mirror of https://github.com/hashicorp/boundary
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
424 lines
16 KiB
424 lines
16 KiB
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
|
// versions:
|
|
// protoc-gen-go v1.36.10
|
|
// protoc (unknown)
|
|
// source: controller/storage/servers/store/v1/worker_auth.proto
|
|
|
|
// Package store provides protobufs for storing types in the pki package.
|
|
|
|
package store
|
|
|
|
import (
|
|
timestamp "github.com/hashicorp/boundary/internal/db/timestamp"
|
|
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
|
|
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
|
|
reflect "reflect"
|
|
sync "sync"
|
|
unsafe "unsafe"
|
|
)
|
|
|
|
const (
|
|
// Verify that this generated code is sufficiently up-to-date.
|
|
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
|
|
// Verify that runtime/protoimpl is sufficiently up-to-date.
|
|
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
|
|
)
|
|
|
|
// WorkerAuth contains all fields related to an authorized Worker resource
|
|
type WorkerAuth struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// The key id for this worker auth record, generated from the signing pub key
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
WorkerKeyIdentifier string `protobuf:"bytes,10,opt,name=worker_key_identifier,json=workerKeyIdentifier,proto3" json:"worker_key_identifier,omitempty" gorm:"primary_key"`
|
|
// The worker id this worker authentication record is for
|
|
// @inject_tag: `gorm:"not_null"`
|
|
WorkerId string `protobuf:"bytes,20,opt,name=worker_id,json=workerId,proto3" json:"worker_id,omitempty" gorm:"not_null"`
|
|
// The worker's public signing key
|
|
// @inject_tag: `gorm:"not_null"`
|
|
WorkerSigningPubKey []byte `protobuf:"bytes,30,opt,name=worker_signing_pub_key,json=workerSigningPubKey,proto3" json:"worker_signing_pub_key,omitempty" gorm:"not_null"`
|
|
// The worker's public encryption key
|
|
// @inject_tag: `gorm:"not_null"`
|
|
WorkerEncryptionPubKey []byte `protobuf:"bytes,40,opt,name=worker_encryption_pub_key,json=workerEncryptionPubKey,proto3" json:"worker_encryption_pub_key,omitempty" gorm:"not_null"`
|
|
// The plain-text private key associated with this certificate. We are not storing this
|
|
// in the database.
|
|
// @inject_tag: gorm:"-" wrapping:"pt,private_key"
|
|
ControllerEncryptionPrivKey []byte `protobuf:"bytes,50,opt,name=controller_encryption_priv_key,json=controllerEncryptionPrivKey,proto3" json:"controller_encryption_priv_key,omitempty" gorm:"-" wrapping:"pt,private_key"`
|
|
// The private key associated with this certificate
|
|
// This is a ciphertext field
|
|
// @inject_tag: gorm:"column:controller_encryption_priv_key;not_null" wrapping:"ct,private_key"
|
|
CtControllerEncryptionPrivKey []byte `protobuf:"bytes,51,opt,name=ct_controller_encryption_priv_key,json=ctControllerEncryptionPrivKey,proto3" json:"ct_controller_encryption_priv_key,omitempty" gorm:"column:controller_encryption_priv_key;not_null" wrapping:"ct,private_key"`
|
|
// The id of the kms database key used for encrypting this entry.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
KeyId string `protobuf:"bytes,60,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"`
|
|
// Nonce used by a worker in authenticating
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Nonce []byte `protobuf:"bytes,70,opt,name=nonce,proto3" json:"nonce,omitempty" gorm:"default:null"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,80,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
// The update_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
UpdateTime *timestamp.Timestamp `protobuf:"bytes,90,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
|
|
// State of the worker auth record.
|
|
// The only valid value is either current or previous
|
|
// @inject_tag: `gorm:"not_null"`
|
|
State string `protobuf:"bytes,100,opt,name=state,proto3" json:"state,omitempty" gorm:"not_null"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *WorkerAuth) Reset() {
|
|
*x = WorkerAuth{}
|
|
mi := &file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes[0]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *WorkerAuth) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*WorkerAuth) ProtoMessage() {}
|
|
|
|
func (x *WorkerAuth) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes[0]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use WorkerAuth.ProtoReflect.Descriptor instead.
|
|
func (*WorkerAuth) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_servers_store_v1_worker_auth_proto_rawDescGZIP(), []int{0}
|
|
}
|
|
|
|
func (x *WorkerAuth) GetWorkerKeyIdentifier() string {
|
|
if x != nil {
|
|
return x.WorkerKeyIdentifier
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *WorkerAuth) GetWorkerId() string {
|
|
if x != nil {
|
|
return x.WorkerId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *WorkerAuth) GetWorkerSigningPubKey() []byte {
|
|
if x != nil {
|
|
return x.WorkerSigningPubKey
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuth) GetWorkerEncryptionPubKey() []byte {
|
|
if x != nil {
|
|
return x.WorkerEncryptionPubKey
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuth) GetControllerEncryptionPrivKey() []byte {
|
|
if x != nil {
|
|
return x.ControllerEncryptionPrivKey
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuth) GetCtControllerEncryptionPrivKey() []byte {
|
|
if x != nil {
|
|
return x.CtControllerEncryptionPrivKey
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuth) GetKeyId() string {
|
|
if x != nil {
|
|
return x.KeyId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *WorkerAuth) GetNonce() []byte {
|
|
if x != nil {
|
|
return x.Nonce
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuth) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuth) GetUpdateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.UpdateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuth) GetState() string {
|
|
if x != nil {
|
|
return x.State
|
|
}
|
|
return ""
|
|
}
|
|
|
|
// WorkerCertBundle contains all fields related to a WorkerCertBundle resource
|
|
type WorkerCertBundle struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// The public key of the issuing root certificate
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
RootCertificatePublicKey []byte `protobuf:"bytes,10,opt,name=root_certificate_public_key,json=rootCertificatePublicKey,proto3" json:"root_certificate_public_key,omitempty" gorm:"primary_key"`
|
|
// The WorkerAuth worker_key_identifier this cert bundle record is for
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
WorkerKeyIdentifier string `protobuf:"bytes,20,opt,name=worker_key_identifier,json=workerKeyIdentifier,proto3" json:"worker_key_identifier,omitempty" gorm:"primary_key"`
|
|
// CertBundle is the marshaled protobuf certificate bundle for a WorkerAuth
|
|
// @inject_tag: `gorm:"not_null"`
|
|
CertBundle []byte `protobuf:"bytes,30,opt,name=cert_bundle,json=certBundle,proto3" json:"cert_bundle,omitempty" gorm:"not_null"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *WorkerCertBundle) Reset() {
|
|
*x = WorkerCertBundle{}
|
|
mi := &file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes[1]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *WorkerCertBundle) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*WorkerCertBundle) ProtoMessage() {}
|
|
|
|
func (x *WorkerCertBundle) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes[1]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use WorkerCertBundle.ProtoReflect.Descriptor instead.
|
|
func (*WorkerCertBundle) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_servers_store_v1_worker_auth_proto_rawDescGZIP(), []int{1}
|
|
}
|
|
|
|
func (x *WorkerCertBundle) GetRootCertificatePublicKey() []byte {
|
|
if x != nil {
|
|
return x.RootCertificatePublicKey
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerCertBundle) GetWorkerKeyIdentifier() string {
|
|
if x != nil {
|
|
return x.WorkerKeyIdentifier
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *WorkerCertBundle) GetCertBundle() []byte {
|
|
if x != nil {
|
|
return x.CertBundle
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// WorkerAuthServerLedActivationToken contains all fields related to a
|
|
// WorkerAuthServerLedActivationToken resource
|
|
type WorkerAuthServerLedActivationToken struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// The worker_id of the worker that this activates
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
WorkerId string `protobuf:"bytes,10,opt,name=worker_id,json=workerId,proto3" json:"worker_id,omitempty" gorm:"primary_key"`
|
|
// The token identifier, which is used for lookup
|
|
// @inject_tag: `gorm:"not_null"`
|
|
TokenId string `protobuf:"bytes,15,opt,name=token_id,json=tokenId,proto3" json:"token_id,omitempty" gorm:"not_null"`
|
|
// The creation time, encrypted to prevent tampering, as the time plus
|
|
// existence of the record allows authorization
|
|
// @inject_tag: `gorm:"not_null" wrapping:"ct,creation_time_data"`
|
|
CreationTimeEncrypted []byte `protobuf:"bytes,20,opt,name=creation_time_encrypted,json=creationTimeEncrypted,proto3" json:"creation_time_encrypted,omitempty" gorm:"not_null" wrapping:"ct,creation_time_data"`
|
|
// The plaintext bytes of the creation time, which are never stored. This is a
|
|
// marshaled timestamppb.Timestamp.
|
|
// @inject_tag: `gorm:"-" wrapping:"pt,creation_time_data"`
|
|
CreationTime []byte `protobuf:"bytes,21,opt,name=creation_time,json=creationTime,proto3" json:"creation_time,omitempty" gorm:"-" wrapping:"pt,creation_time_data"`
|
|
// The key ID of the encrypting key
|
|
// @inject_tag: `gorm:"not_null"`
|
|
KeyId string `protobuf:"bytes,40,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) Reset() {
|
|
*x = WorkerAuthServerLedActivationToken{}
|
|
mi := &file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes[2]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*WorkerAuthServerLedActivationToken) ProtoMessage() {}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes[2]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use WorkerAuthServerLedActivationToken.ProtoReflect.Descriptor instead.
|
|
func (*WorkerAuthServerLedActivationToken) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_servers_store_v1_worker_auth_proto_rawDescGZIP(), []int{2}
|
|
}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) GetWorkerId() string {
|
|
if x != nil {
|
|
return x.WorkerId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) GetTokenId() string {
|
|
if x != nil {
|
|
return x.TokenId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) GetCreationTimeEncrypted() []byte {
|
|
if x != nil {
|
|
return x.CreationTimeEncrypted
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) GetCreationTime() []byte {
|
|
if x != nil {
|
|
return x.CreationTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *WorkerAuthServerLedActivationToken) GetKeyId() string {
|
|
if x != nil {
|
|
return x.KeyId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
var File_controller_storage_servers_store_v1_worker_auth_proto protoreflect.FileDescriptor
|
|
|
|
const file_controller_storage_servers_store_v1_worker_auth_proto_rawDesc = "" +
|
|
"\n" +
|
|
"5controller/storage/servers/store/v1/worker_auth.proto\x12#controller.storage.servers.store.v1\x1a/controller/storage/timestamp/v1/timestamp.proto\"\xb9\x04\n" +
|
|
"\n" +
|
|
"WorkerAuth\x122\n" +
|
|
"\x15worker_key_identifier\x18\n" +
|
|
" \x01(\tR\x13workerKeyIdentifier\x12\x1b\n" +
|
|
"\tworker_id\x18\x14 \x01(\tR\bworkerId\x123\n" +
|
|
"\x16worker_signing_pub_key\x18\x1e \x01(\fR\x13workerSigningPubKey\x129\n" +
|
|
"\x19worker_encryption_pub_key\x18( \x01(\fR\x16workerEncryptionPubKey\x12C\n" +
|
|
"\x1econtroller_encryption_priv_key\x182 \x01(\fR\x1bcontrollerEncryptionPrivKey\x12H\n" +
|
|
"!ct_controller_encryption_priv_key\x183 \x01(\fR\x1dctControllerEncryptionPrivKey\x12\x15\n" +
|
|
"\x06key_id\x18< \x01(\tR\x05keyId\x12\x14\n" +
|
|
"\x05nonce\x18F \x01(\fR\x05nonce\x12K\n" +
|
|
"\vcreate_time\x18P \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\x12K\n" +
|
|
"\vupdate_time\x18Z \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"updateTime\x12\x14\n" +
|
|
"\x05state\x18d \x01(\tR\x05state\"\xa6\x01\n" +
|
|
"\x10WorkerCertBundle\x12=\n" +
|
|
"\x1broot_certificate_public_key\x18\n" +
|
|
" \x01(\fR\x18rootCertificatePublicKey\x122\n" +
|
|
"\x15worker_key_identifier\x18\x14 \x01(\tR\x13workerKeyIdentifier\x12\x1f\n" +
|
|
"\vcert_bundle\x18\x1e \x01(\fR\n" +
|
|
"certBundle\"\xd0\x01\n" +
|
|
"\"WorkerAuthServerLedActivationToken\x12\x1b\n" +
|
|
"\tworker_id\x18\n" +
|
|
" \x01(\tR\bworkerId\x12\x19\n" +
|
|
"\btoken_id\x18\x0f \x01(\tR\atokenId\x126\n" +
|
|
"\x17creation_time_encrypted\x18\x14 \x01(\fR\x15creationTimeEncrypted\x12#\n" +
|
|
"\rcreation_time\x18\x15 \x01(\fR\fcreationTime\x12\x15\n" +
|
|
"\x06key_id\x18( \x01(\tR\x05keyIdB;Z9github.com/hashicorp/boundary/internal/server/store;storeb\x06proto3"
|
|
|
|
var (
|
|
file_controller_storage_servers_store_v1_worker_auth_proto_rawDescOnce sync.Once
|
|
file_controller_storage_servers_store_v1_worker_auth_proto_rawDescData []byte
|
|
)
|
|
|
|
func file_controller_storage_servers_store_v1_worker_auth_proto_rawDescGZIP() []byte {
|
|
file_controller_storage_servers_store_v1_worker_auth_proto_rawDescOnce.Do(func() {
|
|
file_controller_storage_servers_store_v1_worker_auth_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_controller_storage_servers_store_v1_worker_auth_proto_rawDesc), len(file_controller_storage_servers_store_v1_worker_auth_proto_rawDesc)))
|
|
})
|
|
return file_controller_storage_servers_store_v1_worker_auth_proto_rawDescData
|
|
}
|
|
|
|
var file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
|
|
var file_controller_storage_servers_store_v1_worker_auth_proto_goTypes = []any{
|
|
(*WorkerAuth)(nil), // 0: controller.storage.servers.store.v1.WorkerAuth
|
|
(*WorkerCertBundle)(nil), // 1: controller.storage.servers.store.v1.WorkerCertBundle
|
|
(*WorkerAuthServerLedActivationToken)(nil), // 2: controller.storage.servers.store.v1.WorkerAuthServerLedActivationToken
|
|
(*timestamp.Timestamp)(nil), // 3: controller.storage.timestamp.v1.Timestamp
|
|
}
|
|
var file_controller_storage_servers_store_v1_worker_auth_proto_depIdxs = []int32{
|
|
3, // 0: controller.storage.servers.store.v1.WorkerAuth.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
3, // 1: controller.storage.servers.store.v1.WorkerAuth.update_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
2, // [2:2] is the sub-list for method output_type
|
|
2, // [2:2] is the sub-list for method input_type
|
|
2, // [2:2] is the sub-list for extension type_name
|
|
2, // [2:2] is the sub-list for extension extendee
|
|
0, // [0:2] is the sub-list for field type_name
|
|
}
|
|
|
|
func init() { file_controller_storage_servers_store_v1_worker_auth_proto_init() }
|
|
func file_controller_storage_servers_store_v1_worker_auth_proto_init() {
|
|
if File_controller_storage_servers_store_v1_worker_auth_proto != nil {
|
|
return
|
|
}
|
|
type x struct{}
|
|
out := protoimpl.TypeBuilder{
|
|
File: protoimpl.DescBuilder{
|
|
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
|
RawDescriptor: unsafe.Slice(unsafe.StringData(file_controller_storage_servers_store_v1_worker_auth_proto_rawDesc), len(file_controller_storage_servers_store_v1_worker_auth_proto_rawDesc)),
|
|
NumEnums: 0,
|
|
NumMessages: 3,
|
|
NumExtensions: 0,
|
|
NumServices: 0,
|
|
},
|
|
GoTypes: file_controller_storage_servers_store_v1_worker_auth_proto_goTypes,
|
|
DependencyIndexes: file_controller_storage_servers_store_v1_worker_auth_proto_depIdxs,
|
|
MessageInfos: file_controller_storage_servers_store_v1_worker_auth_proto_msgTypes,
|
|
}.Build()
|
|
File_controller_storage_servers_store_v1_worker_auth_proto = out.File
|
|
file_controller_storage_servers_store_v1_worker_auth_proto_goTypes = nil
|
|
file_controller_storage_servers_store_v1_worker_auth_proto_depIdxs = nil
|
|
}
|