diff --git a/go.mod b/go.mod index 9120e6f6b..44c2d528c 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/csi-addons/spec v0.1.2-0.20221101132540-98eff76b0ff8 github.com/gemalto/kmip-go v0.0.8 github.com/golang/protobuf v1.5.2 - github.com/google/fscrypt v0.3.3 + github.com/google/fscrypt v0.3.4 github.com/google/uuid v1.3.0 github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 diff --git a/go.sum b/go.sum index 03c1a8ffe..9820c4794 100644 --- a/go.sum +++ b/go.sum @@ -67,6 +67,7 @@ github.com/Azure/go-autorest/autorest/validation v0.2.0/go.mod h1:3EEqHnBxQGHXRY github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DataDog/datadog-go v2.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= @@ -220,6 +221,7 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7 github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= @@ -422,8 +424,8 @@ github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Z github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= github.com/google/cel-go v0.12.6/go.mod h1:Jk7ljRzLBhkmiAwBoUxB1sZSCVBAzkqPF25olK/iRDw= -github.com/google/fscrypt v0.3.3 h1:qwx9OCR/xZE68VGr/r0/yugFhlGpIOGsH9JHrttP7vc= -github.com/google/fscrypt v0.3.3/go.mod h1:H1JHtH8BVe0dYNhzx1Ztkn3azQ0OBdoOmM828vEWAXc= +github.com/google/fscrypt v0.3.4 h1:XGSVMIsQFooj82aRRfYn3JpgU/4fOTnzXPnjhxC8uH8= +github.com/google/fscrypt v0.3.4/go.mod h1:BRpw7vaeDitXGRvXa281i/ivQszAdBIiUYDWHjVTkcs= github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= github.com/google/gnostic v0.6.9 h1:ZK/5VhkoX835RikCHpSUJV9a+S3e1zLh59YnyWeBW+0= github.com/google/gnostic v0.6.9/go.mod h1:Nm8234We1lq6iB9OmlgNv3nH91XLLVZHCDayfA3xq+E= @@ -1010,6 +1012,7 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1 github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= +github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad/go.mod h1:Hy8o65+MXnS6EwGElrSRjUzQDLXreJlzYLlWiHtt8hM= github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c/go.mod h1:lB8K/P019DLNhemzwFU4jHLhdvlE6uDZjXFejJXr49I= github.com/xdg/stringprep v1.0.0/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y= @@ -1114,6 +1117,7 @@ golang.org/x/crypto v0.0.0-20200117160349-530e935923ad/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20220408190544-5352b0902921/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= @@ -1128,6 +1132,7 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1343,7 +1348,6 @@ golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210422114643-f5beecf764ed/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= @@ -1395,7 +1399,6 @@ golang.org/x/tools v0.0.0-20190718200317-82a3ea8a504c/go.mod h1:jcCCGcm9btYwXyDq golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191025023517-2077df36852e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1440,6 +1443,7 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= +golang.org/x/tools v0.1.11-0.20220316014157-77aa08bb151a/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1673,6 +1677,7 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.3.0/go.mod h1:vlRD9XErLMGT+mDuofSr0mMMquscM/1nQqtRSsh6m70= k8s.io/api v0.26.1 h1:f+SWYiPd/GsiWwVRz+NbFyCgvv75Pk9NK6dlkZgpCRQ= k8s.io/api v0.26.1/go.mod h1:xd/GBNgR0f707+ATNyPmQ1oyKSgndzXij81FzWGsejg= k8s.io/apiextensions-apiserver v0.26.1 h1:cB8h1SRk6e/+i3NOrQgSFij1B2S0Y0wDoNl66bn8RMI= diff --git a/vendor/github.com/google/fscrypt/actions/config.go b/vendor/github.com/google/fscrypt/actions/config.go index a8eb029db..7c7c0e619 100644 --- a/vendor/github.com/google/fscrypt/actions/config.go +++ b/vendor/github.com/google/fscrypt/actions/config.go @@ -29,6 +29,7 @@ import ( "time" "golang.org/x/sys/unix" + "google.golang.org/protobuf/proto" "github.com/google/fscrypt/crypto" "github.com/google/fscrypt/filesystem" @@ -186,11 +187,17 @@ func getHashingCosts(target time.Duration) (*metadata.HashingCosts, error) { log.Printf("Finding hashing costs that take %v\n", target) // Start out with the minimal possible costs that use all the CPUs. - nCPUs := int64(runtime.NumCPU()) + parallelism := int64(runtime.NumCPU()) + // golang.org/x/crypto/argon2 only supports parallelism up to 255. + // For compatibility, don't use more than that amount. + if parallelism > metadata.MaxParallelism { + parallelism = metadata.MaxParallelism + } costs := &metadata.HashingCosts{ - Time: 1, - Memory: 8 * nCPUs, - Parallelism: nCPUs, + Time: 1, + Memory: 8 * parallelism, + Parallelism: parallelism, + TruncationFixed: true, } // If even the minimal costs are not fast enough, just return the @@ -210,7 +217,7 @@ func getHashingCosts(target time.Duration) (*metadata.HashingCosts, error) { memoryKiBLimit := memoryBytesLimit() / 1024 for { // Store a copy of the previous costs - costsPrev := *costs + costsPrev := proto.Clone(costs).(*metadata.HashingCosts) tPrev := t // Double the memory up to the max, then double the time. @@ -223,7 +230,7 @@ func getHashingCosts(target time.Duration) (*metadata.HashingCosts, error) { // If our hashing failed, return the last good set of costs. if t, err = timeHashingCosts(costs); err != nil { log.Printf("Hashing with costs={%v} failed: %v\n", costs, err) - return &costsPrev, nil + return costsPrev, nil } log.Printf("Costs={%v}\t-> %v\n", costs, t) @@ -232,9 +239,10 @@ func getHashingCosts(target time.Duration) (*metadata.HashingCosts, error) { if t >= target { f := float64(target-tPrev) / float64(t-tPrev) return &metadata.HashingCosts{ - Time: betweenCosts(costsPrev.Time, costs.Time, f), - Memory: betweenCosts(costsPrev.Memory, costs.Memory, f), - Parallelism: costs.Parallelism, + Time: betweenCosts(costsPrev.Time, costs.Time, f), + Memory: betweenCosts(costsPrev.Memory, costs.Memory, f), + Parallelism: costs.Parallelism, + TruncationFixed: costs.TruncationFixed, }, nil } } diff --git a/vendor/github.com/google/fscrypt/actions/policy.go b/vendor/github.com/google/fscrypt/actions/policy.go index 3b2017693..c62172562 100644 --- a/vendor/github.com/google/fscrypt/actions/policy.go +++ b/vendor/github.com/google/fscrypt/actions/policy.go @@ -25,8 +25,8 @@ import ( "os" "os/user" - "github.com/golang/protobuf/proto" "github.com/pkg/errors" + "google.golang.org/protobuf/proto" "github.com/google/fscrypt/crypto" "github.com/google/fscrypt/filesystem" diff --git a/vendor/github.com/google/fscrypt/actions/recovery.go b/vendor/github.com/google/fscrypt/actions/recovery.go index 8a769cc7e..2bb8a23d3 100644 --- a/vendor/github.com/google/fscrypt/actions/recovery.go +++ b/vendor/github.com/google/fscrypt/actions/recovery.go @@ -23,6 +23,8 @@ import ( "os" "strconv" + "google.golang.org/protobuf/proto" + "github.com/google/fscrypt/crypto" "github.com/google/fscrypt/metadata" "github.com/google/fscrypt/util" @@ -31,10 +33,10 @@ import ( // modifiedContextWithSource returns a copy of ctx with the protector source // replaced by source. func modifiedContextWithSource(ctx *Context, source metadata.SourceType) *Context { - modifiedConfig := *ctx.Config + modifiedConfig := proto.Clone(ctx.Config).(*metadata.Config) modifiedConfig.Source = source modifiedCtx := *ctx - modifiedCtx.Config = &modifiedConfig + modifiedCtx.Config = modifiedConfig return &modifiedCtx } diff --git a/vendor/github.com/google/fscrypt/filesystem/filesystem.go b/vendor/github.com/google/fscrypt/filesystem/filesystem.go index 27bfa2415..0e1f0c822 100644 --- a/vendor/github.com/google/fscrypt/filesystem/filesystem.go +++ b/vendor/github.com/google/fscrypt/filesystem/filesystem.go @@ -35,7 +35,6 @@ package filesystem import ( "fmt" "io" - "io/ioutil" "log" "os" "os/user" @@ -45,9 +44,9 @@ import ( "syscall" "time" - "github.com/golang/protobuf/proto" "github.com/pkg/errors" "golang.org/x/sys/unix" + "google.golang.org/protobuf/proto" "github.com/google/fscrypt/metadata" "github.com/google/fscrypt/util" @@ -335,7 +334,7 @@ func (m *Mount) PolicyPath(descriptor string) string { // directory and returns a temporary Mount which represents this temporary // directory. The caller is responsible for removing this temporary directory. func (m *Mount) tempMount() (*Mount, error) { - tempDir, err := ioutil.TempDir(filepath.Dir(m.BaseDir()), tempPrefix) + tempDir, err := os.MkdirTemp(filepath.Dir(m.BaseDir()), tempPrefix) return &Mount{Path: tempDir}, err } @@ -393,7 +392,7 @@ func (m *Mount) isFscryptSetupAllowed() bool { return true } switch m.FilesystemType { - case "ext4", "f2fs", "ubifs", "btrfs", "ceph", "xfs": + case "ext4", "f2fs", "ubifs", "btrfs", "ceph", "xfs", "lustre": return true default: return false @@ -635,7 +634,7 @@ func (m *Mount) writeData(path string, data []byte, owner *user.User, mode os.Fi // Write the data to a temporary file, sync it, then rename into place // so that the operation will be atomic. dirPath := filepath.Dir(path) - tempFile, err := ioutil.TempFile(dirPath, tempPrefix) + tempFile, err := os.CreateTemp(dirPath, tempPrefix) if err != nil { log.Print(err) if os.IsPermission(err) { @@ -767,7 +766,7 @@ func readMetadataFileSafe(path string, trustedUser *user.User) ([]byte, int64, e } // Read the file contents, allowing at most maxMetadataFileSize bytes. reader := &io.LimitedReader{R: file, N: maxMetadataFileSize + 1} - data, err := ioutil.ReadAll(reader) + data, err := io.ReadAll(reader) if err != nil { return nil, -1, err } diff --git a/vendor/github.com/google/fscrypt/filesystem/mountpoint.go b/vendor/github.com/google/fscrypt/filesystem/mountpoint.go index 0b0693b2b..0abae06f0 100644 --- a/vendor/github.com/google/fscrypt/filesystem/mountpoint.go +++ b/vendor/github.com/google/fscrypt/filesystem/mountpoint.go @@ -25,7 +25,6 @@ import ( "bufio" "fmt" "io" - "io/ioutil" "log" "os" "path/filepath" @@ -537,11 +536,15 @@ func getMountFromLink(link string) (*Mount, error) { } func (mnt *Mount) getFilesystemUUID() (string, error) { - dirContents, err := ioutil.ReadDir(uuidDirectory) + dirEntries, err := os.ReadDir(uuidDirectory) if err != nil { return "", err } - for _, fileInfo := range dirContents { + for _, dirEntry := range dirEntries { + fileInfo, err := dirEntry.Info() + if err != nil { + continue + } if fileInfo.Mode()&os.ModeSymlink == 0 { continue // Only interested in UUID symlinks } diff --git a/vendor/github.com/google/fscrypt/metadata/checks.go b/vendor/github.com/google/fscrypt/metadata/checks.go index 84fd208c8..d7dea4165 100644 --- a/vendor/github.com/google/fscrypt/metadata/checks.go +++ b/vendor/github.com/google/fscrypt/metadata/checks.go @@ -20,8 +20,11 @@ package metadata import ( - "github.com/golang/protobuf/proto" + "log" + "math" + "github.com/pkg/errors" + "google.golang.org/protobuf/proto" "github.com/google/fscrypt/util" ) @@ -57,20 +60,37 @@ func (s SourceType) CheckValidity() error { return nil } +// MaxParallelism is the maximum allowed value for HashingCosts.Parallelism. +const MaxParallelism = math.MaxUint8 + // CheckValidity ensures the hash costs will be accepted by Argon2. func (h *HashingCosts) CheckValidity() error { if h == nil { return errNotInitialized } - if h.Time <= 0 { - return errors.Errorf("time=%d is not positive", h.Time) + + minP := int64(1) + p := uint8(h.Parallelism) + if h.Parallelism < minP || h.Parallelism > MaxParallelism { + if h.TruncationFixed || p == 0 { + return errors.Errorf("parallelism cost %d is not in range [%d, %d]", + h.Parallelism, minP, MaxParallelism) + } + // Previously we unconditionally casted costs.Parallelism to a uint8, + // so we replicate this behavior for backwards compatibility. + log.Printf("WARNING: Truncating parallelism cost of %d to %d", h.Parallelism, p) } - if h.Parallelism <= 0 { - return errors.Errorf("parallelism=%d is not positive", h.Parallelism) + + minT := int64(1) + maxT := int64(math.MaxUint32) + if h.Time < minT || h.Time > maxT { + return errors.Errorf("time cost %d is not in range [%d, %d]", h.Time, minT, maxT) } - minMemory := 8 * h.Parallelism - if h.Memory < minMemory { - return errors.Errorf("memory=%d is less than minimum (%d)", h.Memory, minMemory) + + minM := 8 * int64(p) + maxM := int64(math.MaxUint32) + if h.Memory < minM || h.Memory > maxM { + return errors.Errorf("memory cost %d KiB is not in range [%d, %d]", h.Memory, minM, maxM) } return nil } diff --git a/vendor/github.com/google/fscrypt/metadata/config.go b/vendor/github.com/google/fscrypt/metadata/config.go index b3c872693..1d93d7497 100644 --- a/vendor/github.com/google/fscrypt/metadata/config.go +++ b/vendor/github.com/google/fscrypt/metadata/config.go @@ -29,31 +29,39 @@ package metadata import ( "io" - "github.com/golang/protobuf/jsonpb" + "google.golang.org/protobuf/encoding/protojson" ) // WriteConfig outputs the Config data as nicely formatted JSON func WriteConfig(config *Config, out io.Writer) error { - m := jsonpb.Marshaler{ - EmitDefaults: true, - EnumsAsInts: false, - Indent: "\t", - OrigName: true, + m := protojson.MarshalOptions{ + Multiline: true, + Indent: "\t", + UseProtoNames: true, + UseEnumNumbers: false, + EmitUnpopulated: true, } - if err := m.Marshal(out, config); err != nil { + bytes, err := m.Marshal(config) + if err != nil { return err } - - _, err := out.Write([]byte{'\n'}) + if _, err = out.Write(bytes); err != nil { + return err + } + _, err = out.Write([]byte{'\n'}) return err } // ReadConfig writes the JSON data into the config structure func ReadConfig(in io.Reader) (*Config, error) { - config := new(Config) - // Allow (and ignore) unknown fields for forwards compatibility. - u := jsonpb.Unmarshaler{ - AllowUnknownFields: true, + bytes, err := io.ReadAll(in) + if err != nil { + return nil, err } - return config, u.Unmarshal(in, config) + config := new(Config) + // Discard unknown fields for forwards compatibility. + u := protojson.UnmarshalOptions{ + DiscardUnknown: true, + } + return config, u.Unmarshal(bytes, config) } diff --git a/vendor/github.com/google/fscrypt/metadata/metadata.pb.go b/vendor/github.com/google/fscrypt/metadata/metadata.pb.go index 67098043c..6a335f949 100644 --- a/vendor/github.com/google/fscrypt/metadata/metadata.pb.go +++ b/vendor/github.com/google/fscrypt/metadata/metadata.pb.go @@ -1,22 +1,47 @@ +// +// metadata.proto - File which contains all of the metadata structures which we +// write to metadata files. Must be compiled with protoc to use the library. +// Compilation can be invoked with go generate. +// +// Copyright 2017 Google Inc. +// Author: Joe Richey (joerichey@google.com) +// +// Licensed under the Apache License, Version 2.0 (the "License"); you may not +// use this file except in compliance with the License. You may obtain a copy of +// the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations under +// the License. + +// If the *.proto file is modified, be sure to run "make gen" (at the project +// root) to recreate the *.pb.go file. + // Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.28.0 +// protoc v3.6.1 // source: metadata/metadata.proto package metadata -import proto "github.com/golang/protobuf/proto" -import fmt "fmt" -import math "math" +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) // Specifies the method in which an outside secret is obtained for a Protector type SourceType int32 @@ -28,562 +53,884 @@ const ( SourceType_raw_key SourceType = 3 ) -var SourceType_name = map[int32]string{ - 0: "default", - 1: "pam_passphrase", - 2: "custom_passphrase", - 3: "raw_key", -} -var SourceType_value = map[string]int32{ - "default": 0, - "pam_passphrase": 1, - "custom_passphrase": 2, - "raw_key": 3, +// Enum value maps for SourceType. +var ( + SourceType_name = map[int32]string{ + 0: "default", + 1: "pam_passphrase", + 2: "custom_passphrase", + 3: "raw_key", + } + SourceType_value = map[string]int32{ + "default": 0, + "pam_passphrase": 1, + "custom_passphrase": 2, + "raw_key": 3, + } +) + +func (x SourceType) Enum() *SourceType { + p := new(SourceType) + *p = x + return p } func (x SourceType) String() string { - return proto.EnumName(SourceType_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } + +func (SourceType) Descriptor() protoreflect.EnumDescriptor { + return file_metadata_metadata_proto_enumTypes[0].Descriptor() +} + +func (SourceType) Type() protoreflect.EnumType { + return &file_metadata_metadata_proto_enumTypes[0] +} + +func (x SourceType) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use SourceType.Descriptor instead. func (SourceType) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{0} + return file_metadata_metadata_proto_rawDescGZIP(), []int{0} } // Type of encryption; should match declarations of unix.FSCRYPT_MODE type EncryptionOptions_Mode int32 const ( - EncryptionOptions_default EncryptionOptions_Mode = 0 - EncryptionOptions_AES_256_XTS EncryptionOptions_Mode = 1 - EncryptionOptions_AES_256_GCM EncryptionOptions_Mode = 2 - EncryptionOptions_AES_256_CBC EncryptionOptions_Mode = 3 - EncryptionOptions_AES_256_CTS EncryptionOptions_Mode = 4 - EncryptionOptions_AES_128_CBC EncryptionOptions_Mode = 5 - EncryptionOptions_AES_128_CTS EncryptionOptions_Mode = 6 - EncryptionOptions_Adiantum EncryptionOptions_Mode = 9 + EncryptionOptions_default EncryptionOptions_Mode = 0 + EncryptionOptions_AES_256_XTS EncryptionOptions_Mode = 1 + EncryptionOptions_AES_256_GCM EncryptionOptions_Mode = 2 + EncryptionOptions_AES_256_CBC EncryptionOptions_Mode = 3 + EncryptionOptions_AES_256_CTS EncryptionOptions_Mode = 4 + EncryptionOptions_AES_128_CBC EncryptionOptions_Mode = 5 + EncryptionOptions_AES_128_CTS EncryptionOptions_Mode = 6 + EncryptionOptions_Adiantum EncryptionOptions_Mode = 9 + EncryptionOptions_AES_256_HCTR2 EncryptionOptions_Mode = 10 ) -var EncryptionOptions_Mode_name = map[int32]string{ - 0: "default", - 1: "AES_256_XTS", - 2: "AES_256_GCM", - 3: "AES_256_CBC", - 4: "AES_256_CTS", - 5: "AES_128_CBC", - 6: "AES_128_CTS", - 9: "Adiantum", -} -var EncryptionOptions_Mode_value = map[string]int32{ - "default": 0, - "AES_256_XTS": 1, - "AES_256_GCM": 2, - "AES_256_CBC": 3, - "AES_256_CTS": 4, - "AES_128_CBC": 5, - "AES_128_CTS": 6, - "Adiantum": 9, +// Enum value maps for EncryptionOptions_Mode. +var ( + EncryptionOptions_Mode_name = map[int32]string{ + 0: "default", + 1: "AES_256_XTS", + 2: "AES_256_GCM", + 3: "AES_256_CBC", + 4: "AES_256_CTS", + 5: "AES_128_CBC", + 6: "AES_128_CTS", + 9: "Adiantum", + 10: "AES_256_HCTR2", + } + EncryptionOptions_Mode_value = map[string]int32{ + "default": 0, + "AES_256_XTS": 1, + "AES_256_GCM": 2, + "AES_256_CBC": 3, + "AES_256_CTS": 4, + "AES_128_CBC": 5, + "AES_128_CTS": 6, + "Adiantum": 9, + "AES_256_HCTR2": 10, + } +) + +func (x EncryptionOptions_Mode) Enum() *EncryptionOptions_Mode { + p := new(EncryptionOptions_Mode) + *p = x + return p } func (x EncryptionOptions_Mode) String() string { - return proto.EnumName(EncryptionOptions_Mode_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } + +func (EncryptionOptions_Mode) Descriptor() protoreflect.EnumDescriptor { + return file_metadata_metadata_proto_enumTypes[1].Descriptor() +} + +func (EncryptionOptions_Mode) Type() protoreflect.EnumType { + return &file_metadata_metadata_proto_enumTypes[1] +} + +func (x EncryptionOptions_Mode) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use EncryptionOptions_Mode.Descriptor instead. func (EncryptionOptions_Mode) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{3, 0} + return file_metadata_metadata_proto_rawDescGZIP(), []int{3, 0} } // Cost parameters to be used in our hashing functions. type HashingCosts struct { - Time int64 `protobuf:"varint,2,opt,name=time,proto3" json:"time,omitempty"` - Memory int64 `protobuf:"varint,3,opt,name=memory,proto3" json:"memory,omitempty"` - Parallelism int64 `protobuf:"varint,4,opt,name=parallelism,proto3" json:"parallelism,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Time int64 `protobuf:"varint,2,opt,name=time,proto3" json:"time,omitempty"` + Memory int64 `protobuf:"varint,3,opt,name=memory,proto3" json:"memory,omitempty"` + Parallelism int64 `protobuf:"varint,4,opt,name=parallelism,proto3" json:"parallelism,omitempty"` + // If true, parallelism should no longer be truncated to 8 bits. + TruncationFixed bool `protobuf:"varint,5,opt,name=truncation_fixed,json=truncationFixed,proto3" json:"truncation_fixed,omitempty"` } -func (m *HashingCosts) Reset() { *m = HashingCosts{} } -func (m *HashingCosts) String() string { return proto.CompactTextString(m) } -func (*HashingCosts) ProtoMessage() {} +func (x *HashingCosts) Reset() { + *x = HashingCosts{} + if protoimpl.UnsafeEnabled { + mi := &file_metadata_metadata_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *HashingCosts) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*HashingCosts) ProtoMessage() {} + +func (x *HashingCosts) ProtoReflect() protoreflect.Message { + mi := &file_metadata_metadata_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use HashingCosts.ProtoReflect.Descriptor instead. func (*HashingCosts) Descriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{0} -} -func (m *HashingCosts) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_HashingCosts.Unmarshal(m, b) -} -func (m *HashingCosts) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_HashingCosts.Marshal(b, m, deterministic) -} -func (dst *HashingCosts) XXX_Merge(src proto.Message) { - xxx_messageInfo_HashingCosts.Merge(dst, src) -} -func (m *HashingCosts) XXX_Size() int { - return xxx_messageInfo_HashingCosts.Size(m) -} -func (m *HashingCosts) XXX_DiscardUnknown() { - xxx_messageInfo_HashingCosts.DiscardUnknown(m) + return file_metadata_metadata_proto_rawDescGZIP(), []int{0} } -var xxx_messageInfo_HashingCosts proto.InternalMessageInfo - -func (m *HashingCosts) GetTime() int64 { - if m != nil { - return m.Time +func (x *HashingCosts) GetTime() int64 { + if x != nil { + return x.Time } return 0 } -func (m *HashingCosts) GetMemory() int64 { - if m != nil { - return m.Memory +func (x *HashingCosts) GetMemory() int64 { + if x != nil { + return x.Memory } return 0 } -func (m *HashingCosts) GetParallelism() int64 { - if m != nil { - return m.Parallelism +func (x *HashingCosts) GetParallelism() int64 { + if x != nil { + return x.Parallelism } return 0 } +func (x *HashingCosts) GetTruncationFixed() bool { + if x != nil { + return x.TruncationFixed + } + return false +} + // This structure is used for our authenticated wrapping/unwrapping of keys. type WrappedKeyData struct { - IV []byte `protobuf:"bytes,1,opt,name=IV,proto3" json:"IV,omitempty"` - EncryptedKey []byte `protobuf:"bytes,2,opt,name=encrypted_key,json=encryptedKey,proto3" json:"encrypted_key,omitempty"` - Hmac []byte `protobuf:"bytes,3,opt,name=hmac,proto3" json:"hmac,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + IV []byte `protobuf:"bytes,1,opt,name=IV,proto3" json:"IV,omitempty"` + EncryptedKey []byte `protobuf:"bytes,2,opt,name=encrypted_key,json=encryptedKey,proto3" json:"encrypted_key,omitempty"` + Hmac []byte `protobuf:"bytes,3,opt,name=hmac,proto3" json:"hmac,omitempty"` } -func (m *WrappedKeyData) Reset() { *m = WrappedKeyData{} } -func (m *WrappedKeyData) String() string { return proto.CompactTextString(m) } -func (*WrappedKeyData) ProtoMessage() {} +func (x *WrappedKeyData) Reset() { + *x = WrappedKeyData{} + if protoimpl.UnsafeEnabled { + mi := &file_metadata_metadata_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *WrappedKeyData) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WrappedKeyData) ProtoMessage() {} + +func (x *WrappedKeyData) ProtoReflect() protoreflect.Message { + mi := &file_metadata_metadata_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WrappedKeyData.ProtoReflect.Descriptor instead. func (*WrappedKeyData) Descriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{1} -} -func (m *WrappedKeyData) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_WrappedKeyData.Unmarshal(m, b) -} -func (m *WrappedKeyData) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_WrappedKeyData.Marshal(b, m, deterministic) -} -func (dst *WrappedKeyData) XXX_Merge(src proto.Message) { - xxx_messageInfo_WrappedKeyData.Merge(dst, src) -} -func (m *WrappedKeyData) XXX_Size() int { - return xxx_messageInfo_WrappedKeyData.Size(m) -} -func (m *WrappedKeyData) XXX_DiscardUnknown() { - xxx_messageInfo_WrappedKeyData.DiscardUnknown(m) + return file_metadata_metadata_proto_rawDescGZIP(), []int{1} } -var xxx_messageInfo_WrappedKeyData proto.InternalMessageInfo - -func (m *WrappedKeyData) GetIV() []byte { - if m != nil { - return m.IV +func (x *WrappedKeyData) GetIV() []byte { + if x != nil { + return x.IV } return nil } -func (m *WrappedKeyData) GetEncryptedKey() []byte { - if m != nil { - return m.EncryptedKey +func (x *WrappedKeyData) GetEncryptedKey() []byte { + if x != nil { + return x.EncryptedKey } return nil } -func (m *WrappedKeyData) GetHmac() []byte { - if m != nil { - return m.Hmac +func (x *WrappedKeyData) GetHmac() []byte { + if x != nil { + return x.Hmac } return nil } // The associated data for each protector type ProtectorData struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + ProtectorDescriptor string `protobuf:"bytes,1,opt,name=protector_descriptor,json=protectorDescriptor,proto3" json:"protector_descriptor,omitempty"` Source SourceType `protobuf:"varint,2,opt,name=source,proto3,enum=metadata.SourceType" json:"source,omitempty"` // These are only used by some of the protector types - Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` - Costs *HashingCosts `protobuf:"bytes,4,opt,name=costs,proto3" json:"costs,omitempty"` - Salt []byte `protobuf:"bytes,5,opt,name=salt,proto3" json:"salt,omitempty"` - Uid int64 `protobuf:"varint,6,opt,name=uid,proto3" json:"uid,omitempty"` - WrappedKey *WrappedKeyData `protobuf:"bytes,7,opt,name=wrapped_key,json=wrappedKey,proto3" json:"wrapped_key,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` + Costs *HashingCosts `protobuf:"bytes,4,opt,name=costs,proto3" json:"costs,omitempty"` + Salt []byte `protobuf:"bytes,5,opt,name=salt,proto3" json:"salt,omitempty"` + Uid int64 `protobuf:"varint,6,opt,name=uid,proto3" json:"uid,omitempty"` + WrappedKey *WrappedKeyData `protobuf:"bytes,7,opt,name=wrapped_key,json=wrappedKey,proto3" json:"wrapped_key,omitempty"` } -func (m *ProtectorData) Reset() { *m = ProtectorData{} } -func (m *ProtectorData) String() string { return proto.CompactTextString(m) } -func (*ProtectorData) ProtoMessage() {} +func (x *ProtectorData) Reset() { + *x = ProtectorData{} + if protoimpl.UnsafeEnabled { + mi := &file_metadata_metadata_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ProtectorData) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ProtectorData) ProtoMessage() {} + +func (x *ProtectorData) ProtoReflect() protoreflect.Message { + mi := &file_metadata_metadata_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ProtectorData.ProtoReflect.Descriptor instead. func (*ProtectorData) Descriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{2} -} -func (m *ProtectorData) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_ProtectorData.Unmarshal(m, b) -} -func (m *ProtectorData) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_ProtectorData.Marshal(b, m, deterministic) -} -func (dst *ProtectorData) XXX_Merge(src proto.Message) { - xxx_messageInfo_ProtectorData.Merge(dst, src) -} -func (m *ProtectorData) XXX_Size() int { - return xxx_messageInfo_ProtectorData.Size(m) -} -func (m *ProtectorData) XXX_DiscardUnknown() { - xxx_messageInfo_ProtectorData.DiscardUnknown(m) + return file_metadata_metadata_proto_rawDescGZIP(), []int{2} } -var xxx_messageInfo_ProtectorData proto.InternalMessageInfo - -func (m *ProtectorData) GetProtectorDescriptor() string { - if m != nil { - return m.ProtectorDescriptor +func (x *ProtectorData) GetProtectorDescriptor() string { + if x != nil { + return x.ProtectorDescriptor } return "" } -func (m *ProtectorData) GetSource() SourceType { - if m != nil { - return m.Source +func (x *ProtectorData) GetSource() SourceType { + if x != nil { + return x.Source } return SourceType_default } -func (m *ProtectorData) GetName() string { - if m != nil { - return m.Name +func (x *ProtectorData) GetName() string { + if x != nil { + return x.Name } return "" } -func (m *ProtectorData) GetCosts() *HashingCosts { - if m != nil { - return m.Costs +func (x *ProtectorData) GetCosts() *HashingCosts { + if x != nil { + return x.Costs } return nil } -func (m *ProtectorData) GetSalt() []byte { - if m != nil { - return m.Salt +func (x *ProtectorData) GetSalt() []byte { + if x != nil { + return x.Salt } return nil } -func (m *ProtectorData) GetUid() int64 { - if m != nil { - return m.Uid +func (x *ProtectorData) GetUid() int64 { + if x != nil { + return x.Uid } return 0 } -func (m *ProtectorData) GetWrappedKey() *WrappedKeyData { - if m != nil { - return m.WrappedKey +func (x *ProtectorData) GetWrappedKey() *WrappedKeyData { + if x != nil { + return x.WrappedKey } return nil } // Encryption policy specifics, corresponds to the fscrypt_policy struct type EncryptionOptions struct { - Padding int64 `protobuf:"varint,1,opt,name=padding,proto3" json:"padding,omitempty"` - Contents EncryptionOptions_Mode `protobuf:"varint,2,opt,name=contents,proto3,enum=metadata.EncryptionOptions_Mode" json:"contents,omitempty"` - Filenames EncryptionOptions_Mode `protobuf:"varint,3,opt,name=filenames,proto3,enum=metadata.EncryptionOptions_Mode" json:"filenames,omitempty"` - PolicyVersion int64 `protobuf:"varint,4,opt,name=policy_version,json=policyVersion,proto3" json:"policy_version,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Padding int64 `protobuf:"varint,1,opt,name=padding,proto3" json:"padding,omitempty"` + Contents EncryptionOptions_Mode `protobuf:"varint,2,opt,name=contents,proto3,enum=metadata.EncryptionOptions_Mode" json:"contents,omitempty"` + Filenames EncryptionOptions_Mode `protobuf:"varint,3,opt,name=filenames,proto3,enum=metadata.EncryptionOptions_Mode" json:"filenames,omitempty"` + PolicyVersion int64 `protobuf:"varint,4,opt,name=policy_version,json=policyVersion,proto3" json:"policy_version,omitempty"` } -func (m *EncryptionOptions) Reset() { *m = EncryptionOptions{} } -func (m *EncryptionOptions) String() string { return proto.CompactTextString(m) } -func (*EncryptionOptions) ProtoMessage() {} +func (x *EncryptionOptions) Reset() { + *x = EncryptionOptions{} + if protoimpl.UnsafeEnabled { + mi := &file_metadata_metadata_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *EncryptionOptions) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EncryptionOptions) ProtoMessage() {} + +func (x *EncryptionOptions) ProtoReflect() protoreflect.Message { + mi := &file_metadata_metadata_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EncryptionOptions.ProtoReflect.Descriptor instead. func (*EncryptionOptions) Descriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{3} -} -func (m *EncryptionOptions) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_EncryptionOptions.Unmarshal(m, b) -} -func (m *EncryptionOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_EncryptionOptions.Marshal(b, m, deterministic) -} -func (dst *EncryptionOptions) XXX_Merge(src proto.Message) { - xxx_messageInfo_EncryptionOptions.Merge(dst, src) -} -func (m *EncryptionOptions) XXX_Size() int { - return xxx_messageInfo_EncryptionOptions.Size(m) -} -func (m *EncryptionOptions) XXX_DiscardUnknown() { - xxx_messageInfo_EncryptionOptions.DiscardUnknown(m) + return file_metadata_metadata_proto_rawDescGZIP(), []int{3} } -var xxx_messageInfo_EncryptionOptions proto.InternalMessageInfo - -func (m *EncryptionOptions) GetPadding() int64 { - if m != nil { - return m.Padding +func (x *EncryptionOptions) GetPadding() int64 { + if x != nil { + return x.Padding } return 0 } -func (m *EncryptionOptions) GetContents() EncryptionOptions_Mode { - if m != nil { - return m.Contents +func (x *EncryptionOptions) GetContents() EncryptionOptions_Mode { + if x != nil { + return x.Contents } return EncryptionOptions_default } -func (m *EncryptionOptions) GetFilenames() EncryptionOptions_Mode { - if m != nil { - return m.Filenames +func (x *EncryptionOptions) GetFilenames() EncryptionOptions_Mode { + if x != nil { + return x.Filenames } return EncryptionOptions_default } -func (m *EncryptionOptions) GetPolicyVersion() int64 { - if m != nil { - return m.PolicyVersion +func (x *EncryptionOptions) GetPolicyVersion() int64 { + if x != nil { + return x.PolicyVersion } return 0 } type WrappedPolicyKey struct { - ProtectorDescriptor string `protobuf:"bytes,1,opt,name=protector_descriptor,json=protectorDescriptor,proto3" json:"protector_descriptor,omitempty"` - WrappedKey *WrappedKeyData `protobuf:"bytes,2,opt,name=wrapped_key,json=wrappedKey,proto3" json:"wrapped_key,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ProtectorDescriptor string `protobuf:"bytes,1,opt,name=protector_descriptor,json=protectorDescriptor,proto3" json:"protector_descriptor,omitempty"` + WrappedKey *WrappedKeyData `protobuf:"bytes,2,opt,name=wrapped_key,json=wrappedKey,proto3" json:"wrapped_key,omitempty"` } -func (m *WrappedPolicyKey) Reset() { *m = WrappedPolicyKey{} } -func (m *WrappedPolicyKey) String() string { return proto.CompactTextString(m) } -func (*WrappedPolicyKey) ProtoMessage() {} +func (x *WrappedPolicyKey) Reset() { + *x = WrappedPolicyKey{} + if protoimpl.UnsafeEnabled { + mi := &file_metadata_metadata_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *WrappedPolicyKey) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WrappedPolicyKey) ProtoMessage() {} + +func (x *WrappedPolicyKey) ProtoReflect() protoreflect.Message { + mi := &file_metadata_metadata_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WrappedPolicyKey.ProtoReflect.Descriptor instead. func (*WrappedPolicyKey) Descriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{4} -} -func (m *WrappedPolicyKey) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_WrappedPolicyKey.Unmarshal(m, b) -} -func (m *WrappedPolicyKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_WrappedPolicyKey.Marshal(b, m, deterministic) -} -func (dst *WrappedPolicyKey) XXX_Merge(src proto.Message) { - xxx_messageInfo_WrappedPolicyKey.Merge(dst, src) -} -func (m *WrappedPolicyKey) XXX_Size() int { - return xxx_messageInfo_WrappedPolicyKey.Size(m) -} -func (m *WrappedPolicyKey) XXX_DiscardUnknown() { - xxx_messageInfo_WrappedPolicyKey.DiscardUnknown(m) + return file_metadata_metadata_proto_rawDescGZIP(), []int{4} } -var xxx_messageInfo_WrappedPolicyKey proto.InternalMessageInfo - -func (m *WrappedPolicyKey) GetProtectorDescriptor() string { - if m != nil { - return m.ProtectorDescriptor +func (x *WrappedPolicyKey) GetProtectorDescriptor() string { + if x != nil { + return x.ProtectorDescriptor } return "" } -func (m *WrappedPolicyKey) GetWrappedKey() *WrappedKeyData { - if m != nil { - return m.WrappedKey +func (x *WrappedPolicyKey) GetWrappedKey() *WrappedKeyData { + if x != nil { + return x.WrappedKey } return nil } // The associated data for each policy type PolicyData struct { - KeyDescriptor string `protobuf:"bytes,1,opt,name=key_descriptor,json=keyDescriptor,proto3" json:"key_descriptor,omitempty"` - Options *EncryptionOptions `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"` - WrappedPolicyKeys []*WrappedPolicyKey `protobuf:"bytes,3,rep,name=wrapped_policy_keys,json=wrappedPolicyKeys,proto3" json:"wrapped_policy_keys,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + KeyDescriptor string `protobuf:"bytes,1,opt,name=key_descriptor,json=keyDescriptor,proto3" json:"key_descriptor,omitempty"` + Options *EncryptionOptions `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"` + WrappedPolicyKeys []*WrappedPolicyKey `protobuf:"bytes,3,rep,name=wrapped_policy_keys,json=wrappedPolicyKeys,proto3" json:"wrapped_policy_keys,omitempty"` } -func (m *PolicyData) Reset() { *m = PolicyData{} } -func (m *PolicyData) String() string { return proto.CompactTextString(m) } -func (*PolicyData) ProtoMessage() {} +func (x *PolicyData) Reset() { + *x = PolicyData{} + if protoimpl.UnsafeEnabled { + mi := &file_metadata_metadata_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PolicyData) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PolicyData) ProtoMessage() {} + +func (x *PolicyData) ProtoReflect() protoreflect.Message { + mi := &file_metadata_metadata_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PolicyData.ProtoReflect.Descriptor instead. func (*PolicyData) Descriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{5} -} -func (m *PolicyData) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_PolicyData.Unmarshal(m, b) -} -func (m *PolicyData) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_PolicyData.Marshal(b, m, deterministic) -} -func (dst *PolicyData) XXX_Merge(src proto.Message) { - xxx_messageInfo_PolicyData.Merge(dst, src) -} -func (m *PolicyData) XXX_Size() int { - return xxx_messageInfo_PolicyData.Size(m) -} -func (m *PolicyData) XXX_DiscardUnknown() { - xxx_messageInfo_PolicyData.DiscardUnknown(m) + return file_metadata_metadata_proto_rawDescGZIP(), []int{5} } -var xxx_messageInfo_PolicyData proto.InternalMessageInfo - -func (m *PolicyData) GetKeyDescriptor() string { - if m != nil { - return m.KeyDescriptor +func (x *PolicyData) GetKeyDescriptor() string { + if x != nil { + return x.KeyDescriptor } return "" } -func (m *PolicyData) GetOptions() *EncryptionOptions { - if m != nil { - return m.Options +func (x *PolicyData) GetOptions() *EncryptionOptions { + if x != nil { + return x.Options } return nil } -func (m *PolicyData) GetWrappedPolicyKeys() []*WrappedPolicyKey { - if m != nil { - return m.WrappedPolicyKeys +func (x *PolicyData) GetWrappedPolicyKeys() []*WrappedPolicyKey { + if x != nil { + return x.WrappedPolicyKeys } return nil } // Data stored in the config file type Config struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + Source SourceType `protobuf:"varint,1,opt,name=source,proto3,enum=metadata.SourceType" json:"source,omitempty"` HashCosts *HashingCosts `protobuf:"bytes,2,opt,name=hash_costs,json=hashCosts,proto3" json:"hash_costs,omitempty"` Options *EncryptionOptions `protobuf:"bytes,4,opt,name=options,proto3" json:"options,omitempty"` UseFsKeyringForV1Policies bool `protobuf:"varint,5,opt,name=use_fs_keyring_for_v1_policies,json=useFsKeyringForV1Policies,proto3" json:"use_fs_keyring_for_v1_policies,omitempty"` AllowCrossUserMetadata bool `protobuf:"varint,6,opt,name=allow_cross_user_metadata,json=allowCrossUserMetadata,proto3" json:"allow_cross_user_metadata,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` } -func (m *Config) Reset() { *m = Config{} } -func (m *Config) String() string { return proto.CompactTextString(m) } -func (*Config) ProtoMessage() {} +func (x *Config) Reset() { + *x = Config{} + if protoimpl.UnsafeEnabled { + mi := &file_metadata_metadata_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Config) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Config) ProtoMessage() {} + +func (x *Config) ProtoReflect() protoreflect.Message { + mi := &file_metadata_metadata_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Config.ProtoReflect.Descriptor instead. func (*Config) Descriptor() ([]byte, []int) { - return fileDescriptor_metadata_31965d2849cb292a, []int{6} -} -func (m *Config) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Config.Unmarshal(m, b) -} -func (m *Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Config.Marshal(b, m, deterministic) -} -func (dst *Config) XXX_Merge(src proto.Message) { - xxx_messageInfo_Config.Merge(dst, src) -} -func (m *Config) XXX_Size() int { - return xxx_messageInfo_Config.Size(m) -} -func (m *Config) XXX_DiscardUnknown() { - xxx_messageInfo_Config.DiscardUnknown(m) + return file_metadata_metadata_proto_rawDescGZIP(), []int{6} } -var xxx_messageInfo_Config proto.InternalMessageInfo - -func (m *Config) GetSource() SourceType { - if m != nil { - return m.Source +func (x *Config) GetSource() SourceType { + if x != nil { + return x.Source } return SourceType_default } -func (m *Config) GetHashCosts() *HashingCosts { - if m != nil { - return m.HashCosts +func (x *Config) GetHashCosts() *HashingCosts { + if x != nil { + return x.HashCosts } return nil } -func (m *Config) GetOptions() *EncryptionOptions { - if m != nil { - return m.Options +func (x *Config) GetOptions() *EncryptionOptions { + if x != nil { + return x.Options } return nil } -func (m *Config) GetUseFsKeyringForV1Policies() bool { - if m != nil { - return m.UseFsKeyringForV1Policies +func (x *Config) GetUseFsKeyringForV1Policies() bool { + if x != nil { + return x.UseFsKeyringForV1Policies } return false } -func (m *Config) GetAllowCrossUserMetadata() bool { - if m != nil { - return m.AllowCrossUserMetadata +func (x *Config) GetAllowCrossUserMetadata() bool { + if x != nil { + return x.AllowCrossUserMetadata } return false } -func init() { - proto.RegisterType((*HashingCosts)(nil), "metadata.HashingCosts") - proto.RegisterType((*WrappedKeyData)(nil), "metadata.WrappedKeyData") - proto.RegisterType((*ProtectorData)(nil), "metadata.ProtectorData") - proto.RegisterType((*EncryptionOptions)(nil), "metadata.EncryptionOptions") - proto.RegisterType((*WrappedPolicyKey)(nil), "metadata.WrappedPolicyKey") - proto.RegisterType((*PolicyData)(nil), "metadata.PolicyData") - proto.RegisterType((*Config)(nil), "metadata.Config") - proto.RegisterEnum("metadata.SourceType", SourceType_name, SourceType_value) - proto.RegisterEnum("metadata.EncryptionOptions_Mode", EncryptionOptions_Mode_name, EncryptionOptions_Mode_value) +var File_metadata_metadata_proto protoreflect.FileDescriptor + +var file_metadata_metadata_proto_rawDesc = []byte{ + 0x0a, 0x17, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, + 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, + 0x61, 0x74, 0x61, 0x22, 0x87, 0x01, 0x0a, 0x0c, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x43, + 0x6f, 0x73, 0x74, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x03, 0x52, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x65, 0x6d, 0x6f, + 0x72, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x6d, 0x65, 0x6d, 0x6f, 0x72, 0x79, + 0x12, 0x20, 0x0a, 0x0b, 0x70, 0x61, 0x72, 0x61, 0x6c, 0x6c, 0x65, 0x6c, 0x69, 0x73, 0x6d, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x70, 0x61, 0x72, 0x61, 0x6c, 0x6c, 0x65, 0x6c, 0x69, + 0x73, 0x6d, 0x12, 0x29, 0x0a, 0x10, 0x74, 0x72, 0x75, 0x6e, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x5f, 0x66, 0x69, 0x78, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x74, 0x72, + 0x75, 0x6e, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x78, 0x65, 0x64, 0x22, 0x59, 0x0a, + 0x0e, 0x57, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x44, 0x61, 0x74, 0x61, 0x12, + 0x0e, 0x0a, 0x02, 0x49, 0x56, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x02, 0x49, 0x56, 0x12, + 0x23, 0x0a, 0x0d, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x5f, 0x6b, 0x65, 0x79, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, + 0x64, 0x4b, 0x65, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x6d, 0x61, 0x63, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x0c, 0x52, 0x04, 0x68, 0x6d, 0x61, 0x63, 0x22, 0x93, 0x02, 0x0a, 0x0d, 0x50, 0x72, 0x6f, + 0x74, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x44, 0x61, 0x74, 0x61, 0x12, 0x31, 0x0a, 0x14, 0x70, 0x72, + 0x6f, 0x74, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, + 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13, 0x70, 0x72, 0x6f, 0x74, 0x65, 0x63, + 0x74, 0x6f, 0x72, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x12, 0x2c, 0x0a, + 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x14, 0x2e, + 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, + 0x79, 0x70, 0x65, 0x52, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, + 0x2c, 0x0a, 0x05, 0x63, 0x6f, 0x73, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, + 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e, + 0x67, 0x43, 0x6f, 0x73, 0x74, 0x73, 0x52, 0x05, 0x63, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x12, 0x0a, + 0x04, 0x73, 0x61, 0x6c, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x73, 0x61, 0x6c, + 0x74, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x69, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x03, + 0x75, 0x69, 0x64, 0x12, 0x39, 0x0a, 0x0b, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x6b, + 0x65, 0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, + 0x61, 0x74, 0x61, 0x2e, 0x57, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x44, 0x61, + 0x74, 0x61, 0x52, 0x0a, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x22, 0xef, + 0x02, 0x0a, 0x11, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x61, 0x64, 0x64, 0x69, 0x6e, 0x67, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x07, 0x70, 0x61, 0x64, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x3c, + 0x0a, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, + 0x32, 0x20, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x45, 0x6e, 0x63, 0x72, + 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4d, 0x6f, + 0x64, 0x65, 0x52, 0x08, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x3e, 0x0a, 0x09, + 0x66, 0x69, 0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, + 0x20, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4d, 0x6f, 0x64, + 0x65, 0x52, 0x09, 0x66, 0x69, 0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0e, + 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x03, 0x52, 0x0d, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x56, 0x65, 0x72, 0x73, + 0x69, 0x6f, 0x6e, 0x22, 0x9a, 0x01, 0x0a, 0x04, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x0b, 0x0a, 0x07, + 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, + 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x58, 0x54, 0x53, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, + 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x47, 0x43, 0x4d, 0x10, 0x02, 0x12, 0x0f, 0x0a, 0x0b, 0x41, + 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x43, 0x42, 0x43, 0x10, 0x03, 0x12, 0x0f, 0x0a, 0x0b, + 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x43, 0x54, 0x53, 0x10, 0x04, 0x12, 0x0f, 0x0a, + 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x43, 0x42, 0x43, 0x10, 0x05, 0x12, 0x0f, + 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x43, 0x54, 0x53, 0x10, 0x06, 0x12, + 0x0c, 0x0a, 0x08, 0x41, 0x64, 0x69, 0x61, 0x6e, 0x74, 0x75, 0x6d, 0x10, 0x09, 0x12, 0x11, 0x0a, + 0x0d, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x43, 0x54, 0x52, 0x32, 0x10, 0x0a, + 0x22, 0x80, 0x01, 0x0a, 0x10, 0x57, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, + 0x63, 0x79, 0x4b, 0x65, 0x79, 0x12, 0x31, 0x0a, 0x14, 0x70, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, + 0x6f, 0x72, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x13, 0x70, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x44, 0x65, + 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x12, 0x39, 0x0a, 0x0b, 0x77, 0x72, 0x61, 0x70, + 0x70, 0x65, 0x64, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, + 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x57, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, + 0x4b, 0x65, 0x79, 0x44, 0x61, 0x74, 0x61, 0x52, 0x0a, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, + 0x4b, 0x65, 0x79, 0x22, 0xb6, 0x01, 0x0a, 0x0a, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x44, 0x61, + 0x74, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x6b, 0x65, 0x79, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6b, 0x65, 0x79, 0x44, + 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x12, 0x35, 0x0a, 0x07, 0x6f, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x6d, 0x65, 0x74, + 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, + 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, + 0x12, 0x4a, 0x0a, 0x13, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x70, 0x6f, 0x6c, 0x69, + 0x63, 0x79, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, + 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x57, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, + 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x4b, 0x65, 0x79, 0x52, 0x11, 0x77, 0x72, 0x61, 0x70, 0x70, + 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x4b, 0x65, 0x79, 0x73, 0x22, 0xb7, 0x02, 0x0a, + 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x0a, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x14, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, + 0x74, 0x61, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x06, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x35, 0x0a, 0x0a, 0x68, 0x61, 0x73, 0x68, 0x5f, 0x63, 0x6f, + 0x73, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6d, 0x65, 0x74, 0x61, + 0x64, 0x61, 0x74, 0x61, 0x2e, 0x48, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x73, 0x74, + 0x73, 0x52, 0x09, 0x68, 0x61, 0x73, 0x68, 0x43, 0x6f, 0x73, 0x74, 0x73, 0x12, 0x35, 0x0a, 0x07, + 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, + 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x12, 0x41, 0x0a, 0x1e, 0x75, 0x73, 0x65, 0x5f, 0x66, 0x73, 0x5f, 0x6b, 0x65, + 0x79, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x66, 0x6f, 0x72, 0x5f, 0x76, 0x31, 0x5f, 0x70, 0x6f, 0x6c, + 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x75, 0x73, 0x65, + 0x46, 0x73, 0x4b, 0x65, 0x79, 0x72, 0x69, 0x6e, 0x67, 0x46, 0x6f, 0x72, 0x56, 0x31, 0x50, 0x6f, + 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x39, 0x0a, 0x19, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, + 0x63, 0x72, 0x6f, 0x73, 0x73, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, + 0x61, 0x74, 0x61, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x61, 0x6c, 0x6c, 0x6f, 0x77, + 0x43, 0x72, 0x6f, 0x73, 0x73, 0x55, 0x73, 0x65, 0x72, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, + 0x61, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x0d, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x69, + 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x2a, 0x51, 0x0a, 0x0a, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, + 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x10, + 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x70, 0x61, 0x6d, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x70, 0x68, 0x72, + 0x61, 0x73, 0x65, 0x10, 0x01, 0x12, 0x15, 0x0a, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, + 0x70, 0x61, 0x73, 0x73, 0x70, 0x68, 0x72, 0x61, 0x73, 0x65, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, + 0x72, 0x61, 0x77, 0x5f, 0x6b, 0x65, 0x79, 0x10, 0x03, 0x42, 0x24, 0x5a, 0x22, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x66, + 0x73, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } -func init() { proto.RegisterFile("metadata/metadata.proto", fileDescriptor_metadata_31965d2849cb292a) } +var ( + file_metadata_metadata_proto_rawDescOnce sync.Once + file_metadata_metadata_proto_rawDescData = file_metadata_metadata_proto_rawDesc +) -var fileDescriptor_metadata_31965d2849cb292a = []byte{ - // 748 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x55, 0xdb, 0x6a, 0xf3, 0x46, - 0x10, 0xae, 0x24, 0xc7, 0x87, 0xf1, 0xa1, 0xca, 0xfe, 0x69, 0xaa, 0xb4, 0x50, 0x8c, 0x4b, 0x20, - 0x94, 0x90, 0x62, 0x97, 0x94, 0x06, 0x4a, 0x21, 0x75, 0x92, 0x36, 0x09, 0xa1, 0xe9, 0xda, 0x75, - 0x5b, 0x28, 0x88, 0x8d, 0xb4, 0xb6, 0x17, 0x4b, 0x5a, 0xb1, 0xbb, 0x8a, 0xd1, 0x5d, 0xef, 0xfa, - 0x00, 0x7d, 0x97, 0xf6, 0x65, 0xfa, 0x30, 0x45, 0x2b, 0xc9, 0x87, 0x04, 0x42, 0xf2, 0xdf, 0x98, - 0xd9, 0x6f, 0x67, 0xe6, 0x9b, 0xf9, 0x66, 0xc7, 0x82, 0x8f, 0x43, 0xaa, 0x88, 0x4f, 0x14, 0xf9, - 0xb2, 0x34, 0x4e, 0x62, 0xc1, 0x15, 0x47, 0xf5, 0xf2, 0xdc, 0xfb, 0x03, 0x5a, 0x3f, 0x12, 0x39, - 0x67, 0xd1, 0x6c, 0xc8, 0xa5, 0x92, 0x08, 0x41, 0x45, 0xb1, 0x90, 0x3a, 0x66, 0xd7, 0x38, 0xb2, - 0xb0, 0xb6, 0xd1, 0x3e, 0x54, 0x43, 0x1a, 0x72, 0x91, 0x3a, 0x96, 0x46, 0x8b, 0x13, 0xea, 0x42, - 0x33, 0x26, 0x82, 0x04, 0x01, 0x0d, 0x98, 0x0c, 0x9d, 0x8a, 0xbe, 0xdc, 0x84, 0x7a, 0xbf, 0x43, - 0xe7, 0x57, 0x41, 0xe2, 0x98, 0xfa, 0xb7, 0x34, 0xbd, 0x20, 0x8a, 0xa0, 0x0e, 0x98, 0xd7, 0x13, - 0xc7, 0xe8, 0x1a, 0x47, 0x2d, 0x6c, 0x5e, 0x4f, 0xd0, 0xe7, 0xd0, 0xa6, 0x91, 0x27, 0xd2, 0x58, - 0x51, 0xdf, 0x5d, 0xd0, 0x54, 0x13, 0xb7, 0x70, 0x6b, 0x05, 0xde, 0xd2, 0x34, 0x2b, 0x6a, 0x1e, - 0x12, 0x4f, 0xd3, 0xb7, 0xb0, 0xb6, 0x7b, 0x7f, 0x9b, 0xd0, 0xbe, 0x17, 0x5c, 0x51, 0x4f, 0x71, - 0xa1, 0x53, 0xf7, 0x61, 0x2f, 0x2e, 0x01, 0xd7, 0xa7, 0xd2, 0x13, 0x2c, 0x56, 0x5c, 0x68, 0xb2, - 0x06, 0x7e, 0xb7, 0xba, 0xbb, 0x58, 0x5d, 0xa1, 0x63, 0xa8, 0x4a, 0x9e, 0x08, 0x2f, 0xef, 0xb7, - 0x33, 0xd8, 0x3b, 0x59, 0x09, 0x35, 0xd2, 0xf8, 0x38, 0x8d, 0x29, 0x2e, 0x7c, 0xb2, 0x32, 0x22, - 0x12, 0x52, 0x5d, 0x46, 0x03, 0x6b, 0x1b, 0x1d, 0xc3, 0x8e, 0x97, 0x09, 0xa7, 0xbb, 0x6f, 0x0e, - 0xf6, 0xd7, 0x09, 0x36, 0x65, 0xc5, 0xb9, 0x53, 0x96, 0x41, 0x92, 0x40, 0x39, 0x3b, 0x79, 0x23, - 0x99, 0x8d, 0x6c, 0xb0, 0x12, 0xe6, 0x3b, 0x55, 0xad, 0x5e, 0x66, 0xa2, 0x33, 0x68, 0x2e, 0x73, - 0xd5, 0xb4, 0x22, 0x35, 0x9d, 0xd9, 0x59, 0x67, 0xde, 0x96, 0x14, 0xc3, 0x72, 0x75, 0xee, 0xfd, - 0x67, 0xc2, 0xee, 0x65, 0x2e, 0x1d, 0xe3, 0xd1, 0x4f, 0xfa, 0x57, 0x22, 0x07, 0x6a, 0x31, 0xf1, - 0x7d, 0x16, 0xcd, 0xb4, 0x18, 0x16, 0x2e, 0x8f, 0xe8, 0x5b, 0xa8, 0x7b, 0x3c, 0x52, 0x34, 0x52, - 0xb2, 0x90, 0xa0, 0xbb, 0xe6, 0x79, 0x96, 0xe8, 0xe4, 0x8e, 0xfb, 0x14, 0xaf, 0x22, 0xd0, 0x77, - 0xd0, 0x98, 0xb2, 0x80, 0x66, 0x42, 0x48, 0xad, 0xca, 0x6b, 0xc2, 0xd7, 0x21, 0xe8, 0x10, 0x3a, - 0x31, 0x0f, 0x98, 0x97, 0xba, 0x8f, 0x54, 0x48, 0xc6, 0xa3, 0xe2, 0x0d, 0xb5, 0x73, 0x74, 0x92, - 0x83, 0xbd, 0xbf, 0x0c, 0xa8, 0x64, 0xa1, 0xa8, 0x09, 0x35, 0x9f, 0x4e, 0x49, 0x12, 0x28, 0xfb, - 0x03, 0xf4, 0x21, 0x34, 0xcf, 0x2f, 0x47, 0xee, 0xe0, 0xf4, 0x6b, 0xf7, 0xb7, 0xf1, 0xc8, 0x36, - 0x36, 0x81, 0x1f, 0x86, 0x77, 0xb6, 0xb9, 0x09, 0x0c, 0xbf, 0x1f, 0xda, 0xd6, 0x16, 0x30, 0x1e, - 0xd9, 0x95, 0x12, 0xe8, 0x0f, 0xbe, 0xd1, 0x1e, 0x3b, 0x5b, 0xc0, 0x78, 0x64, 0x57, 0x51, 0x0b, - 0xea, 0xe7, 0x3e, 0x23, 0x91, 0x4a, 0x42, 0xbb, 0xd1, 0xfb, 0xd3, 0x00, 0xbb, 0x50, 0xff, 0x5e, - 0x97, 0x98, 0xbd, 0xce, 0xf7, 0x78, 0x77, 0x4f, 0x26, 0x6c, 0xbe, 0x61, 0xc2, 0xff, 0x18, 0x00, - 0x39, 0xb7, 0x7e, 0xf4, 0x87, 0xd0, 0x59, 0xd0, 0xf4, 0x39, 0x6d, 0x7b, 0x41, 0xd3, 0x0d, 0xc2, - 0x53, 0xa8, 0xf1, 0x7c, 0x08, 0x05, 0xd9, 0xa7, 0x2f, 0xcc, 0x09, 0x97, 0xbe, 0xe8, 0x06, 0xde, - 0x95, 0x75, 0x16, 0x83, 0x5a, 0xd0, 0x34, 0x1b, 0xb5, 0x75, 0xd4, 0x1c, 0x7c, 0xf2, 0xac, 0xde, - 0x95, 0x26, 0x78, 0x77, 0xf9, 0x04, 0x91, 0xbd, 0x7f, 0x4d, 0xa8, 0x0e, 0x79, 0x34, 0x65, 0xb3, - 0x8d, 0xb5, 0x33, 0x5e, 0xb1, 0x76, 0xa7, 0x00, 0x73, 0x22, 0xe7, 0x6e, 0xbe, 0x67, 0xe6, 0x8b, - 0x7b, 0xd6, 0xc8, 0x3c, 0xf3, 0x7f, 0xb2, 0x8d, 0x96, 0x2b, 0x6f, 0x68, 0xf9, 0x1c, 0x3e, 0x4b, - 0x24, 0x75, 0xa7, 0x32, 0x6b, 0x55, 0xb0, 0x68, 0xe6, 0x4e, 0xb9, 0x70, 0x1f, 0xfb, 0xb9, 0x00, - 0x8c, 0x4a, 0xbd, 0xbc, 0x75, 0x7c, 0x90, 0x48, 0x7a, 0x25, 0x6f, 0x73, 0x9f, 0x2b, 0x2e, 0x26, - 0xfd, 0xfb, 0xc2, 0x01, 0x9d, 0xc1, 0x01, 0x09, 0x02, 0xbe, 0x74, 0x3d, 0xc1, 0xa5, 0x74, 0x13, - 0x49, 0x85, 0x5b, 0x52, 0xeb, 0x3d, 0xaf, 0xe3, 0x7d, 0xed, 0x30, 0xcc, 0xee, 0x7f, 0x91, 0x54, - 0xdc, 0x15, 0xb7, 0x37, 0x95, 0xba, 0x65, 0x57, 0x70, 0xdb, 0xe3, 0x61, 0x4c, 0x14, 0x7b, 0x60, - 0x01, 0x53, 0xe9, 0x17, 0x3f, 0x03, 0xac, 0x65, 0xd9, 0x5e, 0x02, 0x04, 0x9d, 0x98, 0x84, 0x6e, - 0x4c, 0xa4, 0x8c, 0xe7, 0x82, 0x48, 0x6a, 0x1b, 0xe8, 0x23, 0xd8, 0xf5, 0x12, 0xa9, 0xf8, 0x16, - 0x6c, 0x66, 0x71, 0x82, 0x2c, 0xb3, 0xae, 0x6c, 0xeb, 0xa1, 0xaa, 0xbf, 0x03, 0x5f, 0xfd, 0x1f, - 0x00, 0x00, 0xff, 0xff, 0xe2, 0x78, 0x9e, 0x2e, 0x22, 0x06, 0x00, 0x00, +func file_metadata_metadata_proto_rawDescGZIP() []byte { + file_metadata_metadata_proto_rawDescOnce.Do(func() { + file_metadata_metadata_proto_rawDescData = protoimpl.X.CompressGZIP(file_metadata_metadata_proto_rawDescData) + }) + return file_metadata_metadata_proto_rawDescData +} + +var file_metadata_metadata_proto_enumTypes = make([]protoimpl.EnumInfo, 2) +var file_metadata_metadata_proto_msgTypes = make([]protoimpl.MessageInfo, 7) +var file_metadata_metadata_proto_goTypes = []interface{}{ + (SourceType)(0), // 0: metadata.SourceType + (EncryptionOptions_Mode)(0), // 1: metadata.EncryptionOptions.Mode + (*HashingCosts)(nil), // 2: metadata.HashingCosts + (*WrappedKeyData)(nil), // 3: metadata.WrappedKeyData + (*ProtectorData)(nil), // 4: metadata.ProtectorData + (*EncryptionOptions)(nil), // 5: metadata.EncryptionOptions + (*WrappedPolicyKey)(nil), // 6: metadata.WrappedPolicyKey + (*PolicyData)(nil), // 7: metadata.PolicyData + (*Config)(nil), // 8: metadata.Config +} +var file_metadata_metadata_proto_depIdxs = []int32{ + 0, // 0: metadata.ProtectorData.source:type_name -> metadata.SourceType + 2, // 1: metadata.ProtectorData.costs:type_name -> metadata.HashingCosts + 3, // 2: metadata.ProtectorData.wrapped_key:type_name -> metadata.WrappedKeyData + 1, // 3: metadata.EncryptionOptions.contents:type_name -> metadata.EncryptionOptions.Mode + 1, // 4: metadata.EncryptionOptions.filenames:type_name -> metadata.EncryptionOptions.Mode + 3, // 5: metadata.WrappedPolicyKey.wrapped_key:type_name -> metadata.WrappedKeyData + 5, // 6: metadata.PolicyData.options:type_name -> metadata.EncryptionOptions + 6, // 7: metadata.PolicyData.wrapped_policy_keys:type_name -> metadata.WrappedPolicyKey + 0, // 8: metadata.Config.source:type_name -> metadata.SourceType + 2, // 9: metadata.Config.hash_costs:type_name -> metadata.HashingCosts + 5, // 10: metadata.Config.options:type_name -> metadata.EncryptionOptions + 11, // [11:11] is the sub-list for method output_type + 11, // [11:11] is the sub-list for method input_type + 11, // [11:11] is the sub-list for extension type_name + 11, // [11:11] is the sub-list for extension extendee + 0, // [0:11] is the sub-list for field type_name +} + +func init() { file_metadata_metadata_proto_init() } +func file_metadata_metadata_proto_init() { + if File_metadata_metadata_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_metadata_metadata_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*HashingCosts); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_metadata_metadata_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*WrappedKeyData); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_metadata_metadata_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ProtectorData); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_metadata_metadata_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*EncryptionOptions); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_metadata_metadata_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*WrappedPolicyKey); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_metadata_metadata_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PolicyData); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_metadata_metadata_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Config); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_metadata_metadata_proto_rawDesc, + NumEnums: 2, + NumMessages: 7, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_metadata_metadata_proto_goTypes, + DependencyIndexes: file_metadata_metadata_proto_depIdxs, + EnumInfos: file_metadata_metadata_proto_enumTypes, + MessageInfos: file_metadata_metadata_proto_msgTypes, + }.Build() + File_metadata_metadata_proto = out.File + file_metadata_metadata_proto_rawDesc = nil + file_metadata_metadata_proto_goTypes = nil + file_metadata_metadata_proto_depIdxs = nil } diff --git a/vendor/github.com/google/fscrypt/metadata/metadata.proto b/vendor/github.com/google/fscrypt/metadata/metadata.proto index 84245e020..f2dd78fe7 100644 --- a/vendor/github.com/google/fscrypt/metadata/metadata.proto +++ b/vendor/github.com/google/fscrypt/metadata/metadata.proto @@ -19,15 +19,20 @@ * the License. */ -// If you modify this file, be sure to run "go generate" on this package. +// If the *.proto file is modified, be sure to run "make gen" (at the project +// root) to recreate the *.pb.go file. syntax = "proto3"; package metadata; +option go_package = "github.com/google/fscrypt/metadata"; + // Cost parameters to be used in our hashing functions. message HashingCosts { int64 time = 2; int64 memory = 3; int64 parallelism = 4; + // If true, parallelism should no longer be truncated to 8 bits. + bool truncation_fixed = 5; } // This structure is used for our authenticated wrapping/unwrapping of keys. @@ -73,6 +78,7 @@ message EncryptionOptions { AES_128_CBC = 5; AES_128_CTS = 6; Adiantum = 9; + AES_256_HCTR2 = 10; } Mode contents = 2; diff --git a/vendor/github.com/google/fscrypt/metadata/policy.go b/vendor/github.com/google/fscrypt/metadata/policy.go index e218a0814..7831e53a6 100644 --- a/vendor/github.com/google/fscrypt/metadata/policy.go +++ b/vendor/github.com/google/fscrypt/metadata/policy.go @@ -94,7 +94,7 @@ func (err *ErrNotEncrypted) Error() string { return fmt.Sprintf("file or directory %q is not encrypted", err.Path) } -func policyIoctl(file *os.File, request uintptr, arg unsafe.Pointer) error { +func getPolicyIoctl(file *os.File, request uintptr, arg unsafe.Pointer) error { _, _, errno := unix.Syscall(unix.SYS_IOCTL, file.Fd(), request, uintptr(arg)) if errno == 0 { return nil @@ -102,6 +102,19 @@ func policyIoctl(file *os.File, request uintptr, arg unsafe.Pointer) error { return errno } +func setPolicy(file *os.File, arg unsafe.Pointer) error { + _, _, errno := unix.Syscall(unix.SYS_IOCTL, file.Fd(), unix.FS_IOC_SET_ENCRYPTION_POLICY, uintptr(arg)) + if errno != 0 { + return errno + } + + if err := file.Sync(); err != nil { + return err + } + + return nil +} + // Maps EncryptionOptions.Padding <-> FSCRYPT_POLICY_FLAGS var ( paddingArray = []int64{4, 8, 16, 32} @@ -159,10 +172,10 @@ func GetPolicy(path string) (*PolicyData, error) { var arg unix.FscryptGetPolicyExArg arg.Size = uint64(unsafe.Sizeof(arg.Policy)) policyPtr := util.Ptr(arg.Policy[:]) - err = policyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY_EX, unsafe.Pointer(&arg)) + err = getPolicyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY_EX, unsafe.Pointer(&arg)) if err == unix.ENOTTY { // Fall back to the old version of the ioctl. This works for v1 policies only. - err = policyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY, policyPtr) + err = getPolicyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY, policyPtr) arg.Size = uint64(unsafe.Sizeof(unix.FscryptPolicyV1{})) } switch err { @@ -235,7 +248,7 @@ func setV1Policy(file *os.File, options *EncryptionOptions, descriptorBytes []by } copy(policy.Master_key_descriptor[:], descriptorBytes) - return policyIoctl(file, unix.FS_IOC_SET_ENCRYPTION_POLICY, unsafe.Pointer(&policy)) + return setPolicy(file, unsafe.Pointer(&policy)) } func setV2Policy(file *os.File, options *EncryptionOptions, descriptorBytes []byte) error { @@ -252,7 +265,7 @@ func setV2Policy(file *os.File, options *EncryptionOptions, descriptorBytes []by } copy(policy.Master_key_identifier[:], descriptorBytes) - return policyIoctl(file, unix.FS_IOC_SET_ENCRYPTION_POLICY, unsafe.Pointer(&policy)) + return setPolicy(file, unsafe.Pointer(&policy)) } // SetPolicy sets up the specified directory to be encrypted with the specified @@ -332,7 +345,7 @@ func CheckSupport(path string) error { Flags: math.MaxUint8, } - err = policyIoctl(file, unix.FS_IOC_SET_ENCRYPTION_POLICY, unsafe.Pointer(&badPolicy)) + err = setPolicy(file, unsafe.Pointer(&badPolicy)) switch err { case nil: log.Panicf(`FS_IOC_SET_ENCRYPTION_POLICY succeeded when it should have failed. diff --git a/vendor/modules.txt b/vendor/modules.txt index 28ba246c4..b704118fc 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -228,8 +228,8 @@ github.com/golang/protobuf/ptypes/wrappers # github.com/golang/snappy v0.0.4 ## explicit github.com/golang/snappy -# github.com/google/fscrypt v0.3.3 -## explicit; go 1.11 +# github.com/google/fscrypt v0.3.4 +## explicit; go 1.16 github.com/google/fscrypt/actions github.com/google/fscrypt/crypto github.com/google/fscrypt/filesystem