zuevav/Bridge-and-Join-s
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: живой цикл M2M с НРД + мастер установки ключа на флешку

Browse Source 
Инфраструктура M2M (живой обмен с НРД через ИШ):
- обработка M2MTransferResponse: ERROR(M2Mxx) → заявка Отклонена, сохранение
  ответа; INFO → ждём Decision; идемпотентность поллера
- fallback-корреляция ответов с нулевым GUID (M2M14/M2M17) по FIFO
- сырой XML ответа НРД в карточке заявки (для пересылки в ТП)
- тестовый пакет роботу приведён к эталону m2m_robot_samples (CostInfo=Yes,
  4 бумаги, IsolationStatus, DocumentSeries=сценарий); override паспорта
- редирект из теста сразу в карточку заявки

Мастер установки ключа Валидаты на флешку (admin/setup/keywizard):
- пошаговый: загрузка .7z+пароль → выбор флешки → запись → справочник
  сертификатов (CRL) → перезапуск+проверка ИШ → готово
- привилегированный воркер (bj-keymedia) в host-namespace через файл-обмен,
  bj-server остаётся в песочнице
- сохранение структуры профиля архива (spr<N>), перечисление съёмных USB

Прочее:
- пакет-доказательство для ТП НРД + форма регистрации участника M2M
- эталонные образцы робота (DOC/m2m_robot_samples)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
zuevav
2026-06-19 00:03:21 +03:00
parent 6e503433d4
commit 9737c787f9
110 changed files with 10771 additions and 1690 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/cryptocli/cryptopb/crypto.pb.go
+694
View File
@@ -0,0 +1,694 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.36.11
// protoc v3.12.4
// source: crypto.proto
package cryptopb
import (
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
reflect "reflect"
sync "sync"
unsafe "unsafe"
)
const (
// Verify that this generated code is sufficiently up-to-date.
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
// Verify that runtime/protoimpl is sufficiently up-to-date.
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
)
type ActivateRequest struct {
state protoimpl.MessageState `protogen:"open.v1"`
// Имя профиля в pki1.conf. Пустая строка = minimal mode.
Profile string `protobuf:"bytes,1,opt,name=profile,proto3" json:"profile,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *ActivateRequest) Reset() {
*x = ActivateRequest{}
mi := &file_crypto_proto_msgTypes[0]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *ActivateRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*ActivateRequest) ProtoMessage() {}
func (x *ActivateRequest) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[0]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use ActivateRequest.ProtoReflect.Descriptor instead.
func (*ActivateRequest) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{0}
}
func (x *ActivateRequest) GetProfile() string {
if x != nil {
return x.Profile
}
return ""
}
type ActivateResponse struct {
state protoimpl.MessageState `protogen:"open.v1"`
// true если провайдер успешно (пере)инициализирован.
Ok bool `protobuf:"varint,1,opt,name=ok,proto3" json:"ok,omitempty"`
// Имя активного провайдера ("validata" / "stub").
Provider string `protobuf:"bytes,2,opt,name=provider,proto3" json:"provider,omitempty"`
// Имя активного профиля (пусто для minimal).
Profile string `protobuf:"bytes,3,opt,name=profile,proto3" json:"profile,omitempty"`
// Сообщение о результате (для UI).
Message string `protobuf:"bytes,4,opt,name=message,proto3" json:"message,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *ActivateResponse) Reset() {
*x = ActivateResponse{}
mi := &file_crypto_proto_msgTypes[1]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *ActivateResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*ActivateResponse) ProtoMessage() {}
func (x *ActivateResponse) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[1]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use ActivateResponse.ProtoReflect.Descriptor instead.
func (*ActivateResponse) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{1}
}
func (x *ActivateResponse) GetOk() bool {
if x != nil {
return x.Ok
}
return false
}
func (x *ActivateResponse) GetProvider() string {
if x != nil {
return x.Provider
}
return ""
}
func (x *ActivateResponse) GetProfile() string {
if x != nil {
return x.Profile
}
return ""
}
func (x *ActivateResponse) GetMessage() string {
if x != nil {
return x.Message
}
return ""
}
type ShutdownRequest struct {
state protoimpl.MessageState `protogen:"open.v1"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *ShutdownRequest) Reset() {
*x = ShutdownRequest{}
mi := &file_crypto_proto_msgTypes[2]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *ShutdownRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*ShutdownRequest) ProtoMessage() {}
func (x *ShutdownRequest) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[2]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use ShutdownRequest.ProtoReflect.Descriptor instead.
func (*ShutdownRequest) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{2}
}
type ShutdownResponse struct {
state protoimpl.MessageState `protogen:"open.v1"`
// true означает «запрос принят, процесс завершится через ~500ms».
Ok bool `protobuf:"varint,1,opt,name=ok,proto3" json:"ok,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *ShutdownResponse) Reset() {
*x = ShutdownResponse{}
mi := &file_crypto_proto_msgTypes[3]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *ShutdownResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*ShutdownResponse) ProtoMessage() {}
func (x *ShutdownResponse) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[3]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use ShutdownResponse.ProtoReflect.Descriptor instead.
func (*ShutdownResponse) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{3}
}
func (x *ShutdownResponse) GetOk() bool {
if x != nil {
return x.Ok
}
return false
}
type VerifyRequest struct {
state protoimpl.MessageState `protogen:"open.v1"`
// Целиком подписанный XML.
Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3" json:"payload,omitempty"`
// Профиль ключей и сертификатов: "guest-gost" | "test3-gost" |
// "prod-gost" | "guest-rsa" | ... — определяет хранилище и trust store.
Profile string `protobuf:"bytes,2,opt,name=profile,proto3" json:"profile,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *VerifyRequest) Reset() {
*x = VerifyRequest{}
mi := &file_crypto_proto_msgTypes[4]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *VerifyRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*VerifyRequest) ProtoMessage() {}
func (x *VerifyRequest) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[4]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use VerifyRequest.ProtoReflect.Descriptor instead.
func (*VerifyRequest) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{4}
}
func (x *VerifyRequest) GetPayload() []byte {
if x != nil {
return x.Payload
}
return nil
}
func (x *VerifyRequest) GetProfile() string {
if x != nil {
return x.Profile
}
return ""
}
type VerifyResponse struct {
state protoimpl.MessageState `protogen:"open.v1"`
// Прошла ли проверка.
Valid bool `protobuf:"varint,1,opt,name=valid,proto3" json:"valid,omitempty"`
// CN из сертификата подписанта.
SignerCn string `protobuf:"bytes,2,opt,name=signer_cn,json=signerCn,proto3" json:"signer_cn,omitempty"`
// ИНН из сертификата (если присутствует в OID 1.2.643.3.131.1.1).
SignerInn string `protobuf:"bytes,3,opt,name=signer_inn,json=signerInn,proto3" json:"signer_inn,omitempty"`
// Серийный номер сертификата (hex).
Serial string `protobuf:"bytes,4,opt,name=serial,proto3" json:"serial,omitempty"`
// Срок действия сертификата (unix epoch, секунды).
NotBefore int64 `protobuf:"varint,5,opt,name=not_before,json=notBefore,proto3" json:"not_before,omitempty"`
NotAfter int64 `protobuf:"varint,6,opt,name=not_after,json=notAfter,proto3" json:"not_after,omitempty"`
// Тексты ошибок проверки (если valid=false).
Errors []string `protobuf:"bytes,7,rep,name=errors,proto3" json:"errors,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *VerifyResponse) Reset() {
*x = VerifyResponse{}
mi := &file_crypto_proto_msgTypes[5]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *VerifyResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*VerifyResponse) ProtoMessage() {}
func (x *VerifyResponse) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[5]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use VerifyResponse.ProtoReflect.Descriptor instead.
func (*VerifyResponse) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{5}
}
func (x *VerifyResponse) GetValid() bool {
if x != nil {
return x.Valid
}
return false
}
func (x *VerifyResponse) GetSignerCn() string {
if x != nil {
return x.SignerCn
}
return ""
}
func (x *VerifyResponse) GetSignerInn() string {
if x != nil {
return x.SignerInn
}
return ""
}
func (x *VerifyResponse) GetSerial() string {
if x != nil {
return x.Serial
}
return ""
}
func (x *VerifyResponse) GetNotBefore() int64 {
if x != nil {
return x.NotBefore
}
return 0
}
func (x *VerifyResponse) GetNotAfter() int64 {
if x != nil {
return x.NotAfter
}
return 0
}
func (x *VerifyResponse) GetErrors() []string {
if x != nil {
return x.Errors
}
return nil
}
type SignRequest struct {
state protoimpl.MessageState `protogen:"open.v1"`
// Канонизированный XML, который нужно подписать.
Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3" json:"payload,omitempty"`
// Алиас ключа в JCP-keystore.
KeyAlias string `protobuf:"bytes,2,opt,name=key_alias,json=keyAlias,proto3" json:"key_alias,omitempty"`
// Профиль (тот же что у Verify).
Profile string `protobuf:"bytes,3,opt,name=profile,proto3" json:"profile,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *SignRequest) Reset() {
*x = SignRequest{}
mi := &file_crypto_proto_msgTypes[6]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *SignRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*SignRequest) ProtoMessage() {}
func (x *SignRequest) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[6]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use SignRequest.ProtoReflect.Descriptor instead.
func (*SignRequest) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{6}
}
func (x *SignRequest) GetPayload() []byte {
if x != nil {
return x.Payload
}
return nil
}
func (x *SignRequest) GetKeyAlias() string {
if x != nil {
return x.KeyAlias
}
return ""
}
func (x *SignRequest) GetProfile() string {
if x != nil {
return x.Profile
}
return ""
}
type SignResponse struct {
state protoimpl.MessageState `protogen:"open.v1"`
// Подписанный XML (с детачированной или встроенной подписью —
// зависит от профиля).
SignedXml []byte `protobuf:"bytes,1,opt,name=signed_xml,json=signedXml,proto3" json:"signed_xml,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *SignResponse) Reset() {
*x = SignResponse{}
mi := &file_crypto_proto_msgTypes[7]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *SignResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*SignResponse) ProtoMessage() {}
func (x *SignResponse) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[7]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use SignResponse.ProtoReflect.Descriptor instead.
func (*SignResponse) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{7}
}
func (x *SignResponse) GetSignedXml() []byte {
if x != nil {
return x.SignedXml
}
return nil
}
type HealthRequest struct {
state protoimpl.MessageState `protogen:"open.v1"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *HealthRequest) Reset() {
*x = HealthRequest{}
mi := &file_crypto_proto_msgTypes[8]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *HealthRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*HealthRequest) ProtoMessage() {}
func (x *HealthRequest) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[8]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use HealthRequest.ProtoReflect.Descriptor instead.
func (*HealthRequest) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{8}
}
type HealthResponse struct {
state protoimpl.MessageState `protogen:"open.v1"`
Ok bool `protobuf:"varint,1,opt,name=ok,proto3" json:"ok,omitempty"`
Version string `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"`
// Активный провайдер криптографии: "cryptopro" | "validata" | "vipnet" | "stub".
Provider string `protobuf:"bytes,3,opt,name=provider,proto3" json:"provider,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *HealthResponse) Reset() {
*x = HealthResponse{}
mi := &file_crypto_proto_msgTypes[9]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *HealthResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*HealthResponse) ProtoMessage() {}
func (x *HealthResponse) ProtoReflect() protoreflect.Message {
mi := &file_crypto_proto_msgTypes[9]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use HealthResponse.ProtoReflect.Descriptor instead.
func (*HealthResponse) Descriptor() ([]byte, []int) {
return file_crypto_proto_rawDescGZIP(), []int{9}
}
func (x *HealthResponse) GetOk() bool {
if x != nil {
return x.Ok
}
return false
}
func (x *HealthResponse) GetVersion() string {
if x != nil {
return x.Version
}
return ""
}
func (x *HealthResponse) GetProvider() string {
if x != nil {
return x.Provider
}
return ""
}
var File_crypto_proto protoreflect.FileDescriptor
const file_crypto_proto_rawDesc = "" +
"\n" +
"\fcrypto.proto\x12\x1abridge_and_joins.crypto.v1\"+\n" +
"\x0fActivateRequest\x12\x18\n" +
"\aprofile\x18\x01 \x01(\tR\aprofile\"r\n" +
"\x10ActivateResponse\x12\x0e\n" +
"\x02ok\x18\x01 \x01(\bR\x02ok\x12\x1a\n" +
"\bprovider\x18\x02 \x01(\tR\bprovider\x12\x18\n" +
"\aprofile\x18\x03 \x01(\tR\aprofile\x12\x18\n" +
"\amessage\x18\x04 \x01(\tR\amessage\"\x11\n" +
"\x0fShutdownRequest\"\"\n" +
"\x10ShutdownResponse\x12\x0e\n" +
"\x02ok\x18\x01 \x01(\bR\x02ok\"C\n" +
"\rVerifyRequest\x12\x18\n" +
"\apayload\x18\x01 \x01(\fR\apayload\x12\x18\n" +
"\aprofile\x18\x02 \x01(\tR\aprofile\"\xce\x01\n" +
"\x0eVerifyResponse\x12\x14\n" +
"\x05valid\x18\x01 \x01(\bR\x05valid\x12\x1b\n" +
"\tsigner_cn\x18\x02 \x01(\tR\bsignerCn\x12\x1d\n" +
"\n" +
"signer_inn\x18\x03 \x01(\tR\tsignerInn\x12\x16\n" +
"\x06serial\x18\x04 \x01(\tR\x06serial\x12\x1d\n" +
"\n" +
"not_before\x18\x05 \x01(\x03R\tnotBefore\x12\x1b\n" +
"\tnot_after\x18\x06 \x01(\x03R\bnotAfter\x12\x16\n" +
"\x06errors\x18\a \x03(\tR\x06errors\"^\n" +
"\vSignRequest\x12\x18\n" +
"\apayload\x18\x01 \x01(\fR\apayload\x12\x1b\n" +
"\tkey_alias\x18\x02 \x01(\tR\bkeyAlias\x12\x18\n" +
"\aprofile\x18\x03 \x01(\tR\aprofile\"-\n" +
"\fSignResponse\x12\x1d\n" +
"\n" +
"signed_xml\x18\x01 \x01(\fR\tsignedXml\"\x0f\n" +
"\rHealthRequest\"V\n" +
"\x0eHealthResponse\x12\x0e\n" +
"\x02ok\x18\x01 \x01(\bR\x02ok\x12\x18\n" +
"\aversion\x18\x02 \x01(\tR\aversion\x12\x1a\n" +
"\bprovider\x18\x03 \x01(\tR\bprovider2\x88\x04\n" +
"\rCryptoService\x12f\n" +
"\rVerifyXMLDSig\x12).bridge_and_joins.crypto.v1.VerifyRequest\x1a*.bridge_and_joins.crypto.v1.VerifyResponse\x12`\n" +
"\vSignXMLDSig\x12'.bridge_and_joins.crypto.v1.SignRequest\x1a(.bridge_and_joins.crypto.v1.SignResponse\x12_\n" +
"\x06Health\x12).bridge_and_joins.crypto.v1.HealthRequest\x1a*.bridge_and_joins.crypto.v1.HealthResponse\x12e\n" +
"\bActivate\x12+.bridge_and_joins.crypto.v1.ActivateRequest\x1a,.bridge_and_joins.crypto.v1.ActivateResponse\x12e\n" +
"\bShutdown\x12+.bridge_and_joins.crypto.v1.ShutdownRequest\x1a,.bridge_and_joins.crypto.v1.ShutdownResponseBq\n" +
"!ru.zetit.bridgeandjoins.crypto.v1P\x01ZJgit.zetit.ru/zuevav/Bridge-and-Join-s/internal/cryptocli/cryptopb;cryptopbb\x06proto3"
var (
file_crypto_proto_rawDescOnce sync.Once
file_crypto_proto_rawDescData []byte
)
func file_crypto_proto_rawDescGZIP() []byte {
file_crypto_proto_rawDescOnce.Do(func() {
file_crypto_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_crypto_proto_rawDesc), len(file_crypto_proto_rawDesc)))
})
return file_crypto_proto_rawDescData
}
var file_crypto_proto_msgTypes = make([]protoimpl.MessageInfo, 10)
var file_crypto_proto_goTypes = []any{
(*ActivateRequest)(nil), // 0: bridge_and_joins.crypto.v1.ActivateRequest
(*ActivateResponse)(nil), // 1: bridge_and_joins.crypto.v1.ActivateResponse
(*ShutdownRequest)(nil), // 2: bridge_and_joins.crypto.v1.ShutdownRequest
(*ShutdownResponse)(nil), // 3: bridge_and_joins.crypto.v1.ShutdownResponse
(*VerifyRequest)(nil), // 4: bridge_and_joins.crypto.v1.VerifyRequest
(*VerifyResponse)(nil), // 5: bridge_and_joins.crypto.v1.VerifyResponse
(*SignRequest)(nil), // 6: bridge_and_joins.crypto.v1.SignRequest
(*SignResponse)(nil), // 7: bridge_and_joins.crypto.v1.SignResponse
(*HealthRequest)(nil), // 8: bridge_and_joins.crypto.v1.HealthRequest
(*HealthResponse)(nil), // 9: bridge_and_joins.crypto.v1.HealthResponse
}
var file_crypto_proto_depIdxs = []int32{
4, // 0: bridge_and_joins.crypto.v1.CryptoService.VerifyXMLDSig:input_type -> bridge_and_joins.crypto.v1.VerifyRequest
6, // 1: bridge_and_joins.crypto.v1.CryptoService.SignXMLDSig:input_type -> bridge_and_joins.crypto.v1.SignRequest
8, // 2: bridge_and_joins.crypto.v1.CryptoService.Health:input_type -> bridge_and_joins.crypto.v1.HealthRequest
0, // 3: bridge_and_joins.crypto.v1.CryptoService.Activate:input_type -> bridge_and_joins.crypto.v1.ActivateRequest
2, // 4: bridge_and_joins.crypto.v1.CryptoService.Shutdown:input_type -> bridge_and_joins.crypto.v1.ShutdownRequest
5, // 5: bridge_and_joins.crypto.v1.CryptoService.VerifyXMLDSig:output_type -> bridge_and_joins.crypto.v1.VerifyResponse
7, // 6: bridge_and_joins.crypto.v1.CryptoService.SignXMLDSig:output_type -> bridge_and_joins.crypto.v1.SignResponse
9, // 7: bridge_and_joins.crypto.v1.CryptoService.Health:output_type -> bridge_and_joins.crypto.v1.HealthResponse
1, // 8: bridge_and_joins.crypto.v1.CryptoService.Activate:output_type -> bridge_and_joins.crypto.v1.ActivateResponse
3, // 9: bridge_and_joins.crypto.v1.CryptoService.Shutdown:output_type -> bridge_and_joins.crypto.v1.ShutdownResponse
5, // [5:10] is the sub-list for method output_type
0, // [0:5] is the sub-list for method input_type
0, // [0:0] is the sub-list for extension type_name
0, // [0:0] is the sub-list for extension extendee
0, // [0:0] is the sub-list for field type_name
}
func init() { file_crypto_proto_init() }
func file_crypto_proto_init() {
if File_crypto_proto != nil {
return
}
type x struct{}
out := protoimpl.TypeBuilder{
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: unsafe.Slice(unsafe.StringData(file_crypto_proto_rawDesc), len(file_crypto_proto_rawDesc)),
NumEnums: 0,
NumMessages: 10,
NumExtensions: 0,
NumServices: 1,
},
GoTypes: file_crypto_proto_goTypes,
DependencyIndexes: file_crypto_proto_depIdxs,
MessageInfos: file_crypto_proto_msgTypes,
}.Build()
File_crypto_proto = out.File
file_crypto_proto_goTypes = nil
file_crypto_proto_depIdxs = nil
}
internal/cryptocli/cryptopb/crypto_grpc.pb.go
+305
View File
@@ -0,0 +1,305 @@
// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
// versions:
// - protoc-gen-go-grpc v1.6.2
// - protoc v3.12.4
// source: crypto.proto
package cryptopb
import (
context "context"
grpc "google.golang.org/grpc"
codes "google.golang.org/grpc/codes"
status "google.golang.org/grpc/status"
)
// This is a compile-time assertion to ensure that this generated file
// is compatible with the grpc package it is being compiled against.
// Requires gRPC-Go v1.64.0 or later.
const _ = grpc.SupportPackageIsVersion9
const (
CryptoService_VerifyXMLDSig_FullMethodName = "/bridge_and_joins.crypto.v1.CryptoService/VerifyXMLDSig"
CryptoService_SignXMLDSig_FullMethodName = "/bridge_and_joins.crypto.v1.CryptoService/SignXMLDSig"
CryptoService_Health_FullMethodName = "/bridge_and_joins.crypto.v1.CryptoService/Health"
CryptoService_Activate_FullMethodName = "/bridge_and_joins.crypto.v1.CryptoService/Activate"
CryptoService_Shutdown_FullMethodName = "/bridge_and_joins.crypto.v1.CryptoService/Shutdown"
)
// CryptoServiceClient is the client API for CryptoService service.
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
//
// CryptoService — серверная криптография по ГОСТ через КриптоПро JCP.
// Слушает на Unix Domain Socket (по умолчанию /run/bj/crypto.sock).
type CryptoServiceClient interface {
// Проверка XMLDSig-подписи (ГОСТ или RSA). Возвращает сведения о
// подписанте: CN, ИНН (если есть), срок действия сертификата.
VerifyXMLDSig(ctx context.Context, in *VerifyRequest, opts ...grpc.CallOption) (*VerifyResponse, error)
// Подпись XML по ГОСТ — для резервного канала WS ONYX и для
// серверной подписи действий оператора в admin-ui.
SignXMLDSig(ctx context.Context, in *SignRequest, opts ...grpc.CallOption) (*SignResponse, error)
// Health-check.
Health(ctx context.Context, in *HealthRequest, opts ...grpc.CallOption) (*HealthResponse, error)
// Activate — переинициализирует провайдер Валидаты на указанный
// профиль из pki1.conf. Если profile пуст — переходит в
// VCERT_InitMinimal (без доступа к ПСП/ЛСП/ССС). Не требует
// перезапуска сайдкара.
Activate(ctx context.Context, in *ActivateRequest, opts ...grpc.CallOption) (*ActivateResponse, error)
// Shutdown — корректно завершает процесс сайдкара (System.exit(2)
// после отправки ответа). systemd с Restart=on-failure поднимет
// его снова через RestartSec секунд. Используется для UI-кнопки
// «Перезапустить crypto-service» без sudo.
Shutdown(ctx context.Context, in *ShutdownRequest, opts ...grpc.CallOption) (*ShutdownResponse, error)
}
type cryptoServiceClient struct {
cc grpc.ClientConnInterface
}
func NewCryptoServiceClient(cc grpc.ClientConnInterface) CryptoServiceClient {
return &cryptoServiceClient{cc}
}
func (c *cryptoServiceClient) VerifyXMLDSig(ctx context.Context, in *VerifyRequest, opts ...grpc.CallOption) (*VerifyResponse, error) {
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(VerifyResponse)
err := c.cc.Invoke(ctx, CryptoService_VerifyXMLDSig_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *cryptoServiceClient) SignXMLDSig(ctx context.Context, in *SignRequest, opts ...grpc.CallOption) (*SignResponse, error) {
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(SignResponse)
err := c.cc.Invoke(ctx, CryptoService_SignXMLDSig_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *cryptoServiceClient) Health(ctx context.Context, in *HealthRequest, opts ...grpc.CallOption) (*HealthResponse, error) {
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(HealthResponse)
err := c.cc.Invoke(ctx, CryptoService_Health_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *cryptoServiceClient) Activate(ctx context.Context, in *ActivateRequest, opts ...grpc.CallOption) (*ActivateResponse, error) {
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(ActivateResponse)
err := c.cc.Invoke(ctx, CryptoService_Activate_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *cryptoServiceClient) Shutdown(ctx context.Context, in *ShutdownRequest, opts ...grpc.CallOption) (*ShutdownResponse, error) {
cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
out := new(ShutdownResponse)
err := c.cc.Invoke(ctx, CryptoService_Shutdown_FullMethodName, in, out, cOpts...)
if err != nil {
return nil, err
}
return out, nil
}
// CryptoServiceServer is the server API for CryptoService service.
// All implementations must embed UnimplementedCryptoServiceServer
// for forward compatibility.
//
// CryptoService — серверная криптография по ГОСТ через КриптоПро JCP.
// Слушает на Unix Domain Socket (по умолчанию /run/bj/crypto.sock).
type CryptoServiceServer interface {
// Проверка XMLDSig-подписи (ГОСТ или RSA). Возвращает сведения о
// подписанте: CN, ИНН (если есть), срок действия сертификата.
VerifyXMLDSig(context.Context, *VerifyRequest) (*VerifyResponse, error)
// Подпись XML по ГОСТ — для резервного канала WS ONYX и для
// серверной подписи действий оператора в admin-ui.
SignXMLDSig(context.Context, *SignRequest) (*SignResponse, error)
// Health-check.
Health(context.Context, *HealthRequest) (*HealthResponse, error)
// Activate — переинициализирует провайдер Валидаты на указанный
// профиль из pki1.conf. Если profile пуст — переходит в
// VCERT_InitMinimal (без доступа к ПСП/ЛСП/ССС). Не требует
// перезапуска сайдкара.
Activate(context.Context, *ActivateRequest) (*ActivateResponse, error)
// Shutdown — корректно завершает процесс сайдкара (System.exit(2)
// после отправки ответа). systemd с Restart=on-failure поднимет
// его снова через RestartSec секунд. Используется для UI-кнопки
// «Перезапустить crypto-service» без sudo.
Shutdown(context.Context, *ShutdownRequest) (*ShutdownResponse, error)
mustEmbedUnimplementedCryptoServiceServer()
}
// UnimplementedCryptoServiceServer must be embedded to have
// forward compatible implementations.
//
// NOTE: this should be embedded by value instead of pointer to avoid a nil
// pointer dereference when methods are called.
type UnimplementedCryptoServiceServer struct{}
func (UnimplementedCryptoServiceServer) VerifyXMLDSig(context.Context, *VerifyRequest) (*VerifyResponse, error) {
return nil, status.Error(codes.Unimplemented, "method VerifyXMLDSig not implemented")
}
func (UnimplementedCryptoServiceServer) SignXMLDSig(context.Context, *SignRequest) (*SignResponse, error) {
return nil, status.Error(codes.Unimplemented, "method SignXMLDSig not implemented")
}
func (UnimplementedCryptoServiceServer) Health(context.Context, *HealthRequest) (*HealthResponse, error) {
return nil, status.Error(codes.Unimplemented, "method Health not implemented")
}
func (UnimplementedCryptoServiceServer) Activate(context.Context, *ActivateRequest) (*ActivateResponse, error) {
return nil, status.Error(codes.Unimplemented, "method Activate not implemented")
}
func (UnimplementedCryptoServiceServer) Shutdown(context.Context, *ShutdownRequest) (*ShutdownResponse, error) {
return nil, status.Error(codes.Unimplemented, "method Shutdown not implemented")
}
func (UnimplementedCryptoServiceServer) mustEmbedUnimplementedCryptoServiceServer() {}
func (UnimplementedCryptoServiceServer) testEmbeddedByValue() {}
// UnsafeCryptoServiceServer may be embedded to opt out of forward compatibility for this service.
// Use of this interface is not recommended, as added methods to CryptoServiceServer will
// result in compilation errors.
type UnsafeCryptoServiceServer interface {
mustEmbedUnimplementedCryptoServiceServer()
}
func RegisterCryptoServiceServer(s grpc.ServiceRegistrar, srv CryptoServiceServer) {
// If the following call panics, it indicates UnimplementedCryptoServiceServer was
// embedded by pointer and is nil. This will cause panics if an
// unimplemented method is ever invoked, so we test this at initialization
// time to prevent it from happening at runtime later due to I/O.
if t, ok := srv.(interface{ testEmbeddedByValue() }); ok {
t.testEmbeddedByValue()
}
s.RegisterService(&CryptoService_ServiceDesc, srv)
}
func _CryptoService_VerifyXMLDSig_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(VerifyRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(CryptoServiceServer).VerifyXMLDSig(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: CryptoService_VerifyXMLDSig_FullMethodName,
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(CryptoServiceServer).VerifyXMLDSig(ctx, req.(*VerifyRequest))
}
return interceptor(ctx, in, info, handler)
}
func _CryptoService_SignXMLDSig_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(SignRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(CryptoServiceServer).SignXMLDSig(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: CryptoService_SignXMLDSig_FullMethodName,
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(CryptoServiceServer).SignXMLDSig(ctx, req.(*SignRequest))
}
return interceptor(ctx, in, info, handler)
}
func _CryptoService_Health_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(HealthRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(CryptoServiceServer).Health(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: CryptoService_Health_FullMethodName,
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(CryptoServiceServer).Health(ctx, req.(*HealthRequest))
}
return interceptor(ctx, in, info, handler)
}
func _CryptoService_Activate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(ActivateRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(CryptoServiceServer).Activate(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: CryptoService_Activate_FullMethodName,
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(CryptoServiceServer).Activate(ctx, req.(*ActivateRequest))
}
return interceptor(ctx, in, info, handler)
}
func _CryptoService_Shutdown_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(ShutdownRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(CryptoServiceServer).Shutdown(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: CryptoService_Shutdown_FullMethodName,
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(CryptoServiceServer).Shutdown(ctx, req.(*ShutdownRequest))
}
return interceptor(ctx, in, info, handler)
}
// CryptoService_ServiceDesc is the grpc.ServiceDesc for CryptoService service.
// It's only intended for direct use with grpc.RegisterService,
// and not to be introspected or modified (even as a copy)
var CryptoService_ServiceDesc = grpc.ServiceDesc{
ServiceName: "bridge_and_joins.crypto.v1.CryptoService",
HandlerType: (*CryptoServiceServer)(nil),
Methods: []grpc.MethodDesc{
{
MethodName: "VerifyXMLDSig",
Handler: _CryptoService_VerifyXMLDSig_Handler,
},
{
MethodName: "SignXMLDSig",
Handler: _CryptoService_SignXMLDSig_Handler,
},
{
MethodName: "Health",
Handler: _CryptoService_Health_Handler,
},
{
MethodName: "Activate",
Handler: _CryptoService_Activate_Handler,
},
{
MethodName: "Shutdown",
Handler: _CryptoService_Shutdown_Handler,
},
},
Streams: []grpc.StreamDesc{},
Metadata: "crypto.proto",
}