s2a

package
v1.34.1-20240430201511... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: unknown License: Apache-2.0 Imports: 4 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Ciphersuite_name = map[int32]string{
		0: "CIPHERSUITE_UNSPECIFIED",
		1: "CIPHERSUITE_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
		2: "CIPHERSUITE_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
		3: "CIPHERSUITE_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
		4: "CIPHERSUITE_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
		5: "CIPHERSUITE_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
		6: "CIPHERSUITE_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
	}
	Ciphersuite_value = map[string]int32{
		"CIPHERSUITE_UNSPECIFIED":                               0,
		"CIPHERSUITE_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256":       1,
		"CIPHERSUITE_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384":       2,
		"CIPHERSUITE_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256": 3,
		"CIPHERSUITE_ECDHE_RSA_WITH_AES_128_GCM_SHA256":         4,
		"CIPHERSUITE_ECDHE_RSA_WITH_AES_256_GCM_SHA384":         5,
		"CIPHERSUITE_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256":   6,
	}
)

Enum value maps for Ciphersuite.

View Source 
var (
	TLSVersion_name = map[int32]string{
		0: "TLS_VERSION_UNSPECIFIED",
		1: "TLS_VERSION_1_0",
		2: "TLS_VERSION_1_1",
		3: "TLS_VERSION_1_2",
		4: "TLS_VERSION_1_3",
	}
	TLSVersion_value = map[string]int32{
		"TLS_VERSION_UNSPECIFIED": 0,
		"TLS_VERSION_1_0":         1,
		"TLS_VERSION_1_1":         2,
		"TLS_VERSION_1_2":         3,
		"TLS_VERSION_1_3":         4,
	}
)

Enum value maps for TLSVersion.

View Source 
var (
	ConnectionSide_name = map[int32]string{
		0: "CONNECTION_SIDE_UNSPECIFIED",
		1: "CONNECTION_SIDE_CLIENT",
		2: "CONNECTION_SIDE_SERVER",
	}
	ConnectionSide_value = map[string]int32{
		"CONNECTION_SIDE_UNSPECIFIED": 0,
		"CONNECTION_SIDE_CLIENT":      1,
		"CONNECTION_SIDE_SERVER":      2,
	}
)

Enum value maps for ConnectionSide.

View Source 
var (
	AlpnProtocol_name = map[int32]string{
		0: "ALPN_PROTOCOL_UNSPECIFIED",
		1: "ALPN_PROTOCOL_GRPC",
		2: "ALPN_PROTOCOL_HTTP2",
		3: "ALPN_PROTOCOL_HTTP1_1",
	}
	AlpnProtocol_value = map[string]int32{
		"ALPN_PROTOCOL_UNSPECIFIED": 0,
		"ALPN_PROTOCOL_GRPC":        1,
		"ALPN_PROTOCOL_HTTP2":       2,
		"ALPN_PROTOCOL_HTTP1_1":     3,
	}
)

Enum value maps for AlpnProtocol.

View Source 
var (
	SignatureAlgorithm_name = map[int32]string{
		0:  "S2A_SSL_SIGN_UNSPECIFIED",
		1:  "S2A_SSL_SIGN_RSA_PKCS1_SHA256",
		2:  "S2A_SSL_SIGN_RSA_PKCS1_SHA384",
		3:  "S2A_SSL_SIGN_RSA_PKCS1_SHA512",
		4:  "S2A_SSL_SIGN_ECDSA_SECP256R1_SHA256",
		5:  "S2A_SSL_SIGN_ECDSA_SECP384R1_SHA384",
		6:  "S2A_SSL_SIGN_ECDSA_SECP521R1_SHA512",
		7:  "S2A_SSL_SIGN_RSA_PSS_RSAE_SHA256",
		8:  "S2A_SSL_SIGN_RSA_PSS_RSAE_SHA384",
		9:  "S2A_SSL_SIGN_RSA_PSS_RSAE_SHA512",
		10: "S2A_SSL_SIGN_ED25519",
	}
	SignatureAlgorithm_value = map[string]int32{
		"S2A_SSL_SIGN_UNSPECIFIED":            0,
		"S2A_SSL_SIGN_RSA_PKCS1_SHA256":       1,
		"S2A_SSL_SIGN_RSA_PKCS1_SHA384":       2,
		"S2A_SSL_SIGN_RSA_PKCS1_SHA512":       3,
		"S2A_SSL_SIGN_ECDSA_SECP256R1_SHA256": 4,
		"S2A_SSL_SIGN_ECDSA_SECP384R1_SHA384": 5,
		"S2A_SSL_SIGN_ECDSA_SECP521R1_SHA512": 6,
		"S2A_SSL_SIGN_RSA_PSS_RSAE_SHA256":    7,
		"S2A_SSL_SIGN_RSA_PSS_RSAE_SHA384":    8,
		"S2A_SSL_SIGN_RSA_PSS_RSAE_SHA512":    9,
		"S2A_SSL_SIGN_ED25519":                10,
	}
)

Enum value maps for SignatureAlgorithm.

View Source 
var (
	GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate_name = map[int32]string{
		0: "UNSPECIFIED",
		1: "DONT_REQUEST_CLIENT_CERTIFICATE",
		2: "REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY",
		3: "REQUEST_CLIENT_CERTIFICATE_AND_VERIFY",
		4: "REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY",
		5: "REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY",
	}
	GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate_value = map[string]int32{
		"UNSPECIFIED":                                            0,
		"DONT_REQUEST_CLIENT_CERTIFICATE":                        1,
		"REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY":             2,
		"REQUEST_CLIENT_CERTIFICATE_AND_VERIFY":                  3,
		"REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY": 4,
		"REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY":      5,
	}
)

Enum value maps for GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate.

View Source 
var (
	OffloadPrivateKeyOperationReq_PrivateKeyOperation_name = map[int32]string{
		0: "UNSPECIFIED",
		1: "SIGN",
		2: "DECRYPT",
	}
	OffloadPrivateKeyOperationReq_PrivateKeyOperation_value = map[string]int32{
		"UNSPECIFIED": 0,
		"SIGN":        1,
		"DECRYPT":     2,
	}
)

Enum value maps for OffloadPrivateKeyOperationReq_PrivateKeyOperation.

View Source 
var (
	OffloadResumptionKeyOperationReq_ResumptionKeyOperation_name = map[int32]string{
		0: "UNSPECIFIED",
		1: "ENCRYPT",
		2: "DECRYPT",
	}
	OffloadResumptionKeyOperationReq_ResumptionKeyOperation_value = map[string]int32{
		"UNSPECIFIED": 0,
		"ENCRYPT":     1,
		"DECRYPT":     2,
	}
)

Enum value maps for OffloadResumptionKeyOperationReq_ResumptionKeyOperation.

View Source 
var (
	ValidatePeerCertificateChainReq_VerificationMode_name = map[int32]string{
		0: "UNSPECIFIED",
		1: "SPIFFE",
		2: "CONNECT_TO_GOOGLE",
	}
	ValidatePeerCertificateChainReq_VerificationMode_value = map[string]int32{
		"UNSPECIFIED":       0,
		"SPIFFE":            1,
		"CONNECT_TO_GOOGLE": 2,
	}
)

Enum value maps for ValidatePeerCertificateChainReq_VerificationMode.

View Source 
var (
	ValidatePeerCertificateChainResp_ValidationResult_name = map[int32]string{
		0: "UNSPECIFIED",
		1: "SUCCESS",
		2: "FAILURE",
	}
	ValidatePeerCertificateChainResp_ValidationResult_value = map[string]int32{
		"UNSPECIFIED": 0,
		"SUCCESS":     1,
		"FAILURE":     2,
	}
)

Enum value maps for ValidatePeerCertificateChainResp_ValidationResult.

View Source 
var File_grpc_gcp_s2a_common_proto protoreflect.FileDescriptor
View Source 
var File_grpc_gcp_s2a_s2a_context_proto protoreflect.FileDescriptor
View Source 
var File_grpc_gcp_s2a_s2a_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type AlpnPolicy 

type AlpnPolicy struct {

	// If true, the application MUST perform ALPN negotiation.
	EnableAlpnNegotiation bool `` /* 127-byte string literal not displayed */
	// The ordered list of ALPN protocols that specify how the application SHOULD
	// negotiate ALPN during the TLS handshake.
	//
	// The application MAY ignore any ALPN protocols in this list that are not
	// supported by the application.
	AlpnProtocols []AlpnProtocol `` /* 139-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*AlpnPolicy) Descriptor deprecated 

func (*AlpnPolicy) Descriptor() ([]byte, []int)

Deprecated: Use AlpnPolicy.ProtoReflect.Descriptor instead.

func (*AlpnPolicy) GetAlpnProtocols 

func (x *AlpnPolicy) GetAlpnProtocols() []AlpnProtocol

func (*AlpnPolicy) GetEnableAlpnNegotiation 

func (x *AlpnPolicy) GetEnableAlpnNegotiation() bool

func (*AlpnPolicy) ProtoMessage 

func (*AlpnPolicy) ProtoMessage()

func (*AlpnPolicy) ProtoReflect 

func (x *AlpnPolicy) ProtoReflect() protoreflect.Message

func (*AlpnPolicy) Reset 

func (x *AlpnPolicy) Reset()

func (*AlpnPolicy) String 

func (x *AlpnPolicy) String() string

type AlpnProtocol 

type AlpnProtocol int32

The ALPN protocols that the application can negotiate during a TLS handshake. 

const (
	AlpnProtocol_ALPN_PROTOCOL_UNSPECIFIED AlpnProtocol = 0
	AlpnProtocol_ALPN_PROTOCOL_GRPC        AlpnProtocol = 1
	AlpnProtocol_ALPN_PROTOCOL_HTTP2       AlpnProtocol = 2
	AlpnProtocol_ALPN_PROTOCOL_HTTP1_1     AlpnProtocol = 3
)

func (AlpnProtocol) Descriptor 

func (AlpnProtocol) Descriptor() protoreflect.EnumDescriptor

func (AlpnProtocol) Enum 

func (x AlpnProtocol) Enum() *AlpnProtocol

func (AlpnProtocol) EnumDescriptor deprecated 

func (AlpnProtocol) EnumDescriptor() ([]byte, []int)

Deprecated: Use AlpnProtocol.Descriptor instead.

func (AlpnProtocol) Number 

func (x AlpnProtocol) Number() protoreflect.EnumNumber

func (AlpnProtocol) String 

func (x AlpnProtocol) String() string

func (AlpnProtocol) Type 

func (AlpnProtocol) Type() protoreflect.EnumType

type AuthenticationMechanism 

type AuthenticationMechanism struct {

	// Applications may specify an identity associated to an authentication
	// mechanism. Otherwise, S2A assumes that the authentication mechanism is
	// associated with the default identity. If the default identity cannot be
	// determined, the request is rejected.
	Identity *Identity `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
	// Types that are assignable to MechanismOneof:
	//
	//	*AuthenticationMechanism_Token
	MechanismOneof isAuthenticationMechanism_MechanismOneof `protobuf_oneof:"mechanism_oneof"`
	// contains filtered or unexported fields
}

func (*AuthenticationMechanism) Descriptor deprecated 

func (*AuthenticationMechanism) Descriptor() ([]byte, []int)

Deprecated: Use AuthenticationMechanism.ProtoReflect.Descriptor instead.

func (*AuthenticationMechanism) GetIdentity 

func (x *AuthenticationMechanism) GetIdentity() *Identity

func (*AuthenticationMechanism) GetMechanismOneof 

func (m *AuthenticationMechanism) GetMechanismOneof() isAuthenticationMechanism_MechanismOneof

func (*AuthenticationMechanism) GetToken 

func (x *AuthenticationMechanism) GetToken() string

func (*AuthenticationMechanism) ProtoMessage 

func (*AuthenticationMechanism) ProtoMessage()

func (*AuthenticationMechanism) ProtoReflect 

func (x *AuthenticationMechanism) ProtoReflect() protoreflect.Message

func (*AuthenticationMechanism) Reset 

func (x *AuthenticationMechanism) Reset()

func (*AuthenticationMechanism) String 

func (x *AuthenticationMechanism) String() string

type AuthenticationMechanism_Token 

type AuthenticationMechanism_Token struct {
	// A token that the application uses to authenticate itself to S2A.
	Token string `protobuf:"bytes,2,opt,name=token,proto3,oneof"`
}

type Ciphersuite 

type Ciphersuite int32

The TLS 1.0-1.2 ciphersuites that the application can negotiate when using S2A. 

const (
	Ciphersuite_CIPHERSUITE_UNSPECIFIED                               Ciphersuite = 0
	Ciphersuite_CIPHERSUITE_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256       Ciphersuite = 1
	Ciphersuite_CIPHERSUITE_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384       Ciphersuite = 2
	Ciphersuite_CIPHERSUITE_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 Ciphersuite = 3
	Ciphersuite_CIPHERSUITE_ECDHE_RSA_WITH_AES_128_GCM_SHA256         Ciphersuite = 4
	Ciphersuite_CIPHERSUITE_ECDHE_RSA_WITH_AES_256_GCM_SHA384         Ciphersuite = 5
	Ciphersuite_CIPHERSUITE_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   Ciphersuite = 6
)

func (Ciphersuite) Descriptor 

func (Ciphersuite) Descriptor() protoreflect.EnumDescriptor

func (Ciphersuite) Enum 

func (x Ciphersuite) Enum() *Ciphersuite

func (Ciphersuite) EnumDescriptor deprecated 

func (Ciphersuite) EnumDescriptor() ([]byte, []int)

Deprecated: Use Ciphersuite.Descriptor instead.

func (Ciphersuite) Number 

func (x Ciphersuite) Number() protoreflect.EnumNumber

func (Ciphersuite) String 

func (x Ciphersuite) String() string

func (Ciphersuite) Type 

func (Ciphersuite) Type() protoreflect.EnumType

type ConnectionSide 

type ConnectionSide int32

The side in the TLS connection. 

const (
	ConnectionSide_CONNECTION_SIDE_UNSPECIFIED ConnectionSide = 0
	ConnectionSide_CONNECTION_SIDE_CLIENT      ConnectionSide = 1
	ConnectionSide_CONNECTION_SIDE_SERVER      ConnectionSide = 2
)

func (ConnectionSide) Descriptor 

func (ConnectionSide) Descriptor() protoreflect.EnumDescriptor

func (ConnectionSide) Enum 

func (x ConnectionSide) Enum() *ConnectionSide

func (ConnectionSide) EnumDescriptor deprecated 

func (ConnectionSide) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConnectionSide.Descriptor instead.

func (ConnectionSide) Number 

func (x ConnectionSide) Number() protoreflect.EnumNumber

func (ConnectionSide) String 

func (x ConnectionSide) String() string

func (ConnectionSide) Type 

func (ConnectionSide) Type() protoreflect.EnumType

type GetTlsConfigurationReq 

type GetTlsConfigurationReq struct {

	// The role of the application in the TLS connection.
	ConnectionSide ConnectionSide `` /* 137-byte string literal not displayed */
	// The server name indication (SNI) extension, which MAY be populated when a
	// server is offloading to S2A. The SNI is used to determine the server
	// identity if the local identity in the request is empty.
	Sni string `protobuf:"bytes,2,opt,name=sni,proto3" json:"sni,omitempty"`
	// contains filtered or unexported fields
}

func (*GetTlsConfigurationReq) Descriptor deprecated 

func (*GetTlsConfigurationReq) Descriptor() ([]byte, []int)

Deprecated: Use GetTlsConfigurationReq.ProtoReflect.Descriptor instead.

func (*GetTlsConfigurationReq) GetConnectionSide 

func (x *GetTlsConfigurationReq) GetConnectionSide() ConnectionSide

func (*GetTlsConfigurationReq) GetSni 

func (x *GetTlsConfigurationReq) GetSni() string

func (*GetTlsConfigurationReq) ProtoMessage 

func (*GetTlsConfigurationReq) ProtoMessage()

func (*GetTlsConfigurationReq) ProtoReflect 

func (x *GetTlsConfigurationReq) ProtoReflect() protoreflect.Message

func (*GetTlsConfigurationReq) Reset 

func (x *GetTlsConfigurationReq) Reset()

func (*GetTlsConfigurationReq) String 

func (x *GetTlsConfigurationReq) String() string

type GetTlsConfigurationResp 

type GetTlsConfigurationResp struct {

	// Types that are assignable to TlsConfiguration:
	//
	//	*GetTlsConfigurationResp_ClientTlsConfiguration_
	//	*GetTlsConfigurationResp_ServerTlsConfiguration_
	TlsConfiguration isGetTlsConfigurationResp_TlsConfiguration `protobuf_oneof:"tls_configuration"`
	// contains filtered or unexported fields
}

func (*GetTlsConfigurationResp) Descriptor deprecated 

func (*GetTlsConfigurationResp) Descriptor() ([]byte, []int)

Deprecated: Use GetTlsConfigurationResp.ProtoReflect.Descriptor instead.

func (*GetTlsConfigurationResp) GetClientTlsConfiguration 

func (x *GetTlsConfigurationResp) GetClientTlsConfiguration() *GetTlsConfigurationResp_ClientTlsConfiguration

func (*GetTlsConfigurationResp) GetServerTlsConfiguration 

func (x *GetTlsConfigurationResp) GetServerTlsConfiguration() *GetTlsConfigurationResp_ServerTlsConfiguration

func (*GetTlsConfigurationResp) GetTlsConfiguration 

func (m *GetTlsConfigurationResp) GetTlsConfiguration() isGetTlsConfigurationResp_TlsConfiguration

func (*GetTlsConfigurationResp) ProtoMessage 

func (*GetTlsConfigurationResp) ProtoMessage()

func (*GetTlsConfigurationResp) ProtoReflect 

func (x *GetTlsConfigurationResp) ProtoReflect() protoreflect.Message

func (*GetTlsConfigurationResp) Reset 

func (x *GetTlsConfigurationResp) Reset()

func (*GetTlsConfigurationResp) String 

func (x *GetTlsConfigurationResp) String() string

type GetTlsConfigurationResp_ClientTlsConfiguration 

type GetTlsConfigurationResp_ClientTlsConfiguration struct {

	// The certificate chain that the client MUST use for the TLS handshake.
	// It's a list of PEM-encoded certificates, ordered from leaf to root,
	// excluding the root.
	CertificateChain []string `protobuf:"bytes,1,rep,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
	// The minimum TLS version number that the client MUST use for the TLS
	// handshake. If this field is not provided, the client MUST use the default
	// minimum version of the client's TLS library.
	MinTlsVersion TLSVersion `` /* 132-byte string literal not displayed */
	// The maximum TLS version number that the client MUST use for the TLS
	// handshake. If this field is not provided, the client MUST use the default
	// maximum version of the client's TLS library.
	MaxTlsVersion TLSVersion `` /* 132-byte string literal not displayed */
	// The ordered list of TLS 1.0-1.2 ciphersuites that the client MAY offer to
	// negotiate in the TLS handshake.
	Ciphersuites []Ciphersuite `protobuf:"varint,6,rep,packed,name=ciphersuites,proto3,enum=grpc.gcp.s2a.Ciphersuite" json:"ciphersuites,omitempty"`
	// The policy that dictates how the client negotiates ALPN during the TLS
	// handshake.
	AlpnPolicy *AlpnPolicy `protobuf:"bytes,7,opt,name=alpn_policy,json=alpnPolicy,proto3" json:"alpn_policy,omitempty"`
	// contains filtered or unexported fields
}

Next ID: 8

func (*GetTlsConfigurationResp_ClientTlsConfiguration) Descriptor deprecated 

func (*GetTlsConfigurationResp_ClientTlsConfiguration) Descriptor() ([]byte, []int)

Deprecated: Use GetTlsConfigurationResp_ClientTlsConfiguration.ProtoReflect.Descriptor instead.

func (*GetTlsConfigurationResp_ClientTlsConfiguration) GetAlpnPolicy 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) GetAlpnPolicy() *AlpnPolicy

func (*GetTlsConfigurationResp_ClientTlsConfiguration) GetCertificateChain 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) GetCertificateChain() []string

func (*GetTlsConfigurationResp_ClientTlsConfiguration) GetCiphersuites 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) GetCiphersuites() []Ciphersuite

func (*GetTlsConfigurationResp_ClientTlsConfiguration) GetMaxTlsVersion 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) GetMaxTlsVersion() TLSVersion

func (*GetTlsConfigurationResp_ClientTlsConfiguration) GetMinTlsVersion 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) GetMinTlsVersion() TLSVersion

func (*GetTlsConfigurationResp_ClientTlsConfiguration) ProtoMessage 

func (*GetTlsConfigurationResp_ClientTlsConfiguration) ProtoMessage()

func (*GetTlsConfigurationResp_ClientTlsConfiguration) ProtoReflect 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) ProtoReflect() protoreflect.Message

func (*GetTlsConfigurationResp_ClientTlsConfiguration) Reset 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) Reset()

func (*GetTlsConfigurationResp_ClientTlsConfiguration) String 

func (x *GetTlsConfigurationResp_ClientTlsConfiguration) String() string

type GetTlsConfigurationResp_ClientTlsConfiguration_ 

type GetTlsConfigurationResp_ClientTlsConfiguration_ struct {
	ClientTlsConfiguration *GetTlsConfigurationResp_ClientTlsConfiguration `protobuf:"bytes,1,opt,name=client_tls_configuration,json=clientTlsConfiguration,proto3,oneof"`
}

type GetTlsConfigurationResp_ServerTlsConfiguration 

type GetTlsConfigurationResp_ServerTlsConfiguration struct {

	// The certificate chain that the server MUST use for the TLS handshake.
	// It's a list of PEM-encoded certificates, ordered from leaf to root,
	// excluding the root.
	CertificateChain []string `protobuf:"bytes,1,rep,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
	// The minimum TLS version number that the server MUST use for the TLS
	// handshake. If this field is not provided, the server MUST use the default
	// minimum version of the server's TLS library.
	MinTlsVersion TLSVersion `` /* 132-byte string literal not displayed */
	// The maximum TLS version number that the server MUST use for the TLS
	// handshake. If this field is not provided, the server MUST use the default
	// maximum version of the server's TLS library.
	MaxTlsVersion TLSVersion `` /* 132-byte string literal not displayed */
	// The ordered list of TLS 1.0-1.2 ciphersuites that the server MAY offer to
	// negotiate in the TLS handshake.
	Ciphersuites []Ciphersuite `protobuf:"varint,10,rep,packed,name=ciphersuites,proto3,enum=grpc.gcp.s2a.Ciphersuite" json:"ciphersuites,omitempty"`
	// Whether to enable TLS resumption.
	TlsResumptionEnabled bool `protobuf:"varint,6,opt,name=tls_resumption_enabled,json=tlsResumptionEnabled,proto3" json:"tls_resumption_enabled,omitempty"`
	// Whether the server MUST request a client certificate (i.e. to negotiate
	// TLS vs. mTLS).
	RequestClientCertificate GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate `` /* 226-byte string literal not displayed */
	// Returns the maximum number of extra bytes that
	// |OffloadResumptionKeyOperation| can add to the number of unencrypted
	// bytes to form the encrypted bytes.
	MaxOverheadOfTicketAead uint32 `` /* 137-byte string literal not displayed */
	// The policy that dictates how the server negotiates ALPN during the TLS
	// handshake.
	AlpnPolicy *AlpnPolicy `protobuf:"bytes,11,opt,name=alpn_policy,json=alpnPolicy,proto3" json:"alpn_policy,omitempty"`
	// contains filtered or unexported fields
}

Next ID: 12

func (*GetTlsConfigurationResp_ServerTlsConfiguration) Descriptor deprecated 

func (*GetTlsConfigurationResp_ServerTlsConfiguration) Descriptor() ([]byte, []int)

Deprecated: Use GetTlsConfigurationResp_ServerTlsConfiguration.ProtoReflect.Descriptor instead.

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetAlpnPolicy 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetAlpnPolicy() *AlpnPolicy

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetCertificateChain 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetCertificateChain() []string

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetCiphersuites 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetCiphersuites() []Ciphersuite

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetMaxOverheadOfTicketAead 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetMaxOverheadOfTicketAead() uint32

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetMaxTlsVersion 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetMaxTlsVersion() TLSVersion

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetMinTlsVersion 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetMinTlsVersion() TLSVersion

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetRequestClientCertificate 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetRequestClientCertificate() GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate

func (*GetTlsConfigurationResp_ServerTlsConfiguration) GetTlsResumptionEnabled 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) GetTlsResumptionEnabled() bool

func (*GetTlsConfigurationResp_ServerTlsConfiguration) ProtoMessage 

func (*GetTlsConfigurationResp_ServerTlsConfiguration) ProtoMessage()

func (*GetTlsConfigurationResp_ServerTlsConfiguration) ProtoReflect 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) ProtoReflect() protoreflect.Message

func (*GetTlsConfigurationResp_ServerTlsConfiguration) Reset 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) Reset()

func (*GetTlsConfigurationResp_ServerTlsConfiguration) String 

func (x *GetTlsConfigurationResp_ServerTlsConfiguration) String() string

type GetTlsConfigurationResp_ServerTlsConfiguration_ 

type GetTlsConfigurationResp_ServerTlsConfiguration_ struct {
	ServerTlsConfiguration *GetTlsConfigurationResp_ServerTlsConfiguration `protobuf:"bytes,2,opt,name=server_tls_configuration,json=serverTlsConfiguration,proto3,oneof"`
}

type GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate 

type GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate int32
const (
	GetTlsConfigurationResp_ServerTlsConfiguration_UNSPECIFIED                                            GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate = 0
	GetTlsConfigurationResp_ServerTlsConfiguration_DONT_REQUEST_CLIENT_CERTIFICATE                        GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate = 1
	GetTlsConfigurationResp_ServerTlsConfiguration_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY             GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate = 2
	GetTlsConfigurationResp_ServerTlsConfiguration_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY                  GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate = 3
	GetTlsConfigurationResp_ServerTlsConfiguration_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate = 4
	GetTlsConfigurationResp_ServerTlsConfiguration_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY      GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate = 5
)

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Descriptor 

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Descriptor() protoreflect.EnumDescriptor

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Enum 

func (x GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Enum() *GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) EnumDescriptor deprecated 

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) EnumDescriptor() ([]byte, []int)

Deprecated: Use GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate.Descriptor instead.

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Number 

func (x GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Number() protoreflect.EnumNumber

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) String 

func (x GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) String() string

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Type 

func (GetTlsConfigurationResp_ServerTlsConfiguration_RequestClientCertificate) Type() protoreflect.EnumType

type Identity 

type Identity struct {

	// Types that are assignable to IdentityOneof:
	//
	//	*Identity_SpiffeId
	//	*Identity_Hostname
	//	*Identity_Uid
	//	*Identity_Username
	//	*Identity_GcpId
	IdentityOneof isIdentity_IdentityOneof `protobuf_oneof:"identity_oneof"`
	// Additional identity-specific attributes.
	Attributes map[string]string `` /* 161-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*Identity) Descriptor deprecated 

func (*Identity) Descriptor() ([]byte, []int)

Deprecated: Use Identity.ProtoReflect.Descriptor instead.

func (*Identity) GetAttributes 

func (x *Identity) GetAttributes() map[string]string

func (*Identity) GetGcpId 

func (x *Identity) GetGcpId() string

func (*Identity) GetHostname 

func (x *Identity) GetHostname() string

func (*Identity) GetIdentityOneof 

func (m *Identity) GetIdentityOneof() isIdentity_IdentityOneof

func (*Identity) GetSpiffeId 

func (x *Identity) GetSpiffeId() string

func (*Identity) GetUid 

func (x *Identity) GetUid() string

func (*Identity) GetUsername 

func (x *Identity) GetUsername() string

func (*Identity) ProtoMessage 

func (*Identity) ProtoMessage()

func (*Identity) ProtoReflect 

func (x *Identity) ProtoReflect() protoreflect.Message

func (*Identity) Reset 

func (x *Identity) Reset()

func (*Identity) String 

func (x *Identity) String() string

type Identity_GcpId 

type Identity_GcpId struct {
	// The GCP ID of a connection endpoint.
	GcpId string `protobuf:"bytes,6,opt,name=gcp_id,json=gcpId,proto3,oneof"`
}

type Identity_Hostname 

type Identity_Hostname struct {
	// The hostname of a connection endpoint.
	Hostname string `protobuf:"bytes,2,opt,name=hostname,proto3,oneof"`
}

type Identity_SpiffeId 

type Identity_SpiffeId struct {
	// The SPIFFE ID of a connection endpoint.
	SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3,oneof"`
}

type Identity_Uid 

type Identity_Uid struct {
	// The UID of a connection endpoint.
	Uid string `protobuf:"bytes,4,opt,name=uid,proto3,oneof"`
}

type Identity_Username 

type Identity_Username struct {
	// The username of a connection endpoint.
	Username string `protobuf:"bytes,5,opt,name=username,proto3,oneof"`
}

type OffloadPrivateKeyOperationReq 

type OffloadPrivateKeyOperationReq struct {

	// The operation the private key is used for.
	Operation OffloadPrivateKeyOperationReq_PrivateKeyOperation `` /* 140-byte string literal not displayed */
	// The signature algorithm to be used for signing operations.
	SignatureAlgorithm SignatureAlgorithm `` /* 153-byte string literal not displayed */
	// The input bytes to be signed or decrypted.
	//
	// Types that are assignable to InBytes:
	//
	//	*OffloadPrivateKeyOperationReq_RawBytes
	//	*OffloadPrivateKeyOperationReq_Sha256Digest
	//	*OffloadPrivateKeyOperationReq_Sha384Digest
	//	*OffloadPrivateKeyOperationReq_Sha512Digest
	InBytes isOffloadPrivateKeyOperationReq_InBytes `protobuf_oneof:"in_bytes"`
	// contains filtered or unexported fields
}

func (*OffloadPrivateKeyOperationReq) Descriptor deprecated 

func (*OffloadPrivateKeyOperationReq) Descriptor() ([]byte, []int)

Deprecated: Use OffloadPrivateKeyOperationReq.ProtoReflect.Descriptor instead.

func (*OffloadPrivateKeyOperationReq) GetInBytes 

func (m *OffloadPrivateKeyOperationReq) GetInBytes() isOffloadPrivateKeyOperationReq_InBytes

func (*OffloadPrivateKeyOperationReq) GetOperation 

func (x *OffloadPrivateKeyOperationReq) GetOperation() OffloadPrivateKeyOperationReq_PrivateKeyOperation

func (*OffloadPrivateKeyOperationReq) GetRawBytes 

func (x *OffloadPrivateKeyOperationReq) GetRawBytes() []byte

func (*OffloadPrivateKeyOperationReq) GetSha256Digest 

func (x *OffloadPrivateKeyOperationReq) GetSha256Digest() []byte

func (*OffloadPrivateKeyOperationReq) GetSha384Digest 

func (x *OffloadPrivateKeyOperationReq) GetSha384Digest() []byte

func (*OffloadPrivateKeyOperationReq) GetSha512Digest 

func (x *OffloadPrivateKeyOperationReq) GetSha512Digest() []byte

func (*OffloadPrivateKeyOperationReq) GetSignatureAlgorithm 

func (x *OffloadPrivateKeyOperationReq) GetSignatureAlgorithm() SignatureAlgorithm

func (*OffloadPrivateKeyOperationReq) ProtoMessage 

func (*OffloadPrivateKeyOperationReq) ProtoMessage()

func (*OffloadPrivateKeyOperationReq) ProtoReflect 

func (x *OffloadPrivateKeyOperationReq) ProtoReflect() protoreflect.Message

func (*OffloadPrivateKeyOperationReq) Reset 

func (x *OffloadPrivateKeyOperationReq) Reset()

func (*OffloadPrivateKeyOperationReq) String 

func (x *OffloadPrivateKeyOperationReq) String() string

type OffloadPrivateKeyOperationReq_PrivateKeyOperation 

type OffloadPrivateKeyOperationReq_PrivateKeyOperation int32
const (
	OffloadPrivateKeyOperationReq_UNSPECIFIED OffloadPrivateKeyOperationReq_PrivateKeyOperation = 0
	// When performing a TLS 1.2 or 1.3 handshake, the (partial) transcript of
	// the TLS handshake must be signed to prove possession of the private key.
	//
	// See https://www.rfc-editor.org/rfc/rfc8446.html#section-4.4.3.
	OffloadPrivateKeyOperationReq_SIGN OffloadPrivateKeyOperationReq_PrivateKeyOperation = 1
	// When performing a TLS 1.2 handshake using an RSA algorithm, the key
	// exchange algorithm involves the client generating a premaster secret,
	// encrypting it using the server's public key, and sending this encrypted
	// blob to the server in a ClientKeyExchange message.
	//
	// See https://www.rfc-editor.org/rfc/rfc4346#section-7.4.7.1.
	OffloadPrivateKeyOperationReq_DECRYPT OffloadPrivateKeyOperationReq_PrivateKeyOperation = 2
)

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) Descriptor 

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) Descriptor() protoreflect.EnumDescriptor

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) Enum 

func (x OffloadPrivateKeyOperationReq_PrivateKeyOperation) Enum() *OffloadPrivateKeyOperationReq_PrivateKeyOperation

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) EnumDescriptor deprecated 

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) EnumDescriptor() ([]byte, []int)

Deprecated: Use OffloadPrivateKeyOperationReq_PrivateKeyOperation.Descriptor instead.

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) Number 

func (x OffloadPrivateKeyOperationReq_PrivateKeyOperation) Number() protoreflect.EnumNumber

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) String 

func (x OffloadPrivateKeyOperationReq_PrivateKeyOperation) String() string

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) Type 

func (OffloadPrivateKeyOperationReq_PrivateKeyOperation) Type() protoreflect.EnumType

type OffloadPrivateKeyOperationReq_RawBytes 

type OffloadPrivateKeyOperationReq_RawBytes struct {
	// Raw bytes to be hashed and signed, or decrypted.
	RawBytes []byte `protobuf:"bytes,4,opt,name=raw_bytes,json=rawBytes,proto3,oneof"`
}

type OffloadPrivateKeyOperationReq_Sha256Digest 

type OffloadPrivateKeyOperationReq_Sha256Digest struct {
	// A SHA256 hash to be signed. Must be 32 bytes.
	Sha256Digest []byte `protobuf:"bytes,5,opt,name=sha256_digest,json=sha256Digest,proto3,oneof"`
}

type OffloadPrivateKeyOperationReq_Sha384Digest 

type OffloadPrivateKeyOperationReq_Sha384Digest struct {
	// A SHA384 hash to be signed. Must be 48 bytes.
	Sha384Digest []byte `protobuf:"bytes,6,opt,name=sha384_digest,json=sha384Digest,proto3,oneof"`
}

type OffloadPrivateKeyOperationReq_Sha512Digest 

type OffloadPrivateKeyOperationReq_Sha512Digest struct {
	// A SHA512 hash to be signed. Must be 64 bytes.
	Sha512Digest []byte `protobuf:"bytes,7,opt,name=sha512_digest,json=sha512Digest,proto3,oneof"`
}

type OffloadPrivateKeyOperationResp 

type OffloadPrivateKeyOperationResp struct {

	// The signed or decrypted output bytes.
	OutBytes []byte `protobuf:"bytes,1,opt,name=out_bytes,json=outBytes,proto3" json:"out_bytes,omitempty"`
	// contains filtered or unexported fields
}

func (*OffloadPrivateKeyOperationResp) Descriptor deprecated 

func (*OffloadPrivateKeyOperationResp) Descriptor() ([]byte, []int)

Deprecated: Use OffloadPrivateKeyOperationResp.ProtoReflect.Descriptor instead.

func (*OffloadPrivateKeyOperationResp) GetOutBytes 

func (x *OffloadPrivateKeyOperationResp) GetOutBytes() []byte

func (*OffloadPrivateKeyOperationResp) ProtoMessage 

func (*OffloadPrivateKeyOperationResp) ProtoMessage()

func (*OffloadPrivateKeyOperationResp) ProtoReflect 

func (x *OffloadPrivateKeyOperationResp) ProtoReflect() protoreflect.Message

func (*OffloadPrivateKeyOperationResp) Reset 

func (x *OffloadPrivateKeyOperationResp) Reset()

func (*OffloadPrivateKeyOperationResp) String 

func (x *OffloadPrivateKeyOperationResp) String() string

type OffloadResumptionKeyOperationReq 

type OffloadResumptionKeyOperationReq struct {

	// The operation the resumption key is used for.
	Operation OffloadResumptionKeyOperationReq_ResumptionKeyOperation `` /* 146-byte string literal not displayed */
	// The bytes to be encrypted or decrypted.
	InBytes []byte `protobuf:"bytes,2,opt,name=in_bytes,json=inBytes,proto3" json:"in_bytes,omitempty"`
	// contains filtered or unexported fields
}

func (*OffloadResumptionKeyOperationReq) Descriptor deprecated 

func (*OffloadResumptionKeyOperationReq) Descriptor() ([]byte, []int)

Deprecated: Use OffloadResumptionKeyOperationReq.ProtoReflect.Descriptor instead.

func (*OffloadResumptionKeyOperationReq) GetInBytes 

func (x *OffloadResumptionKeyOperationReq) GetInBytes() []byte

func (*OffloadResumptionKeyOperationReq) GetOperation 

func (x *OffloadResumptionKeyOperationReq) GetOperation() OffloadResumptionKeyOperationReq_ResumptionKeyOperation

func (*OffloadResumptionKeyOperationReq) ProtoMessage 

func (*OffloadResumptionKeyOperationReq) ProtoMessage()

func (*OffloadResumptionKeyOperationReq) ProtoReflect 

func (x *OffloadResumptionKeyOperationReq) ProtoReflect() protoreflect.Message

func (*OffloadResumptionKeyOperationReq) Reset 

func (x *OffloadResumptionKeyOperationReq) Reset()

func (*OffloadResumptionKeyOperationReq) String 

func (x *OffloadResumptionKeyOperationReq) String() string

type OffloadResumptionKeyOperationReq_ResumptionKeyOperation 

type OffloadResumptionKeyOperationReq_ResumptionKeyOperation int32
const (
	OffloadResumptionKeyOperationReq_UNSPECIFIED OffloadResumptionKeyOperationReq_ResumptionKeyOperation = 0
	OffloadResumptionKeyOperationReq_ENCRYPT     OffloadResumptionKeyOperationReq_ResumptionKeyOperation = 1
	OffloadResumptionKeyOperationReq_DECRYPT     OffloadResumptionKeyOperationReq_ResumptionKeyOperation = 2
)

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Descriptor 

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Descriptor() protoreflect.EnumDescriptor

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Enum 

func (x OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Enum() *OffloadResumptionKeyOperationReq_ResumptionKeyOperation

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) EnumDescriptor deprecated 

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) EnumDescriptor() ([]byte, []int)

Deprecated: Use OffloadResumptionKeyOperationReq_ResumptionKeyOperation.Descriptor instead.

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Number 

func (x OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Number() protoreflect.EnumNumber

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) String 

func (x OffloadResumptionKeyOperationReq_ResumptionKeyOperation) String() string

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Type 

func (OffloadResumptionKeyOperationReq_ResumptionKeyOperation) Type() protoreflect.EnumType

type OffloadResumptionKeyOperationResp 

type OffloadResumptionKeyOperationResp struct {

	// The encrypted or decrypted bytes.
	OutBytes []byte `protobuf:"bytes,1,opt,name=out_bytes,json=outBytes,proto3" json:"out_bytes,omitempty"`
	// contains filtered or unexported fields
}

func (*OffloadResumptionKeyOperationResp) Descriptor deprecated 

func (*OffloadResumptionKeyOperationResp) Descriptor() ([]byte, []int)

Deprecated: Use OffloadResumptionKeyOperationResp.ProtoReflect.Descriptor instead.

func (*OffloadResumptionKeyOperationResp) GetOutBytes 

func (x *OffloadResumptionKeyOperationResp) GetOutBytes() []byte

func (*OffloadResumptionKeyOperationResp) ProtoMessage 

func (*OffloadResumptionKeyOperationResp) ProtoMessage()

func (*OffloadResumptionKeyOperationResp) ProtoReflect 

func (x *OffloadResumptionKeyOperationResp) ProtoReflect() protoreflect.Message

func (*OffloadResumptionKeyOperationResp) Reset 

func (x *OffloadResumptionKeyOperationResp) Reset()

func (*OffloadResumptionKeyOperationResp) String 

func (x *OffloadResumptionKeyOperationResp) String() string

type S2AContext 

type S2AContext struct {

	// The SPIFFE ID from the peer leaf certificate, if present.
	//
	// This field is only populated if the leaf certificate is a valid SPIFFE
	// SVID; in particular, there is a unique URI SAN and this URI SAN is a valid
	// SPIFFE ID.
	LeafCertSpiffeId string `protobuf:"bytes,1,opt,name=leaf_cert_spiffe_id,json=leafCertSpiffeId,proto3" json:"leaf_cert_spiffe_id,omitempty"`
	// The URIs that are present in the SubjectAltName extension of the peer leaf
	// certificate.
	//
	// Note that the extracted URIs are not validated and may not be properly
	// formatted.
	LeafCertUris []string `protobuf:"bytes,2,rep,name=leaf_cert_uris,json=leafCertUris,proto3" json:"leaf_cert_uris,omitempty"`
	// The DNSNames that are present in the SubjectAltName extension of the peer
	// leaf certificate.
	LeafCertDnsnames []string `protobuf:"bytes,3,rep,name=leaf_cert_dnsnames,json=leafCertDnsnames,proto3" json:"leaf_cert_dnsnames,omitempty"`
	// The (ordered) list of fingerprints in the certificate chain used to verify
	// the given leaf certificate. The order MUST be from leaf certificate
	// fingerprint to root certificate fingerprint.
	//
	// A fingerprint is the base-64 encoding of the SHA256 hash of the
	// DER-encoding of a certificate. The list MAY be populated even if the peer
	// certificate chain was NOT validated successfully.
	PeerCertificateChainFingerprints []string `` /* 161-byte string literal not displayed */
	// The local identity used during session setup.
	LocalIdentity *Identity `protobuf:"bytes,5,opt,name=local_identity,json=localIdentity,proto3" json:"local_identity,omitempty"`
	// The SHA256 hash of the DER-encoding of the local leaf certificate used in
	// the handshake.
	LocalLeafCertFingerprint []byte `` /* 137-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*S2AContext) Descriptor deprecated 

func (*S2AContext) Descriptor() ([]byte, []int)

Deprecated: Use S2AContext.ProtoReflect.Descriptor instead.

func (*S2AContext) GetLeafCertDnsnames 

func (x *S2AContext) GetLeafCertDnsnames() []string

func (*S2AContext) GetLeafCertSpiffeId 

func (x *S2AContext) GetLeafCertSpiffeId() string

func (*S2AContext) GetLeafCertUris 

func (x *S2AContext) GetLeafCertUris() []string

func (*S2AContext) GetLocalIdentity 

func (x *S2AContext) GetLocalIdentity() *Identity

func (*S2AContext) GetLocalLeafCertFingerprint 

func (x *S2AContext) GetLocalLeafCertFingerprint() []byte

func (*S2AContext) GetPeerCertificateChainFingerprints 

func (x *S2AContext) GetPeerCertificateChainFingerprints() []string

func (*S2AContext) ProtoMessage 

func (*S2AContext) ProtoMessage()

func (*S2AContext) ProtoReflect 

func (x *S2AContext) ProtoReflect() protoreflect.Message

func (*S2AContext) Reset 

func (x *S2AContext) Reset()

func (*S2AContext) String 

func (x *S2AContext) String() string

type SessionReq 

type SessionReq struct {

	// The identity corresponding to the TLS configurations that MUST be used for
	// the TLS handshake.
	//
	// If a managed identity already exists, the local identity and authentication
	// mechanisms are ignored. If a managed identity doesn't exist and the local
	// identity is not populated, S2A will try to deduce the managed identity to
	// use from the SNI extension. If that also fails, S2A uses the default
	// identity (if one exists).
	LocalIdentity *Identity `protobuf:"bytes,1,opt,name=local_identity,json=localIdentity,proto3" json:"local_identity,omitempty"`
	// The authentication mechanisms that the application wishes to use to
	// authenticate to S2A, ordered by preference. S2A will always use the first
	// authentication mechanism that matches the managed identity.
	AuthenticationMechanisms []*AuthenticationMechanism `` /* 133-byte string literal not displayed */
	// Types that are assignable to ReqOneof:
	//
	//	*SessionReq_GetTlsConfigurationReq
	//	*SessionReq_OffloadPrivateKeyOperationReq
	//	*SessionReq_OffloadResumptionKeyOperationReq
	//	*SessionReq_ValidatePeerCertificateChainReq
	ReqOneof isSessionReq_ReqOneof `protobuf_oneof:"req_oneof"`
	// contains filtered or unexported fields
}

func (*SessionReq) Descriptor deprecated 

func (*SessionReq) Descriptor() ([]byte, []int)

Deprecated: Use SessionReq.ProtoReflect.Descriptor instead.

func (*SessionReq) GetAuthenticationMechanisms 

func (x *SessionReq) GetAuthenticationMechanisms() []*AuthenticationMechanism

func (*SessionReq) GetGetTlsConfigurationReq 

func (x *SessionReq) GetGetTlsConfigurationReq() *GetTlsConfigurationReq

func (*SessionReq) GetLocalIdentity 

func (x *SessionReq) GetLocalIdentity() *Identity

func (*SessionReq) GetOffloadPrivateKeyOperationReq 

func (x *SessionReq) GetOffloadPrivateKeyOperationReq() *OffloadPrivateKeyOperationReq

func (*SessionReq) GetOffloadResumptionKeyOperationReq 

func (x *SessionReq) GetOffloadResumptionKeyOperationReq() *OffloadResumptionKeyOperationReq

func (*SessionReq) GetReqOneof 

func (m *SessionReq) GetReqOneof() isSessionReq_ReqOneof

func (*SessionReq) GetValidatePeerCertificateChainReq 

func (x *SessionReq) GetValidatePeerCertificateChainReq() *ValidatePeerCertificateChainReq

func (*SessionReq) ProtoMessage 

func (*SessionReq) ProtoMessage()

func (*SessionReq) ProtoReflect 

func (x *SessionReq) ProtoReflect() protoreflect.Message

func (*SessionReq) Reset 

func (x *SessionReq) Reset()

func (*SessionReq) String 

func (x *SessionReq) String() string

type SessionReq_GetTlsConfigurationReq 

type SessionReq_GetTlsConfigurationReq struct {
	// Requests the certificate chain and TLS configuration corresponding to the
	// local identity, which the application MUST use to negotiate the TLS
	// handshake.
	GetTlsConfigurationReq *GetTlsConfigurationReq `protobuf:"bytes,3,opt,name=get_tls_configuration_req,json=getTlsConfigurationReq,proto3,oneof"`
}

type SessionReq_OffloadPrivateKeyOperationReq 

type SessionReq_OffloadPrivateKeyOperationReq struct {
	// Signs or decrypts the input bytes using a private key corresponding to
	// the local identity in the request.
	//
	// WARNING: More than one OffloadPrivateKeyOperationReq may be sent to the
	// S2Av2 by a server during a TLS 1.2 handshake.
	OffloadPrivateKeyOperationReq *OffloadPrivateKeyOperationReq `protobuf:"bytes,4,opt,name=offload_private_key_operation_req,json=offloadPrivateKeyOperationReq,proto3,oneof"`
}

type SessionReq_OffloadResumptionKeyOperationReq 

type SessionReq_OffloadResumptionKeyOperationReq struct {
	// Encrypts or decrypts the input bytes using a resumption key corresponding
	// to the local identity in the request.
	OffloadResumptionKeyOperationReq *OffloadResumptionKeyOperationReq `protobuf:"bytes,5,opt,name=offload_resumption_key_operation_req,json=offloadResumptionKeyOperationReq,proto3,oneof"`
}

type SessionReq_ValidatePeerCertificateChainReq 

type SessionReq_ValidatePeerCertificateChainReq struct {
	// Verifies the peer's certificate chain using
	// (a) trust bundles corresponding to the local identity in the request, and
	// (b) the verification mode in the request.
	ValidatePeerCertificateChainReq *ValidatePeerCertificateChainReq `protobuf:"bytes,6,opt,name=validate_peer_certificate_chain_req,json=validatePeerCertificateChainReq,proto3,oneof"`
}

type SessionResp 

type SessionResp struct {

	// Status of the session response.
	//
	// The status field is populated so that if an error occurs when making an
	// individual request, then communication with the S2A may continue. If an
	// error is returned directly (e.g. at the gRPC layer), then it may result
	// that the bidirectional stream being closed.
	Status *Status `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"`
	// Types that are assignable to RespOneof:
	//
	//	*SessionResp_GetTlsConfigurationResp
	//	*SessionResp_OffloadPrivateKeyOperationResp
	//	*SessionResp_OffloadResumptionKeyOperationResp
	//	*SessionResp_ValidatePeerCertificateChainResp
	RespOneof isSessionResp_RespOneof `protobuf_oneof:"resp_oneof"`
	// contains filtered or unexported fields
}

func (*SessionResp) Descriptor deprecated 

func (*SessionResp) Descriptor() ([]byte, []int)

Deprecated: Use SessionResp.ProtoReflect.Descriptor instead.

func (*SessionResp) GetGetTlsConfigurationResp 

func (x *SessionResp) GetGetTlsConfigurationResp() *GetTlsConfigurationResp

func (*SessionResp) GetOffloadPrivateKeyOperationResp 

func (x *SessionResp) GetOffloadPrivateKeyOperationResp() *OffloadPrivateKeyOperationResp

func (*SessionResp) GetOffloadResumptionKeyOperationResp 

func (x *SessionResp) GetOffloadResumptionKeyOperationResp() *OffloadResumptionKeyOperationResp

func (*SessionResp) GetRespOneof 

func (m *SessionResp) GetRespOneof() isSessionResp_RespOneof

func (*SessionResp) GetStatus 

func (x *SessionResp) GetStatus() *Status

func (*SessionResp) GetValidatePeerCertificateChainResp 

func (x *SessionResp) GetValidatePeerCertificateChainResp() *ValidatePeerCertificateChainResp

func (*SessionResp) ProtoMessage 

func (*SessionResp) ProtoMessage()

func (*SessionResp) ProtoReflect 

func (x *SessionResp) ProtoReflect() protoreflect.Message

func (*SessionResp) Reset 

func (x *SessionResp) Reset()

func (*SessionResp) String 

func (x *SessionResp) String() string

type SessionResp_GetTlsConfigurationResp 

type SessionResp_GetTlsConfigurationResp struct {
	// Contains the certificate chain and TLS configurations corresponding to
	// the local identity.
	GetTlsConfigurationResp *GetTlsConfigurationResp `protobuf:"bytes,2,opt,name=get_tls_configuration_resp,json=getTlsConfigurationResp,proto3,oneof"`
}

type SessionResp_OffloadPrivateKeyOperationResp 

type SessionResp_OffloadPrivateKeyOperationResp struct {
	// Contains the signed or encrypted output bytes using the private key
	// corresponding to the local identity.
	OffloadPrivateKeyOperationResp *OffloadPrivateKeyOperationResp `protobuf:"bytes,3,opt,name=offload_private_key_operation_resp,json=offloadPrivateKeyOperationResp,proto3,oneof"`
}

type SessionResp_OffloadResumptionKeyOperationResp 

type SessionResp_OffloadResumptionKeyOperationResp struct {
	// Contains the encrypted or decrypted output bytes using the resumption key
	// corresponding to the local identity.
	OffloadResumptionKeyOperationResp *OffloadResumptionKeyOperationResp `protobuf:"bytes,4,opt,name=offload_resumption_key_operation_resp,json=offloadResumptionKeyOperationResp,proto3,oneof"`
}

type SessionResp_ValidatePeerCertificateChainResp 

type SessionResp_ValidatePeerCertificateChainResp struct {
	// Contains the validation result, peer identity and fingerprints of peer
	// certificates.
	ValidatePeerCertificateChainResp *ValidatePeerCertificateChainResp `protobuf:"bytes,5,opt,name=validate_peer_certificate_chain_resp,json=validatePeerCertificateChainResp,proto3,oneof"`
}

type SignatureAlgorithm 

type SignatureAlgorithm int32
const (
	SignatureAlgorithm_S2A_SSL_SIGN_UNSPECIFIED SignatureAlgorithm = 0
	// RSA Public-Key Cryptography Standards #1.
	SignatureAlgorithm_S2A_SSL_SIGN_RSA_PKCS1_SHA256 SignatureAlgorithm = 1
	SignatureAlgorithm_S2A_SSL_SIGN_RSA_PKCS1_SHA384 SignatureAlgorithm = 2
	SignatureAlgorithm_S2A_SSL_SIGN_RSA_PKCS1_SHA512 SignatureAlgorithm = 3
	// ECDSA.
	SignatureAlgorithm_S2A_SSL_SIGN_ECDSA_SECP256R1_SHA256 SignatureAlgorithm = 4
	SignatureAlgorithm_S2A_SSL_SIGN_ECDSA_SECP384R1_SHA384 SignatureAlgorithm = 5
	SignatureAlgorithm_S2A_SSL_SIGN_ECDSA_SECP521R1_SHA512 SignatureAlgorithm = 6
	// RSA Probabilistic Signature Scheme.
	SignatureAlgorithm_S2A_SSL_SIGN_RSA_PSS_RSAE_SHA256 SignatureAlgorithm = 7
	SignatureAlgorithm_S2A_SSL_SIGN_RSA_PSS_RSAE_SHA384 SignatureAlgorithm = 8
	SignatureAlgorithm_S2A_SSL_SIGN_RSA_PSS_RSAE_SHA512 SignatureAlgorithm = 9
	// ED25519.
	SignatureAlgorithm_S2A_SSL_SIGN_ED25519 SignatureAlgorithm = 10
)

func (SignatureAlgorithm) Descriptor 

func (SignatureAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (SignatureAlgorithm) Enum 

func (x SignatureAlgorithm) Enum() *SignatureAlgorithm

func (SignatureAlgorithm) EnumDescriptor deprecated 

func (SignatureAlgorithm) EnumDescriptor() ([]byte, []int)

Deprecated: Use SignatureAlgorithm.Descriptor instead.

func (SignatureAlgorithm) Number 

func (x SignatureAlgorithm) Number() protoreflect.EnumNumber

func (SignatureAlgorithm) String 

func (x SignatureAlgorithm) String() string

func (SignatureAlgorithm) Type 

func (SignatureAlgorithm) Type() protoreflect.EnumType

type Status 

type Status struct {

	// The status code that is specific to the application and the implementation
	// of S2A, e.g., gRPC status code.
	Code uint32 `protobuf:"varint,1,opt,name=code,proto3" json:"code,omitempty"`
	// The status details.
	Details string `protobuf:"bytes,2,opt,name=details,proto3" json:"details,omitempty"`
	// contains filtered or unexported fields
}

func (*Status) Descriptor deprecated 

func (*Status) Descriptor() ([]byte, []int)

Deprecated: Use Status.ProtoReflect.Descriptor instead.

func (*Status) GetCode 

func (x *Status) GetCode() uint32

func (*Status) GetDetails 

func (x *Status) GetDetails() string

func (*Status) ProtoMessage 

func (*Status) ProtoMessage()

func (*Status) ProtoReflect 

func (x *Status) ProtoReflect() protoreflect.Message

func (*Status) Reset 

func (x *Status) Reset()

func (*Status) String 

func (x *Status) String() string

type TLSVersion 

type TLSVersion int32

The TLS versions supported by S2A's handshaker module. 

const (
	TLSVersion_TLS_VERSION_UNSPECIFIED TLSVersion = 0
	TLSVersion_TLS_VERSION_1_0         TLSVersion = 1
	TLSVersion_TLS_VERSION_1_1         TLSVersion = 2
	TLSVersion_TLS_VERSION_1_2         TLSVersion = 3
	TLSVersion_TLS_VERSION_1_3         TLSVersion = 4
)

func (TLSVersion) Descriptor 

func (TLSVersion) Descriptor() protoreflect.EnumDescriptor

func (TLSVersion) Enum 

func (x TLSVersion) Enum() *TLSVersion

func (TLSVersion) EnumDescriptor deprecated 

func (TLSVersion) EnumDescriptor() ([]byte, []int)

Deprecated: Use TLSVersion.Descriptor instead.

func (TLSVersion) Number 

func (x TLSVersion) Number() protoreflect.EnumNumber

func (TLSVersion) String 

func (x TLSVersion) String() string

func (TLSVersion) Type 

func (TLSVersion) Type() protoreflect.EnumType

type ValidatePeerCertificateChainReq 

type ValidatePeerCertificateChainReq struct {

	// The verification mode that S2A MUST use to validate the peer certificate
	// chain.
	Mode ValidatePeerCertificateChainReq_VerificationMode `` /* 129-byte string literal not displayed */
	// Types that are assignable to PeerOneof:
	//
	//	*ValidatePeerCertificateChainReq_ClientPeer_
	//	*ValidatePeerCertificateChainReq_ServerPeer_
	PeerOneof isValidatePeerCertificateChainReq_PeerOneof `protobuf_oneof:"peer_oneof"`
	// contains filtered or unexported fields
}

func (*ValidatePeerCertificateChainReq) Descriptor deprecated 

func (*ValidatePeerCertificateChainReq) Descriptor() ([]byte, []int)

Deprecated: Use ValidatePeerCertificateChainReq.ProtoReflect.Descriptor instead.

func (*ValidatePeerCertificateChainReq) GetClientPeer 

func (x *ValidatePeerCertificateChainReq) GetClientPeer() *ValidatePeerCertificateChainReq_ClientPeer

func (*ValidatePeerCertificateChainReq) GetMode 

func (x *ValidatePeerCertificateChainReq) GetMode() ValidatePeerCertificateChainReq_VerificationMode

func (*ValidatePeerCertificateChainReq) GetPeerOneof 

func (m *ValidatePeerCertificateChainReq) GetPeerOneof() isValidatePeerCertificateChainReq_PeerOneof

func (*ValidatePeerCertificateChainReq) GetServerPeer 

func (x *ValidatePeerCertificateChainReq) GetServerPeer() *ValidatePeerCertificateChainReq_ServerPeer

func (*ValidatePeerCertificateChainReq) ProtoMessage 

func (*ValidatePeerCertificateChainReq) ProtoMessage()

func (*ValidatePeerCertificateChainReq) ProtoReflect 

func (x *ValidatePeerCertificateChainReq) ProtoReflect() protoreflect.Message

func (*ValidatePeerCertificateChainReq) Reset 

func (x *ValidatePeerCertificateChainReq) Reset()

func (*ValidatePeerCertificateChainReq) String 

func (x *ValidatePeerCertificateChainReq) String() string

type ValidatePeerCertificateChainReq_ClientPeer 

type ValidatePeerCertificateChainReq_ClientPeer struct {

	// The certificate chain to be verified. The chain MUST be a list of
	// DER-encoded certificates, ordered from leaf to root, excluding the root.
	CertificateChain [][]byte `protobuf:"bytes,1,rep,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
	// contains filtered or unexported fields
}

func (*ValidatePeerCertificateChainReq_ClientPeer) Descriptor deprecated 

func (*ValidatePeerCertificateChainReq_ClientPeer) Descriptor() ([]byte, []int)

Deprecated: Use ValidatePeerCertificateChainReq_ClientPeer.ProtoReflect.Descriptor instead.

func (*ValidatePeerCertificateChainReq_ClientPeer) GetCertificateChain 

func (x *ValidatePeerCertificateChainReq_ClientPeer) GetCertificateChain() [][]byte

func (*ValidatePeerCertificateChainReq_ClientPeer) ProtoMessage 

func (*ValidatePeerCertificateChainReq_ClientPeer) ProtoMessage()

func (*ValidatePeerCertificateChainReq_ClientPeer) ProtoReflect 

func (x *ValidatePeerCertificateChainReq_ClientPeer) ProtoReflect() protoreflect.Message

func (*ValidatePeerCertificateChainReq_ClientPeer) Reset 

func (x *ValidatePeerCertificateChainReq_ClientPeer) Reset()

func (*ValidatePeerCertificateChainReq_ClientPeer) String 

func (x *ValidatePeerCertificateChainReq_ClientPeer) String() string

type ValidatePeerCertificateChainReq_ClientPeer_ 

type ValidatePeerCertificateChainReq_ClientPeer_ struct {
	ClientPeer *ValidatePeerCertificateChainReq_ClientPeer `protobuf:"bytes,2,opt,name=client_peer,json=clientPeer,proto3,oneof"`
}

type ValidatePeerCertificateChainReq_ServerPeer 

type ValidatePeerCertificateChainReq_ServerPeer struct {

	// The certificate chain to be verified. The chain MUST be a list of
	// DER-encoded certificates, ordered from leaf to root, excluding the root.
	CertificateChain [][]byte `protobuf:"bytes,1,rep,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
	// The expected hostname of the server.
	ServerHostname string `protobuf:"bytes,2,opt,name=server_hostname,json=serverHostname,proto3" json:"server_hostname,omitempty"`
	// The UnrestrictedClientPolicy specified by the user.
	SerializedUnrestrictedClientPolicy []byte `` /* 167-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*ValidatePeerCertificateChainReq_ServerPeer) Descriptor deprecated 

func (*ValidatePeerCertificateChainReq_ServerPeer) Descriptor() ([]byte, []int)

Deprecated: Use ValidatePeerCertificateChainReq_ServerPeer.ProtoReflect.Descriptor instead.

func (*ValidatePeerCertificateChainReq_ServerPeer) GetCertificateChain 

func (x *ValidatePeerCertificateChainReq_ServerPeer) GetCertificateChain() [][]byte

func (*ValidatePeerCertificateChainReq_ServerPeer) GetSerializedUnrestrictedClientPolicy 

func (x *ValidatePeerCertificateChainReq_ServerPeer) GetSerializedUnrestrictedClientPolicy() []byte

func (*ValidatePeerCertificateChainReq_ServerPeer) GetServerHostname 

func (x *ValidatePeerCertificateChainReq_ServerPeer) GetServerHostname() string

func (*ValidatePeerCertificateChainReq_ServerPeer) ProtoMessage 

func (*ValidatePeerCertificateChainReq_ServerPeer) ProtoMessage()

func (*ValidatePeerCertificateChainReq_ServerPeer) ProtoReflect 

func (x *ValidatePeerCertificateChainReq_ServerPeer) ProtoReflect() protoreflect.Message

func (*ValidatePeerCertificateChainReq_ServerPeer) Reset 

func (x *ValidatePeerCertificateChainReq_ServerPeer) Reset()

func (*ValidatePeerCertificateChainReq_ServerPeer) String 

func (x *ValidatePeerCertificateChainReq_ServerPeer) String() string

type ValidatePeerCertificateChainReq_ServerPeer_ 

type ValidatePeerCertificateChainReq_ServerPeer_ struct {
	ServerPeer *ValidatePeerCertificateChainReq_ServerPeer `protobuf:"bytes,3,opt,name=server_peer,json=serverPeer,proto3,oneof"`
}

type ValidatePeerCertificateChainReq_VerificationMode 

type ValidatePeerCertificateChainReq_VerificationMode int32
const (
	// The default verification mode supported by S2A.
	ValidatePeerCertificateChainReq_UNSPECIFIED ValidatePeerCertificateChainReq_VerificationMode = 0
	// The SPIFFE verification mode selects the set of trusted certificates to
	// use for path building based on the SPIFFE trust domain in the peer's leaf
	// certificate.
	ValidatePeerCertificateChainReq_SPIFFE ValidatePeerCertificateChainReq_VerificationMode = 1
	// The connect-to-Google verification mode uses the trust bundle for
	// connecting to Google, e.g. *.mtls.googleapis.com endpoints.
	ValidatePeerCertificateChainReq_CONNECT_TO_GOOGLE ValidatePeerCertificateChainReq_VerificationMode = 2
)

func (ValidatePeerCertificateChainReq_VerificationMode) Descriptor 

func (ValidatePeerCertificateChainReq_VerificationMode) Descriptor() protoreflect.EnumDescriptor

func (ValidatePeerCertificateChainReq_VerificationMode) Enum 

func (x ValidatePeerCertificateChainReq_VerificationMode) Enum() *ValidatePeerCertificateChainReq_VerificationMode

func (ValidatePeerCertificateChainReq_VerificationMode) EnumDescriptor deprecated 

func (ValidatePeerCertificateChainReq_VerificationMode) EnumDescriptor() ([]byte, []int)

Deprecated: Use ValidatePeerCertificateChainReq_VerificationMode.Descriptor instead.

func (ValidatePeerCertificateChainReq_VerificationMode) Number 

func (x ValidatePeerCertificateChainReq_VerificationMode) Number() protoreflect.EnumNumber

func (ValidatePeerCertificateChainReq_VerificationMode) String 

func (x ValidatePeerCertificateChainReq_VerificationMode) String() string

func (ValidatePeerCertificateChainReq_VerificationMode) Type 

func (ValidatePeerCertificateChainReq_VerificationMode) Type() protoreflect.EnumType

type ValidatePeerCertificateChainResp 

type ValidatePeerCertificateChainResp struct {

	// The result of validating the peer certificate chain.
	ValidationResult ValidatePeerCertificateChainResp_ValidationResult `` /* 178-byte string literal not displayed */
	// The validation details. This field is only populated when the validation
	// result is NOT SUCCESS.
	ValidationDetails string `protobuf:"bytes,2,opt,name=validation_details,json=validationDetails,proto3" json:"validation_details,omitempty"`
	// The S2A context contains information from the peer certificate chain.
	//
	// The S2A context MAY be populated even if validation of the peer certificate
	// chain fails.
	Context *S2AContext `protobuf:"bytes,3,opt,name=context,proto3" json:"context,omitempty"`
	// contains filtered or unexported fields
}

func (*ValidatePeerCertificateChainResp) Descriptor deprecated 

func (*ValidatePeerCertificateChainResp) Descriptor() ([]byte, []int)

Deprecated: Use ValidatePeerCertificateChainResp.ProtoReflect.Descriptor instead.

func (*ValidatePeerCertificateChainResp) GetContext 

func (x *ValidatePeerCertificateChainResp) GetContext() *S2AContext

func (*ValidatePeerCertificateChainResp) GetValidationDetails 

func (x *ValidatePeerCertificateChainResp) GetValidationDetails() string

func (*ValidatePeerCertificateChainResp) GetValidationResult 

func (x *ValidatePeerCertificateChainResp) GetValidationResult() ValidatePeerCertificateChainResp_ValidationResult

func (*ValidatePeerCertificateChainResp) ProtoMessage 

func (*ValidatePeerCertificateChainResp) ProtoMessage()

func (*ValidatePeerCertificateChainResp) ProtoReflect 

func (x *ValidatePeerCertificateChainResp) ProtoReflect() protoreflect.Message

func (*ValidatePeerCertificateChainResp) Reset 

func (x *ValidatePeerCertificateChainResp) Reset()

func (*ValidatePeerCertificateChainResp) String 

func (x *ValidatePeerCertificateChainResp) String() string

type ValidatePeerCertificateChainResp_ValidationResult 

type ValidatePeerCertificateChainResp_ValidationResult int32
const (
	ValidatePeerCertificateChainResp_UNSPECIFIED ValidatePeerCertificateChainResp_ValidationResult = 0
	ValidatePeerCertificateChainResp_SUCCESS     ValidatePeerCertificateChainResp_ValidationResult = 1
	ValidatePeerCertificateChainResp_FAILURE     ValidatePeerCertificateChainResp_ValidationResult = 2
)

func (ValidatePeerCertificateChainResp_ValidationResult) Descriptor 

func (ValidatePeerCertificateChainResp_ValidationResult) Descriptor() protoreflect.EnumDescriptor

func (ValidatePeerCertificateChainResp_ValidationResult) Enum 

func (x ValidatePeerCertificateChainResp_ValidationResult) Enum() *ValidatePeerCertificateChainResp_ValidationResult

func (ValidatePeerCertificateChainResp_ValidationResult) EnumDescriptor deprecated 

func (ValidatePeerCertificateChainResp_ValidationResult) EnumDescriptor() ([]byte, []int)

Deprecated: Use ValidatePeerCertificateChainResp_ValidationResult.Descriptor instead.

func (ValidatePeerCertificateChainResp_ValidationResult) Number 

func (x ValidatePeerCertificateChainResp_ValidationResult) Number() protoreflect.EnumNumber

func (ValidatePeerCertificateChainResp_ValidationResult) String 

func (x ValidatePeerCertificateChainResp_ValidationResult) String() string

func (ValidatePeerCertificateChainResp_ValidationResult) Type 

func (ValidatePeerCertificateChainResp_ValidationResult) Type() protoreflect.EnumType

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.