diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 0fb4d6b93505e4c94c767147e4bab50c4c031970..2ed86229bcbd90c50d37b7373fc7f7346b2aad00 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -13,7 +13,6 @@ variables:
GOLANG_MINOR_VERSION: "${GOLANG_VERSION}.0"
DOCKER_TLS_CERTDIR: "/certs"
-
# Build stage
.build: &build
@@ -137,7 +136,6 @@ build-etsi14module-latest:
- docker buildx build --push -t "$IMAGE_NAME:$TAG" -f etsi14module/Dockerfile --build-arg "GITLAB_PROXY=${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/" --build-arg GITLAB_LOGIN=${GITLAB_LOGIN} --build-arg GITLAB_TOKEN=${GITLAB_TOKEN} --build-arg GOLANG_VERSION=${GOLANG_VERSION} .
<<: *build-latest
-
# Analyze stage
lint:
stage: analyze
@@ -175,8 +173,24 @@ unit-tests:
path: coverage.xml
needs: []
+integration-test-aes:
+ tags:
+ - shell
+ needs: []
+ variables:
+ DEPENDENCY_PROXY: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/
+ before_script:
+ - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+ - docker login -u $CI_DEPENDENCY_PROXY_USER -p $CI_DEPENDENCY_PROXY_PASSWORD $CI_DEPENDENCY_PROXY_SERVER
+ - ./scripts/install_go_as_user.sh $GOLANG_MINOR_VERSION
+ - export PATH="$HOME/go/go/bin:$PATH"
+ - export GOROOT="$HOME/go/go"
+ - export GOPATH=$HOME/go_projects
+ - go version
+ script:
+ - make integration-test-aes
-integration-test:
+integration-test-otp:
tags:
- shell
needs: []
@@ -191,4 +205,4 @@ integration-test:
- export GOPATH=$HOME/go_projects
- go version
script:
- - make integration-test
+ - make integration-test-otp
diff --git a/.vscode/launch.json b/.vscode/launch.json
index fc785bb504ec59954458135389216ed776ef84a6..70f8fa1d662f4a79adb6470d5ad123a139cbcbc1 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -15,7 +15,7 @@
"showLog": true,
"trace": "log",
"logOutput": "rpc",
- "preLaunchTask": "compose-debug-up",
+ "preLaunchTask": "compose-debug-up"
},
{
"name": "kms02-debug",
@@ -28,7 +28,7 @@
"showLog": true,
"trace": "log",
"logOutput": "rpc",
- "preLaunchTask": "compose-debug-up",
+ "preLaunchTask": "compose-debug-up"
},
{
"name": "kms03-debug",
@@ -41,7 +41,7 @@
"showLog": true,
"trace": "log",
"logOutput": "rpc",
- "preLaunchTask": "compose-debug-up",
+ "preLaunchTask": "compose-debug-up"
},
{
"name": "kms04-debug",
@@ -54,10 +54,10 @@
"showLog": true,
"trace": "log",
"logOutput": "rpc",
- "preLaunchTask": "compose-debug-up",
+ "preLaunchTask": "compose-debug-up"
},
{
- "name": "integration-test-kms01-debug",
+ "name": "integration-test-aes-kms01-debug",
"type": "go",
"request": "attach",
"mode": "remote",
@@ -67,10 +67,10 @@
"showLog": true,
"trace": "log",
"logOutput": "rpc",
- "preLaunchTask": "integration-test-debug-kms-up",
+ "preLaunchTask": "integration-test-aes-debug-kms-up"
},
{
- "name": "integration-test-kms02-debug",
+ "name": "integration-test-aes-kms02-debug",
"type": "go",
"request": "attach",
"mode": "remote",
@@ -80,7 +80,33 @@
"showLog": true,
"trace": "log",
"logOutput": "rpc",
- "preLaunchTask": "integration-test-debug-kms-up",
+ "preLaunchTask": "integration-test-aes-debug-kms-up"
+ },
+ {
+ "name": "integration-test-otp-kms01-debug",
+ "type": "go",
+ "request": "attach",
+ "mode": "remote",
+ "remotePath": "",
+ "port": 4401,
+ "host": "127.0.0.1",
+ "showLog": true,
+ "trace": "log",
+ "logOutput": "rpc",
+ "preLaunchTask": "integration-test-otp-debug-kms-up"
+ },
+ {
+ "name": "integration-test-otp-kms02-debug",
+ "type": "go",
+ "request": "attach",
+ "mode": "remote",
+ "remotePath": "",
+ "port": 4402,
+ "host": "127.0.0.1",
+ "showLog": true,
+ "trace": "log",
+ "logOutput": "rpc",
+ "preLaunchTask": "integration-test-otp-debug-kms-up"
},
{
"name": "Launch currently open test",
@@ -88,7 +114,7 @@
"request": "launch",
"mode": "auto",
"program": "${file}"
- },
+ }
],
"compounds": [
{
diff --git a/.vscode/tasks.json b/.vscode/tasks.json
index 17d823499757d7dd2546f0848c8301790161df11..5a9e6fb20cc725252a492bb4fbfca108857f64c1 100644
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -2,14 +2,19 @@
"version": "2.0.0",
"tasks": [
{
- "label": "integration-test-debug-kms-up",
- "command": "make integration-test-debug-compose-up",
- "type": "shell",
+ "label": "integration-test-aes-debug-kms-up",
+ "command": "make integration-test-aes-debug-compose-up",
+ "type": "shell"
+ },
+ {
+ "label": "integration-test-otp-debug-kms-up",
+ "command": "make integration-test-otp-debug-compose-up",
+ "type": "shell"
},
{
"label": "compose-debug-up",
"command": "make compose-debug-up",
- "type": "shell",
+ "type": "shell"
}
]
}
diff --git a/Makefile b/Makefile
index 0ff7e5c49aee52a43df51fbfb46f7a395541fe65..eba6ccf031e933139dd664e51fa65c00e03e6915 100644
--- a/Makefile
+++ b/Makefile
@@ -101,7 +101,9 @@ compose-debug-up: generate-gokms-certs build-images install-gosdnc
compose-debug-down:
docker compose -f docker-compose.yml -f docker-compose.override.debug.yml down
-integration-test: install-gosdnc generate-integration-test-certs build-images
+integration-test: integration-test-aes integration-test-otp
+
+integration-test-aes: install-gosdnc generate-integration-test-certs build-images
docker compose -f integration-tests/docker-compose.yml down
docker compose -f integration-tests/docker-compose.yml up -d
echo "Will sleep for the quantumlayers to get ready"
@@ -109,13 +111,27 @@ integration-test: install-gosdnc generate-integration-test-certs build-images
go test -p 1 -count=1 -v ./integration-tests/code/*
docker compose -f integration-tests/docker-compose.yml down
-integration-test-debug-compose-up: generate-integration-test-certs build-images install-gosdnc
+integration-test-aes-debug-compose-up: generate-integration-test-certs build-images install-gosdnc
docker compose -f integration-tests/docker-compose.yml -f integration-tests/docker-compose.override.debug.yml down
docker compose -f integration-tests/docker-compose.yml -f integration-tests/docker-compose.override.debug.yml up -d
-integration-test-debug-compose-down:
+integration-test-aes-debug-compose-down:
docker compose -f integration-tests/docker-compose.yml -f integration-tests/docker-compose.override.debug.yml down
+integration-test-otp: install-gosdnc generate-integration-test-certs build-images
+ docker compose -f integration-tests/docker-compose-otp.yml down
+ docker compose -f integration-tests/docker-compose-otp.yml up -d
+ echo "Will sleep for the quantumlayers to get ready"
+ sleep 45
+ go test -p 1 -count=1 -v ./integration-tests/code/*
+ docker compose -f integration-tests/docker-compose-otp.yml down
+
+integration-test-otp-debug-compose-up: generate-integration-test-certs build-images install-gosdnc
+ docker compose -f integration-tests/docker-compose-otp.yml -f integration-tests/docker-compose.override.debug.yml down
+ docker compose -f integration-tests/docker-compose-otp.yml -f integration-tests/docker-compose.override.debug.yml up -d
+
+integration-test-otp-debug-compose-down:
+ docker compose -f integration-tests/docker-compose-otp.yml -f integration-tests/docker-compose.override.debug.yml down
longevity-test: generate-gokms-certs build-images install-gosdnc
rm -rf longevity-tests/akms1-logs
diff --git a/akms-simulator/akms-simulator.go b/akms-simulator/akms-simulator.go
index c45501a2664a5fb681534e6ee4c1bfe3f6c1528c..79fe50212517239f12cdfd1ec9d7854d893ea0ae 100644
--- a/akms-simulator/akms-simulator.go
+++ b/akms-simulator/akms-simulator.go
@@ -43,7 +43,7 @@ func main() {
router := http.NewServeMux()
router.HandleFunc("/api/v1/keys/push_ksa_key", handlePushKsaKey)
- router.HandleFunc("/debug/get_log_file", getLogFile)
+ router.HandleFunc("/debug/get_log_file", logFileRequest)
server := &http.Server{
Addr: ":4444",
@@ -82,7 +82,25 @@ func main() {
}
}
-func getLogFile(w http.ResponseWriter, r *http.Request) {
+func logFileRequest(w http.ResponseWriter, r *http.Request) {
+ if r.Method == http.MethodDelete {
+ if _, err := os.Stat("akms-simulator.log"); err == nil {
+ err := os.Remove("akms-simulator.log")
+ if err != nil {
+ logrus.Errorf("Error deleting log file: %s", err)
+ w.WriteHeader(http.StatusInternalServerError)
+ return
+ }
+ }
+ logrus.Info("Log file deleted or never existed in the first place")
+ w.WriteHeader(http.StatusNoContent)
+ return
+ } else if r.Method != http.MethodGet {
+ http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+ logrus.Errorf("Method not allowed: %s", r.Method)
+ return
+ }
+
logrus.Info("Log file requested")
http.ServeFile(w, r, LogFilePath)
}
diff --git a/config/controller/add_devices.sh b/config/controller/add_devices.sh
index e91aae019f56cdf793dcb1db79a00ccfa062c549..530178711de63b7a2b4fd31c7878bd780bf99161 100755
--- a/config/controller/add_devices.sh
+++ b/config/controller/add_devices.sh
@@ -6,7 +6,7 @@
GOSDNC_PATH="./artifacts/gosdnc"
GOSDN_ADDRESS="127.0.0.1:55055"
ADMINPW="TestPassword"
-KMS_PLUGIN="823aad29-69be-42f0-b279-90f2c1b6a94d"
+KMS_PLUGIN="e404ecf7-4860-41ee-9cee-3dd6af6c5e2b"
PND_UUID="5f20f34b-cbd0-4511-9ddc-c50cf6a3b49d"
## Adjust this if timer is to short.
SLEEP_TIMER=20
diff --git a/config/controller/add_devices_no_sleep.sh b/config/controller/add_devices_no_sleep.sh
index 2b9418e2008a05d54f8a8fa373cdb012e4eb5185..b585fd618ccd26434cb784a4718821332fc3f263 100755
--- a/config/controller/add_devices_no_sleep.sh
+++ b/config/controller/add_devices_no_sleep.sh
@@ -6,7 +6,7 @@
GOSDNC_PATH="./artifacts/gosdnc"
GOSDN_ADDRESS="127.0.0.1:55055"
ADMINPW="TestPassword"
-KMS_PLUGIN="823aad29-69be-42f0-b279-90f2c1b6a94d"
+KMS_PLUGIN="e404ecf7-4860-41ee-9cee-3dd6af6c5e2b"
PND_UUID="5f20f34b-cbd0-4511-9ddc-c50cf6a3b49d"
echo 'Logging in via gosdnc and setting up KMS in controller...'
diff --git a/config/controller/qkdn-gosdn.toml b/config/controller/qkdn-gosdn.toml
index e3c275e1c2101b7707366774681d4ba6a8370934..f8989af56d64b5efabb57d8460199ebfd29b0ee9 100644
--- a/config/controller/qkdn-gosdn.toml
+++ b/config/controller/qkdn-gosdn.toml
@@ -6,7 +6,7 @@ amqpuser = 'guest'
basepnduuid = '5f20f34b-cbd0-4511-9ddc-c50cf6a3b49d'
config = './configs/qkdn-gosdn.toml'
csbi-orchestrator = 'localhost:55056'
-databaseconnection = 'mongodb://root:example@mongodb:27017'
+databaseconnection = 'mongodb://root:example@mongo:27017'
defaultjwtduration = 24
filesystempathtostores = 'stores'
gnmisubscriptionspath = 'configs/gNMISubscriptions.txt'
diff --git a/config/scripts/add_kms_and_user_to_controller.sh b/config/scripts/add_kms_and_user_to_controller.sh
index c9b61bdfc97c0360ca93a00c18757a00ff6a09c1..39fbb52e457b4755261d7f14e33ba4798201426e 100755
--- a/config/scripts/add_kms_and_user_to_controller.sh
+++ b/config/scripts/add_kms_and_user_to_controller.sh
@@ -6,7 +6,7 @@
GOSDNC_PATH="./gosdnc"
GOSDN_ADDRESS="172.100.20.2:55055"
ADMINPW="TestPassword"
-KMS_PLUGIN="823aad29-69be-42f0-b279-90f2c1b6a94d"
+KMS_PLUGIN="e404ecf7-4860-41ee-9cee-3dd6af6c5e2b"
PND_UUID="5f20f34b-cbd0-4511-9ddc-c50cf6a3b49d"
## Adjust this if timer is to short.
SLEEP_TIMER=20
@@ -29,4 +29,4 @@ $GOSDNC_PATH mne create --address 172.100.20.12:7030 --name kms03 --password adm
$GOSDNC_PATH mne create --address 172.100.20.13:7030 --name kms04 --password admin --plugin-id $KMS_PLUGIN --username admin --uuid 968fd594-b0e7-41f0-ba4b-de259047a933
## Add additional user for an app
-$GOSDNC_PATH userCreate --u app --p TestApp --r app
+$GOSDNC_PATH user create --u app --p TestApp --r app
diff --git a/go.mod b/go.mod
index 5236d8d0e1a9b98bd716e5d738b208a97da0f258..b61bfbf019a313ad65fb5545357928b5ea6c3602 100644
--- a/go.mod
+++ b/go.mod
@@ -16,10 +16,10 @@ require (
github.com/shirou/gopsutil v3.21.11+incompatible
github.com/sirupsen/logrus v1.9.3
github.com/stretchr/testify v1.9.0
- golang.org/x/sys v0.25.0
+ golang.org/x/sys v0.26.0
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1
- google.golang.org/grpc v1.66.2
- google.golang.org/protobuf v1.34.2
+ google.golang.org/grpc v1.67.1
+ google.golang.org/protobuf v1.35.1
gopkg.in/yaml.v3 v3.0.1
)
@@ -37,7 +37,7 @@ require (
github.com/tklauser/numcpus v0.7.0 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
- golang.org/x/net v0.26.0 // indirect
+ golang.org/x/net v0.28.0 // indirect
golang.org/x/text v0.17.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed // indirect
)
diff --git a/go.sum b/go.sum
index b4c0cd8933260430641b290136390618c07c87a4..96477d934815fb96a828f729e62e37503cbfae2b 100644
--- a/go.sum
+++ b/go.sum
@@ -141,6 +141,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
+golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
+golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -164,6 +166,8 @@ golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
+golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -237,6 +241,10 @@ google.golang.org/grpc v1.66.1 h1:hO5qAXR19+/Z44hmvIM4dQFMSYX9XcWsByfoxutBpAM=
google.golang.org/grpc v1.66.1/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
google.golang.org/grpc v1.66.2 h1:3QdXkuq3Bkh7w+ywLdLvM56cmGvQHUMZpiCzt6Rqaoo=
google.golang.org/grpc v1.66.2/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
+google.golang.org/grpc v1.67.0 h1:IdH9y6PF5MPSdAntIcpjQ+tXO41pcQsfZV2RxtQgVcw=
+google.golang.org/grpc v1.67.0/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA=
+google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E=
+google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA=
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
@@ -254,6 +262,8 @@ google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw
google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
+google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
diff --git a/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go b/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go
index 13650227b0cb3157f6f2da17a783e4c6346e7089..b7988dc72c07f449a6ac73f524ae61479f04c25b 100644
--- a/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go
+++ b/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go
@@ -1,6 +1,6 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
-// protoc-gen-go v1.34.1
+// protoc-gen-go v1.34.2
// protoc (unknown)
// source: kmsintercom/kmsintercom.proto
@@ -20,6 +20,52 @@ const (
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
)
+type CryptoAlgorithm int32
+
+const (
+ CryptoAlgorithm_AES_256_GCM CryptoAlgorithm = 0
+ CryptoAlgorithm_OTP CryptoAlgorithm = 1
+)
+
+// Enum value maps for CryptoAlgorithm.
+var (
+ CryptoAlgorithm_name = map[int32]string{
+ 0: "AES_256_GCM",
+ 1: "OTP",
+ }
+ CryptoAlgorithm_value = map[string]int32{
+ "AES_256_GCM": 0,
+ "OTP": 1,
+ }
+)
+
+func (x CryptoAlgorithm) Enum() *CryptoAlgorithm {
+ p := new(CryptoAlgorithm)
+ *p = x
+ return p
+}
+
+func (x CryptoAlgorithm) String() string {
+ return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (CryptoAlgorithm) Descriptor() protoreflect.EnumDescriptor {
+ return file_kmsintercom_kmsintercom_proto_enumTypes[0].Descriptor()
+}
+
+func (CryptoAlgorithm) Type() protoreflect.EnumType {
+ return &file_kmsintercom_kmsintercom_proto_enumTypes[0]
+}
+
+func (x CryptoAlgorithm) Number() protoreflect.EnumNumber {
+ return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use CryptoAlgorithm.Descriptor instead.
+func (CryptoAlgorithm) EnumDescriptor() ([]byte, []int) {
+ return file_kmsintercom_kmsintercom_proto_rawDescGZIP(), []int{0}
+}
+
// Capabilities
// The request message containing the requesting kms' name.
type InterComCapabilitiesRequest struct {
@@ -27,8 +73,9 @@ type InterComCapabilitiesRequest struct {
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
- Timestamp int64 `protobuf:"varint,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
- MyKmsName string `protobuf:"bytes,2,opt,name=myKmsName,proto3" json:"myKmsName,omitempty"`
+ Timestamp int64 `protobuf:"varint,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
+ KmsId string `protobuf:"bytes,2,opt,name=kmsId,proto3" json:"kmsId,omitempty"`
+ ResetKeyStore bool `protobuf:"varint,3,opt,name=resetKeyStore,proto3" json:"resetKeyStore,omitempty"`
}
func (x *InterComCapabilitiesRequest) Reset() {
@@ -70,13 +117,20 @@ func (x *InterComCapabilitiesRequest) GetTimestamp() int64 {
return 0
}
-func (x *InterComCapabilitiesRequest) GetMyKmsName() string {
+func (x *InterComCapabilitiesRequest) GetKmsId() string {
if x != nil {
- return x.MyKmsName
+ return x.KmsId
}
return ""
}
+func (x *InterComCapabilitiesRequest) GetResetKeyStore() bool {
+ if x != nil {
+ return x.ResetKeyStore
+ }
+ return false
+}
+
// The response message containing the replying kms' name.
type InterComCapabilitiesReply struct {
state protoimpl.MessageState
@@ -485,10 +539,11 @@ type KeyForwardingRequest struct {
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
- Timestamp int64 `protobuf:"varint,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
- PathId string `protobuf:"bytes,2,opt,name=pathId,proto3" json:"pathId,omitempty"`
- ProcessId string `protobuf:"bytes,3,opt,name=processId,proto3" json:"processId,omitempty"`
- Key *Key `protobuf:"bytes,4,opt,name=key,proto3" json:"key,omitempty"`
+ Timestamp int64 `protobuf:"varint,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
+ PathId string `protobuf:"bytes,2,opt,name=pathId,proto3" json:"pathId,omitempty"`
+ ProcessId string `protobuf:"bytes,3,opt,name=processId,proto3" json:"processId,omitempty"`
+ CryptoAlgorithm CryptoAlgorithm `protobuf:"varint,4,opt,name=cryptoAlgorithm,proto3,enum=kmsintercom.CryptoAlgorithm" json:"cryptoAlgorithm,omitempty"`
+ Key *Key `protobuf:"bytes,5,opt,name=key,proto3" json:"key,omitempty"`
}
func (x *KeyForwardingRequest) Reset() {
@@ -544,6 +599,13 @@ func (x *KeyForwardingRequest) GetProcessId() string {
return ""
}
+func (x *KeyForwardingRequest) GetCryptoAlgorithm() CryptoAlgorithm {
+ if x != nil {
+ return x.CryptoAlgorithm
+ }
+ return CryptoAlgorithm_AES_256_GCM
+}
+
func (x *KeyForwardingRequest) GetKey() *Key {
if x != nil {
return x.Key
@@ -831,11 +893,12 @@ type KeyDeliveryRequest struct {
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
- Timestamp int64 `protobuf:"varint,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
- KmsId string `protobuf:"bytes,3,opt,name=kmsId,proto3" json:"kmsId,omitempty"`
- KeyId string `protobuf:"bytes,4,opt,name=keyId,proto3" json:"keyId,omitempty"`
- RequestId string `protobuf:"bytes,5,opt,name=requestId,proto3" json:"requestId,omitempty"`
- Keys []*Key `protobuf:"bytes,6,rep,name=keys,proto3" json:"keys,omitempty"`
+ Timestamp int64 `protobuf:"varint,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
+ KmsId string `protobuf:"bytes,3,opt,name=kmsId,proto3" json:"kmsId,omitempty"`
+ KeyId string `protobuf:"bytes,4,opt,name=keyId,proto3" json:"keyId,omitempty"`
+ RequestId string `protobuf:"bytes,5,opt,name=requestId,proto3" json:"requestId,omitempty"`
+ CryptoAlgorithm CryptoAlgorithm `protobuf:"varint,6,opt,name=cryptoAlgorithm,proto3,enum=kmsintercom.CryptoAlgorithm" json:"cryptoAlgorithm,omitempty"`
+ Keys []*Key `protobuf:"bytes,7,rep,name=keys,proto3" json:"keys,omitempty"`
}
func (x *KeyDeliveryRequest) Reset() {
@@ -898,6 +961,13 @@ func (x *KeyDeliveryRequest) GetRequestId() string {
return ""
}
+func (x *KeyDeliveryRequest) GetCryptoAlgorithm() CryptoAlgorithm {
+ if x != nil {
+ return x.CryptoAlgorithm
+ }
+ return CryptoAlgorithm_AES_256_GCM
+}
+
func (x *KeyDeliveryRequest) GetKeys() []*Key {
if x != nil {
return x.Keys
@@ -1020,169 +1090,183 @@ var File_kmsintercom_kmsintercom_proto protoreflect.FileDescriptor
var file_kmsintercom_kmsintercom_proto_rawDesc = []byte{
0x0a, 0x1d, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2f, 0x6b, 0x6d,
0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
- 0x0b, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x22, 0x59, 0x0a, 0x1b,
+ 0x0b, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x22, 0x77, 0x0a, 0x1b,
0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69,
0x74, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74,
0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09,
- 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x1c, 0x0a, 0x09, 0x6d, 0x79, 0x4b,
- 0x6d, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d, 0x79,
- 0x4b, 0x6d, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x5b, 0x0a, 0x19, 0x49, 0x6e, 0x74, 0x65, 0x72,
- 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52,
- 0x65, 0x70, 0x6c, 0x79, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
- 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
- 0x6d, 0x70, 0x12, 0x20, 0x0a, 0x0b, 0x70, 0x65, 0x65, 0x72, 0x4b, 0x6d, 0x73, 0x4e, 0x61, 0x6d,
- 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x65, 0x65, 0x72, 0x4b, 0x6d, 0x73,
- 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x60, 0x0a, 0x12, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42,
- 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69,
- 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74,
- 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73, 0x49,
- 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12, 0x16,
- 0x0a, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28, 0x03, 0x52, 0x06,
- 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x22, 0x7c, 0x0a, 0x18, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65,
- 0x79, 0x49, 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65,
- 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18,
+ 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73,
+ 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12,
+ 0x24, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x53, 0x74, 0x6f, 0x72, 0x65,
+ 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x74, 0x4b, 0x65, 0x79,
+ 0x53, 0x74, 0x6f, 0x72, 0x65, 0x22, 0x5b, 0x0a, 0x19, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f,
+ 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65, 0x70,
+ 0x6c, 0x79, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18,
0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
- 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
- 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64,
- 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x12, 0x14,
- 0x0a, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x6b,
- 0x65, 0x79, 0x49, 0x64, 0x22, 0x39, 0x0a, 0x19, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49,
- 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x12, 0x20, 0x0a, 0x0b, 0x70, 0x65, 0x65, 0x72, 0x4b, 0x6d, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x18,
+ 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x65, 0x65, 0x72, 0x4b, 0x6d, 0x73, 0x4e, 0x61,
+ 0x6d, 0x65, 0x22, 0x60, 0x0a, 0x12, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c,
+ 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65,
+ 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d,
+ 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x18,
+ 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06,
+ 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28, 0x03, 0x52, 0x06, 0x62, 0x75,
+ 0x6c, 0x6b, 0x49, 0x64, 0x22, 0x7c, 0x0a, 0x18, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49,
+ 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+ 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20,
+ 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x14,
+ 0x0a, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b,
+ 0x6d, 0x73, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x18, 0x03,
+ 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x12, 0x14, 0x0a, 0x05,
+ 0x6b, 0x65, 0x79, 0x49, 0x64, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79,
+ 0x49, 0x64, 0x22, 0x39, 0x0a, 0x19, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73,
+ 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12,
+ 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01,
+ 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x4b, 0x0a,
+ 0x13, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70,
+ 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
+ 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
+ 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01,
+ 0x28, 0x03, 0x52, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x22, 0x7a, 0x0a, 0x26, 0x49, 0x6e,
+ 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b,
+ 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71,
+ 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
+ 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
+ 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x44, 0x18, 0x02, 0x20, 0x01,
+ 0x28, 0x09, 0x52, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x44, 0x12, 0x1a, 0x0a, 0x08, 0x6b, 0x65,
+ 0x79, 0x54, 0x6f, 0x55, 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6b, 0x65,
+ 0x79, 0x54, 0x6f, 0x55, 0x73, 0x65, 0x22, 0x47, 0x0a, 0x27, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43,
+ 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79, 0x4e, 0x65,
+ 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01,
0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22,
- 0x4b, 0x0a, 0x13, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65,
- 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
- 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73,
- 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x18, 0x02,
- 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x62, 0x75, 0x6c, 0x6b, 0x49, 0x64, 0x22, 0x7a, 0x0a, 0x26,
- 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72,
- 0x74, 0x4b, 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
- 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
- 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73,
- 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x44, 0x18, 0x02,
- 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x44, 0x12, 0x1a, 0x0a, 0x08,
- 0x6b, 0x65, 0x79, 0x54, 0x6f, 0x55, 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08,
- 0x6b, 0x65, 0x79, 0x54, 0x6f, 0x55, 0x73, 0x65, 0x22, 0x47, 0x0a, 0x27, 0x49, 0x6e, 0x74, 0x65,
- 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79,
- 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f,
- 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
- 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
- 0x70, 0x22, 0x8e, 0x01, 0x0a, 0x14, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64,
- 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69,
- 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74,
- 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x74, 0x68,
- 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x64,
- 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x18, 0x03, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x12, 0x22,
- 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6b, 0x6d,
- 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x52, 0x03, 0x6b,
- 0x65, 0x79, 0x22, 0x35, 0x0a, 0x15, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64,
- 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74,
+ 0xd6, 0x01, 0x0a, 0x14, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e,
+ 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65,
+ 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d,
+ 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x64,
+ 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x64, 0x12, 0x1c,
+ 0x0a, 0x09, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28,
+ 0x09, 0x52, 0x09, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x12, 0x46, 0x0a, 0x0f,
+ 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x18,
+ 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72,
+ 0x63, 0x6f, 0x6d, 0x2e, 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69,
+ 0x74, 0x68, 0x6d, 0x52, 0x0f, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x41, 0x6c, 0x67, 0x6f, 0x72,
+ 0x69, 0x74, 0x68, 0x6d, 0x12, 0x22, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28,
+ 0x0b, 0x32, 0x10, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e,
+ 0x4b, 0x65, 0x79, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x22, 0x35, 0x0a, 0x15, 0x4b, 0x65, 0x79, 0x46,
+ 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01,
+ 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22,
+ 0x83, 0x01, 0x0a, 0x17, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72,
+ 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74,
0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09,
- 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x83, 0x01, 0x0a, 0x17, 0x41, 0x63,
- 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65,
- 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
- 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
- 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x64, 0x18, 0x02, 0x20,
- 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x70,
- 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09,
- 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x4b, 0x65, 0x79,
- 0x49, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x22,
- 0x38, 0x0a, 0x18, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64,
- 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74,
+ 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x74,
+ 0x68, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x61, 0x74, 0x68, 0x49,
+ 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x18, 0x03,
+ 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x49, 0x64, 0x12,
+ 0x14, 0x0a, 0x05, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05,
+ 0x4b, 0x65, 0x79, 0x49, 0x64, 0x22, 0x38, 0x0a, 0x18, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46,
+ 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01,
+ 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22,
+ 0x66, 0x0a, 0x18, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
+ 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74,
0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09,
- 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x66, 0x0a, 0x18, 0x4b, 0x65, 0x79,
- 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65,
- 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
- 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
- 0x61, 0x6d, 0x70, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01,
- 0x28, 0x09, 0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x6b, 0x65, 0x79,
- 0x49, 0x64, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x6b, 0x65, 0x79, 0x49, 0x64,
- 0x73, 0x22, 0x39, 0x0a, 0x19, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69,
- 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c,
- 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28,
- 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0xa2, 0x01, 0x0a,
- 0x12, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75,
- 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
- 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
- 0x70, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
- 0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64,
- 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1c, 0x0a,
- 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09,
- 0x52, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64, 0x12, 0x24, 0x0a, 0x04, 0x6b,
- 0x65, 0x79, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6b, 0x6d, 0x73, 0x69,
- 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x52, 0x04, 0x6b, 0x65, 0x79,
- 0x73, 0x22, 0x33, 0x0a, 0x13, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79,
- 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65,
- 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d,
- 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x3d, 0x0a, 0x03, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a,
- 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a,
- 0x05, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f,
- 0x6e, 0x63, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
- 0x52, 0x03, 0x6b, 0x65, 0x79, 0x32, 0xb9, 0x06, 0x0a, 0x09, 0x4b, 0x6d, 0x73, 0x54, 0x61, 0x6c,
- 0x6b, 0x65, 0x72, 0x12, 0x6a, 0x0a, 0x14, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43,
- 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x28, 0x2e, 0x6b, 0x6d,
- 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43,
- 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65,
- 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72,
- 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61,
- 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12,
- 0x52, 0x0a, 0x0b, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x12, 0x1f,
- 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e,
- 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
- 0x20, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79,
- 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
- 0x65, 0x22, 0x00, 0x12, 0x64, 0x0a, 0x11, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64,
- 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x12, 0x25, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e,
- 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64,
- 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
- 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79,
- 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52,
- 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x8e, 0x01, 0x0a, 0x1f, 0x49, 0x6e,
- 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b,
- 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x2e,
+ 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73,
+ 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12,
+ 0x16, 0x0a, 0x06, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52,
+ 0x06, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x22, 0x39, 0x0a, 0x19, 0x4b, 0x65, 0x79, 0x49, 0x64,
+ 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70,
+ 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
+ 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
+ 0x6d, 0x70, 0x22, 0xea, 0x01, 0x0a, 0x12, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65,
+ 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d,
+ 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69,
+ 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64,
+ 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12, 0x14, 0x0a,
+ 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65,
+ 0x79, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64,
+ 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49,
+ 0x64, 0x12, 0x46, 0x0a, 0x0f, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x41, 0x6c, 0x67, 0x6f, 0x72,
+ 0x69, 0x74, 0x68, 0x6d, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x6b, 0x6d, 0x73,
+ 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x41,
+ 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x52, 0x0f, 0x63, 0x72, 0x79, 0x70, 0x74, 0x6f,
+ 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x24, 0x0a, 0x04, 0x6b, 0x65, 0x79,
+ 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74,
+ 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x52, 0x04, 0x6b, 0x65, 0x79, 0x73, 0x22,
+ 0x33, 0x0a, 0x13, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65,
+ 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
+ 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73,
+ 0x74, 0x61, 0x6d, 0x70, 0x22, 0x3d, 0x0a, 0x03, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69,
+ 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x6e,
+ 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x6e, 0x63,
+ 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03,
+ 0x6b, 0x65, 0x79, 0x2a, 0x2b, 0x0a, 0x0f, 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x41, 0x6c, 0x67,
+ 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35,
+ 0x36, 0x5f, 0x47, 0x43, 0x4d, 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x4f, 0x54, 0x50, 0x10, 0x01,
+ 0x32, 0xb9, 0x06, 0x0a, 0x09, 0x4b, 0x6d, 0x73, 0x54, 0x61, 0x6c, 0x6b, 0x65, 0x72, 0x12, 0x6a,
+ 0x0a, 0x14, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69,
+ 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x28, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65,
+ 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70,
+ 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
+ 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49,
+ 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74,
+ 0x69, 0x65, 0x73, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x0b, 0x53, 0x79,
+ 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x12, 0x1f, 0x2e, 0x6b, 0x6d, 0x73, 0x69,
+ 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42,
+ 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x6b, 0x6d, 0x73,
+ 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64,
+ 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x64,
+ 0x0a, 0x11, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42,
+ 0x75, 0x6c, 0x6b, 0x12, 0x25, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f,
+ 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42,
+ 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73,
+ 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79,
+ 0x49, 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+ 0x73, 0x65, 0x22, 0x00, 0x12, 0x8e, 0x01, 0x0a, 0x1f, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f,
+ 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79, 0x4e, 0x65, 0x67,
+ 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e,
+ 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54,
+ 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74,
+ 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e,
0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65,
0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79,
- 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65,
- 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d,
- 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f,
- 0x72, 0x74, 0x4b, 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e,
- 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x58, 0x0a, 0x0d, 0x4b, 0x65,
- 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x21, 0x2e, 0x6b, 0x6d,
- 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72,
- 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22,
+ 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f,
+ 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x58, 0x0a, 0x0d, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77,
+ 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x21, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65,
+ 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69,
+ 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x6b, 0x6d, 0x73, 0x69,
+ 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61,
+ 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12,
+ 0x61, 0x0a, 0x10, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64,
+ 0x69, 0x6e, 0x67, 0x12, 0x24, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f,
+ 0x6d, 0x2e, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69,
+ 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x6b, 0x6d, 0x73, 0x69,
+ 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f,
+ 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
+ 0x22, 0x00, 0x12, 0x64, 0x0a, 0x11, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66,
+ 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x25, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74,
+ 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66,
+ 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26,
0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79,
- 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
- 0x73, 0x65, 0x22, 0x00, 0x12, 0x61, 0x0a, 0x10, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f,
- 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x24, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e,
- 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72,
- 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25,
- 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x41, 0x63, 0x6b,
- 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73,
- 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x64, 0x0a, 0x11, 0x4b, 0x65, 0x79, 0x49, 0x64,
- 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x25, 0x2e, 0x6b,
- 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x49, 0x64,
- 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75,
- 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f,
- 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
- 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x52, 0x0a,
- 0x0b, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x12, 0x1f, 0x2e, 0x6b,
- 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44, 0x65,
- 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e,
- 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44,
- 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
- 0x00, 0x42, 0xb0, 0x01, 0x0a, 0x0f, 0x63, 0x6f, 0x6d, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74,
- 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x42, 0x10, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63,
- 0x6f, 0x6d, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3f, 0x63, 0x6f, 0x64, 0x65, 0x2e,
- 0x66, 0x62, 0x69, 0x2e, 0x68, 0x2d, 0x64, 0x61, 0x2e, 0x64, 0x65, 0x2f, 0x64, 0x61, 0x6e, 0x65,
- 0x74, 0x2f, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x2f, 0x67, 0x6f, 0x4b, 0x4d, 0x53, 0x2f, 0x61, 0x70,
- 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x6b,
- 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xa2, 0x02, 0x03, 0x4b, 0x58, 0x58,
- 0xaa, 0x02, 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xca, 0x02,
- 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xe2, 0x02, 0x17, 0x4b,
- 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65,
- 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65,
- 0x72, 0x63, 0x6f, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+ 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65,
+ 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x0b, 0x4b, 0x65, 0x79, 0x44,
+ 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x12, 0x1f, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74,
+ 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72,
+ 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e,
+ 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65,
+ 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0xb0, 0x01, 0x0a,
+ 0x0f, 0x63, 0x6f, 0x6d, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d,
+ 0x42, 0x10, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x50, 0x72, 0x6f,
+ 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3f, 0x63, 0x6f, 0x64, 0x65, 0x2e, 0x66, 0x62, 0x69, 0x2e, 0x68,
+ 0x2d, 0x64, 0x61, 0x2e, 0x64, 0x65, 0x2f, 0x64, 0x61, 0x6e, 0x65, 0x74, 0x2f, 0x71, 0x75, 0x61,
+ 0x6e, 0x74, 0x2f, 0x67, 0x6f, 0x4b, 0x4d, 0x53, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e,
+ 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74,
+ 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xa2, 0x02, 0x03, 0x4b, 0x58, 0x58, 0xaa, 0x02, 0x0b, 0x4b, 0x6d,
+ 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xca, 0x02, 0x0b, 0x4b, 0x6d, 0x73, 0x69,
+ 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xe2, 0x02, 0x17, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74,
+ 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
+ 0x61, 0xea, 0x02, 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x62,
+ 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (
@@ -1197,50 +1281,54 @@ func file_kmsintercom_kmsintercom_proto_rawDescGZIP() []byte {
return file_kmsintercom_kmsintercom_proto_rawDescData
}
+var file_kmsintercom_kmsintercom_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
var file_kmsintercom_kmsintercom_proto_msgTypes = make([]protoimpl.MessageInfo, 17)
-var file_kmsintercom_kmsintercom_proto_goTypes = []interface{}{
- (*InterComCapabilitiesRequest)(nil), // 0: kmsintercom.InterComCapabilitiesRequest
- (*InterComCapabilitiesReply)(nil), // 1: kmsintercom.InterComCapabilitiesReply
- (*SyncQkdBulkRequest)(nil), // 2: kmsintercom.SyncQkdBulkRequest
- (*SyncKeyIdsForBulkRequest)(nil), // 3: kmsintercom.SyncKeyIdsForBulkRequest
- (*SyncKeyIdsForBulkResponse)(nil), // 4: kmsintercom.SyncKeyIdsForBulkResponse
- (*SyncQkdBulkResponse)(nil), // 5: kmsintercom.SyncQkdBulkResponse
- (*InterComTransportKeyNegotiationRequest)(nil), // 6: kmsintercom.InterComTransportKeyNegotiationRequest
- (*InterComTransportKeyNegotiationResponse)(nil), // 7: kmsintercom.InterComTransportKeyNegotiationResponse
- (*KeyForwardingRequest)(nil), // 8: kmsintercom.KeyForwardingRequest
- (*KeyForwardingResponse)(nil), // 9: kmsintercom.KeyForwardingResponse
- (*AckKeyForwardingRequest)(nil), // 10: kmsintercom.AckKeyForwardingRequest
- (*AckKeyForwardingResponse)(nil), // 11: kmsintercom.AckKeyForwardingResponse
- (*KeyIdNotificationRequest)(nil), // 12: kmsintercom.KeyIdNotificationRequest
- (*KeyIdNotificationResponse)(nil), // 13: kmsintercom.KeyIdNotificationResponse
- (*KeyDeliveryRequest)(nil), // 14: kmsintercom.KeyDeliveryRequest
- (*KeyDeliveryResponse)(nil), // 15: kmsintercom.KeyDeliveryResponse
- (*Key)(nil), // 16: kmsintercom.Key
+var file_kmsintercom_kmsintercom_proto_goTypes = []any{
+ (CryptoAlgorithm)(0), // 0: kmsintercom.CryptoAlgorithm
+ (*InterComCapabilitiesRequest)(nil), // 1: kmsintercom.InterComCapabilitiesRequest
+ (*InterComCapabilitiesReply)(nil), // 2: kmsintercom.InterComCapabilitiesReply
+ (*SyncQkdBulkRequest)(nil), // 3: kmsintercom.SyncQkdBulkRequest
+ (*SyncKeyIdsForBulkRequest)(nil), // 4: kmsintercom.SyncKeyIdsForBulkRequest
+ (*SyncKeyIdsForBulkResponse)(nil), // 5: kmsintercom.SyncKeyIdsForBulkResponse
+ (*SyncQkdBulkResponse)(nil), // 6: kmsintercom.SyncQkdBulkResponse
+ (*InterComTransportKeyNegotiationRequest)(nil), // 7: kmsintercom.InterComTransportKeyNegotiationRequest
+ (*InterComTransportKeyNegotiationResponse)(nil), // 8: kmsintercom.InterComTransportKeyNegotiationResponse
+ (*KeyForwardingRequest)(nil), // 9: kmsintercom.KeyForwardingRequest
+ (*KeyForwardingResponse)(nil), // 10: kmsintercom.KeyForwardingResponse
+ (*AckKeyForwardingRequest)(nil), // 11: kmsintercom.AckKeyForwardingRequest
+ (*AckKeyForwardingResponse)(nil), // 12: kmsintercom.AckKeyForwardingResponse
+ (*KeyIdNotificationRequest)(nil), // 13: kmsintercom.KeyIdNotificationRequest
+ (*KeyIdNotificationResponse)(nil), // 14: kmsintercom.KeyIdNotificationResponse
+ (*KeyDeliveryRequest)(nil), // 15: kmsintercom.KeyDeliveryRequest
+ (*KeyDeliveryResponse)(nil), // 16: kmsintercom.KeyDeliveryResponse
+ (*Key)(nil), // 17: kmsintercom.Key
}
var file_kmsintercom_kmsintercom_proto_depIdxs = []int32{
- 16, // 0: kmsintercom.KeyForwardingRequest.key:type_name -> kmsintercom.Key
- 16, // 1: kmsintercom.KeyDeliveryRequest.keys:type_name -> kmsintercom.Key
- 0, // 2: kmsintercom.KmsTalker.InterComCapabilities:input_type -> kmsintercom.InterComCapabilitiesRequest
- 2, // 3: kmsintercom.KmsTalker.SyncQkdBulk:input_type -> kmsintercom.SyncQkdBulkRequest
- 3, // 4: kmsintercom.KmsTalker.SyncKeyIdsForBulk:input_type -> kmsintercom.SyncKeyIdsForBulkRequest
- 6, // 5: kmsintercom.KmsTalker.InterComTransportKeyNegotiation:input_type -> kmsintercom.InterComTransportKeyNegotiationRequest
- 8, // 6: kmsintercom.KmsTalker.KeyForwarding:input_type -> kmsintercom.KeyForwardingRequest
- 10, // 7: kmsintercom.KmsTalker.AckKeyForwarding:input_type -> kmsintercom.AckKeyForwardingRequest
- 12, // 8: kmsintercom.KmsTalker.KeyIdNotification:input_type -> kmsintercom.KeyIdNotificationRequest
- 14, // 9: kmsintercom.KmsTalker.KeyDelivery:input_type -> kmsintercom.KeyDeliveryRequest
- 1, // 10: kmsintercom.KmsTalker.InterComCapabilities:output_type -> kmsintercom.InterComCapabilitiesReply
- 5, // 11: kmsintercom.KmsTalker.SyncQkdBulk:output_type -> kmsintercom.SyncQkdBulkResponse
- 4, // 12: kmsintercom.KmsTalker.SyncKeyIdsForBulk:output_type -> kmsintercom.SyncKeyIdsForBulkResponse
- 7, // 13: kmsintercom.KmsTalker.InterComTransportKeyNegotiation:output_type -> kmsintercom.InterComTransportKeyNegotiationResponse
- 9, // 14: kmsintercom.KmsTalker.KeyForwarding:output_type -> kmsintercom.KeyForwardingResponse
- 11, // 15: kmsintercom.KmsTalker.AckKeyForwarding:output_type -> kmsintercom.AckKeyForwardingResponse
- 13, // 16: kmsintercom.KmsTalker.KeyIdNotification:output_type -> kmsintercom.KeyIdNotificationResponse
- 15, // 17: kmsintercom.KmsTalker.KeyDelivery:output_type -> kmsintercom.KeyDeliveryResponse
- 10, // [10:18] is the sub-list for method output_type
- 2, // [2:10] is the sub-list for method input_type
- 2, // [2:2] is the sub-list for extension type_name
- 2, // [2:2] is the sub-list for extension extendee
- 0, // [0:2] is the sub-list for field type_name
+ 0, // 0: kmsintercom.KeyForwardingRequest.cryptoAlgorithm:type_name -> kmsintercom.CryptoAlgorithm
+ 17, // 1: kmsintercom.KeyForwardingRequest.key:type_name -> kmsintercom.Key
+ 0, // 2: kmsintercom.KeyDeliveryRequest.cryptoAlgorithm:type_name -> kmsintercom.CryptoAlgorithm
+ 17, // 3: kmsintercom.KeyDeliveryRequest.keys:type_name -> kmsintercom.Key
+ 1, // 4: kmsintercom.KmsTalker.InterComCapabilities:input_type -> kmsintercom.InterComCapabilitiesRequest
+ 3, // 5: kmsintercom.KmsTalker.SyncQkdBulk:input_type -> kmsintercom.SyncQkdBulkRequest
+ 4, // 6: kmsintercom.KmsTalker.SyncKeyIdsForBulk:input_type -> kmsintercom.SyncKeyIdsForBulkRequest
+ 7, // 7: kmsintercom.KmsTalker.InterComTransportKeyNegotiation:input_type -> kmsintercom.InterComTransportKeyNegotiationRequest
+ 9, // 8: kmsintercom.KmsTalker.KeyForwarding:input_type -> kmsintercom.KeyForwardingRequest
+ 11, // 9: kmsintercom.KmsTalker.AckKeyForwarding:input_type -> kmsintercom.AckKeyForwardingRequest
+ 13, // 10: kmsintercom.KmsTalker.KeyIdNotification:input_type -> kmsintercom.KeyIdNotificationRequest
+ 15, // 11: kmsintercom.KmsTalker.KeyDelivery:input_type -> kmsintercom.KeyDeliveryRequest
+ 2, // 12: kmsintercom.KmsTalker.InterComCapabilities:output_type -> kmsintercom.InterComCapabilitiesReply
+ 6, // 13: kmsintercom.KmsTalker.SyncQkdBulk:output_type -> kmsintercom.SyncQkdBulkResponse
+ 5, // 14: kmsintercom.KmsTalker.SyncKeyIdsForBulk:output_type -> kmsintercom.SyncKeyIdsForBulkResponse
+ 8, // 15: kmsintercom.KmsTalker.InterComTransportKeyNegotiation:output_type -> kmsintercom.InterComTransportKeyNegotiationResponse
+ 10, // 16: kmsintercom.KmsTalker.KeyForwarding:output_type -> kmsintercom.KeyForwardingResponse
+ 12, // 17: kmsintercom.KmsTalker.AckKeyForwarding:output_type -> kmsintercom.AckKeyForwardingResponse
+ 14, // 18: kmsintercom.KmsTalker.KeyIdNotification:output_type -> kmsintercom.KeyIdNotificationResponse
+ 16, // 19: kmsintercom.KmsTalker.KeyDelivery:output_type -> kmsintercom.KeyDeliveryResponse
+ 12, // [12:20] is the sub-list for method output_type
+ 4, // [4:12] is the sub-list for method input_type
+ 4, // [4:4] is the sub-list for extension type_name
+ 4, // [4:4] is the sub-list for extension extendee
+ 0, // [0:4] is the sub-list for field type_name
}
func init() { file_kmsintercom_kmsintercom_proto_init() }
@@ -1249,7 +1337,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return
}
if !protoimpl.UnsafeEnabled {
- file_kmsintercom_kmsintercom_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[0].Exporter = func(v any, i int) any {
switch v := v.(*InterComCapabilitiesRequest); i {
case 0:
return &v.state
@@ -1261,7 +1349,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[1].Exporter = func(v any, i int) any {
switch v := v.(*InterComCapabilitiesReply); i {
case 0:
return &v.state
@@ -1273,7 +1361,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[2].Exporter = func(v any, i int) any {
switch v := v.(*SyncQkdBulkRequest); i {
case 0:
return &v.state
@@ -1285,7 +1373,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[3].Exporter = func(v any, i int) any {
switch v := v.(*SyncKeyIdsForBulkRequest); i {
case 0:
return &v.state
@@ -1297,7 +1385,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[4].Exporter = func(v any, i int) any {
switch v := v.(*SyncKeyIdsForBulkResponse); i {
case 0:
return &v.state
@@ -1309,7 +1397,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[5].Exporter = func(v any, i int) any {
switch v := v.(*SyncQkdBulkResponse); i {
case 0:
return &v.state
@@ -1321,7 +1409,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[6].Exporter = func(v any, i int) any {
switch v := v.(*InterComTransportKeyNegotiationRequest); i {
case 0:
return &v.state
@@ -1333,7 +1421,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[7].Exporter = func(v any, i int) any {
switch v := v.(*InterComTransportKeyNegotiationResponse); i {
case 0:
return &v.state
@@ -1345,7 +1433,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[8].Exporter = func(v any, i int) any {
switch v := v.(*KeyForwardingRequest); i {
case 0:
return &v.state
@@ -1357,7 +1445,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[9].Exporter = func(v any, i int) any {
switch v := v.(*KeyForwardingResponse); i {
case 0:
return &v.state
@@ -1369,7 +1457,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[10].Exporter = func(v any, i int) any {
switch v := v.(*AckKeyForwardingRequest); i {
case 0:
return &v.state
@@ -1381,7 +1469,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[11].Exporter = func(v any, i int) any {
switch v := v.(*AckKeyForwardingResponse); i {
case 0:
return &v.state
@@ -1393,7 +1481,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[12].Exporter = func(v any, i int) any {
switch v := v.(*KeyIdNotificationRequest); i {
case 0:
return &v.state
@@ -1405,7 +1493,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[13].Exporter = func(v any, i int) any {
switch v := v.(*KeyIdNotificationResponse); i {
case 0:
return &v.state
@@ -1417,7 +1505,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[14].Exporter = func(v any, i int) any {
switch v := v.(*KeyDeliveryRequest); i {
case 0:
return &v.state
@@ -1429,7 +1517,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[15].Exporter = func(v any, i int) any {
switch v := v.(*KeyDeliveryResponse); i {
case 0:
return &v.state
@@ -1441,7 +1529,7 @@ func file_kmsintercom_kmsintercom_proto_init() {
return nil
}
}
- file_kmsintercom_kmsintercom_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
+ file_kmsintercom_kmsintercom_proto_msgTypes[16].Exporter = func(v any, i int) any {
switch v := v.(*Key); i {
case 0:
return &v.state
@@ -1459,13 +1547,14 @@ func file_kmsintercom_kmsintercom_proto_init() {
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_kmsintercom_kmsintercom_proto_rawDesc,
- NumEnums: 0,
+ NumEnums: 1,
NumMessages: 17,
NumExtensions: 0,
NumServices: 1,
},
GoTypes: file_kmsintercom_kmsintercom_proto_goTypes,
DependencyIndexes: file_kmsintercom_kmsintercom_proto_depIdxs,
+ EnumInfos: file_kmsintercom_kmsintercom_proto_enumTypes,
MessageInfos: file_kmsintercom_kmsintercom_proto_msgTypes,
}.Build()
File_kmsintercom_kmsintercom_proto = out.File
diff --git a/goKMS/api/gen/proto/go/kmsintercom/kmsintercom_grpc.pb.go b/goKMS/api/gen/proto/go/kmsintercom/kmsintercom_grpc.pb.go
index 32a2d9c941b222de7152b493e8bce4efb44b21d3..8516ca86bef8ce798862ffbe2a1503f202de8f6c 100644
--- a/goKMS/api/gen/proto/go/kmsintercom/kmsintercom_grpc.pb.go
+++ b/goKMS/api/gen/proto/go/kmsintercom/kmsintercom_grpc.pb.go
@@ -1,6 +1,6 @@
// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
// versions:
-// - protoc-gen-go-grpc v1.3.0
+// - protoc-gen-go-grpc v1.5.1
// - protoc (unknown)
// source: kmsintercom/kmsintercom.proto
@@ -15,8 +15,8 @@ import (
// This is a compile-time assertion to ensure that this generated file
// is compatible with the grpc package it is being compiled against.
-// Requires gRPC-Go v1.32.0 or later.
-const _ = grpc.SupportPackageIsVersion7
+// Requires gRPC-Go v1.64.0 or later.
+const _ = grpc.SupportPackageIsVersion9
const (
KmsTalker_InterComCapabilities_FullMethodName = "/kmsintercom.KmsTalker/InterComCapabilities"
@@ -32,6 +32,8 @@ const (
// KmsTalkerClient is the client API for KmsTalker service.
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
+//
+// should be renamed to InterCom or KMSInterCom
type KmsTalkerClient interface {
InterComCapabilities(ctx context.Context, in *InterComCapabilitiesRequest, opts ...grpc.CallOption) (*InterComCapabilitiesReply, error)
SyncQkdBulk(ctx context.Context, in *SyncQkdBulkRequest, opts ...grpc.CallOption) (*SyncQkdBulkResponse, error)
@@ -53,8 +55,9 @@ func NewKmsTalkerClient(cc grpc.ClientConnInterface) KmsTalkerClient {
}
func (c *kmsTalkerClient) InterComCapabilities(ctx context.Context, in *InterComCapabilitiesRequest, opts ...grpc.CallOption) (*InterComCapabilitiesReply, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(InterComCapabilitiesReply)
- err := c.cc.Invoke(ctx, KmsTalker_InterComCapabilities_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_InterComCapabilities_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -62,8 +65,9 @@ func (c *kmsTalkerClient) InterComCapabilities(ctx context.Context, in *InterCom
}
func (c *kmsTalkerClient) SyncQkdBulk(ctx context.Context, in *SyncQkdBulkRequest, opts ...grpc.CallOption) (*SyncQkdBulkResponse, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(SyncQkdBulkResponse)
- err := c.cc.Invoke(ctx, KmsTalker_SyncQkdBulk_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_SyncQkdBulk_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -71,8 +75,9 @@ func (c *kmsTalkerClient) SyncQkdBulk(ctx context.Context, in *SyncQkdBulkReques
}
func (c *kmsTalkerClient) SyncKeyIdsForBulk(ctx context.Context, in *SyncKeyIdsForBulkRequest, opts ...grpc.CallOption) (*SyncKeyIdsForBulkResponse, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(SyncKeyIdsForBulkResponse)
- err := c.cc.Invoke(ctx, KmsTalker_SyncKeyIdsForBulk_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_SyncKeyIdsForBulk_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -80,8 +85,9 @@ func (c *kmsTalkerClient) SyncKeyIdsForBulk(ctx context.Context, in *SyncKeyIdsF
}
func (c *kmsTalkerClient) InterComTransportKeyNegotiation(ctx context.Context, in *InterComTransportKeyNegotiationRequest, opts ...grpc.CallOption) (*InterComTransportKeyNegotiationResponse, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(InterComTransportKeyNegotiationResponse)
- err := c.cc.Invoke(ctx, KmsTalker_InterComTransportKeyNegotiation_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_InterComTransportKeyNegotiation_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -89,8 +95,9 @@ func (c *kmsTalkerClient) InterComTransportKeyNegotiation(ctx context.Context, i
}
func (c *kmsTalkerClient) KeyForwarding(ctx context.Context, in *KeyForwardingRequest, opts ...grpc.CallOption) (*KeyForwardingResponse, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(KeyForwardingResponse)
- err := c.cc.Invoke(ctx, KmsTalker_KeyForwarding_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_KeyForwarding_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -98,8 +105,9 @@ func (c *kmsTalkerClient) KeyForwarding(ctx context.Context, in *KeyForwardingRe
}
func (c *kmsTalkerClient) AckKeyForwarding(ctx context.Context, in *AckKeyForwardingRequest, opts ...grpc.CallOption) (*AckKeyForwardingResponse, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(AckKeyForwardingResponse)
- err := c.cc.Invoke(ctx, KmsTalker_AckKeyForwarding_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_AckKeyForwarding_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -107,8 +115,9 @@ func (c *kmsTalkerClient) AckKeyForwarding(ctx context.Context, in *AckKeyForwar
}
func (c *kmsTalkerClient) KeyIdNotification(ctx context.Context, in *KeyIdNotificationRequest, opts ...grpc.CallOption) (*KeyIdNotificationResponse, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(KeyIdNotificationResponse)
- err := c.cc.Invoke(ctx, KmsTalker_KeyIdNotification_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_KeyIdNotification_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -116,8 +125,9 @@ func (c *kmsTalkerClient) KeyIdNotification(ctx context.Context, in *KeyIdNotifi
}
func (c *kmsTalkerClient) KeyDelivery(ctx context.Context, in *KeyDeliveryRequest, opts ...grpc.CallOption) (*KeyDeliveryResponse, error) {
+ cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(KeyDeliveryResponse)
- err := c.cc.Invoke(ctx, KmsTalker_KeyDelivery_FullMethodName, in, out, opts...)
+ err := c.cc.Invoke(ctx, KmsTalker_KeyDelivery_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
@@ -126,7 +136,9 @@ func (c *kmsTalkerClient) KeyDelivery(ctx context.Context, in *KeyDeliveryReques
// KmsTalkerServer is the server API for KmsTalker service.
// All implementations must embed UnimplementedKmsTalkerServer
-// for forward compatibility
+// for forward compatibility.
+//
+// should be renamed to InterCom or KMSInterCom
type KmsTalkerServer interface {
InterComCapabilities(context.Context, *InterComCapabilitiesRequest) (*InterComCapabilitiesReply, error)
SyncQkdBulk(context.Context, *SyncQkdBulkRequest) (*SyncQkdBulkResponse, error)
@@ -140,9 +152,12 @@ type KmsTalkerServer interface {
mustEmbedUnimplementedKmsTalkerServer()
}
-// UnimplementedKmsTalkerServer must be embedded to have forward compatible implementations.
-type UnimplementedKmsTalkerServer struct {
-}
+// UnimplementedKmsTalkerServer must be embedded to have
+// forward compatible implementations.
+//
+// NOTE: this should be embedded by value instead of pointer to avoid a nil
+// pointer dereference when methods are called.
+type UnimplementedKmsTalkerServer struct{}
func (UnimplementedKmsTalkerServer) InterComCapabilities(context.Context, *InterComCapabilitiesRequest) (*InterComCapabilitiesReply, error) {
return nil, status.Errorf(codes.Unimplemented, "method InterComCapabilities not implemented")
@@ -169,6 +184,7 @@ func (UnimplementedKmsTalkerServer) KeyDelivery(context.Context, *KeyDeliveryReq
return nil, status.Errorf(codes.Unimplemented, "method KeyDelivery not implemented")
}
func (UnimplementedKmsTalkerServer) mustEmbedUnimplementedKmsTalkerServer() {}
+func (UnimplementedKmsTalkerServer) testEmbeddedByValue() {}
// UnsafeKmsTalkerServer may be embedded to opt out of forward compatibility for this service.
// Use of this interface is not recommended, as added methods to KmsTalkerServer will
@@ -178,6 +194,13 @@ type UnsafeKmsTalkerServer interface {
}
func RegisterKmsTalkerServer(s grpc.ServiceRegistrar, srv KmsTalkerServer) {
+ // If the following call pancis, it indicates UnimplementedKmsTalkerServer was
+ // embedded by pointer and is nil. This will cause panics if an
+ // unimplemented method is ever invoked, so we test this at initialization
+ // time to prevent it from happening at runtime later due to I/O.
+ if t, ok := srv.(interface{ testEmbeddedByValue() }); ok {
+ t.testEmbeddedByValue()
+ }
s.RegisterService(&KmsTalker_ServiceDesc, srv)
}
diff --git a/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto b/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto
index 46bd6fccabb3a3061958b42749d0e65d9a15f60b..ce06666107b91624b961cdec79fa52380c9060d8 100644
--- a/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto
+++ b/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto
@@ -4,110 +4,118 @@ package kmsintercom;
// should be renamed to InterCom or KMSInterCom
service KmsTalker {
- rpc InterComCapabilities (InterComCapabilitiesRequest) returns (InterComCapabilitiesReply) {}
- rpc SyncQkdBulk(SyncQkdBulkRequest) returns (SyncQkdBulkResponse) {}
- rpc SyncKeyIdsForBulk(SyncKeyIdsForBulkRequest) returns (SyncKeyIdsForBulkResponse) {}
- rpc InterComTransportKeyNegotiation(InterComTransportKeyNegotiationRequest) returns (InterComTransportKeyNegotiationResponse) {}
- rpc KeyForwarding(KeyForwardingRequest) returns (KeyForwardingResponse) {}
- rpc AckKeyForwarding(AckKeyForwardingRequest) returns (AckKeyForwardingResponse) {}
- // KeyIDNotification is used for ETSI GS QKD 014
- rpc KeyIdNotification(KeyIdNotificationRequest) returns (KeyIdNotificationResponse) {}
- rpc KeyDelivery(KeyDeliveryRequest) returns (KeyDeliveryResponse) {}
+ rpc InterComCapabilities(InterComCapabilitiesRequest) returns (InterComCapabilitiesReply) {}
+ rpc SyncQkdBulk(SyncQkdBulkRequest) returns (SyncQkdBulkResponse) {}
+ rpc SyncKeyIdsForBulk(SyncKeyIdsForBulkRequest) returns (SyncKeyIdsForBulkResponse) {}
+ rpc InterComTransportKeyNegotiation(InterComTransportKeyNegotiationRequest) returns (InterComTransportKeyNegotiationResponse) {}
+ rpc KeyForwarding(KeyForwardingRequest) returns (KeyForwardingResponse) {}
+ rpc AckKeyForwarding(AckKeyForwardingRequest) returns (AckKeyForwardingResponse) {}
+ // KeyIDNotification is used for ETSI GS QKD 014
+ rpc KeyIdNotification(KeyIdNotificationRequest) returns (KeyIdNotificationResponse) {}
+ rpc KeyDelivery(KeyDeliveryRequest) returns (KeyDeliveryResponse) {}
}
// Capabilities
// The request message containing the requesting kms' name.
message InterComCapabilitiesRequest {
- int64 timestamp = 1;
- string myKmsName = 2;
+ int64 timestamp = 1;
+ string kmsId = 2;
+ bool resetKeyStore = 3;
}
// The response message containing the replying kms' name.
message InterComCapabilitiesReply {
- int64 timestamp = 1;
- string peerKmsName= 2;
+ int64 timestamp = 1;
+ string peerKmsName = 2;
}
message SyncQkdBulkRequest {
- int64 timestamp = 1;
- string kmsId = 2;
- repeated int64 bulkId = 3;
- //string bulkHash = 4;
+ int64 timestamp = 1;
+ string kmsId = 2;
+ repeated int64 bulkId = 3;
+ //string bulkHash = 4;
}
message SyncKeyIdsForBulkRequest {
- int64 timestamp = 1;
- string kmsId = 2;
- int64 bulkId = 3;
- repeated string keyId = 4;
+ int64 timestamp = 1;
+ string kmsId = 2;
+ int64 bulkId = 3;
+ repeated string keyId = 4;
}
message SyncKeyIdsForBulkResponse {
- int64 timestamp = 1;
+ int64 timestamp = 1;
}
message SyncQkdBulkResponse {
- int64 timestamp = 1;
- int64 bulkId = 2;
+ int64 timestamp = 1;
+ int64 bulkId = 2;
}
// Beim aushandeln
message InterComTransportKeyNegotiationRequest {
- int64 timestamp = 1;
- string pathID = 2;
- string keyToUse = 3;
+ int64 timestamp = 1;
+ string pathID = 2;
+ string keyToUse = 3;
}
message InterComTransportKeyNegotiationResponse {
- int64 timestamp = 1;
+ int64 timestamp = 1;
}
message KeyForwardingRequest {
- int64 timestamp = 1;
- string pathId = 2;
- string processId = 3;
- Key key = 4;
+ int64 timestamp = 1;
+ string pathId = 2;
+ string processId = 3;
+ CryptoAlgorithm cryptoAlgorithm = 4;
+ Key key = 5;
}
message KeyForwardingResponse {
- int64 timestamp = 1;
+ int64 timestamp = 1;
}
message AckKeyForwardingRequest {
- int64 timestamp = 1;
- string pathId = 2;
- string processId = 3;
- string KeyId = 4;
+ int64 timestamp = 1;
+ string pathId = 2;
+ string processId = 3;
+ string KeyId = 4;
}
message AckKeyForwardingResponse {
- int64 timestamp = 1;
+ int64 timestamp = 1;
}
message KeyIdNotificationRequest {
- int64 timestamp = 1;
- string kmsId = 2;
- repeated string keyIds = 3;
+ int64 timestamp = 1;
+ string kmsId = 2;
+ repeated string keyIds = 3;
}
message KeyIdNotificationResponse {
- int64 timestamp = 1;
+ int64 timestamp = 1;
}
message KeyDeliveryRequest {
- int64 timestamp = 1;
- string kmsId = 3;
- string keyId = 4;
- string requestId = 5;
- repeated Key keys = 6;
+ int64 timestamp = 1;
+ string kmsId = 3;
+ string keyId = 4;
+ string requestId = 5;
+ CryptoAlgorithm cryptoAlgorithm = 6;
+ repeated Key keys = 7;
}
message KeyDeliveryResponse {
- int64 timestamp = 1;
+ int64 timestamp = 1;
}
message Key {
- string id = 1;
- string nonce = 2;
- string key = 3;
+ string id = 1;
+ string nonce = 2;
+ string key = 3;
+}
+
+enum CryptoAlgorithm {
+ AES_256_GCM = 0;
+ OTP = 1;
}
diff --git a/goKMS/config/config.go b/goKMS/config/config.go
index 7ea24a6cee7875a48aaa3810be9eeb0983c23258..c29da1cc48361e2b78dd3ed9a2c32f90f1af886c 100644
--- a/goKMS/config/config.go
+++ b/goKMS/config/config.go
@@ -13,6 +13,7 @@ type Config struct {
QuantumAddr string `yaml:"QuantumAddr"`
AKMS AKMS `yaml:"AKMS"`
GnmiBindAddress string `yaml:"GnmiBindAddress"`
+ KSACryptoAlgorithm string `yaml:"KSACryptoAlgorithm"`
KmsTLS TLSConfig `yaml:"KmsTLS"`
Peers []Peer `yaml:"Peers"`
GnmiTLS TLSConfig `yaml:"GnmiTLS"`
@@ -31,6 +32,7 @@ type AKMS struct {
type Peer struct {
PeerId string `yaml:"PeerId"`
PeerInterComAddr string `yaml:"PeerInterComAddr"`
+ CryptoAlgorithm string `yaml:"CryptoAlgorithm"`
Type string `yaml:"Type"`
QuantumModule QuantumModule `yaml:"QuantumModule"`
}
diff --git a/goKMS/gnmiHandlers/kms/assignForwardingHandler.go b/goKMS/gnmiHandlers/kms/assignForwardingHandler.go
index 01ebfedb3ed99aca35c08a531226893702f48210..bc4daedacc12d99e48b11db7179c5f36cc2dc3af 100644
--- a/goKMS/gnmiHandlers/kms/assignForwardingHandler.go
+++ b/goKMS/gnmiHandlers/kms/assignForwardingHandler.go
@@ -45,6 +45,8 @@ func (yh *AssignForwardingHandler) Update(c ygot.ValidatedGoStruct, jobs []*gnmi
return fmt.Errorf("failed type assertion for newConfig %T", (*gnmitargetygot.Gnmitarget)(nil))
}
+ log.Debugf("Received Update within AssignForwardingHandler")
+
forwarding := config.GetOrCreateAssignForwarding()
pathId := forwarding.GetPathId()
@@ -56,9 +58,11 @@ func (yh *AssignForwardingHandler) Update(c ygot.ValidatedGoStruct, jobs []*gnmi
if nextHop != nil {
nextHopString = nextHop.GetNodeId()
+ log.Debugf("AssignForwardingHandler - NextHopString: %s", nextHopString)
}
if prevHop != nil {
prevHopString = prevHop.GetNodeId()
+ log.Debugf("AssignForwardingHandler - PrevHopString: %s", prevHopString)
}
var initKMS *util.RemoteKMS
@@ -69,15 +73,16 @@ func (yh *AssignForwardingHandler) Update(c ygot.ValidatedGoStruct, jobs []*gnmi
addressPrefix = initiatingKmsAddress.GetIpAddress()
} else if initiatingKmsAddress.GetHostname() != "" {
addressPrefix = initiatingKmsAddress.GetHostname()
- } else {
- log.Error("initiatingKmsAddress must have either an IP address or a hostname")
- return fmt.Errorf("initiatingKmsAddress must have either an IP address or a hostname")
}
- initKMS = &util.RemoteKMS{
- Id: initiatingKmsAddress.GetNodeId(),
- Address: addressPrefix,
- Port: initiatingKmsAddress.GetPort(),
+ log.Debugf("AssignForwardingHandler - InitiatingKMSAddress was set with the following parameters: NodeId: %s, Hostname: %s, IpAddress: %s, Port: %d", initiatingKmsAddress.GetNodeId(), initiatingKmsAddress.GetHostname(), initiatingKmsAddress.GetIpAddress(), initiatingKmsAddress.GetPort())
+
+ if addressPrefix != "" {
+ initKMS = &util.RemoteKMS{
+ Id: initiatingKmsAddress.GetNodeId(),
+ Address: addressPrefix,
+ Port: initiatingKmsAddress.GetPort(),
+ }
}
}
diff --git a/goKMS/kms/akmsInterface/server/server.go b/goKMS/kms/akmsInterface/server/server.go
index c80409afc2f906cf64c1e8624f9dfb82fea0fcce..3ba4452c5e7a1f15dc6595d5b7ec7bf8398f6f0d 100644
--- a/goKMS/kms/akmsInterface/server/server.go
+++ b/goKMS/kms/akmsInterface/server/server.go
@@ -97,6 +97,9 @@ func ksaReqHandler(eventBus *event.EventBus, receiver *receiver.Receiver, genera
select {
case <-receiverChan:
+ if err := receiver.RemoveReceiver(pathId); err != nil {
+ logrus.Errorf("Failed removing receiver for pathId: %s ; err: %v", pathId, err)
+ }
case <-time.After(20 * time.Second):
if err := receiver.RemoveReceiver(pathId); err != nil {
logrus.Errorf("Failed removing receiver for pathId: %s ; err: %v", pathId, err)
diff --git a/goKMS/kms/crypto/aes.go b/goKMS/kms/crypto/aes.go
new file mode 100644
index 0000000000000000000000000000000000000000..30ba3cabc5541ac42d09fa53fa3d9ffdbec8ad32
--- /dev/null
+++ b/goKMS/kms/crypto/aes.go
@@ -0,0 +1,83 @@
+package crypto
+
+import (
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/rand"
+ "io"
+)
+
+// AES is an implementation of the CryptoAlgorithm interface.
+// AES provides the methods required for performing symmetric key encryption
+// and decryption using the AES algorithm.
+//
+// For this the aes package from the Go standard library is used.
+type AES struct {
+ name string
+}
+
+// NewAES creates a new instance of a AES struct.
+func NewAES(name string) *AES {
+ return &AES{
+ name: name,
+ }
+}
+
+// Encrypt encrypts the plaintext using a provided key.
+// The key should have a length of 16, 24 or 32 bytes to select AES-128,
+// AES-192 or AES-256.
+// The method returns the nonce, the encrypted output and an error if something
+// went wrong.
+func (a *AES) Encrypt(plaintext []byte, key []byte) ([]byte, []byte, error) {
+ // create a new cipher block from the key
+ c, err := aes.NewCipher(key)
+ if err != nil {
+ return nil, nil, err
+ }
+
+ // create a new block cipher wrapped in GCM with default nonce (12
+ // bytes) and tag size (16 bytes).
+ gcm, err := cipher.NewGCM(c)
+ if err != nil {
+ return nil, nil, err
+ }
+
+ // generate a random nonce of nonce size (12 bytes)
+ nonce := make([]byte, gcm.NonceSize())
+ if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
+ return nil, nil, err
+ }
+
+ // Encrypt the plaintext using AES-GCM
+ // Destination is set to nil, therefore seal only contains the
+ // ciphertext with the tag appended.
+ seal := gcm.Seal(nil, nonce, plaintext, nil)
+
+ return nonce, seal, nil
+}
+
+// Decrypt decrypts the ciphertext using the provided key and nonce.
+// The key should have a length of 16, 24 or 32 bytes to select AES-128,
+// AES-192 or AES-256.
+// The method returns the decrypted input.
+func (a *AES) Decrypt(nonce, ciphertext []byte, key []byte) ([]byte, error) {
+ // create a new cipher block from the key
+ c, err := aes.NewCipher(key)
+ if err != nil {
+ return nil, err
+ }
+
+ // create a new block cipher wrapped in GCM with default nonce (12
+ // bytes) and tag size (16 bytes).
+ gcm, err := cipher.NewGCM(c)
+ if err != nil {
+ return nil, err
+ }
+
+ // Decrypt the ciphertext using AES-GCM
+ return gcm.Open(nil, nonce, ciphertext, nil)
+}
+
+func (a *AES) Name() string {
+ return a.name
+}
diff --git a/goKMS/kms/crypto/crypto_test.go b/goKMS/kms/crypto/aes_test.go
similarity index 99%
rename from goKMS/kms/crypto/crypto_test.go
rename to goKMS/kms/crypto/aes_test.go
index 24dc8bd21eec0ddf6c3d702de2364f9eb8ffb02a..f6f4301c1927cf7da2e181548c855ceff7981b09 100644
--- a/goKMS/kms/crypto/crypto_test.go
+++ b/goKMS/kms/crypto/aes_test.go
@@ -49,7 +49,7 @@ func TestCrypto_AES_Encrypt(t *testing.T) {
t.Run(name, func(t *testing.T) {
t.Parallel()
- aes := NewAES()
+ aes := NewAES("AES-256-GCM")
nonce, cipherText, err := aes.Encrypt(test.plaintext, test.key)
if test.error {
assert.Error(t, err)
@@ -175,7 +175,7 @@ func TestCrypto_AES_Decrypt(t *testing.T) {
t.Run(name, func(t *testing.T) {
t.Parallel()
- aes := NewAES()
+ aes := NewAES("AES-256-GCM")
plainText, err := aes.Decrypt(test.nonce, test.cipherText, test.key)
if test.error {
assert.Error(t, err)
@@ -191,7 +191,7 @@ func TestCrypto_AES_EncryptAndDecryptPlaintext(t *testing.T) {
secret := []byte("this is a secret")
key := []byte{0xfe, 0x34, 0x64, 0x9e, 0xdf, 0x1a, 0xf1, 0xc, 0xb7, 0x28, 0xee, 0x98, 0xe7, 0x7, 0x40, 0x8f, 0x3b, 0x8, 0x9a, 0xad, 0x45, 0x7a, 0x21, 0xe8, 0x84, 0x79, 0xc5, 0x1b, 0x25, 0x13, 0xa2, 0x3c}
- aes := NewAES()
+ aes := NewAES("AES-256-GCM")
// encrypt the secret with encrypt method
nonce, encryptedSecret, err := aes.Encrypt(secret, key)
diff --git a/goKMS/kms/crypto/crypto.go b/goKMS/kms/crypto/crypto.go
index 960c8c921c2750029e30bb856fb7df99024e42a8..0b5b4e7bdb8e3b5f432adc443163bbbfe815c69d 100644
--- a/goKMS/kms/crypto/crypto.go
+++ b/goKMS/kms/crypto/crypto.go
@@ -1,12 +1,5 @@
package crypto
-import (
- "crypto/aes"
- "crypto/cipher"
- "crypto/rand"
- "io"
-)
-
// CryptoAlgorithm is an interface that provides the methods required for
// encryption and decryption of data.
// Currently only AES is supported, but this could be extended to support other
@@ -14,71 +7,5 @@ import (
type CryptoAlgorithm interface {
Encrypt(plaintext []byte, key []byte) ([]byte, []byte, error)
Decrypt(nonce, ciphertext []byte, key []byte) ([]byte, error)
-}
-
-// AES is an implementation of the CryptoAlgorithm interface.
-// AES provides the methods required for performing symmetric key encryption
-// and decryption using the AES algorithm.
-//
-// For this the aes package from the Go standard library is used.
-type AES struct{}
-
-// NewAES creates a new instance of a AES struct.
-func NewAES() *AES {
- return &AES{}
-}
-
-// Encrypt encrypts the plaintext using a provided key.
-// The key should have a length of 16, 24 or 32 bytes to select AES-128,
-// AES-192 or AES-256.
-// The method returns the nonce, the encrypted output and an error if something
-// went wrong.
-func (a *AES) Encrypt(plaintext []byte, key []byte) ([]byte, []byte, error) {
- // create a new cipher block from the key
- c, err := aes.NewCipher(key)
- if err != nil {
- return nil, nil, err
- }
-
- // create a new block cipher wrapped in GCM with default nonce (12
- // bytes) and tag size (16 bytes).
- gcm, err := cipher.NewGCM(c)
- if err != nil {
- return nil, nil, err
- }
-
- // generate a random nonce of nonce size (12 bytes)
- nonce := make([]byte, gcm.NonceSize())
- if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
- return nil, nil, err
- }
-
- // Encrypt the plaintext using AES-GCM
- // Destination is set to nil, therefore seal only contains the
- // ciphertext with the tag appended.
- seal := gcm.Seal(nil, nonce, plaintext, nil)
-
- return nonce, seal, nil
-}
-
-// Decrypt decrypts the ciphertext using the provided key and nonce.
-// The key should have a length of 16, 24 or 32 bytes to select AES-128,
-// AES-192 or AES-256.
-// The method returns the decrypted input.
-func (a *AES) Decrypt(nonce, ciphertext []byte, key []byte) ([]byte, error) {
- // create a new cipher block from the key
- c, err := aes.NewCipher(key)
- if err != nil {
- return nil, err
- }
-
- // create a new block cipher wrapped in GCM with default nonce (12
- // bytes) and tag size (16 bytes).
- gcm, err := cipher.NewGCM(c)
- if err != nil {
- return nil, err
- }
-
- // Decrypt the ciphertext using AES-GCM
- return gcm.Open(nil, nonce, ciphertext, nil)
+ Name() string
}
diff --git a/goKMS/kms/crypto/otp.go b/goKMS/kms/crypto/otp.go
new file mode 100644
index 0000000000000000000000000000000000000000..9deed97f1893deeb9dbf5e608b9dfd45c544f16d
--- /dev/null
+++ b/goKMS/kms/crypto/otp.go
@@ -0,0 +1,49 @@
+package crypto
+
+import "fmt"
+
+type OTP struct {
+ name string
+}
+
+func NewOTP(name string) *OTP {
+ return &OTP{
+ name: name,
+ }
+}
+
+func (o *OTP) Encrypt(plaintext []byte, key []byte) ([]byte, []byte, error) {
+ plainTextLen := len(plaintext)
+ keyLen := len(key)
+ if plainTextLen != keyLen {
+ return nil, nil, fmt.Errorf("For OTP the length of plaintext and key must not differ. Length of plaintext: %d, length of key: %d", plainTextLen, keyLen)
+ }
+
+ ciphertext := make([]byte, plainTextLen)
+
+ for i := range ciphertext {
+ ciphertext[i] = plaintext[i] ^ key[i]
+ }
+
+ return nil, ciphertext, nil
+}
+
+func (o *OTP) Decrypt(nonce, ciphertext []byte, key []byte) ([]byte, error) {
+ cipherTextLen := len(ciphertext)
+ keyLen := len(key)
+ if cipherTextLen != keyLen {
+ return nil, fmt.Errorf("For OTP the length of ciphertext and key must not differ. Length of ciphertext: %d, length of key: %d", cipherTextLen, keyLen)
+ }
+
+ plaintext := make([]byte, cipherTextLen)
+
+ for i := range plaintext {
+ plaintext[i] = ciphertext[i] ^ key[i]
+ }
+
+ return plaintext, nil
+}
+
+func (o *OTP) Name() string {
+ return o.name
+}
diff --git a/goKMS/kms/crypto/otp_test.go b/goKMS/kms/crypto/otp_test.go
new file mode 100644
index 0000000000000000000000000000000000000000..0f6bf530defbfd4d40feffcc9214bd30fa1d9e35
--- /dev/null
+++ b/goKMS/kms/crypto/otp_test.go
@@ -0,0 +1,40 @@
+package crypto
+
+import (
+ "crypto/rand"
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+// TestCrypto_OTP tests if a byte array is XOR'ed the proper way.
+func TestCrypto_OTP_XOR(t *testing.T) {
+ testByteArray := []byte{0xF}
+ testByteArray2 := []byte{0xF0}
+ resultByteArray := make([]byte, len(testByteArray))
+
+ for i := range testByteArray {
+ resultByteArray[i] = testByteArray[i] ^ testByteArray2[i]
+ }
+
+ assert.Equal(t, resultByteArray, []byte{0xFF})
+}
+
+func TestCrypto_OTP_EncryptAndDecryptPlaintext(t *testing.T) {
+ secret := []byte("this is a secret")
+
+ key := make([]byte, len(secret))
+ _, err := rand.Read(key)
+ assert.NoError(t, err)
+
+ otp := NewOTP("OTP")
+
+ // encrypt the secret with encrypt method
+ _, encryptedSecret, err := otp.Encrypt(secret, key)
+ assert.NoError(t, err)
+
+ // decrypt the encryptedSecret with decrypt method
+ decryptedSecret, err := otp.Decrypt(nil, encryptedSecret, key)
+ assert.NoError(t, err)
+ assert.Equal(t, secret, decryptedSecret)
+}
diff --git a/goKMS/kms/crypto/utils.go b/goKMS/kms/crypto/utils.go
index 2f4bab0accb02b6c0b69c753712931cefa3b2748..f5b02a636c5781cc353fb09d3acddfada62f6477 100644
--- a/goKMS/kms/crypto/utils.go
+++ b/goKMS/kms/crypto/utils.go
@@ -3,6 +3,7 @@ package crypto
import (
"crypto/rand"
"encoding/base64"
+ "fmt"
"github.com/google/uuid"
)
@@ -46,3 +47,14 @@ func Random256BitKey() (*Key, error) {
KeyAsBase64: keyAsBase64String,
}, nil
}
+
+func GetCryptoAlgorithmByName(cryptoAlgorithmName string) (CryptoAlgorithm, error) {
+ switch cryptoAlgorithmName {
+ case "AES_256_GCM":
+ return NewAES(cryptoAlgorithmName), nil
+ case "OTP":
+ return NewOTP(cryptoAlgorithmName), nil
+ default:
+ return nil, fmt.Errorf("The provided crypto algorithm name: %s is not supported.", cryptoAlgorithmName)
+ }
+}
diff --git a/goKMS/kms/kms.go b/goKMS/kms/kms.go
index 39c99108ce6bf382a279a81d2cf66917796b5fa2..6f80d75eb3f22beca59af7f5aa2fe9f5aa507fc8 100644
--- a/goKMS/kms/kms.go
+++ b/goKMS/kms/kms.go
@@ -69,7 +69,7 @@ type KMS struct {
remoteKMSMappingMutex sync.RWMutex
quantumModules map[string]peers.QuantumModule
quantumModulesMutex sync.RWMutex
- kmsPeersMutex sync.Mutex
+ kmsPeersMutex sync.RWMutex
// NOTE: There is probably a better way to handle this
PKStore map[string]map[uuid.UUID]*PlatformKey
PKStoreMutex sync.Mutex
@@ -85,8 +85,9 @@ type KMS struct {
ckmsAkmsClient *akmsInterfaceClient.CkmsAkmsClient
ckmsAkmsServer *akmsInterfaceServer.AKMSReceiverServer
// ETSI14 Server things
- etsi14Server *etsi14Server.ETSI14RESTService
- keyStoreChannel chan []crypto.KSAKey
+ etsi14Server *etsi14Server.ETSI14RESTService
+ keyStoreChannel chan []crypto.KSAKey
+ ksaCryptoAlgorithm crypto.CryptoAlgorithm
}
// Will keep information about the quantum elements that this EKMS is talking to
@@ -149,6 +150,13 @@ func NewKMS(kmsUUID uuid.UUID, logOutput io.Writer, logLevel log.Level, logInJso
createdKMS.supportedKeyLengths[BitKeyLen256] = true
+ // initialize KSA crypto algorithm
+ createdKMS.ksaCryptoAlgorithm, err = crypto.GetCryptoAlgorithmByName(config.KSACryptoAlgorithm)
+ if err != nil {
+ log.Info("No crypto algorithm provided, or not supported -> using default.")
+ createdKMS.ksaCryptoAlgorithm = crypto.NewAES("AES_256_GCM")
+ }
+
// start the inter communication gRPC server
go createdKMS.startGRPC()
@@ -235,7 +243,14 @@ func (kms *KMS) initializePeers(config *config.Config) error {
client.KmsTalkerClient = pbIC.NewKmsTalkerClient(newPeerConn)
}
- _, err = kms.AddPeer(peer.PeerId, peer.PeerInterComAddr, qm, client)
+ cryptoAlgorithm, err := crypto.GetCryptoAlgorithmByName(peer.CryptoAlgorithm)
+ if err != nil {
+ log.Info("No crypto algorithm provided, or not supported -> using default.")
+ cryptoAlgorithm = crypto.NewAES("AES_256_GCM")
+ }
+ log.Infof("Using %s as crypto algorithm", cryptoAlgorithm.Name())
+
+ _, err = kms.AddPeer(peer.PeerId, peer.PeerInterComAddr, qm, client, cryptoAlgorithm)
if err != nil {
log.Fatalf("Failed to create a peer: %s", err)
return nil
@@ -300,13 +315,14 @@ func (kms *KMS) AddQuantumElement(qm peers.QuantumModule) error {
return nil
}
-func (kms *KMS) AddPeer(peerKmsId string, kmsPeerSocket string, servingQLE peers.QuantumModule, client *peers.GRPCClient) (*peers.KmsPeer, error) {
+func (kms *KMS) AddPeer(peerKmsId string, kmsPeerSocket string, servingQLE peers.QuantumModule, client *peers.GRPCClient, cryptoAlgorithm crypto.CryptoAlgorithm) (*peers.KmsPeer, error) {
// check if peer exists
- if _, there := kms.KmsPeers[peerKmsId]; there {
+ _, err := kms.FindPeerById(peerKmsId)
+ if err == nil {
log.Errorf("Trying to add existing peer %s, with KMS ID %s", kmsPeerSocket, peerKmsId)
return nil, fmt.Errorf("trying to add existing peer %s, with KMS ID %s", kmsPeerSocket, peerKmsId)
}
- peer, err := peers.NewKmsPeer(peerKmsId, servingQLE, kmsPeerSocket, client, kms.eventBus, kms.gRPCTimeout)
+ peer, err := peers.NewKmsPeer(peerKmsId, servingQLE, cryptoAlgorithm, kmsPeerSocket, client, kms.eventBus, kms.gRPCTimeout)
if err != nil {
return nil, err
}
@@ -316,7 +332,37 @@ func (kms *KMS) AddPeer(peerKmsId string, kmsPeerSocket string, servingQLE peers
defer kms.kmsPeersMutex.Unlock()
kms.KmsPeers[peerKmsId] = peer
- // go peer.PeerHandler(kms.kmsName)
+ go func() {
+ restartWaitingTime := time.Duration(3) * time.Second
+ ticker := time.NewTicker(restartWaitingTime)
+ defer ticker.Stop()
+
+ InitialResetLoop:
+ for !peer.QuantumModule().IsActive() {
+ select {
+ case <-ticker.C:
+ if client := peer.Client().KmsTalkerClient; client != nil {
+ log.Debugf("Sending initial peer setup request to peer: %s with the request to reset the corresponding key store", peerKmsId)
+ ctx, cancel := context.WithTimeout(context.Background(), kms.gRPCTimeout)
+ defer cancel()
+ _, err := client.InterComCapabilities(ctx, &pbIC.InterComCapabilitiesRequest{
+ Timestamp: time.Now().Unix(),
+ KmsId: kms.kmsUUID.String(),
+ ResetKeyStore: true,
+ })
+ if err == nil {
+ if err := peer.QuantumModule().Initialize(); err != nil {
+ log.Fatalf("Failed to initialized quantum module: %s for peer: %s", peer.QuantumModule().ID(), peer.GetKmsPeerId())
+ }
+ log.Debugf("Successfully initialized quantum module: %s for peer %s", peer.QuantumModule().ID(), peerKmsId)
+ break InitialResetLoop
+ }
+ }
+ }
+ }
+ log.Debugf("Successfully initialized peer: %s", peerKmsId)
+ }()
+
return peer, nil
}
@@ -328,18 +374,16 @@ func (kms *KMS) AssignForwardingRoute(pId, pHop, nHop string, remoteKMS *util.Re
var previousHop *peers.KmsPeer
var nextHop *peers.KmsPeer
- var ok bool
if pHop != "" {
- previousHop, ok = kms.KmsPeers[pHop]
- if !ok {
+ previousHop, err = kms.FindPeerById(pHop)
+ if err != nil {
return fmt.Errorf("no peer found for %s", pHop)
}
}
if nHop != "" {
- nextHop, ok = kms.KmsPeers[nHop]
-
- if !ok {
- return fmt.Errorf("no peer found for %s", nHop)
+ nextHop, err = kms.FindPeerById(nHop)
+ if err != nil {
+ return fmt.Errorf("no peer found for %s", pHop)
}
}
@@ -460,9 +504,8 @@ func (kms *KMS) GenerateAndSendKSAKey(remoteKMSId string, pathId uuid.UUID, requ
ksaKeys := make([]*pbIC.Key, number)
akmsKSAKeys := make([]crypto.KSAKey, number)
- cryptoAlgo := crypto.NewAES()
for i := 0; i < number; i++ {
- ksaKey, akmsKSAKey, err := generateNewKSAKey(cryptoAlgo, platformKey.Value)
+ ksaKey, akmsKSAKey, err := generateNewKSAKey(kms.ksaCryptoAlgorithm, platformKey.Value)
if err != nil {
log.Error(err)
return err
@@ -495,25 +538,30 @@ func (kms *KMS) EventBus() *event.EventBus {
}
// TODO/XXX error handling.
-func (kms *KMS) RemovePeer(kmsPeerSocket string) {
- if _, there := kms.KmsPeers[kmsPeerSocket]; there {
- // peer.quit <- true
- delete(kms.KmsPeers, kmsPeerSocket)
- return
+func (kms *KMS) RemovePeer(kmsPeerSocket string) error {
+ _, err := kms.FindPeerById(kmsPeerSocket)
+ if err != nil {
+ return fmt.Errorf("Could not remove peer with id: %s, not found", kmsPeerSocket)
}
- log.Errorf("%s: Can not find a peer with socket: %s", kms.kmsName, kmsPeerSocket)
+
+ kms.kmsPeersMutex.Lock()
+ defer kms.kmsPeersMutex.Unlock()
+ // peer.quit <- true
+ delete(kms.KmsPeers, kmsPeerSocket)
+
+ return nil
}
-func (kms *KMS) FindPeerUuid(lookup uuid.UUID) (peer *peers.KmsPeer) {
- if kms.KmsPeers != nil {
- for _, peer = range kms.KmsPeers {
- if peer.GetKmsPeerId() == lookup {
- return peer
- }
- }
+func (kms *KMS) FindPeerById(id string) (*peers.KmsPeer, error) {
+ kms.kmsPeersMutex.RLock()
+ defer kms.kmsPeersMutex.RUnlock()
+
+ peer, ok := kms.KmsPeers[id]
+ if !ok {
+ return nil, fmt.Errorf("No peer found for id: %s", id)
}
- return nil
+ return peer, nil
}
func (kms *KMS) RoutingTableDeepCopy() map[uuid.UUID]*Route {
@@ -531,8 +579,8 @@ func (kms *KMS) RoutingTableDeepCopy() map[uuid.UUID]*Route {
func (kms *KMS) PeersDeepCopy() map[string]*peers.KmsPeer {
peersCopy := make(map[string]*peers.KmsPeer, len(kms.KmsPeers))
- kms.kmsPeersMutex.Lock()
- defer kms.kmsPeersMutex.Unlock()
+ kms.kmsPeersMutex.RLock()
+ defer kms.kmsPeersMutex.RUnlock()
for k, v := range kms.KmsPeers {
peersCopy[k] = v
}
@@ -619,16 +667,23 @@ func (kms *KMS) sendKSAKeysToPlatformKmsPeer(kmsPeerAddress, platformKeyID, requ
}
remoteClient := pbIC.NewKmsTalkerClient(remoteConn)
+ cryptoAlgorithmEnum, ok := pbIC.CryptoAlgorithm_value[kms.ksaCryptoAlgorithm.Name()]
+ if !ok {
+ log.Infof("Crypto algorithm provided: %s is not supported -> using default.", kms.ksaCryptoAlgorithm.Name())
+ return fmt.Errorf("Crypto algorithm provided: %s is not supported -> using default.", kms.ksaCryptoAlgorithm.Name())
+ }
+
ctx, cancel := context.WithTimeout(context.Background(), kms.gRPCTimeout)
// create a new context with some metadata
md := metadata.Pairs("hostname", kms.kmsName)
ctx = metadata.NewOutgoingContext(ctx, md)
defer cancel()
_, err = remoteClient.KeyDelivery(ctx, &pbIC.KeyDeliveryRequest{
- KeyId: platformKeyID,
- RequestId: requestID,
- KmsId: kms.kmsUUID.String(),
- Keys: ksaKeys,
+ KeyId: platformKeyID,
+ RequestId: requestID,
+ CryptoAlgorithm: pbIC.CryptoAlgorithm(cryptoAlgorithmEnum),
+ KmsId: kms.kmsUUID.String(),
+ Keys: ksaKeys,
})
if err != nil {
log.Error(err)
@@ -657,6 +712,9 @@ func (kms *KMS) exchangeKeyAfterETSI14GetKeyRequest(receivingCKMSID uuid.UUID, n
select {
case <-receiverChan:
+ if err := kms.receiver.RemoveReceiver(pathID); err != nil {
+ log.Errorf("Failed removing receiver for pathId: %s ; err: %v", pathID, err)
+ }
case <-time.After(20 * time.Second):
if err := kms.receiver.RemoveReceiver(pathID); err != nil {
log.Errorf("Failed removing receiver for pathId: %s ; err: %v", pathID, err)
@@ -690,9 +748,8 @@ func (kms *KMS) generateAndReturnKsaKey(receivingCKMSID, pathID uuid.UUID, numbe
ksaKeysToSendToRemoteKMS := make([]*pbIC.Key, number)
ksaKeysToReturn := make([]crypto.KSAKey, number)
- cryptoAlgo := crypto.NewAES()
for i := int64(0); i < number; i++ {
- remoteKSAKey, localKSAKey, err := generateNewKSAKey(cryptoAlgo, platformKey.Value)
+ remoteKSAKey, localKSAKey, err := generateNewKSAKey(kms.ksaCryptoAlgorithm, platformKey.Value)
if err != nil {
log.Error(err)
return nil, err
diff --git a/goKMS/kms/kmsintercom.go b/goKMS/kms/kmsintercom.go
index 1c52e43d92744e9b633978f165dfef0028681775..09c6bff8fc577701a290c0fe7e4f8c49f084759f 100644
--- a/goKMS/kms/kmsintercom.go
+++ b/goKMS/kms/kmsintercom.go
@@ -33,21 +33,37 @@ type kmsTalkerServer struct {
}
func (s *kmsTalkerServer) InterComCapabilities(ctx context.Context, in *pb.InterComCapabilitiesRequest) (capReply *pb.InterComCapabilitiesReply, err error) {
- log.Debugf("Received: %v", in.GetMyKmsName())
+ log.Debugf("Received InterComCapabilities request from peer KMS: %v", in.GetKmsId())
+
+ peerKmsId := in.GetKmsId()
+ peer, err := s.kms.FindPeerById(peerKmsId)
+ if err != nil {
+ return nil, status.Errorf(codes.Aborted, err.Error(), in.GetKmsId())
+ }
+
+ if in.ResetKeyStore {
+ log.Debugf("Resetting quantum module: %s for peer: %s", peer.QuantumModule().ID(), peerKmsId)
+ peer.QuantumModule().Reset()
+ log.Debugf("Initializing quantum module: %s for peer: %s", peer.QuantumModule().ID(), peerKmsId)
+ if err := peer.QuantumModule().Initialize(); err != nil {
+ return nil, status.Errorf(codes.Aborted, err.Error(), in.GetKmsId())
+ }
+ log.Debugf("Successfully initialized quantum module: %s for peer %s", peer.QuantumModule().ID(), peerKmsId)
+ }
// NOTE: InterComCapabilities should return the capabilities of the kms.
// This could include supported key sizes, crypto algorithms, etc.
// Therefore the proto definitions should be extended accordingly.
return &pb.InterComCapabilitiesReply{
+ Timestamp: time.Now().Unix(),
PeerKmsName: s.kms.kmsName,
}, nil
}
func (s *kmsTalkerServer) KeyIdNotification(ctx context.Context, in *pb.KeyIdNotificationRequest) (*pb.KeyIdNotificationResponse, error) {
- // check if a peer exists
- peer, ok := s.kms.KmsPeers[in.GetKmsId()]
- if !ok {
+ peer, err := s.kms.FindPeerById(in.GetKmsId())
+ if err != nil {
return nil, status.Errorf(codes.Internal, "peer with ID: %s does not exist in peers", in.GetKmsId())
}
@@ -56,6 +72,15 @@ func (s *kmsTalkerServer) KeyIdNotification(ctx context.Context, in *pb.KeyIdNot
return nil, status.Error(codes.Internal, "expected etsi014 quantum module")
}
+ switch {
+ case !eqm.IsActive():
+ log.Debugf("The key store for quantum module: %s is not active and denied incoming key sync attempts, current key store length: %d", eqm.ID(), eqm.KeyStore().Length())
+ return nil, status.Errorf(codes.Aborted, "The corresponding key store is not active and does not accept incoming key sync attempts")
+ case eqm.KeyStore().Length() >= int(eqm.MaxKeyFillLevel()):
+ log.Debugf("The key store for quantum module: %s is at its maximum key fill level and does not accept incoming key sync attempts", eqm.ID())
+ return nil, status.Errorf(codes.Aborted, "The corresponding key store is at its maximum key fill level and does not accept incoming key sync attempts")
+ }
+
etsi14KeyIds := make([]etsi14.KeyIDsRequestKeyIDsInner, len(in.KeyIds))
for i, keyid := range in.KeyIds {
etsi14KeyIds[i] = etsi14.KeyIDsRequestKeyIDsInner{
@@ -82,8 +107,8 @@ func (s *kmsTalkerServer) SyncQkdBulk(ctx context.Context, in *pb.SyncQkdBulkReq
p, _ := peer.FromContext(ctx)
log.Infof("Received SyncQkdBulkRequest from %s", p.Addr.String())
// check if a peer exists
- peer, ok := s.kms.KmsPeers[in.GetKmsId()]
- if !ok {
+ peer, err := s.kms.FindPeerById(in.GetKmsId())
+ if err != nil {
return nil, status.Errorf(codes.Internal, "peer with ID: %s does not exist in peers", in.GetKmsId())
}
@@ -107,8 +132,8 @@ func (s *kmsTalkerServer) SyncQkdBulk(ctx context.Context, in *pb.SyncQkdBulkReq
}
func (s *kmsTalkerServer) SyncKeyIdsForBulk(ctx context.Context, in *pb.SyncKeyIdsForBulkRequest) (*pb.SyncKeyIdsForBulkResponse, error) {
- peer, ok := s.kms.KmsPeers[in.GetKmsId()]
- if !ok {
+ peer, err := s.kms.FindPeerById(in.GetKmsId())
+ if err != nil {
return nil, status.Errorf(codes.Internal, "For KMS id: %s, no peer exists", in.GetKmsId())
}
@@ -131,7 +156,9 @@ func (s *kmsTalkerServer) SyncKeyIdsForBulk(ctx context.Context, in *pb.SyncKeyI
}
for keyId, key := range keyData {
- eqm.KeyStore().AddKey(keyId, key)
+ if err := eqm.KeyStore().AddKey(keyId, key); err != nil {
+ log.Error(err)
+ }
}
delete(eqm.RawBulkKeys, in.GetBulkId())
@@ -217,7 +244,12 @@ func (s *kmsTalkerServer) KeyForwarding(ctx context.Context, in *pb.KeyForwardin
return nil, status.Errorf(codes.InvalidArgument, "")
}
- decryptedKey, err := s.getDecryptedKey(decryptKey.Key, route.Previous.CryptoAlgo(), in.GetKey())
+ cryptoAlgorithm, err := crypto.GetCryptoAlgorithmByName(in.GetCryptoAlgorithm().String())
+ if err != nil {
+ return nil, status.Errorf(codes.Internal, "%s", err)
+ }
+
+ decryptedKey, err := s.getDecryptedKey(decryptKey.Key, cryptoAlgorithm, in.GetKey())
if err != nil {
return nil, status.Errorf(codes.Internal, "%s", err)
}
@@ -281,8 +313,11 @@ func (s *kmsTalkerServer) KeyDelivery(ctx context.Context, in *pb.KeyDeliveryReq
akmsKSAKeys := make([]crypto.KSAKey, len(in.Keys))
for i, key := range in.Keys {
// decrypt the key
- cryptoAlgo := crypto.NewAES()
- decryptedKSAKey, err := s.getDecryptedKey(platformKey.Value, cryptoAlgo, key)
+ cryptoAlgorithm, err := crypto.GetCryptoAlgorithmByName(in.GetCryptoAlgorithm().String())
+ if err != nil {
+ return nil, status.Errorf(codes.Internal, "%s", err)
+ }
+ decryptedKSAKey, err := s.getDecryptedKey(platformKey.Value, cryptoAlgorithm, key)
if err != nil {
return nil, status.Errorf(codes.Internal, "%s", err)
}
diff --git a/goKMS/kms/peers/danetQuantummodule.go b/goKMS/kms/peers/danetQuantummodule.go
index 797f906e41d95f69b4f605f8984b9eee4a5cbab6..fd967f6b7399512c104605d3c0a79c0b5c76bfe2 100644
--- a/goKMS/kms/peers/danetQuantummodule.go
+++ b/goKMS/kms/peers/danetQuantummodule.go
@@ -22,6 +22,7 @@ type DanetQuantumModule struct {
// QuantumElementLink *quantumlayer.QuantumlayerEmuPRNG // contains information about the quantum links
// key stores of unchopped bulk keys go here
addr string
+ active bool // determs if the module is active to receive keys
RawBulkKeysMutex sync.Mutex
RawBulkKeys map[int64]*quantumlayer.QuantumLayerBulkKey
keyStore *store.KmsKeyStore // the keys used between two peers.
@@ -35,6 +36,7 @@ func NewDanetQuantumModule(kmsUDPAddr string, kmsId string) *DanetQuantumModule
QlID: uuid.New(),
kmsId: kmsId,
addr: kmsUDPAddr,
+ active: false,
RawBulkKeys: make(map[int64]*quantumlayer.QuantumLayerBulkKey),
keyStore: store.NewKmsKeyStore(256),
kmsClient: nil,
@@ -48,9 +50,20 @@ func (qm *DanetQuantumModule) ID() uuid.UUID {
}
func (qm *DanetQuantumModule) Initialize() error {
+ qm.RawBulkKeysMutex.Lock()
+ defer qm.RawBulkKeysMutex.Unlock()
+ qm.active = true
return nil
}
+func (qm *DanetQuantumModule) Reset() {
+ qm.RawBulkKeysMutex.Lock()
+ defer qm.RawBulkKeysMutex.Unlock()
+ qm.active = false
+ qm.RawBulkKeys = make(map[int64]*quantumlayer.QuantumLayerBulkKey)
+ qm.KeyStore().Reset()
+}
+
func (qm *DanetQuantumModule) SetKmsPeerInformation(kmsClient *GRPCClient, kmsEventBus *event.EventBus, kmsTcpSocketStr string) error {
qm.kmsClient = kmsClient
qm.kmsEventBus = kmsEventBus
@@ -62,6 +75,14 @@ func (qm *DanetQuantumModule) Address() string {
return qm.addr
}
+func (qm *DanetQuantumModule) SetActive(active bool) {
+ qm.active = active
+}
+
+func (qm *DanetQuantumModule) IsActive() bool {
+ return qm.active
+}
+
func (qm *DanetQuantumModule) Sync() error {
rawBulkKeyIds := util.KeysOfMap(qm.RawBulkKeys)
log.Info("Found the following bulk key ids for usage: ", rawBulkKeyIds)
@@ -103,7 +124,9 @@ func (qm *DanetQuantumModule) Sync() error {
}
for keyId, key := range keyData {
- qm.keyStore.AddKey(keyId, key)
+ if err := qm.keyStore.AddKey(keyId, key); err != nil {
+ log.Error(err)
+ }
}
qm.RawBulkKeysMutex.Lock()
diff --git a/goKMS/kms/peers/etsi14Quantummodule.go b/goKMS/kms/peers/etsi14Quantummodule.go
index 0bd98eeadc5ad482ca34cb361231ef64133f8f59..b65f378050c34e8b0670898d2de1a9850a30f60e 100644
--- a/goKMS/kms/peers/etsi14Quantummodule.go
+++ b/goKMS/kms/peers/etsi14Quantummodule.go
@@ -31,6 +31,8 @@ type ETSI014HTTPQuantumModule struct {
keyFetchInterval int
keyFetchAmount int64
maxKeyFillLevel uint64
+ stopFetch context.CancelFunc
+ active bool
}
func NewETSI014HTTPQuantumModule(addr, kmsId, localSAEID, targetSAEID string, tlsConfig config.TLSConfig, master bool, keyFetchInterval int, keyFetchAmount int64, maxKeyFillLevel uint64) (*ETSI014HTTPQuantumModule, error) {
@@ -94,6 +96,7 @@ func NewETSI014HTTPQuantumModule(addr, kmsId, localSAEID, targetSAEID string, tl
keyFetchInterval: keyFetchInterval,
keyFetchAmount: keyFetchAmount,
maxKeyFillLevel: maxKeyFillLevel,
+ active: false,
}, nil
}
@@ -106,22 +109,56 @@ func (qm *ETSI014HTTPQuantumModule) Client() *etsi14ClientImpl.ClientImpl {
}
func (qm *ETSI014HTTPQuantumModule) Initialize() error {
- // start polling keys
- if qm.master {
- go func() {
- restartWaitingTime := time.Duration(2) * time.Minute
- ticker := time.NewTicker(restartWaitingTime)
- defer ticker.Stop()
-
- // immediately start with the ticker instead of waiting the defined amount
- for ; true; <-ticker.C {
- qm.doKeyFetching()
- }
- }()
+ if !qm.active {
+ var ctx context.Context
+ ctx, qm.stopFetch = context.WithCancel(context.Background())
+
+ qm.active = true
+
+ // start polling keys
+ if qm.master {
+ go func() {
+ restartWaitingTime := time.Duration(2) * time.Minute
+ ticker := time.NewTicker(restartWaitingTime)
+ defer ticker.Stop()
+
+ RestartFetchLoop:
+ for {
+ // immediately start with the ticker instead of waiting the defined amount
+ qm.doKeyFetching(ctx)
+ select {
+ case <-ticker.C:
+ continue
+ case <-ctx.Done():
+ break RestartFetchLoop
+ }
+ }
+ }()
+ }
}
return nil
}
+func (qm *ETSI014HTTPQuantumModule) Reset() {
+ if qm.master && qm.stopFetch != nil {
+ qm.stopFetch()
+ }
+ qm.active = false
+ qm.KeyStore().Reset()
+}
+
+func (qm *ETSI014HTTPQuantumModule) MaxKeyFillLevel() uint64 {
+ return qm.maxKeyFillLevel
+}
+
+func (qm *ETSI014HTTPQuantumModule) SetActive(active bool) {
+ qm.active = active
+}
+
+func (qm *ETSI014HTTPQuantumModule) IsActive() bool {
+ return qm.active
+}
+
func (qm *ETSI014HTTPQuantumModule) SetKmsPeerInformation(kmsClient *GRPCClient, kmsEventBus *event.EventBus, kmsTcpSocketStr string) error {
qm.kmsClient = kmsClient
return nil
@@ -176,52 +213,57 @@ func (qm *ETSI014HTTPQuantumModule) GetKeyWithIds(keyIds []etsi14ClientGenerated
return container, nil
}
-func (qm *ETSI014HTTPQuantumModule) doKeyFetching() {
+func (qm *ETSI014HTTPQuantumModule) doKeyFetching(ctx context.Context) {
ticker := time.NewTicker(time.Duration(qm.keyFetchInterval) * time.Second)
defer ticker.Stop()
failedAttemps := 0
- // TODO: add context/channel to stop
- for range ticker.C {
- if failedAttemps == maxFailedKeyRequestAttempts {
- log.Errorf("stopped trying to fetch keys from qkd module after %d tries", failedAttemps)
- break
- }
-
- if qm.keyStore.Length() < int(qm.maxKeyFillLevel) {
- container, err := qm.GetKeys(qm.keyFetchAmount, 256, nil, nil, nil)
- if err != nil {
- log.Error(err)
- failedAttemps++
- continue
+FetchLoop:
+ for {
+ select {
+ case <-ticker.C:
+ if failedAttemps == maxFailedKeyRequestAttempts {
+ log.Errorf("stopped trying to fetch keys from qkd module after %d tries", failedAttemps)
+ break FetchLoop
}
- keyIds := make([]string, len(container.GetKeys()))
- for i, keyItem := range container.GetKeys() {
- keyIds[i] = keyItem.GetKeyID()
+ if qm.keyStore.Length() < int(qm.maxKeyFillLevel) {
+ container, err := qm.GetKeys(qm.keyFetchAmount, 256, nil, nil, nil)
+ if err != nil {
+ log.Error(err)
+ failedAttemps++
+ continue
+ }
+
+ keyIds := make([]string, len(container.GetKeys()))
+ for i, keyItem := range container.GetKeys() {
+ keyIds[i] = keyItem.GetKeyID()
+ }
+
+ _, err = qm.kmsClient.KeyIdNotification(context.Background(),
+ &pbIC.KeyIdNotificationRequest{
+ Timestamp: time.Now().Unix(),
+ KmsId: qm.kmsId,
+ KeyIds: keyIds,
+ })
+ if err != nil {
+ log.Error(err)
+ failedAttemps++
+ continue
+ }
+
+ err = store.AddETSIKeysToKeystore(qm.keyStore, container.GetKeys())
+ if err != nil {
+ log.Error(err)
+ failedAttemps++
+ continue
+ }
+
+ failedAttemps = 0
}
-
- _, err = qm.kmsClient.KeyIdNotification(context.Background(),
- &pbIC.KeyIdNotificationRequest{
- Timestamp: time.Now().Unix(),
- KmsId: qm.kmsId,
- KeyIds: keyIds,
- })
- if err != nil {
- log.Error(err)
- failedAttemps++
- continue
- }
-
- err = store.AddETSIKeysToKeystore(qm.keyStore, container.GetKeys())
- if err != nil {
- log.Error(err)
- failedAttemps++
- continue
- }
-
- failedAttemps = 0
+ case <-ctx.Done():
+ break FetchLoop
}
}
}
diff --git a/goKMS/kms/peers/kmsPeer.go b/goKMS/kms/peers/kmsPeer.go
index d8049675b8e499d146709d4da80d72ea314b57f0..3f7e48b5fc1f3b99386e500c5664710fc79ff1d8 100644
--- a/goKMS/kms/peers/kmsPeer.go
+++ b/goKMS/kms/peers/kmsPeer.go
@@ -44,7 +44,7 @@ type KmsPeer struct {
gRPCTimeout time.Duration
tcpSocket *net.TCPAddr // the IP address and TCP port (aka socket) of the kms peer
TcpSocketStr string // string rep. of tcpSocket
- et crypto.CryptoAlgorithm
+ cryptoAlgorithm crypto.CryptoAlgorithm
// NOTE: currently not used, could be of usage later on
// name string // the name of the kms peer
quit chan bool // cancel the peer goroutine
@@ -52,7 +52,7 @@ type KmsPeer struct {
}
// TODO: check intercomaddr -> remove?
-func NewKmsPeer(peerKmsId string, quantummodule QuantumModule, tcpSocketStr string, client *GRPCClient, eventBus *event.EventBus, gRPCTimeout time.Duration) (*KmsPeer, error) {
+func NewKmsPeer(peerKmsId string, quantummodule QuantumModule, cryptoAlgorithm crypto.CryptoAlgorithm, tcpSocketStr string, client *GRPCClient, eventBus *event.EventBus, gRPCTimeout time.Duration) (*KmsPeer, error) {
var peerKmsIdUUID uuid.UUID
if peerKmsId == "" {
peerKmsIdUUID = uuid.New()
@@ -87,16 +87,12 @@ func NewKmsPeer(peerKmsId string, quantummodule QuantumModule, tcpSocketStr stri
servingQuantumModul: quantummodule,
tcpSocket: tcpSocket,
TcpSocketStr: tcpSocketStr,
- et: crypto.NewAES(),
+ cryptoAlgorithm: cryptoAlgorithm,
quit: make(chan bool),
eventBus: eventBus,
gRPCTimeout: gRPCTimeout,
}
- if err := quantummodule.Initialize(); err != nil {
- return nil, err
- }
-
return kmsPeer, nil
}
@@ -117,7 +113,7 @@ func (kp *KmsPeer) QuantumModule() QuantumModule {
}
func (kp *KmsPeer) CryptoAlgo() crypto.CryptoAlgorithm {
- return kp.et
+ return kp.cryptoAlgorithm
}
func (kp *KmsPeer) SyncBulkKeys() error {
@@ -176,7 +172,7 @@ func (kp *KmsPeer) SendPayload(payload *crypto.Key, pathId, processId uuid.UUID)
kp.servingQuantumModul.KeyStore().DeleteKey(key.KeyID)
- nonce, encryptedPayload, err := kp.et.Encrypt(payload.Key, key.Key)
+ nonce, encryptedPayload, err := kp.cryptoAlgorithm.Encrypt(payload.Key, key.Key)
if err != nil {
return err
}
@@ -186,12 +182,19 @@ func (kp *KmsPeer) SendPayload(payload *crypto.Key, pathId, processId uuid.UUID)
log.Infof("Sent encrypted Payload: %s with nonce: %s", encryptedPayloadAsString, nonceAsString)
+ cryptoAlgorithmEnum, ok := pbIC.CryptoAlgorithm_value[kp.cryptoAlgorithm.Name()]
+ if !ok {
+ log.Infof("Crypto algorithm provided: %s is not supported -> using default.", kp.cryptoAlgorithm.Name())
+ return fmt.Errorf("Crypto algorithm provided: %s is not supported -> using default.", kp.cryptoAlgorithm.Name())
+ }
+
ctx2, cancel2 := context.WithTimeout(context.Background(), kp.gRPCTimeout)
defer cancel2()
_, err = kp.peerClient.KeyForwarding(ctx2, &pbIC.KeyForwardingRequest{
- Timestamp: time.Now().Unix(),
- PathId: pathId.String(),
- ProcessId: processId.String(),
+ Timestamp: time.Now().Unix(),
+ PathId: pathId.String(),
+ ProcessId: processId.String(),
+ CryptoAlgorithm: pbIC.CryptoAlgorithm(cryptoAlgorithmEnum),
Key: &pbIC.Key{
Id: payload.ID.String(),
Nonce: nonceAsString,
@@ -216,3 +219,21 @@ func (kp *KmsPeer) SetStatus(updateStatus KmsPeerStatus) {
func (kp *KmsPeer) GetKmsPeerId() uuid.UUID {
return kp.peerKmsId
}
+
+func (kp *KmsPeer) ResetKeyStore(kmsId string) error {
+ switch client := kp.peerClient; {
+ case client.KmsTalkerClient != nil:
+ _, err := client.InterComCapabilities(context.Background(), &pbIC.InterComCapabilitiesRequest{
+ Timestamp: time.Now().Unix(),
+ KmsId: kmsId,
+ ResetKeyStore: true,
+ })
+ if err != nil {
+ return err
+ }
+ default:
+ return fmt.Errorf("No active peer client found")
+ }
+
+ return nil
+}
diff --git a/goKMS/kms/peers/quantummodule.go b/goKMS/kms/peers/quantummodule.go
index cb9753ac1fede1fcc0aa29f27894a54166a9ca22..50147997875a11039074ddbe9b919a3c5e4560da 100644
--- a/goKMS/kms/peers/quantummodule.go
+++ b/goKMS/kms/peers/quantummodule.go
@@ -22,4 +22,7 @@ type QuantumModule interface {
SetKeyStore(*store.KmsKeyStore)
Sync() error
Address() string
+ IsActive() bool
+ SetActive(bool)
+ Reset()
}
diff --git a/goKMS/kms/quipsec.go b/goKMS/kms/quipsec.go
index d2a850923c9f10ed3c28bd4eb98e00e996cb8638..da6c9c4ec4fad45007f0057338d7dce2035f7ea6 100644
--- a/goKMS/kms/quipsec.go
+++ b/goKMS/kms/quipsec.go
@@ -49,12 +49,16 @@ func (qs *quipSecServer) PushKeys(ctx context.Context, req *pb.PushKeysRequest)
}
eqm.RawBulkKeysMutex.Lock()
+ defer eqm.RawBulkKeysMutex.Unlock()
+ if !eqm.IsActive() {
+ logrus.Debugf("Quantum module: %s is not active and denied incoming bulk keys", eqm.ID())
+ return nil, status.Errorf(codes.Aborted, "Currently no new bulk keys are accepted")
+ }
eqm.RawBulkKeys[bulkKeyId] = &quantumlayer.QuantumLayerBulkKey{
BulkKeyId: bulkKeyId,
BulkKeyLength: int(req.GetKeyBulk().GetKeyLength()),
BulkKey: req.GetKeyBulk().Keys,
}
- eqm.RawBulkKeysMutex.Unlock()
logrus.Debugf("%s received a new bulk from: %s with id: %s and a length of: %d", qs.KMS.kmsName, qm.Address(), req.GetKeyBulk().GetKeyId(), req.GetKeyBulk().GetKeyLength())
return &pb.PushKeysResponse{Timestamp: time.Now().Unix()}, nil
diff --git a/goKMS/kms/store/kms-keystore.go b/goKMS/kms/store/kms-keystore.go
index 9a4334b1a7f2abacf635a586e93957e8c5769264..ef1a5212aa1933dc2ca104d64b72412bfb879c94 100644
--- a/goKMS/kms/store/kms-keystore.go
+++ b/goKMS/kms/store/kms-keystore.go
@@ -47,14 +47,13 @@ func (ks *KmsKeyStore) Length() int {
return len(ks.keyStore)
}
-func (ks *KmsKeyStore) AddKey(keyId uuid.UUID, keyToadd []byte) {
+func (ks *KmsKeyStore) AddKey(keyId uuid.UUID, keyToadd []byte) error {
ks.keyStoreMutex.Lock()
defer ks.keyStoreMutex.Unlock()
// test for collisions
- if _, notThere := ks.keyStore[keyId]; notThere {
- log.Errorf("Whop: addKey collisions of key id %s", keyId)
- return
+ if _, keyIdExists := ks.keyStore[keyId]; keyIdExists {
+ return fmt.Errorf("Key with id %s already exists", keyId)
}
newKeyElement := &KmsKSElement{
@@ -64,6 +63,7 @@ func (ks *KmsKeyStore) AddKey(keyId uuid.UUID, keyToadd []byte) {
}
// ok to add
ks.keyStore[newKeyElement.KeyID] = newKeyElement
+ return nil
}
func (ks *KmsKeyStore) GetKey() (*KmsKSElement, error) {
@@ -102,6 +102,12 @@ func (ks *KmsKeyStore) DeleteKey(keyId uuid.UUID) {
delete(ks.keyStore, keyId)
}
+func (ks *KmsKeyStore) Reset() {
+ ks.keyStoreMutex.Lock()
+ defer ks.keyStoreMutex.Unlock()
+ ks.keyStore = make(map[uuid.UUID]*KmsKSElement)
+}
+
func AddETSIKeysToKeystore(keyStore *KmsKeyStore, keyContainer []etsi14.KeyContainerKeysInner) error {
for _, keyItem := range keyContainer {
// decode base64 encoded key string
@@ -114,7 +120,10 @@ func AddETSIKeysToKeystore(keyStore *KmsKeyStore, keyContainer []etsi14.KeyConta
return err
}
// add to keystore
- keyStore.AddKey(keyId, key)
+ if err := keyStore.AddKey(keyId, key); err != nil {
+ log.Error(err)
+ }
}
+ log.Debugf("Current key store length: %d", keyStore.Length())
return nil
}
diff --git a/goKMS/qkdnManager/server.go b/goKMS/qkdnManager/server.go
index 8d496bc54dcbbe5a8d8e6093dd55865cb0bcfa90..c91cd81924e5a1c68ca72c1e0c6e0e90096b6c8c 100644
--- a/goKMS/qkdnManager/server.go
+++ b/goKMS/qkdnManager/server.go
@@ -3,6 +3,7 @@ package qkdnmanager
import (
"encoding/json"
"errors"
+ "fmt"
"net/http"
"time"
@@ -18,12 +19,14 @@ const operationalState = "operationalState"
const qkdInterface = "qkdInterface"
const interCKMSInterface = "interCKMSInterface"
const akmsInterface = "akmsInterface"
+const setKeyStore = "setKeyStore"
var endpoints = map[string]string{
operationalState: "/operationalState",
qkdInterface: "/qkdInterface",
interCKMSInterface: "/interCKMSInterface",
akmsInterface: "/akmsInterface",
+ setKeyStore: "/set_key_store",
}
type QkdnManagerServer struct {
@@ -72,6 +75,7 @@ func (qs *QkdnManagerServer) addHandlersToMux(mux *http.ServeMux) {
mux.HandleFunc(APIPrefix+endpoints[qkdInterface], qs.handleHttpQkdInterface)
mux.HandleFunc(APIPrefix+endpoints[interCKMSInterface], qs.handleHttpInterCKMSInterface)
mux.HandleFunc(APIPrefix+endpoints[akmsInterface], qs.handleHttpAkmsInterface)
+ mux.HandleFunc(APIPrefix+endpoints[setKeyStore], qs.handleSetKeyStore)
}
func (qs *QkdnManagerServer) startServer() {
@@ -127,7 +131,8 @@ func (qs *QkdnManagerServer) handleHttpInterCKMSInterface(w http.ResponseWriter,
logrus.Debugf("Handler for InterCKMSInterface got request from: %s", r.RemoteAddr)
var peers []Peer
- for _, peer := range qs.kms.KmsPeers {
+ peerMapCopy := qs.kms.PeersDeepCopy()
+ for _, peer := range peerMapCopy {
peers = append(peers, Peer{
Peer_ID: peer.GetKmsPeerId(),
Running: true,
@@ -153,7 +158,7 @@ func (qs *QkdnManagerServer) handleHttpInterCKMSInterface(w http.ResponseWriter,
}
func (qs *QkdnManagerServer) handleHttpAkmsInterface(w http.ResponseWriter, r *http.Request) {
- logrus.Debugf("Handler for AkmsInterface got requestfrom: %s", r.RemoteAddr)
+ logrus.Debugf("Handler for AkmsInterface got request from: %s", r.RemoteAddr)
data := &KmsData{
KMS_ID: qs.kms.GetID(),
@@ -172,3 +177,55 @@ func (qs *QkdnManagerServer) handleHttpAkmsInterface(w http.ResponseWriter, r *h
logrus.Error(err)
}
}
+
+func (qs *QkdnManagerServer) handleSetKeyStore(w http.ResponseWriter, r *http.Request) {
+ logrus.Debugf("Handler for SetKeyStore got request from: %s", r.RemoteAddr)
+
+ var parsedRequest struct {
+ KeyFillLevel int `json:"key_fill_level"`
+ PeerIDs []string `json:"peer_ids"`
+ Fetch bool `json:"fetch"`
+ }
+
+ err := json.NewDecoder(r.Body).Decode(&parsedRequest)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusBadRequest)
+ return
+ }
+
+ logrus.Debugf("KeyFillLevel: %d, PeerIDs: %v, Fetch: %t", parsedRequest.KeyFillLevel, parsedRequest.PeerIDs, parsedRequest.Fetch)
+
+ for _, peerID := range parsedRequest.PeerIDs {
+ peerUUID, err := uuid.Parse(peerID)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusBadRequest)
+ return
+ }
+ peer, err := qs.kms.FindPeerById(peerUUID.String())
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusBadRequest)
+ return
+ }
+ eqm := peer.QuantumModule()
+ if parsedRequest.Fetch == true {
+ if err := eqm.Initialize(); err != nil {
+ http.Error(w, fmt.Sprintf("Failed to restart fetching for quantum module of peer: %s", peerID), http.StatusBadRequest)
+ return
+ }
+ } else if parsedRequest.Fetch == false {
+ eqm.SetActive(false)
+ if err := peer.ResetKeyStore(qs.kms.GetID().String()); err != nil {
+ eqm.SetActive(true)
+ http.Error(w, fmt.Sprintf("Failed to reset keystore for quantum module of peer: %s", peerID), http.StatusBadRequest)
+ return
+ }
+ eqm.Reset()
+ }
+ }
+
+ w.WriteHeader(http.StatusOK)
+ _, err = w.Write([]byte("OK\n"))
+ if err != nil {
+ logrus.Error(err)
+ }
+}
diff --git a/integration-tests/code/getKSAKeyTest/getKSA_key_test.go b/integration-tests/code/getKSAKeyTest/getKSA_key_test.go
index 8fcc70042d87d4cdaf3fb3fbf01d238f3e95f8f4..f0e36b6de8afc130f152c96d1e4253cc78ba3496 100644
--- a/integration-tests/code/getKSAKeyTest/getKSA_key_test.go
+++ b/integration-tests/code/getKSAKeyTest/getKSA_key_test.go
@@ -193,7 +193,7 @@ func TestGetKSAKey(t *testing.T) { //nolint:gocyclo
err = json.Unmarshal(body, &logFile2)
if err != nil {
- t.Errorf("Error parsing body into PushKSAKeyRequest: %s", err)
+ t.Errorf("Error parsing logFile answer from AKMS: %s. \n Most likely the AKMS never received a ksa key. It told us: %s", err, string(body))
return
}
assert.NotNil(t, logFile2.Source)
diff --git a/integration-tests/code/integrationTestUtils/integrationTestUtils.go b/integration-tests/code/integrationTestUtils/integrationTestUtils.go
index 03122ab70bbeee43d21fd2eb1184487646765dad..ce98b597af4caf1e537a723502105ace11f094aa 100644
--- a/integration-tests/code/integrationTestUtils/integrationTestUtils.go
+++ b/integration-tests/code/integrationTestUtils/integrationTestUtils.go
@@ -24,3 +24,17 @@ func RunGosdncScript(script string, controllerURL string) (string, error) {
return outputString, err
}
+
+// Supports only kms00 to kms09.
+func RestartKMS(dockerComposeFilePath string, kmsNumber int) error {
+ cmd := exec.Command("docker-compose", "-f", dockerComposeFilePath, "restart", fmt.Sprintf("kms0%d", kmsNumber))
+
+ output, err := cmd.CombinedOutput()
+ outputString := string(output)
+
+ if strings.Contains(outputString, "error") || strings.Contains(outputString, "ERROR") || err != nil {
+ err = fmt.Errorf("error in output: %s", outputString)
+ }
+
+ return err
+}
diff --git a/integration-tests/code/testRestartOfKMSTest/testRestartOfKMS_test.go b/integration-tests/code/testRestartOfKMSTest/testRestartOfKMS_test.go
new file mode 100644
index 0000000000000000000000000000000000000000..838547a243364b16fe5fae480d4bdbbc231cd166
--- /dev/null
+++ b/integration-tests/code/testRestartOfKMSTest/testRestartOfKMS_test.go
@@ -0,0 +1,248 @@
+package integration_tests
+
+import (
+ "bytes"
+ "encoding/json"
+ "fmt"
+ "time"
+
+ "io"
+ "net/http"
+ "os"
+ "testing"
+
+ "code.fbi.h-da.de/danet/quant/goKMS/config"
+ kmstls "code.fbi.h-da.de/danet/quant/goKMS/kms/tls"
+ utils "code.fbi.h-da.de/danet/quant/integration-tests/code/integrationTestUtils"
+ "github.com/google/uuid"
+ "github.com/stretchr/testify/assert"
+)
+
+// For log file.
+type LogFile struct {
+ Source string `json:"source"`
+ Body PushKSAKeyRequest `json:"body"`
+}
+type PushKSAKeyRequest struct {
+ RequestID string `json:"request_ID"`
+ ProcessID string `json:"process_ID"`
+ KSAKeys []KSAKey `json:"ksa_keys"`
+}
+
+type KSAKey struct {
+ KeyID string `json:"key_ID"`
+ Key string `json:"key"`
+}
+
+// For request.
+type KeyProperties struct {
+ Number int `json:"number"`
+ KeyLength int `json:"key_length"`
+ Timeout int `json:"timeout"`
+ TTL int `json:"TTL"`
+}
+
+type RequestData struct {
+ ReceivingCKMSID string `json:"receiving_CKMS_ID"`
+ RequestID string `json:"request_ID"`
+ KeyProperties KeyProperties `json:"key_properties"`
+}
+
+func TestRestartOfKMS(t *testing.T) { //nolint:gocyclo
+ gosdncScript := "../../config/gosdnc/add_devices.sh"
+ gosdncScript_ENV := os.Getenv("INTEGRATION_TEST_GOSDNC_SCRIPT")
+ if gosdncScript_ENV != "" {
+ gosdncScript = gosdncScript_ENV
+ }
+ cleanupScript := "../../config/gosdnc/delete_devices.sh"
+ cleanupScript_ENV := os.Getenv("INTEGRATION_TEST_CLEANUP_SCRIPT")
+ if cleanupScript_ENV != "" {
+ cleanupScript = cleanupScript_ENV
+ }
+ controllerURL := "127.0.0.1:55055"
+ controllerURL_ENV := os.Getenv("INTEGRATION_TEST_CONTROLLER_URL")
+ if controllerURL_ENV != "" {
+ controllerURL = controllerURL_ENV
+ }
+ kms1AkmsURL := "127.0.0.1:9696"
+ kms1AkmsURL_ENV := os.Getenv("INTEGRATION_TEST_KMS1_AKMS_URL")
+ if kms1AkmsURL_ENV != "" {
+ kms1AkmsURL = kms1AkmsURL_ENV
+ }
+ logFileURL := "127.0.0.1:4444"
+ logFileURL_ENV := os.Getenv("INTEGRATION_TEST_LOG_FILE1_URL")
+ if logFileURL_ENV != "" {
+ logFileURL = logFileURL_ENV
+ }
+ logFileURL2 := "127.0.0.1:4445"
+ logFileURL_ENV2 := os.Getenv("INTEGRATION_TEST_LOG_FILE2_URL")
+ if logFileURL_ENV2 != "" {
+ logFileURL2 = logFileURL_ENV2
+ }
+
+ // Tell the qkdn-controller what devices to use.
+ _, err := utils.RunGosdncScript(gosdncScript, controllerURL)
+ if err != nil {
+ currentFolderPath := os.Getenv("PWD")
+ t.Errorf("Error running gosdnc script. Current folder path: %s, Error: %s", currentFolderPath, err)
+ }
+ defer utils.RunGosdncScript(cleanupScript, controllerURL) //nolint:errcheck
+
+ clients := getHttpClients(t)
+
+ for testRun := range []int{0, 1} {
+ cleanupLogFiles(t, clients, []string{logFileURL, logFileURL2})
+ requestId := uuid.New().String()
+
+ url := fmt.Sprintf("https://%s/api/v1/keys/ksa_key_req", kms1AkmsURL)
+ data := RequestData{
+ ReceivingCKMSID: "5e41c291-6121-4335-84f6-41e04b8bdaa2",
+ RequestID: requestId,
+ KeyProperties: KeyProperties{
+ Number: 1,
+ KeyLength: 256,
+ Timeout: 20,
+ TTL: 24,
+ },
+ }
+
+ jsonData, err := json.Marshal(data)
+ if err != nil {
+ fmt.Println(err)
+ return
+ }
+
+ resp, err := clients[0].Post(url, "application/json", bytes.NewBuffer(jsonData))
+ if err != nil {
+ t.Errorf("Error making HTTP request: %s", err)
+ return
+ }
+ defer resp.Body.Close() //nolint:errcheck
+
+ if resp.StatusCode != http.StatusNoContent {
+ t.Errorf("Expected status code 204 No Content, but got %d", resp.StatusCode)
+ }
+
+ // Get logfile of akms
+ resp, err = clients[0].Get("https://" + logFileURL + "/debug/get_log_file")
+ if err != nil {
+ t.Errorf("Error making HTTP request: %s", err)
+ return
+ }
+ defer resp.Body.Close() //nolint:errcheck
+
+ body, err := io.ReadAll(resp.Body)
+ if err != nil {
+ t.Errorf("Error reading response body: %s", err)
+ return
+ }
+
+ var logFile LogFile
+ err = json.Unmarshal(body, &logFile)
+ if err != nil {
+ t.Errorf("Error parsing logFile answer from AKMS: %s. \n Most likely the AKMS never received a ksa key. It told us: %s", err, string(body))
+ return
+ }
+ assert.NotNil(t, logFile.Source)
+ assert.Equal(t, requestId, logFile.Body.RequestID)
+ assert.NotNil(t, logFile.Body.ProcessID)
+ assert.Equal(t, 1, len(logFile.Body.KSAKeys))
+ assert.NotNil(t, logFile.Body.KSAKeys[0].KeyID)
+ assert.NotNil(t, logFile.Body.KSAKeys[0].Key)
+
+ time.Sleep(5 * time.Second)
+ resp, err = clients[1].Get("https://" + logFileURL2 + "/debug/get_log_file")
+ if err != nil {
+ t.Errorf("Error making HTTP request: %s", err)
+ return
+ }
+ defer resp.Body.Close() //nolint:errcheck
+
+ body, err = io.ReadAll(resp.Body)
+ if err != nil {
+ t.Errorf("Error reading response body: %s", err)
+ return
+ }
+ var logFile2 LogFile
+
+ err = json.Unmarshal(body, &logFile2)
+ if err != nil {
+ t.Errorf("Error parsing logFile answer from AKMS: %s. \n Most likely the AKMS never received a ksa key. It told us: %s", err, string(body))
+ return
+ }
+ assert.NotNil(t, logFile2.Source)
+ assert.Equal(t, requestId, logFile2.Body.RequestID)
+ assert.NotNil(t, logFile2.Body.ProcessID)
+ assert.Equal(t, 1, len(logFile2.Body.KSAKeys))
+ assert.NotNil(t, logFile2.Body.KSAKeys[0].KeyID)
+ assert.NotNil(t, logFile2.Body.KSAKeys[0].Key)
+
+ // Check that both log files are identical except for the source.
+ assert.NotEqual(t, logFile.Source, logFile2.Source)
+ assert.Equal(t, logFile.Body.RequestID, logFile2.Body.RequestID)
+ assert.Equal(t, logFile.Body.ProcessID, logFile2.Body.ProcessID)
+ assert.Equal(t, logFile.Body.KSAKeys[0].KeyID, logFile2.Body.KSAKeys[0].KeyID)
+ assert.Equal(t, logFile.Body.KSAKeys[0].Key, logFile2.Body.KSAKeys[0].Key)
+
+ if testRun == 0 {
+ // Restart KMS1
+ err = utils.RestartKMS("../../docker-compose.yml", 2)
+ if err != nil {
+ t.Errorf("Error restarting KMS: %s", err)
+ return
+ }
+ time.Sleep(30 * time.Second)
+ }
+ }
+}
+
+func getHttpClients(t *testing.T) []*http.Client {
+ // Get the clients for the two AKMS simulators.
+ // AKMS1
+ tlsConfig := config.TLSConfig{
+ Active: true,
+ CAFile: "../../../artifacts/integration-tests/ssl/ca.crt",
+ CertFile: "../../../artifacts/integration-tests/ssl/kms/kms1-selfsigned.crt",
+ KeyFile: "../../../artifacts/integration-tests/ssl/kms/kms1-selfsigned.key",
+ }
+
+ tlsConf, err := kmstls.GenerateTLSLibraryConfig(tlsConfig)
+ if err != nil {
+ t.Errorf("Error generating TLS config: %s", err)
+ }
+ transport := &http.Transport{
+ TLSClientConfig: tlsConf,
+ }
+ client1 := &http.Client{Transport: transport}
+
+ // AKMS2
+ tlsConfig = config.TLSConfig{
+ Active: true,
+ CAFile: "../../../artifacts/integration-tests/ssl/ca.crt",
+ CertFile: "../../../artifacts/integration-tests/ssl/kms/kms2-selfsigned.crt",
+ KeyFile: "../../../artifacts/integration-tests/ssl/kms/kms2-selfsigned.key",
+ }
+
+ tlsConf, err = kmstls.GenerateTLSLibraryConfig(tlsConfig)
+ if err != nil {
+ t.Errorf("Error generating TLS config: %s", err)
+ }
+ transport = &http.Transport{
+ TLSClientConfig: tlsConf,
+ }
+ client2 := &http.Client{Transport: transport}
+
+ return []*http.Client{client1, client2}
+}
+
+func cleanupLogFiles(t *testing.T, clients []*http.Client, logFileURLs []string) {
+ for i, url := range logFileURLs {
+ // Make sure logFiles for akms_simulator_1 don't exist.
+ request, _ := http.NewRequest("DELETE", "https://"+url+"/debug/get_log_file", nil)
+ _, err := clients[i].Do(request)
+ if err != nil {
+ t.Errorf("Error making HTTP request: %s", err)
+ return
+ }
+ }
+}
diff --git a/integration-tests/config/gosdnc/add_devices.sh b/integration-tests/config/gosdnc/add_devices.sh
index fac6c4f05e474d2aa7e049acfaa273bd733206f8..377fc421c5c8d278b129b12a4ac641bc0b3a993e 100755
--- a/integration-tests/config/gosdnc/add_devices.sh
+++ b/integration-tests/config/gosdnc/add_devices.sh
@@ -6,7 +6,7 @@
GOSDNC_PATH="../../../artifacts/gosdnc"
CONTROLLER_ADDRESS=$1
ADMINPW="TestPassword"
-KMS_PLUGIN="823aad29-69be-42f0-b279-90f2c1b6a94d"
+KMS_PLUGIN="e404ecf7-4860-41ee-9cee-3dd6af6c5e2b"
PND_UUID="5f20f34b-cbd0-4511-9ddc-c50cf6a3b49d"
cd ../../config/gosdnc
diff --git a/integration-tests/config/gosdnc/delete_devices.sh b/integration-tests/config/gosdnc/delete_devices.sh
index 2d5955ec1c56407e79ed0e871b7fed2502a73450..b5f05838152f2a5f019f4cd3c0a7ccbde2bb9020 100755
--- a/integration-tests/config/gosdnc/delete_devices.sh
+++ b/integration-tests/config/gosdnc/delete_devices.sh
@@ -3,7 +3,7 @@
GOSDNC_PATH="../../../artifacts/gosdnc"
GOSDN_ADDRESS=$1
ADMINPW="TestPassword"
-KMS_PLUGIN="823aad29-69be-42f0-b279-90f2c1b6a94d"
+KMS_PLUGIN="e404ecf7-4860-41ee-9cee-3dd6af6c5e2b"
PND_UUID="5f20f34b-cbd0-4511-9ddc-c50cf6a3b49d"
cd ../../config/gosdnc
diff --git a/integration-tests/config/kms/kms_1.yaml b/integration-tests/config/kms/kms_1.yaml
index 1e071d561c0064683422460e1e638eceaeb6dacf..4d55f40ce251477d1c0086aa453b42c599c8e29e 100644
--- a/integration-tests/config/kms/kms_1.yaml
+++ b/integration-tests/config/kms/kms_1.yaml
@@ -16,6 +16,7 @@ AKMS:
CertFile: "config/ssl/kms/kms1-selfsigned.crt"
KeyFile: "config/ssl/kms/kms1-selfsigned.key"
GRPCTimeoutInSeconds: 600
+KSACryptoAlgorithm: AES_256_GCM
KmsTLS:
Active: false
CAFile: "config/ssl/ca.crt"
@@ -25,6 +26,7 @@ Peers:
# peer to kms02
- PeerId: "5e41c291-6121-4335-84f6-41e04b8bdaa2"
PeerInterComAddr: kms02:50910
+ CryptoAlgorithm: AES_256_GCM
Type: danet
# quantum module of type emulated at the given address
QuantumModule:
diff --git a/integration-tests/config/kms/kms_1_otp.yaml b/integration-tests/config/kms/kms_1_otp.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..7fb15aa208665a61a8cded18c1b3a099e940e760
--- /dev/null
+++ b/integration-tests/config/kms/kms_1_otp.yaml
@@ -0,0 +1,37 @@
+Id: "0ff33c82-7fe1-482b-a0ca-67565806ee4b"
+Name: kms01
+InterComAddr: 0.0.0.0:50910
+QuantumAddr: 0.0.0.0:50911
+AKMS:
+ RemoteAddress: "https://akms-simulator_1:4444/api/v1/keys/push_ksa_key"
+ ServerPort: "9696"
+ ClientTLS:
+ Active: true
+ CAFile: "config/ssl/ca.crt"
+ CertFile: "config/ssl/kms/kms1-selfsigned.crt"
+ KeyFile: "config/ssl/kms/kms1-selfsigned.key"
+ ServerTLS:
+ Active: true
+ CAFile: "config/ssl/ca.crt"
+ CertFile: "config/ssl/kms/kms1-selfsigned.crt"
+ KeyFile: "config/ssl/kms/kms1-selfsigned.key"
+GRPCTimeoutInSeconds: 600
+KSACryptoAlgorithm: OTP
+KmsTLS:
+ Active: false
+ CAFile: "config/ssl/ca.crt"
+ CertFile: "config/ssl/kms/kms1-selfsigned.crt"
+ KeyFile: "config/ssl/kms/kms1-selfsigned.key"
+Peers:
+ # peer to kms02
+ - PeerId: "5e41c291-6121-4335-84f6-41e04b8bdaa2"
+ PeerInterComAddr: kms02:50910
+ CryptoAlgorithm: OTP
+ Type: danet
+ # quantum module of type emulated at the given address
+ QuantumModule:
+ Type: emulated
+ Hostname: quantumlayer_1
+ETSI14Server:
+ Address: ":1414"
+ RemoteCKMSID: "5e41c291-6121-4335-84f6-41e04b8bdaa2"
diff --git a/integration-tests/config/kms/kms_2.yaml b/integration-tests/config/kms/kms_2.yaml
index 58c54adee5ecd726acbb3785ad24970d7c7b25a4..b75d746da67c0c7d384b7e9ce576c78519a90db1 100644
--- a/integration-tests/config/kms/kms_2.yaml
+++ b/integration-tests/config/kms/kms_2.yaml
@@ -16,6 +16,7 @@ AKMS:
CertFile: "config/ssl/kms/kms2-selfsigned.crt"
KeyFile: "config/ssl/kms/kms2-selfsigned.key"
GRPCTimeoutInSeconds: 600
+KSACryptoAlgorithm: AES_256_GCM
KmsTLS:
Active: false
CAFile: "config/ssl/ca.crt"
@@ -25,6 +26,7 @@ Peers:
# peer to kms01
- PeerId: "0ff33c82-7fe1-482b-a0ca-67565806ee4b"
PeerInterComAddr: kms01:50910
+ CryptoAlgorithm: AES_256_GCM
Type: danet
# quantum module of type emulated at the given address
QuantumModule:
diff --git a/integration-tests/config/kms/kms_2_otp.yaml b/integration-tests/config/kms/kms_2_otp.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1c9dabfac692b70f05a6130419fa4b66a7354dd9
--- /dev/null
+++ b/integration-tests/config/kms/kms_2_otp.yaml
@@ -0,0 +1,37 @@
+Id: "5e41c291-6121-4335-84f6-41e04b8bdaa2"
+Name: kms02
+InterComAddr: 0.0.0.0:50910
+QuantumAddr: 0.0.0.0:50911
+AKMS:
+ RemoteAddress: "https://akms-simulator_2:4444/api/v1/keys/push_ksa_key"
+ ServerPort: "9696"
+ ClientTLS:
+ Active: true
+ CAFile: "config/ssl/ca.crt"
+ CertFile: "config/ssl/kms/kms2-selfsigned.crt"
+ KeyFile: "config/ssl/kms/kms2-selfsigned.key"
+ ServerTLS:
+ Active: true
+ CAFile: "config/ssl/ca.crt"
+ CertFile: "config/ssl/kms/kms2-selfsigned.crt"
+ KeyFile: "config/ssl/kms/kms2-selfsigned.key"
+GRPCTimeoutInSeconds: 600
+KSACryptoAlgorithm: OTP
+KmsTLS:
+ Active: false
+ CAFile: "config/ssl/ca.crt"
+ CertFile: "config/ssl/kms/kms2-selfsigned.crt"
+ KeyFile: "config/ssl/kms/kms2-selfsigned.key"
+Peers:
+ # peer to kms01
+ - PeerId: "0ff33c82-7fe1-482b-a0ca-67565806ee4b"
+ PeerInterComAddr: kms01:50910
+ CryptoAlgorithm: OTP
+ Type: danet
+ # quantum module of type emulated at the given address
+ QuantumModule:
+ Type: emulated
+ Hostname: quantumlayer_2
+ETSI14Server:
+ Address: ":1414"
+ RemoteCKMSID: "0ff33c82-7fe1-482b-a0ca-67565806ee4b"
diff --git a/integration-tests/docker-compose-otp.yml b/integration-tests/docker-compose-otp.yml
new file mode 100644
index 0000000000000000000000000000000000000000..50f043d1f732a8fb7fc8b8e4e18b1fa05021d472
--- /dev/null
+++ b/integration-tests/docker-compose-otp.yml
@@ -0,0 +1,111 @@
+services:
+ kms01:
+ image: gokms
+ command:
+ ["--log", "debug", "--kms_config", "/tmp/kms/config/kms_1_otp.yaml"]
+ volumes:
+ - ./config/kms/kms_1_otp.yaml:/tmp/kms/config/kms_1_otp.yaml
+ - ../artifacts/integration-tests/ssl:/config/ssl
+ ports:
+ - "127.0.0.1:7030:7030"
+ - "127.0.0.1:9696:9696"
+ - "127.0.0.1:1414:1414"
+
+ kms02:
+ image: gokms
+ command:
+ ["--log", "debug", "--kms_config", "/tmp/kms/config/kms_2_otp.yaml"]
+ volumes:
+ - ./config/kms/kms_2_otp.yaml:/tmp/kms/config/kms_2_otp.yaml
+ - ../artifacts/integration-tests/ssl:/config/ssl
+ ports:
+ - "127.0.0.1:7031:7030"
+ - "127.0.0.1:1415:1414"
+
+ quantumlayer_1:
+ image: quantumlayer
+ command:
+ [
+ "--log",
+ "debug",
+ "--config",
+ "/tmp/quantumlayer/config/quantumlayer_1.yaml",
+ ]
+ volumes:
+ - ./config/quantumlayer/quantumlayer_1.yaml:/tmp/quantumlayer/config/quantumlayer_1.yaml
+
+ quantumlayer_2:
+ image: quantumlayer
+ command:
+ [
+ "--log",
+ "debug",
+ "--config",
+ "/tmp/quantumlayer/config/quantumlayer_2.yaml",
+ ]
+ volumes:
+ - ./config/quantumlayer/quantumlayer_2.yaml:/tmp/quantumlayer/config/quantumlayer_2.yaml
+
+ akms-simulator_1:
+ image: akms-simulator
+ ports:
+ - "127.0.0.1:4444:4444"
+ volumes:
+ - ../artifacts/integration-tests/ssl:/config/ssl
+ command:
+ [
+ "--ca",
+ "config/ssl/ca.crt",
+ "--cert",
+ "config/ssl/kms/kms2-selfsigned.crt",
+ "--key",
+ "config/ssl/kms/kms2-selfsigned.key",
+ ]
+
+ akms-simulator_2:
+ image: akms-simulator
+ volumes:
+ - ../artifacts/integration-tests/ssl:/config/ssl
+ ports:
+ - "127.0.0.1:4445:4444"
+ command:
+ [
+ "--ca",
+ "config/ssl/ca.crt",
+ "--cert",
+ "config/ssl/kms/kms1-selfsigned.crt",
+ "--key",
+ "config/ssl/kms/kms1-selfsigned.key",
+ ]
+
+ qkdn-controller:
+ image: registry.code.fbi.h-da.de/demoquandt/qkdn-controller:qkdn-main
+ volumes:
+ - ./config/controller/qkdn-gosdn.toml:/app/configs/qkdn-gosdn.toml
+ - ./config/controller/gNMISubscriptions.txt:/app/configs/gNMISubscriptions.txt
+ command: --config ./configs/qkdn-gosdn.toml
+ ports:
+ - 0.0.0.0:55055:55055
+ - 127.0.0.1:8080:8080
+ - 127.0.0.1:40000:40000
+ environment:
+ GOSDN_ADMIN_PASSWORD: TestPassword
+
+ plugin-registry:
+ image: registry.code.fbi.h-da.de/demoquandt/qkdn-controller/plugin-registry:qkdn-main
+
+ mongo:
+ image: mongo:7
+ environment:
+ MONGO_INITDB_ROOT_USERNAME: root
+ MONGO_INITDB_ROOT_PASSWORD: example
+
+ rabbitmq:
+ image: rabbitmq:3-management
+
+ routing-app:
+ image: registry.code.fbi.h-da.de/demoquandt/qkdn-controller/routing-app:qkdn-main
+ entrypoint: ["./start_ra_sleep.sh"]
+ volumes:
+ - ./config/controller/start_ra_sleep.sh:/app/start_ra_sleep.sh
+ - ./config/controller/routing-config.yaml:/new/routing-config.yaml
diff --git a/quantumlayer/quantumlayer-emulator.go b/quantumlayer/quantumlayer-emulator.go
index 644306784330861ae972fcca6ae62f0fd0968cf5..e4766318989ae9413b3a1aa59682c765f75b8167 100644
--- a/quantumlayer/quantumlayer-emulator.go
+++ b/quantumlayer/quantumlayer-emulator.go
@@ -38,10 +38,15 @@ func (ql *QuantumlayerEmulator) Start() {
logrus.Error("Error generating random numbers: ", err)
continue
}
- err = ql.sendDatatoKMS(data, length, iteration)
- if err != nil {
- logrus.Error("Error sending data to KMS: ", err)
- continue
+
+ for {
+ err = ql.sendDatatoKMS(data, length, iteration)
+ if err != nil {
+ logrus.Error("Error sending data to KMS, will retry: ", err)
+ time.Sleep(1 * time.Second)
+ continue
+ }
+ break
}
logrus.Infof("Iteration %d: Sent %d bytes to KMS", iteration, length)
iteration++