feat(server::user-agent): Unseal implemented

2026-02-16 21:07:09 +01:00
parent 2ffd60973d
commit 8f5d4cc385
5 changed files with 96 additions and 51 deletions
--- a/protobufs/user_agent.proto
+++ b/protobufs/user_agent.proto
@@ -3,19 +3,49 @@ syntax = "proto3";
 package arbiter;

 import "auth.proto";
-import "unseal.proto";
+import "google/protobuf/empty.proto";
+
+message UnsealStart {
+  bytes client_pubkey = 1;
+}
+
+message UnsealStartResponse {
+  bytes server_pubkey = 1;
+}
+message UnsealEncryptedKey {
+  bytes nonce = 1;
+  bytes ciphertext = 2;
+  bytes associated_data = 3;
+}
+
+enum UnsealResult {
+  UNSEAL_RESULT_UNSPECIFIED = 0;
+  UNSEAL_RESULT_SUCCESS = 1;
+  UNSEAL_RESULT_INVALID_KEY = 2;
+  UNSEAL_RESULT_UNBOOTSTRAPPED = 3;
+}
+
+enum VaultState {
+  VAULT_STATE_UNSPECIFIED = 0;
+  VAULT_STATE_UNBOOTSTRAPPED = 1;
+  VAULT_STATE_SEALED = 2;
+  VAULT_STATE_UNSEALED = 3;
+  VAULT_STATE_ERROR = 4;
+}

 message UserAgentRequest {
  oneof payload {
    arbiter.auth.ClientMessage auth_message = 1;
-    arbiter.unseal.UnsealStart unseal_start = 2;
-    arbiter.unseal.UnsealEncryptedKey unseal_encrypted_key = 3;
+    UnsealStart unseal_start = 2;
+    UnsealEncryptedKey unseal_encrypted_key = 3;
+    google.protobuf.Empty query_vault_state = 4;
  }
 }
 message UserAgentResponse {
  oneof payload {
    arbiter.auth.ServerMessage auth_message = 1;
-    arbiter.unseal.UnsealStartResponse unseal_start_response = 2;
-    arbiter.unseal.UnsealResult unseal_result = 3;
+    UnsealStartResponse unseal_start_response = 2;
+    UnsealResult unseal_result = 3;
+    VaultState vault_state = 4;
  }
 }