From 6a58dad42b9977ad3a4cea22ef50ef9ed48ec0d8 Mon Sep 17 00:00:00 2001 From: Leonard Cohnen Date: Thu, 7 Mar 2024 20:04:31 +0100 Subject: [PATCH] coordinator: align mesh root naming This also fixes a bug where the intermediate cert is returned and saved as "mesh-root.pem". --- cli/cmd/common.go | 18 +++---- cli/cmd/set.go | 4 +- cli/cmd/verify.go | 4 +- coordinator/meshapi.go | 4 +- coordinator/userapi.go | 16 +++---- coordinator/userapi_test.go | 14 +++--- internal/ca/ca.go | 6 +-- internal/ca/ca_test.go | 4 +- internal/userapi/userapi.pb.go | 86 +++++++++++++++++----------------- internal/userapi/userapi.proto | 8 ++-- 10 files changed, 83 insertions(+), 81 deletions(-) diff --git a/cli/cmd/common.go b/cli/cmd/common.go index f3b0a91446..f89cb3c6cd 100644 --- a/cli/cmd/common.go +++ b/cli/cmd/common.go @@ -7,15 +7,15 @@ import ( ) const ( - coordHashFilename = "coordinator-policy.sha256" - coordRootPEMFilename = "coordinator-root.pem" - coordIntermPEMFilename = "mesh-root.pem" - workloadOwnerPEM = "workload-owner.pem" - manifestFilename = "manifest.json" - settingsFilename = "settings.json" - rulesFilename = "rules.rego" - verifyDir = "./verify" - cacheDirEnv = "CONTRAST_CACHE_DIR" + coordHashFilename = "coordinator-policy.sha256" + coordRootPEMFilename = "coordinator-root.pem" + meshRootPEMFilename = "mesh-root.pem" + workloadOwnerPEM = "workload-owner.pem" + manifestFilename = "manifest.json" + settingsFilename = "settings.json" + rulesFilename = "rules.rego" + verifyDir = "./verify" + cacheDirEnv = "CONTRAST_CACHE_DIR" ) var ( diff --git a/cli/cmd/set.go b/cli/cmd/set.go index 8bc5f6f33e..16b9ac64ac 100644 --- a/cli/cmd/set.go +++ b/cli/cmd/set.go @@ -139,8 +139,8 @@ func runSet(cmd *cobra.Command, args []string) error { fmt.Fprintln(cmd.OutOrStdout(), "✔️ Manifest set successfully") filelist := map[string][]byte{ - path.Join(flags.workspaceDir, coordRootPEMFilename): resp.CACert, - path.Join(flags.workspaceDir, coordIntermPEMFilename): resp.IntermCert, + path.Join(flags.workspaceDir, coordRootPEMFilename): resp.CoordinatorRoot, + path.Join(flags.workspaceDir, meshRootPEMFilename): resp.MeshRoot, } if err := writeFilelist(".", filelist); err != nil { return fmt.Errorf("writing filelist: %w", err) diff --git a/cli/cmd/verify.go b/cli/cmd/verify.go index 298617c5ab..db49068a14 100644 --- a/cli/cmd/verify.go +++ b/cli/cmd/verify.go @@ -88,8 +88,8 @@ func runVerify(cmd *cobra.Command, _ []string) error { log.Debug("Got response") filelist := map[string][]byte{ - coordRootPEMFilename: resp.CACert, - coordIntermPEMFilename: resp.IntermCert, + coordRootPEMFilename: resp.CoordinatorRoot, + meshRootPEMFilename: resp.MeshRoot, } for i, m := range resp.Manifests { filelist[fmt.Sprintf("manifest.%d.json", i)] = m diff --git a/coordinator/meshapi.go b/coordinator/meshapi.go index 29de55d68b..4eb117ea93 100644 --- a/coordinator/meshapi.go +++ b/coordinator/meshapi.go @@ -74,12 +74,12 @@ func (i *meshAPIServer) NewMeshCert(_ context.Context, req *meshapi.NewMeshCertR "getting certificate with public key hash %q: %v", req.PeerPublicKeyHash, err) } - meshCACert := i.caChainGetter.GetMeshCACert() + meshCACert := i.caChainGetter.GetMeshRootCert() intermCert := i.caChainGetter.GetIntermCert() return &meshapi.NewMeshCertResponse{ MeshCACert: meshCACert, CertChain: append(cert, intermCert...), - RootCACert: i.caChainGetter.GetRootCACert(), + RootCACert: i.caChainGetter.GetCoordinatorRootCert(), }, nil } diff --git a/coordinator/userapi.go b/coordinator/userapi.go index 697cc95103..cd4748106f 100644 --- a/coordinator/userapi.go +++ b/coordinator/userapi.go @@ -101,8 +101,8 @@ func (s *userAPIServer) SetManifest(ctx context.Context, req *userapi.SetManifes } resp := &userapi.SetManifestResponse{ - CACert: s.caChainGetter.GetRootCACert(), - IntermCert: s.caChainGetter.GetIntermCert(), + CoordinatorRoot: s.caChainGetter.GetCoordinatorRootCert(), + MeshRoot: s.caChainGetter.GetMeshRootCert(), } s.logger.Info("SetManifest succeeded") @@ -131,10 +131,10 @@ func (s *userAPIServer) GetManifests(_ context.Context, _ *userapi.GetManifestsR } resp := &userapi.GetManifestsResponse{ - Manifests: manifestBytes, - Policies: policySliceToBytesSlice(policies), - CACert: s.caChainGetter.GetRootCACert(), - IntermCert: s.caChainGetter.GetIntermCert(), + Manifests: manifestBytes, + Policies: policySliceToBytesSlice(policies), + CoordinatorRoot: s.caChainGetter.GetCoordinatorRootCert(), + MeshRoot: s.caChainGetter.GetIntermCert(), } s.logger.Info("GetManifest succeeded") @@ -210,8 +210,8 @@ func manifestSliceToBytesSlice(s []*manifest.Manifest) ([][]byte, error) { } type certChainGetter interface { - GetRootCACert() []byte - GetMeshCACert() []byte + GetCoordinatorRootCert() []byte + GetMeshRootCert() []byte GetIntermCert() []byte } diff --git a/coordinator/userapi_test.go b/coordinator/userapi_test.go index 4f274ff36f..710891c6ce 100644 --- a/coordinator/userapi_test.go +++ b/coordinator/userapi_test.go @@ -227,8 +227,8 @@ func TestManifestSet(t *testing.T) { return } require.NoError(err) - assert.Equal([]byte("root"), resp.CACert) - assert.Equal([]byte("inter"), resp.IntermCert) + assert.Equal([]byte("root"), resp.CoordinatorRoot) + assert.Equal([]byte("inter"), resp.MeshRoot) assert.Equal(1, tc.mSGetter.setManifestCount) }) } @@ -293,8 +293,8 @@ func TestGetManifests(t *testing.T) { return } require.NoError(err) - assert.Equal([]byte("root"), resp.CACert) - assert.Equal([]byte("inter"), resp.IntermCert) + assert.Equal([]byte("root"), resp.CoordinatorRoot) + assert.Equal([]byte("inter"), resp.MeshRoot) assert.Len(resp.Policies, len(tc.policyStoreContent)) }) } @@ -394,9 +394,9 @@ func (s *stubManifestSetGetter) LatestManifest() (*manifest.Manifest, error) { type stubCertChainGetter struct{} -func (s *stubCertChainGetter) GetRootCACert() []byte { return []byte("root") } -func (s *stubCertChainGetter) GetMeshCACert() []byte { return []byte("mesh") } -func (s *stubCertChainGetter) GetIntermCert() []byte { return []byte("inter") } +func (s *stubCertChainGetter) GetCoordinatorRootCert() []byte { return []byte("root") } +func (s *stubCertChainGetter) GetMeshRootCert() []byte { return []byte("mesh") } +func (s *stubCertChainGetter) GetIntermCert() []byte { return []byte("inter") } func rpcContext(key *ecdsa.PrivateKey) context.Context { var peerCertificates []*x509.Certificate diff --git a/internal/ca/ca.go b/internal/ca/ca.go index 119ae7e5a9..95a978a874 100644 --- a/internal/ca/ca.go +++ b/internal/ca/ca.go @@ -142,8 +142,8 @@ func (c *CA) RotateIntermCerts() error { return nil } -// GetRootCACert returns the root certificate of the CA in PEM format. -func (c *CA) GetRootCACert() []byte { +// GetCoordinatorRootCert returns the root certificate of the CA in PEM format. +func (c *CA) GetCoordinatorRootCert() []byte { return c.rootPEM } @@ -153,7 +153,7 @@ func (c *CA) GetIntermCert() []byte { } // GetMeshCACert returns the mesh root certificate of the CA in PEM format. -func (c *CA) GetMeshCACert() []byte { +func (c *CA) GetMeshRootCert() []byte { return c.meshCAPEM } diff --git a/internal/ca/ca_test.go b/internal/ca/ca_test.go index d98772769b..080a0e23ab 100644 --- a/internal/ca/ca_test.go +++ b/internal/ca/ca_test.go @@ -180,11 +180,11 @@ func TestCAConcurrent(t *testing.T) { } getMeshCACert := func() { defer wg.Done() - assert.NotEmpty(ca.GetMeshCACert()) + assert.NotEmpty(ca.GetMeshRootCert()) } getRootCACert := func() { defer wg.Done() - assert.NotEmpty(ca.GetRootCACert()) + assert.NotEmpty(ca.GetCoordinatorRootCert()) } rotateIntermCerts := func() { defer wg.Done() diff --git a/internal/userapi/userapi.pb.go b/internal/userapi/userapi.pb.go index 2da4a087f0..0f1af8ba55 100644 --- a/internal/userapi/userapi.pb.go +++ b/internal/userapi/userapi.pb.go @@ -81,9 +81,9 @@ type SetManifestResponse struct { unknownFields protoimpl.UnknownFields // PEM-encoded certificate - CACert []byte `protobuf:"bytes,1,opt,name=CACert,proto3" json:"CACert,omitempty"` + CoordinatorRoot []byte `protobuf:"bytes,1,opt,name=CoordinatorRoot,proto3" json:"CoordinatorRoot,omitempty"` // PEM-encoded certificate - IntermCert []byte `protobuf:"bytes,2,opt,name=IntermCert,proto3" json:"IntermCert,omitempty"` + MeshRoot []byte `protobuf:"bytes,2,opt,name=MeshRoot,proto3" json:"MeshRoot,omitempty"` } func (x *SetManifestResponse) Reset() { @@ -118,16 +118,16 @@ func (*SetManifestResponse) Descriptor() ([]byte, []int) { return file_userapi_proto_rawDescGZIP(), []int{1} } -func (x *SetManifestResponse) GetCACert() []byte { +func (x *SetManifestResponse) GetCoordinatorRoot() []byte { if x != nil { - return x.CACert + return x.CoordinatorRoot } return nil } -func (x *SetManifestResponse) GetIntermCert() []byte { +func (x *SetManifestResponse) GetMeshRoot() []byte { if x != nil { - return x.IntermCert + return x.MeshRoot } return nil } @@ -178,9 +178,9 @@ type GetManifestsResponse struct { Manifests [][]byte `protobuf:"bytes,1,rep,name=Manifests,proto3" json:"Manifests,omitempty"` Policies [][]byte `protobuf:"bytes,2,rep,name=Policies,proto3" json:"Policies,omitempty"` // PEM-encoded certificate - CACert []byte `protobuf:"bytes,3,opt,name=CACert,proto3" json:"CACert,omitempty"` + CoordinatorRoot []byte `protobuf:"bytes,3,opt,name=CoordinatorRoot,proto3" json:"CoordinatorRoot,omitempty"` // PEM-encoded certificate - IntermCert []byte `protobuf:"bytes,4,opt,name=IntermCert,proto3" json:"IntermCert,omitempty"` + MeshRoot []byte `protobuf:"bytes,4,opt,name=MeshRoot,proto3" json:"MeshRoot,omitempty"` } func (x *GetManifestsResponse) Reset() { @@ -229,16 +229,16 @@ func (x *GetManifestsResponse) GetPolicies() [][]byte { return nil } -func (x *GetManifestsResponse) GetCACert() []byte { +func (x *GetManifestsResponse) GetCoordinatorRoot() []byte { if x != nil { - return x.CACert + return x.CoordinatorRoot } return nil } -func (x *GetManifestsResponse) GetIntermCert() []byte { +func (x *GetManifestsResponse) GetMeshRoot() []byte { if x != nil { - return x.IntermCert + return x.MeshRoot } return nil } @@ -252,36 +252,38 @@ var file_userapi_proto_rawDesc = []byte{ 0x0a, 0x08, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x08, 0x50, 0x6f, - 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x22, 0x4d, 0x0a, 0x13, 0x53, 0x65, 0x74, 0x4d, 0x61, 0x6e, - 0x69, 0x66, 0x65, 0x73, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, - 0x06, 0x43, 0x41, 0x43, 0x65, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x43, - 0x41, 0x43, 0x65, 0x72, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6d, 0x43, - 0x65, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0a, 0x49, 0x6e, 0x74, 0x65, 0x72, - 0x6d, 0x43, 0x65, 0x72, 0x74, 0x22, 0x15, 0x0a, 0x13, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, - 0x66, 0x65, 0x73, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x88, 0x01, 0x0a, - 0x14, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, - 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x09, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, - 0x73, 0x74, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, - 0x02, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x08, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, - 0x16, 0x0a, 0x06, 0x43, 0x41, 0x43, 0x65, 0x72, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, - 0x06, 0x43, 0x41, 0x43, 0x65, 0x72, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x49, 0x6e, 0x74, 0x65, 0x72, - 0x6d, 0x43, 0x65, 0x72, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0a, 0x49, 0x6e, 0x74, - 0x65, 0x72, 0x6d, 0x43, 0x65, 0x72, 0x74, 0x32, 0xa0, 0x01, 0x0a, 0x07, 0x55, 0x73, 0x65, 0x72, - 0x41, 0x50, 0x49, 0x12, 0x48, 0x0a, 0x0b, 0x53, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, - 0x73, 0x74, 0x12, 0x1b, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x61, 0x70, 0x69, 0x2e, 0x53, 0x65, 0x74, - 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, - 0x1c, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x61, 0x70, 0x69, 0x2e, 0x53, 0x65, 0x74, 0x4d, 0x61, 0x6e, - 0x69, 0x66, 0x65, 0x73, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4b, 0x0a, - 0x0c, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x73, 0x12, 0x1c, 0x2e, - 0x75, 0x73, 0x65, 0x72, 0x61, 0x70, 0x69, 0x2e, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, - 0x65, 0x73, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x75, 0x73, - 0x65, 0x72, 0x61, 0x70, 0x69, 0x2e, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, - 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x32, 0x5a, 0x30, 0x67, 0x69, - 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x64, 0x67, 0x65, 0x6c, 0x65, 0x73, - 0x73, 0x73, 0x79, 0x73, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x61, 0x73, 0x74, 0x2f, 0x69, 0x6e, - 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x61, 0x70, 0x69, 0x62, 0x06, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x22, 0x5b, 0x0a, 0x13, 0x53, 0x65, 0x74, 0x4d, 0x61, 0x6e, + 0x69, 0x66, 0x65, 0x73, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x28, 0x0a, + 0x0f, 0x43, 0x6f, 0x6f, 0x72, 0x64, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x52, 0x6f, 0x6f, 0x74, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0f, 0x43, 0x6f, 0x6f, 0x72, 0x64, 0x69, 0x6e, 0x61, + 0x74, 0x6f, 0x72, 0x52, 0x6f, 0x6f, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x4d, 0x65, 0x73, 0x68, 0x52, + 0x6f, 0x6f, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x4d, 0x65, 0x73, 0x68, 0x52, + 0x6f, 0x6f, 0x74, 0x22, 0x15, 0x0a, 0x13, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, + 0x73, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x96, 0x01, 0x0a, 0x14, 0x47, + 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x73, + 0x18, 0x01, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x09, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, + 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, + 0x03, 0x28, 0x0c, 0x52, 0x08, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x28, 0x0a, + 0x0f, 0x43, 0x6f, 0x6f, 0x72, 0x64, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x52, 0x6f, 0x6f, 0x74, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0f, 0x43, 0x6f, 0x6f, 0x72, 0x64, 0x69, 0x6e, 0x61, + 0x74, 0x6f, 0x72, 0x52, 0x6f, 0x6f, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x4d, 0x65, 0x73, 0x68, 0x52, + 0x6f, 0x6f, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x4d, 0x65, 0x73, 0x68, 0x52, + 0x6f, 0x6f, 0x74, 0x32, 0xa0, 0x01, 0x0a, 0x07, 0x55, 0x73, 0x65, 0x72, 0x41, 0x50, 0x49, 0x12, + 0x48, 0x0a, 0x0b, 0x53, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x12, 0x1b, + 0x2e, 0x75, 0x73, 0x65, 0x72, 0x61, 0x70, 0x69, 0x2e, 0x53, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, + 0x66, 0x65, 0x73, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x75, 0x73, + 0x65, 0x72, 0x61, 0x70, 0x69, 0x2e, 0x53, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, + 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4b, 0x0a, 0x0c, 0x47, 0x65, 0x74, + 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x73, 0x12, 0x1c, 0x2e, 0x75, 0x73, 0x65, 0x72, + 0x61, 0x70, 0x69, 0x2e, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x73, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x75, 0x73, 0x65, 0x72, 0x61, 0x70, + 0x69, 0x2e, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x73, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x32, 0x5a, 0x30, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, + 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x64, 0x67, 0x65, 0x6c, 0x65, 0x73, 0x73, 0x73, 0x79, 0x73, + 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x61, 0x73, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, + 0x61, 0x6c, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x61, 0x70, 0x69, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x33, } var ( diff --git a/internal/userapi/userapi.proto b/internal/userapi/userapi.proto index 9f4c1ea236..0d970a5e61 100644 --- a/internal/userapi/userapi.proto +++ b/internal/userapi/userapi.proto @@ -16,9 +16,9 @@ message SetManifestRequest { message SetManifestResponse { // PEM-encoded certificate - bytes CACert = 1; + bytes CoordinatorRoot = 1; // PEM-encoded certificate - bytes IntermCert = 2; + bytes MeshRoot = 2; } message GetManifestsRequest {} @@ -27,7 +27,7 @@ message GetManifestsResponse { repeated bytes Manifests = 1; repeated bytes Policies = 2; // PEM-encoded certificate - bytes CACert = 3; + bytes CoordinatorRoot = 3; // PEM-encoded certificate - bytes IntermCert = 4; + bytes MeshRoot = 4; }