func (x *SshPrivateKeyCredential) GetPrivateKeyPassphraseEncrypted() []byte { if x != nil { return x.PrivateKeyPassphraseEncrypted } return nil } func (x *SshPrivateKeyCredential) GetPrivateKeyPassphraseHmac() []byte { if x != nil { return x.PrivateKeyPassphraseHmac } return nil } type JsonCredential struct { state protoimpl.MessageState `protogen:"open.v1"` // public_id is a surrogate key suitable for use in a public API. // @inject_tag: `gorm:"primary_key"` PublicId string `protobuf:"bytes,1,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"` // create_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"` // update_time is set by the database. // @inject_tag: `gorm:"default:current_timestamp"` UpdateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"` // name is optional. If set, it must be unique within scope_id. // @inject_tag: `gorm:"default:null"` Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"` // description is optional. // @inject_tag: `gorm:"default:null"` Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"` // store_id of the owning static credential store. // It must be set. // @inject_tag: `gorm:"not_null"` StoreId string `protobuf:"bytes,6,opt,name=store_id,json=storeId,proto3" json:"store_id,omitempty" gorm:"not_null"` // version allows optimistic locking of the resource. // @inject_tag: `gorm:"default:null"` Version uint32 `protobuf:"varint,7,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"` // object is the plain-text of the json associated with the // credential. We are not storing this plain-text object in the database. // @inject_tag: `gorm:"-" wrapping:"pt,object"` Object []byte `protobuf:"bytes,8,opt,name=object,proto3" json:"object,omitempty" gorm:"-" wrapping:"pt,object"` // object_encrypted is the ciphertext of the object. It is stored in // the database. // @inject_tag: `gorm:"column:object_encrypted;not_null" wrapping:"ct,object"` ObjectEncrypted []byte `protobuf:"bytes,9,opt,name=object_encrypted,json=objectEncrypted,proto3" json:"object_encrypted,omitempty" gorm:"column:object_encrypted;not_null" wrapping:"ct,object"` // object_hmac is a sha256-hmac of the unencrypted object. It is recalculated // everytime the object is updated. // @inject_tag: `gorm:"not_null"` ObjectHmac []byte `protobuf:"bytes,10,opt,name=object_hmac,json=objectHmac,proto3" json:"object_hmac,omitempty" gorm:"not_null"` // The key_id of the kms database key used for encrypting this entry. // It must be set. // @inject_tag: `gorm:"not_null"` KeyId string `protobuf:"bytes,11,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *JsonCredential) Reset() { *x = JsonCredential{} mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[5] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } func (x *JsonCredential) String() string { return protoimpl.X.MessageStringOf(x) } func (*JsonCredential) ProtoMessage() {} func (x *JsonCredential) ProtoReflect() protoreflect.Message { mi := &file_controller_storage_credential_static_store_v1_static_proto_msgTypes[5] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { ms.StoreMessageInfo(mi) } return ms } return mi.MessageOf(x) } // Deprecated: Use JsonCredential.ProtoReflect.Descriptor instead. func (*JsonCredential) Descriptor() ([]byte, []int) { return file_controller_storage_credential_static_store_v1_static_proto_rawDescGZIP(), []int{5} } func (x *JsonCredential) GetPublicId() string { if x != nil { return x.PublicId } return "" } func (x *JsonCredential) GetCreateTime() *timestamp.Timestamp { if x != nil { return x.CreateTime } return nil } func (x *JsonCredential) GetUpdateTime() *timestamp.Timestamp { if x != nil { return x.UpdateTime } return nil } func (x *JsonCredential) GetName() string { if x != nil { return x.Name } return "" } func (x *JsonCredential) GetDescription() string { if x != nil { return x.Description } return "" } func (x *JsonCredential) GetStoreId() string { if x != nil { return x.StoreId } return "" } func (x *JsonCredential) GetVersion() uint32 { if x != nil { return x.Version } return 0 } func (x *JsonCredential) GetObject() []byte { if x != nil { return x.Object } return nil } func (x *JsonCredential) GetObjectEncrypted() []byte { if x != nil { return x.ObjectEncrypted } return nil } func (x *JsonCredential) GetObjectHmac() []byte { if x != nil { return x.ObjectHmac } return nil } func (x *JsonCredential) GetKeyId() string { if x != nil { return x.KeyId } return "" } var File_controller_storage_credential_static_store_v1_static_proto protoreflect.FileDescriptor const file_controller_storage_credential_static_store_v1_static_proto_rawDesc = "" + "\n" + ":controller/storage/credential/static/store/v1/static.proto\x12-controller.storage.credential.static.store.v1\x1a*controller/custom_options/v1/options.proto\x1a/controller/storage/timestamp/v1/timestamp.proto\"\xe9\x02\n" + "\x0fCredentialStore\x12\x1b\n" + "\tpublic_id\x18\x01 \x01(\tR\bpublicId\x12K\n" + "\vcreate_time\x18\x02 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "createTime\x12K\n" + "\vupdate_time\x18\x03 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "updateTime\x12$\n" + "\x04name\x18\x04 \x01(\tB\x10\xc2\xdd)\f\n" + "\x04Name\x12\x04nameR\x04name\x12@\n" + "\vdescription\x18\x05 \x01(\tB\x1e\xc2\xdd)\x1a\n" + "\vDescription\x12\vdescriptionR\vdescription\x12\x1d\n" + "\n" + "project_id\x18\x06 \x01(\tR\tprojectId\x12\x18\n" + "\aversion\x18\a \x01(\rR\aversion\"\xb4\x04\n" + "\x12PasswordCredential\x12\x1b\n" + "\tpublic_id\x18\x01 \x01(\tR\bpublicId\x12K\n" + "\vcreate_time\x18\x02 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "createTime\x12K\n" + "\vupdate_time\x18\x03 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "updateTime\x12$\n" + "\x04name\x18\x04 \x01(\tB\x10\xc2\xdd)\f\n" + "\x04Name\x12\x04nameR\x04name\x12@\n" + "\vdescription\x18\x05 \x01(\tB\x1e\xc2\xdd)\x1a\n" + "\vDescription\x12\vdescriptionR\vdescription\x12\x19\n" + "\bstore_id\x18\x06 \x01(\tR\astoreId\x12\x18\n" + "\aversion\x18\a \x01(\rR\aversion\x12?\n" + "\bpassword\x18\b \x01(\fB#\xc2\xdd)\x1f\n" + "\bPassword\x12\x13attributes.passwordR\bpassword\x12\x1f\n" + "\vct_password\x18\t \x01(\fR\n" + "ctPassword\x12Q\n" + "\rpassword_hmac\x18\n" + " \x01(\fB,\xc2\xdd)(\n" + "\fPasswordHmac\x12\x18attributes.password_hmacR\fpasswordHmac\x12\x15\n" + "\x06key_id\x18\v \x01(\tR\x05keyId\"\xfd\x04\n" + "\x1aUsernamePasswordCredential\x12\x1b\n" + "\tpublic_id\x18\x01 \x01(\tR\bpublicId\x12K\n" + "\vcreate_time\x18\x02 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "createTime\x12K\n" + "\vupdate_time\x18\x03 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "updateTime\x12$\n" + "\x04name\x18\x04 \x01(\tB\x10\xc2\xdd)\f\n" + "\x04Name\x12\x04nameR\x04name\x12@\n" + "\vdescription\x18\x05 \x01(\tB\x1e\xc2\xdd)\x1a\n" + "\vDescription\x12\vdescriptionR\vdescription\x12\x19\n" + "\bstore_id\x18\x06 \x01(\tR\astoreId\x12\x18\n" + "\aversion\x18\a \x01(\rR\aversion\x12?\n" + "\busername\x18\b \x01(\tB#\xc2\xdd)\x1f\n" + "\bUsername\x12\x13attributes.usernameR\busername\x12?\n" + "\bpassword\x18\t \x01(\fB#\xc2\xdd)\x1f\n" + "\bPassword\x12\x13attributes.passwordR\bpassword\x12\x1f\n" + "\vct_password\x18\n" + " \x01(\fR\n" + "ctPassword\x12Q\n" + "\rpassword_hmac\x18\v \x01(\fB,\xc2\xdd)(\n" + "\fPasswordHmac\x12\x18attributes.password_hmacR\fpasswordHmac\x12\x15\n" + "\x06key_id\x18\f \x01(\tR\x05keyId\"\xbc\x05\n" + " UsernamePasswordDomainCredential\x12\x1b\n" + "\tpublic_id\x18\x01 \x01(\tR\bpublicId\x12K\n" + "\vcreate_time\x18\x02 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "createTime\x12K\n" + "\vupdate_time\x18\x03 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "updateTime\x12$\n" + "\x04name\x18\x04 \x01(\tB\x10\xc2\xdd)\f\n" + "\x04Name\x12\x04nameR\x04name\x12@\n" + "\vdescription\x18\x05 \x01(\tB\x1e\xc2\xdd)\x1a\n" + "\vDescription\x12\vdescriptionR\vdescription\x12\x19\n" + "\bstore_id\x18\x06 \x01(\tR\astoreId\x12\x18\n" + "\aversion\x18\a \x01(\rR\aversion\x12?\n" + "\busername\x18\b \x01(\tB#\xc2\xdd)\x1f\n" + "\bUsername\x12\x13attributes.usernameR\busername\x12?\n" + "\bpassword\x18\t \x01(\fB#\xc2\xdd)\x1f\n" + "\bPassword\x12\x13attributes.passwordR\bpassword\x12\x1f\n" + "\vct_password\x18\n" + " \x01(\fR\n" + "ctPassword\x12Q\n" + "\rpassword_hmac\x18\v \x01(\fB,\xc2\xdd)(\n" + "\fPasswordHmac\x12\x18attributes.password_hmacR\fpasswordHmac\x12\x15\n" + "\x06key_id\x18\f \x01(\tR\x05keyId\x127\n" + "\x06domain\x18\r \x01(\tB\x1f\xc2\xdd)\x1b\n" + "\x06Domain\x12\x11attributes.domainR\x06domain\"\xe7\a\n" + "\x17SshPrivateKeyCredential\x12\x1b\n" + "\tpublic_id\x18\x01 \x01(\tR\bpublicId\x12K\n" + "\vcreate_time\x18\x02 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "createTime\x12K\n" + "\vupdate_time\x18\x03 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "updateTime\x12$\n" + "\x04name\x18\x04 \x01(\tB\x10\xc2\xdd)\f\n" + "\x04Name\x12\x04nameR\x04name\x12@\n" + "\vdescription\x18\x05 \x01(\tB\x1e\xc2\xdd)\x1a\n" + "\vDescription\x12\vdescriptionR\vdescription\x12\x19\n" + "\bstore_id\x18\x06 \x01(\tR\astoreId\x12\x18\n" + "\aversion\x18\a \x01(\rR\aversion\x12?\n" + "\busername\x18\b \x01(\tB#\xc2\xdd)\x1f\n" + "\bUsername\x12\x13attributes.usernameR\busername\x12I\n" + "\vprivate_key\x18\t \x01(\fB(\xc2\xdd)$\n" + "\n" + "PrivateKey\x12\x16attributes.private_keyR\n" + "privateKey\x122\n" + "\x15private_key_encrypted\x18\n" + " \x01(\fR\x13privateKeyEncrypted\x12[\n" + "\x10private_key_hmac\x18\v \x01(\fB1\xc2\xdd)-\n" + "\x0ePrivateKeyHmac\x12\x1battributes.private_key_hmacR\x0eprivateKeyHmac\x12\x15\n" + "\x06key_id\x18\f \x01(\tR\x05keyId\x12s\n" + "\x16private_key_passphrase\x18\r \x01(\fB=\xc2\xdd)9\n" + "\x14PrivateKeyPassphrase\x12!attributes.private_key_passphraseR\x14privateKeyPassphrase\x12G\n" + " private_key_passphrase_encrypted\x18\x0e \x01(\fR\x1dprivateKeyPassphraseEncrypted\x12\x85\x01\n" + "\x1bprivate_key_passphrase_hmac\x18\x0f \x01(\fBF\xc2\xdd)B\n" + "\x18PrivateKeyPassphraseHmac\x12&attributes.private_key_passphrase_hmacR\x18privateKeyPassphraseHmac\"\xaa\x04\n" + "\x0eJsonCredential\x12\x1b\n" + "\tpublic_id\x18\x01 \x01(\tR\bpublicId\x12K\n" + "\vcreate_time\x18\x02 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "createTime\x12K\n" + "\vupdate_time\x18\x03 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" + "updateTime\x12$\n" + "\x04name\x18\x04 \x01(\tB\x10\xc2\xdd)\f\n" + "\x04Name\x12\x04nameR\x04name\x12@\n" + "\vdescription\x18\x05 \x01(\tB\x1e\xc2\xdd)\x1a\n" + "\vDescription\x12\vdescriptionR\vdescription\x12\x19\n" + "\bstore_id\x18\x06 \x01(\tR\astoreId\x12\x18\n" + "\aversion\x18\a \x01(\rR\aversion\x127\n" + "\x06object\x18\b \x01(\fB\x1f\xc2\xdd)\x1b\n" + "\x06Object\x12\x11attributes.objectR\x06object\x12)\n" + "\x10object_encrypted\x18\t \x01(\fR\x0fobjectEncrypted\x12I\n" + "\vobject_hmac\x18\n" + " \x01(\fB(\xc2\xdd)$\n" + "\n" + "ObjectHmac\x12\x16attributes.object_hmacR\n" + "objectHmac\x12\x15\n" + "\x06key_id\x18\v \x01(\tR\x05keyIdBFZDgithub.com/hashicorp/boundary/internal/credential/static/store;storeb\x06proto3" var ( file_controller_storage_credential_static_store_v1_static_proto_rawDescOnce sync.Once file_controller_storage_credential_static_store_v1_static_proto_rawDescData []byte ) func file_controller_storage_credential_static_store_v1_static_proto_rawDescGZIP() []byte { file_controller_storage_credential_static_store_v1_static_proto_rawDescOnce.Do(func() { file_controller_storage_credential_static_store_v1_static_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_controller_storage_credential_static_store_v1_static_proto_rawDesc), len(file_controller_storage_credential_static_store_v1_static_proto_rawDesc))) }) return file_controller_storage_credential_static_store_v1_static_proto_rawDescData } var file_controller_storage_credential_static_store_v1_static_proto_msgTypes = make([]protoimpl.MessageInfo, 6) var file_controller_storage_credential_static_store_v1_static_proto_goTypes = []any{ (*CredentialStore)(nil), // 0: controller.storage.credential.static.store.v1.CredentialStore (*PasswordCredential)(nil), // 1: controller.storage.credential.static.store.v1.PasswordCredential (*UsernamePasswordCredential)(nil), // 2: controller.storage.credential.static.store.v1.UsernamePasswordCredential (*UsernamePasswordDomainCredential)(nil), // 3: controller.storage.credential.static.store.v1.UsernamePasswordDomainCredential (*SshPrivateKeyCredential)(nil), // 4: controller.storage.credential.static.store.v1.SshPrivateKeyCredential (*JsonCredential)(nil), // 5: controller.storage.credential.static.store.v1.JsonCredential (*timestamp.Timestamp)(nil), // 6: controller.storage.timestamp.v1.Timestamp } var file_controller_storage_credential_static_store_v1_static_proto_depIdxs = []int32{ 6, // 0: controller.storage.credential.static.store.v1.CredentialStore.create_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 1: controller.storage.credential.static.store.v1.CredentialStore.update_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 2: controller.storage.credential.static.store.v1.PasswordCredential.create_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 3: controller.storage.credential.static.store.v1.PasswordCredential.update_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 4: controller.storage.credential.static.store.v1.UsernamePasswordCredential.create_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 5: controller.storage.credential.static.store.v1.UsernamePasswordCredential.update_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 6: controller.storage.credential.static.store.v1.UsernamePasswordDomainCredential.create_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 7: controller.storage.credential.static.store.v1.UsernamePasswordDomainCredential.update_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 8: controller.storage.credential.static.store.v1.SshPrivateKeyCredential.create_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 9: controller.storage.credential.static.store.v1.SshPrivateKeyCredential.update_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 10: controller.storage.credential.static.store.v1.JsonCredential.create_time:type_name -> controller.storage.timestamp.v1.Timestamp 6, // 11: controller.storage.credential.static.store.v1.JsonCredential.update_time:type_name -> controller.storage.timestamp.v1.Timestamp 12, // [12:12] is the sub-list for method output_type 12, // [12:12] is the sub-list for method input_type 12, // [12:12] is the sub-list for extension type_name 12, // [12:12] is the sub-list for extension extendee 0, // [0:12] is the sub-list for field type_name } func init() { file_controller_storage_credential_static_store_v1_static_proto_init() } func file_controller_storage_credential_static_store_v1_static_proto_init() { if File_controller_storage_credential_static_store_v1_static_proto != nil { return } type x struct{} out := protoimpl.TypeBuilder{ File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_controller_storage_credential_static_store_v1_static_proto_rawDesc), len(file_controller_storage_credential_static_store_v1_static_proto_rawDesc)), NumEnums: 0, NumMessages: 6, NumExtensions: 0, NumServices: 0, }, GoTypes: file_controller_storage_credential_static_store_v1_static_proto_goTypes, DependencyIndexes: file_controller_storage_credential_static_store_v1_static_proto_depIdxs, MessageInfos: file_controller_storage_credential_static_store_v1_static_proto_msgTypes, }.Build() File_controller_storage_credential_static_store_v1_static_proto = out.File file_controller_storage_credential_static_store_v1_static_proto_goTypes = nil file_controller_storage_credential_static_store_v1_static_proto_depIdxs = nil }