{
  "files": [
    {
      "name": "keyapis/kms/v1/keyapis_kms_key_v1.proto",
      "description": "Сервис для генерации и хранения приватных и публичных ключей, в данном случае необходимых для подписи токена, находится в DMZ зоне, непосредственно не участвует в сценариях Партнёра",
      "package": "keyapis.kms.v1",
      "hasEnums": false,
      "hasExtensions": false,
      "hasMessages": true,
      "hasServices": true,
      "enums": [],
      "extensions": [],
      "messages": [
        {
          "name": "GetKmsKeyListRequest",
          "longName": "GetKmsKeyListRequest",
          "fullName": "keyapis.kms.v1.GetKmsKeyListRequest",
          "description": "Запрос на получение ключей",
          "hasExtensions": false,
          "hasFields": false,
          "hasOneofs": false,
          "extensions": [],
          "fields": []
        },
        {
          "name": "GetKmsKeyListResponse",
          "longName": "GetKmsKeyListResponse",
          "fullName": "keyapis.kms.v1.GetKmsKeyListResponse",
          "description": "Ответ на запрос на получение ключей",
          "hasExtensions": false,
          "hasFields": true,
          "hasOneofs": true,
          "extensions": [],
          "fields": [
            {
              "name": "data",
              "description": "Ключ.\nВ ключе должен отсутсвовать encrypted_private_key",
              "label": "",
              "type": "KeyInfo",
              "longType": "KeyInfo",
              "fullType": "keyapis.kms.v1.KeyInfo",
              "ismap": false,
              "isoneof": true,
              "oneofdecl": "type",
              "defaultValue": "",
              "number": 1
            }
          ]
        },
        {
          "name": "KeyInfo",
          "longName": "KeyInfo",
          "fullName": "keyapis.kms.v1.KeyInfo",
          "description": "Пара ключей.\n# Описание модели",
          "hasExtensions": false,
          "hasFields": true,
          "hasOneofs": false,
          "extensions": [],
          "fields": [
            {
              "name": "id",
              "description": "Идентификатор.\n# Тип: Guid",
              "label": "",
              "type": "string",
              "longType": "string",
              "fullType": "string",
              "ismap": false,
              "isoneof": false,
              "oneofdecl": "",
              "defaultValue": "",
              "options": {
                "google.api.field_behavior": {
                  "options": [
                    "REQUIRED"
                  ]
                }
              },
              "number": 1
            },
            {
              "name": "public_key",
              "description": "Публичный ключ.\n# Диапазон: 0..800",
              "label": "",
              "type": "string",
              "longType": "string",
              "fullType": "string",
              "ismap": false,
              "isoneof": false,
              "oneofdecl": "",
              "defaultValue": "",
              "options": {
                "google.api.field_behavior": {
                  "options": [
                    "OUTPUT_ONLY"
                  ]
                }
              },
              "number": 2
            },
            {
              "name": "encrypted_private_key",
              "description": "Приватный ключ в зашифрованном виде.\n# Диапазон: 0..4000",
              "label": "",
              "type": "string",
              "longType": "string",
              "fullType": "string",
              "ismap": false,
              "isoneof": false,
              "oneofdecl": "",
              "defaultValue": "",
              "options": {
                "google.api.field_behavior": {
                  "options": [
                    "OUTPUT_ONLY"
                  ]
                }
              },
              "number": 3
            },
            {
              "name": "created_at",
              "description": "Дата и время создания ключа",
              "label": "",
              "type": "Timestamp",
              "longType": "google.protobuf.Timestamp",
              "fullType": "google.protobuf.Timestamp",
              "ismap": false,
              "isoneof": false,
              "oneofdecl": "",
              "defaultValue": "",
              "options": {
                "google.api.field_behavior": {
                  "options": [
                    "OUTPUT_ONLY"
                  ]
                }
              },
              "number": 4
            },
            {
              "name": "expired_at",
              "description": "Дата и время истечения жизни ключа",
              "label": "",
              "type": "Timestamp",
              "longType": "google.protobuf.Timestamp",
              "fullType": "google.protobuf.Timestamp",
              "ismap": false,
              "isoneof": false,
              "oneofdecl": "",
              "defaultValue": "",
              "options": {
                "google.api.field_behavior": {
                  "options": [
                    "OUTPUT_ONLY"
                  ]
                }
              },
              "number": 5
            }
          ]
        },
        {
          "name": "GeneratingError",
          "longName": "KeyInfo.GeneratingError",
          "fullName": "keyapis.kms.v1.KeyInfo.GeneratingError",
          "description": "Ошибка генерации",
          "hasExtensions": false,
          "hasFields": true,
          "hasOneofs": true,
          "extensions": [],
          "fields": [
            {
              "name": "transaction",
              "description": "Ошибка генерации ключа в сервисе KMS",
              "label": "",
              "type": "TransactionError",
              "longType": "KeyInfo.GeneratingError.TransactionError",
              "fullType": "keyapis.kms.v1.KeyInfo.GeneratingError.TransactionError",
              "ismap": false,
              "isoneof": true,
              "oneofdecl": "reason",
              "defaultValue": "",
              "number": 1
            },
            {
              "name": "publishing",
              "description": "Ошибка сохранения публичного ключа в сервисе JWKS",
              "label": "",
              "type": "PublishingKeyError",
              "longType": "KeyInfo.GeneratingError.PublishingKeyError",
              "fullType": "keyapis.kms.v1.KeyInfo.GeneratingError.PublishingKeyError",
              "ismap": false,
              "isoneof": true,
              "oneofdecl": "reason",
              "defaultValue": "",
              "number": 2
            }
          ]
        },
        {
          "name": "PublishingKeyError",
          "longName": "KeyInfo.GeneratingError.PublishingKeyError",
          "fullName": "keyapis.kms.v1.KeyInfo.GeneratingError.PublishingKeyError",
          "description": "Ошибка сохранения публичного ключа в сервисе JWKS.\nПричины:\n- Отсутсвует связанность с сервисом JWKS",
          "hasExtensions": false,
          "hasFields": false,
          "hasOneofs": false,
          "extensions": [],
          "fields": []
        },
        {
          "name": "TransactionError",
          "longName": "KeyInfo.GeneratingError.TransactionError",
          "fullName": "keyapis.kms.v1.KeyInfo.GeneratingError.TransactionError",
          "description": "Ошибка генерации ключа в сервисе KMS.\nПричины:\n- Отсутсвует связанность с базой данных",
          "hasExtensions": false,
          "hasFields": false,
          "hasOneofs": false,
          "extensions": [],
          "fields": []
        },
        {
          "name": "PostKmsKeyGenerateRequest",
          "longName": "PostKmsKeyGenerateRequest",
          "fullName": "keyapis.kms.v1.PostKmsKeyGenerateRequest",
          "description": "Запрос на генерацию пары ключей",
          "hasExtensions": false,
          "hasFields": false,
          "hasOneofs": false,
          "extensions": [],
          "fields": []
        },
        {
          "name": "PostKmsKeyGenerateResponse",
          "longName": "PostKmsKeyGenerateResponse",
          "fullName": "keyapis.kms.v1.PostKmsKeyGenerateResponse",
          "description": "Ответ на запрос на генерацию пары ключей",
          "hasExtensions": false,
          "hasFields": true,
          "hasOneofs": true,
          "extensions": [],
          "fields": [
            {
              "name": "data",
              "description": "Идентификатор.\n# Тип: Guid",
              "label": "",
              "type": "string",
              "longType": "string",
              "fullType": "string",
              "ismap": false,
              "isoneof": true,
              "oneofdecl": "type",
              "defaultValue": "",
              "number": 1
            },
            {
              "name": "error",
              "description": "Ошибка",
              "label": "",
              "type": "Error",
              "longType": "PostKmsKeyGenerateResponse.Error",
              "fullType": "keyapis.kms.v1.PostKmsKeyGenerateResponse.Error",
              "ismap": false,
              "isoneof": true,
              "oneofdecl": "type",
              "defaultValue": "",
              "number": 2
            }
          ]
        },
        {
          "name": "Error",
          "longName": "PostKmsKeyGenerateResponse.Error",
          "fullName": "keyapis.kms.v1.PostKmsKeyGenerateResponse.Error",
          "description": "Ошибка",
          "hasExtensions": false,
          "hasFields": true,
          "hasOneofs": true,
          "extensions": [],
          "fields": [
            {
              "name": "generating",
              "description": "Ошибка генерации ключей в сервисе KMS",
              "label": "",
              "type": "GeneratingError",
              "longType": "KeyInfo.GeneratingError",
              "fullType": "keyapis.kms.v1.KeyInfo.GeneratingError",
              "ismap": false,
              "isoneof": true,
              "oneofdecl": "reason",
              "defaultValue": "",
              "number": 1
            }
          ]
        }
      ],
      "services": [
        {
          "name": "KmsService",
          "longName": "KmsService",
          "fullName": "keyapis.kms.v1.KmsService",
          "description": "Сервис KMS",
          "methods": [
            {
              "name": "PostKmsKeyGenerate",
              "description": "Метод генерации пары ключей.\nГенерирует публичный и приватный ключи.\nПриватный ключ шифруется алгоритмом AES-GCM и сохранятеся в колонке kms.key_infos.encrypted_private_key.\nФормат хранения приватного ключа - строковое представление JSON: состоит из переменных:\n- Nonce: Number used once - представляет собой уникальный набор битов, используется один раз при шифровании блока данных в режиме GCM.\n- EncryptedString: зашифрованный приватный ключ в формате DER.\n- Tag: Message Authentication Code, используется для проверки целостности и подлинности данных после их расшифровки.\nПубличный ключ сохранятеся в колонке kms.key_infos.public_key в формате DER и передаётся в сервис JWKS методом PostKey.\nЛогика работы метода: https://confluence.rt.ru/pages/viewpage.action?pageId=664695357.\nМетод доступен для: admin, manager, service",
              "requestType": "PostKmsKeyGenerateRequest",
              "requestLongType": "PostKmsKeyGenerateRequest",
              "requestFullType": "keyapis.kms.v1.PostKmsKeyGenerateRequest",
              "requestStreaming": false,
              "responseType": "PostKmsKeyGenerateResponse",
              "responseLongType": "PostKmsKeyGenerateResponse",
              "responseFullType": "keyapis.kms.v1.PostKmsKeyGenerateResponse",
              "responseStreaming": false,
              "options": {
                "google.api.http": {
                  "rules": [
                    {
                      "method": "POST",
                      "pattern": "/kms/internal/api/v1/kms/key/generate"
                    }
                  ]
                }
              }
            },
            {
              "name": "GetKmsKeyList",
              "description": "Метод получения ключей.\nВозвращает три последних ключа отсортированных по created_at DESC.\nИспользуется в административном интерфейсе, для отображения даты выпуска последней пары ключей.\nСценарий использвания: https://confluence.rt.ru/pages/viewpage.action?pageId=682907591.\nМетод доступен для: admin, manager, service",
              "requestType": "GetKmsKeyListRequest",
              "requestLongType": "GetKmsKeyListRequest",
              "requestFullType": "keyapis.kms.v1.GetKmsKeyListRequest",
              "requestStreaming": false,
              "responseType": "GetKmsKeyListResponse",
              "responseLongType": "GetKmsKeyListResponse",
              "responseFullType": "keyapis.kms.v1.GetKmsKeyListResponse",
              "responseStreaming": true,
              "options": {
                "google.api.http": {
                  "rules": [
                    {
                      "method": "GET",
                      "pattern": "/kms/internal/api/v1/kms/key/list"
                    }
                  ]
                }
              }
            }
          ]
        }
      ],
      "syntax": "proto3"
    }
  ],
  "scalarValueTypes": [
    {
      "protoType": "double",
      "notes": "",
      "cppType": "double",
      "csType": "double",
      "goType": "float64",
      "javaType": "double",
      "phpType": "float",
      "pythonType": "float",
      "rubyType": "Float"
    },
    {
      "protoType": "float",
      "notes": "",
      "cppType": "float",
      "csType": "float",
      "goType": "float32",
      "javaType": "float",
      "phpType": "float",
      "pythonType": "float",
      "rubyType": "Float"
    },
    {
      "protoType": "int32",
      "notes": "Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead.",
      "cppType": "int32",
      "csType": "int",
      "goType": "int32",
      "javaType": "int",
      "phpType": "integer",
      "pythonType": "int",
      "rubyType": "Bignum or Fixnum (as required)"
    },
    {
      "protoType": "int64",
      "notes": "Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead.",
      "cppType": "int64",
      "csType": "long",
      "goType": "int64",
      "javaType": "long",
      "phpType": "integer/string",
      "pythonType": "int/long",
      "rubyType": "Bignum"
    },
    {
      "protoType": "uint32",
      "notes": "Uses variable-length encoding.",
      "cppType": "uint32",
      "csType": "uint",
      "goType": "uint32",
      "javaType": "int",
      "phpType": "integer",
      "pythonType": "int/long",
      "rubyType": "Bignum or Fixnum (as required)"
    },
    {
      "protoType": "uint64",
      "notes": "Uses variable-length encoding.",
      "cppType": "uint64",
      "csType": "ulong",
      "goType": "uint64",
      "javaType": "long",
      "phpType": "integer/string",
      "pythonType": "int/long",
      "rubyType": "Bignum or Fixnum (as required)"
    },
    {
      "protoType": "sint32",
      "notes": "Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s.",
      "cppType": "int32",
      "csType": "int",
      "goType": "int32",
      "javaType": "int",
      "phpType": "integer",
      "pythonType": "int",
      "rubyType": "Bignum or Fixnum (as required)"
    },
    {
      "protoType": "sint64",
      "notes": "Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s.",
      "cppType": "int64",
      "csType": "long",
      "goType": "int64",
      "javaType": "long",
      "phpType": "integer/string",
      "pythonType": "int/long",
      "rubyType": "Bignum"
    },
    {
      "protoType": "fixed32",
      "notes": "Always four bytes. More efficient than uint32 if values are often greater than 2^28.",
      "cppType": "uint32",
      "csType": "uint",
      "goType": "uint32",
      "javaType": "int",
      "phpType": "integer",
      "pythonType": "int",
      "rubyType": "Bignum or Fixnum (as required)"
    },
    {
      "protoType": "fixed64",
      "notes": "Always eight bytes. More efficient than uint64 if values are often greater than 2^56.",
      "cppType": "uint64",
      "csType": "ulong",
      "goType": "uint64",
      "javaType": "long",
      "phpType": "integer/string",
      "pythonType": "int/long",
      "rubyType": "Bignum"
    },
    {
      "protoType": "sfixed32",
      "notes": "Always four bytes.",
      "cppType": "int32",
      "csType": "int",
      "goType": "int32",
      "javaType": "int",
      "phpType": "integer",
      "pythonType": "int",
      "rubyType": "Bignum or Fixnum (as required)"
    },
    {
      "protoType": "sfixed64",
      "notes": "Always eight bytes.",
      "cppType": "int64",
      "csType": "long",
      "goType": "int64",
      "javaType": "long",
      "phpType": "integer/string",
      "pythonType": "int/long",
      "rubyType": "Bignum"
    },
    {
      "protoType": "bool",
      "notes": "",
      "cppType": "bool",
      "csType": "bool",
      "goType": "bool",
      "javaType": "boolean",
      "phpType": "boolean",
      "pythonType": "boolean",
      "rubyType": "TrueClass/FalseClass"
    },
    {
      "protoType": "string",
      "notes": "A string must always contain UTF-8 encoded or 7-bit ASCII text.",
      "cppType": "string",
      "csType": "string",
      "goType": "string",
      "javaType": "String",
      "phpType": "string",
      "pythonType": "str/unicode",
      "rubyType": "String (UTF-8)"
    },
    {
      "protoType": "bytes",
      "notes": "May contain any arbitrary sequence of bytes.",
      "cppType": "string",
      "csType": "ByteString",
      "goType": "[]byte",
      "javaType": "ByteString",
      "phpType": "string",
      "pythonType": "str",
      "rubyType": "String (ASCII-8BIT)"
    }
  ]
}