docker/swarmkit

View on GitHub
api/ca.pb.go

Summary

Maintainability
F
1 mo
Test Coverage
// Code generated by protoc-gen-gogo. DO NOT EDIT.
// source: github.com/docker/swarmkit/api/ca.proto

package api

import (
    context "context"
    fmt "fmt"
    _ "github.com/gogo/protobuf/gogoproto"
    proto "github.com/gogo/protobuf/proto"
    github_com_moby_swarmkit_v2_api_deepcopy "github.com/moby/swarmkit/v2/api/deepcopy"
    raftselector "github.com/moby/swarmkit/v2/manager/raftselector"
    _ "github.com/moby/swarmkit/v2/protobuf/plugin"
    grpc "google.golang.org/grpc"
    codes "google.golang.org/grpc/codes"
    metadata "google.golang.org/grpc/metadata"
    peer "google.golang.org/grpc/peer"
    status "google.golang.org/grpc/status"
    io "io"
    math "math"
    math_bits "math/bits"
    reflect "reflect"
    strings "strings"
    rafttime "time"
)

// Reference imports to suppress errors if they are not otherwise used.
var _ = proto.Marshal
var _ = fmt.Errorf
var _ = math.Inf

// This is a compile-time assertion to ensure that this generated file
// is compatible with the proto package it is being compiled against.
// A compilation error at this line likely means your copy of the
// proto package needs to be updated.
const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package

type NodeCertificateStatusRequest struct {
    NodeID string `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"`
}

func (m *NodeCertificateStatusRequest) Reset()      { *m = NodeCertificateStatusRequest{} }
func (*NodeCertificateStatusRequest) ProtoMessage() {}
func (*NodeCertificateStatusRequest) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{0}
}
func (m *NodeCertificateStatusRequest) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *NodeCertificateStatusRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_NodeCertificateStatusRequest.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *NodeCertificateStatusRequest) XXX_Merge(src proto.Message) {
    xxx_messageInfo_NodeCertificateStatusRequest.Merge(m, src)
}
func (m *NodeCertificateStatusRequest) XXX_Size() int {
    return m.Size()
}
func (m *NodeCertificateStatusRequest) XXX_DiscardUnknown() {
    xxx_messageInfo_NodeCertificateStatusRequest.DiscardUnknown(m)
}

var xxx_messageInfo_NodeCertificateStatusRequest proto.InternalMessageInfo

type NodeCertificateStatusResponse struct {
    Status      *IssuanceStatus `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"`
    Certificate *Certificate    `protobuf:"bytes,2,opt,name=certificate,proto3" json:"certificate,omitempty"`
}

func (m *NodeCertificateStatusResponse) Reset()      { *m = NodeCertificateStatusResponse{} }
func (*NodeCertificateStatusResponse) ProtoMessage() {}
func (*NodeCertificateStatusResponse) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{1}
}
func (m *NodeCertificateStatusResponse) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *NodeCertificateStatusResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_NodeCertificateStatusResponse.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *NodeCertificateStatusResponse) XXX_Merge(src proto.Message) {
    xxx_messageInfo_NodeCertificateStatusResponse.Merge(m, src)
}
func (m *NodeCertificateStatusResponse) XXX_Size() int {
    return m.Size()
}
func (m *NodeCertificateStatusResponse) XXX_DiscardUnknown() {
    xxx_messageInfo_NodeCertificateStatusResponse.DiscardUnknown(m)
}

var xxx_messageInfo_NodeCertificateStatusResponse proto.InternalMessageInfo

type IssueNodeCertificateRequest struct {
    // DEPRECATED: Role is now selected based on which secret is matched.
    Role NodeRole `protobuf:"varint,1,opt,name=role,proto3,enum=docker.swarmkit.v1.NodeRole" json:"role,omitempty"` // Deprecated: Do not use.
    // CSR is the certificate signing request.
    CSR []byte `protobuf:"bytes,2,opt,name=csr,proto3" json:"csr,omitempty"`
    // Token represents a user-provided string that is necessary for new
    // nodes to join the cluster
    Token string `protobuf:"bytes,3,opt,name=token,proto3" json:"token,omitempty"`
    // Availability allows a user to control the current scheduling status of a node
    Availability NodeSpec_Availability `protobuf:"varint,4,opt,name=availability,proto3,enum=docker.swarmkit.v1.NodeSpec_Availability" json:"availability,omitempty"`
}

func (m *IssueNodeCertificateRequest) Reset()      { *m = IssueNodeCertificateRequest{} }
func (*IssueNodeCertificateRequest) ProtoMessage() {}
func (*IssueNodeCertificateRequest) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{2}
}
func (m *IssueNodeCertificateRequest) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *IssueNodeCertificateRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_IssueNodeCertificateRequest.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *IssueNodeCertificateRequest) XXX_Merge(src proto.Message) {
    xxx_messageInfo_IssueNodeCertificateRequest.Merge(m, src)
}
func (m *IssueNodeCertificateRequest) XXX_Size() int {
    return m.Size()
}
func (m *IssueNodeCertificateRequest) XXX_DiscardUnknown() {
    xxx_messageInfo_IssueNodeCertificateRequest.DiscardUnknown(m)
}

var xxx_messageInfo_IssueNodeCertificateRequest proto.InternalMessageInfo

type IssueNodeCertificateResponse struct {
    NodeID         string              `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"`
    NodeMembership NodeSpec_Membership `protobuf:"varint,2,opt,name=node_membership,json=nodeMembership,proto3,enum=docker.swarmkit.v1.NodeSpec_Membership" json:"node_membership,omitempty"`
}

func (m *IssueNodeCertificateResponse) Reset()      { *m = IssueNodeCertificateResponse{} }
func (*IssueNodeCertificateResponse) ProtoMessage() {}
func (*IssueNodeCertificateResponse) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{3}
}
func (m *IssueNodeCertificateResponse) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *IssueNodeCertificateResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_IssueNodeCertificateResponse.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *IssueNodeCertificateResponse) XXX_Merge(src proto.Message) {
    xxx_messageInfo_IssueNodeCertificateResponse.Merge(m, src)
}
func (m *IssueNodeCertificateResponse) XXX_Size() int {
    return m.Size()
}
func (m *IssueNodeCertificateResponse) XXX_DiscardUnknown() {
    xxx_messageInfo_IssueNodeCertificateResponse.DiscardUnknown(m)
}

var xxx_messageInfo_IssueNodeCertificateResponse proto.InternalMessageInfo

type GetRootCACertificateRequest struct {
}

func (m *GetRootCACertificateRequest) Reset()      { *m = GetRootCACertificateRequest{} }
func (*GetRootCACertificateRequest) ProtoMessage() {}
func (*GetRootCACertificateRequest) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{4}
}
func (m *GetRootCACertificateRequest) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *GetRootCACertificateRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_GetRootCACertificateRequest.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *GetRootCACertificateRequest) XXX_Merge(src proto.Message) {
    xxx_messageInfo_GetRootCACertificateRequest.Merge(m, src)
}
func (m *GetRootCACertificateRequest) XXX_Size() int {
    return m.Size()
}
func (m *GetRootCACertificateRequest) XXX_DiscardUnknown() {
    xxx_messageInfo_GetRootCACertificateRequest.DiscardUnknown(m)
}

var xxx_messageInfo_GetRootCACertificateRequest proto.InternalMessageInfo

type GetRootCACertificateResponse struct {
    Certificate []byte `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
}

func (m *GetRootCACertificateResponse) Reset()      { *m = GetRootCACertificateResponse{} }
func (*GetRootCACertificateResponse) ProtoMessage() {}
func (*GetRootCACertificateResponse) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{5}
}
func (m *GetRootCACertificateResponse) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *GetRootCACertificateResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_GetRootCACertificateResponse.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *GetRootCACertificateResponse) XXX_Merge(src proto.Message) {
    xxx_messageInfo_GetRootCACertificateResponse.Merge(m, src)
}
func (m *GetRootCACertificateResponse) XXX_Size() int {
    return m.Size()
}
func (m *GetRootCACertificateResponse) XXX_DiscardUnknown() {
    xxx_messageInfo_GetRootCACertificateResponse.DiscardUnknown(m)
}

var xxx_messageInfo_GetRootCACertificateResponse proto.InternalMessageInfo

type GetUnlockKeyRequest struct {
}

func (m *GetUnlockKeyRequest) Reset()      { *m = GetUnlockKeyRequest{} }
func (*GetUnlockKeyRequest) ProtoMessage() {}
func (*GetUnlockKeyRequest) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{6}
}
func (m *GetUnlockKeyRequest) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *GetUnlockKeyRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_GetUnlockKeyRequest.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *GetUnlockKeyRequest) XXX_Merge(src proto.Message) {
    xxx_messageInfo_GetUnlockKeyRequest.Merge(m, src)
}
func (m *GetUnlockKeyRequest) XXX_Size() int {
    return m.Size()
}
func (m *GetUnlockKeyRequest) XXX_DiscardUnknown() {
    xxx_messageInfo_GetUnlockKeyRequest.DiscardUnknown(m)
}

var xxx_messageInfo_GetUnlockKeyRequest proto.InternalMessageInfo

type GetUnlockKeyResponse struct {
    UnlockKey []byte  `protobuf:"bytes,1,opt,name=unlock_key,json=unlockKey,proto3" json:"unlock_key,omitempty"`
    Version   Version `protobuf:"bytes,2,opt,name=version,proto3" json:"version"`
}

func (m *GetUnlockKeyResponse) Reset()      { *m = GetUnlockKeyResponse{} }
func (*GetUnlockKeyResponse) ProtoMessage() {}
func (*GetUnlockKeyResponse) Descriptor() ([]byte, []int) {
    return fileDescriptor_64a8db18191af608, []int{7}
}
func (m *GetUnlockKeyResponse) XXX_Unmarshal(b []byte) error {
    return m.Unmarshal(b)
}
func (m *GetUnlockKeyResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
    if deterministic {
        return xxx_messageInfo_GetUnlockKeyResponse.Marshal(b, m, deterministic)
    } else {
        b = b[:cap(b)]
        n, err := m.MarshalToSizedBuffer(b)
        if err != nil {
            return nil, err
        }
        return b[:n], nil
    }
}
func (m *GetUnlockKeyResponse) XXX_Merge(src proto.Message) {
    xxx_messageInfo_GetUnlockKeyResponse.Merge(m, src)
}
func (m *GetUnlockKeyResponse) XXX_Size() int {
    return m.Size()
}
func (m *GetUnlockKeyResponse) XXX_DiscardUnknown() {
    xxx_messageInfo_GetUnlockKeyResponse.DiscardUnknown(m)
}

var xxx_messageInfo_GetUnlockKeyResponse proto.InternalMessageInfo

func init() {
    proto.RegisterType((*NodeCertificateStatusRequest)(nil), "docker.swarmkit.v1.NodeCertificateStatusRequest")
    proto.RegisterType((*NodeCertificateStatusResponse)(nil), "docker.swarmkit.v1.NodeCertificateStatusResponse")
    proto.RegisterType((*IssueNodeCertificateRequest)(nil), "docker.swarmkit.v1.IssueNodeCertificateRequest")
    proto.RegisterType((*IssueNodeCertificateResponse)(nil), "docker.swarmkit.v1.IssueNodeCertificateResponse")
    proto.RegisterType((*GetRootCACertificateRequest)(nil), "docker.swarmkit.v1.GetRootCACertificateRequest")
    proto.RegisterType((*GetRootCACertificateResponse)(nil), "docker.swarmkit.v1.GetRootCACertificateResponse")
    proto.RegisterType((*GetUnlockKeyRequest)(nil), "docker.swarmkit.v1.GetUnlockKeyRequest")
    proto.RegisterType((*GetUnlockKeyResponse)(nil), "docker.swarmkit.v1.GetUnlockKeyResponse")
}

func init() {
    proto.RegisterFile("github.com/docker/swarmkit/api/ca.proto", fileDescriptor_64a8db18191af608)
}

var fileDescriptor_64a8db18191af608 = []byte{
    // 651 bytes of a gzipped FileDescriptorProto
    0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x54, 0xc1, 0x4f, 0x13, 0x4f,
    0x14, 0xee, 0x2c, 0xfc, 0xca, 0x8f, 0x47, 0x05, 0x33, 0x42, 0x52, 0x4b, 0xd9, 0x92, 0xd5, 0x04,
    0x34, 0x71, 0x17, 0xaa, 0x89, 0x89, 0x5e, 0x6c, 0x6b, 0x42, 0x88, 0xc1, 0x98, 0x21, 0x7a, 0x25,
    0xdb, 0xed, 0x50, 0x26, 0x6d, 0x77, 0xd6, 0x9d, 0x59, 0xb4, 0x37, 0x13, 0x8d, 0x67, 0x2f, 0x46,
    0x4f, 0xfe, 0x09, 0xfe, 0x1d, 0xc4, 0x13, 0x89, 0x17, 0x4e, 0x44, 0x96, 0xbb, 0x7f, 0x83, 0xd9,
    0xd9, 0x5d, 0x69, 0x61, 0x5b, 0xf0, 0xd4, 0x9d, 0xf7, 0xbe, 0xef, 0x7b, 0xef, 0x7d, 0xf3, 0x3a,
    0xb0, 0xd2, 0x66, 0x72, 0x2f, 0x68, 0x9a, 0x0e, 0xef, 0x59, 0x2d, 0xee, 0x74, 0xa8, 0x6f, 0x89,
    0x37, 0xb6, 0xdf, 0xeb, 0x30, 0x69, 0xd9, 0x1e, 0xb3, 0x1c, 0xdb, 0xf4, 0x7c, 0x2e, 0x39, 0xc6,
    0x71, 0xd6, 0x4c, 0xb3, 0xe6, 0xfe, 0x7a, 0xe9, 0xee, 0x25, 0x64, 0xd9, 0xf7, 0xa8, 0x88, 0xf9,
    0x97, 0x62, 0x85, 0x47, 0x9d, 0x14, 0x3b, 0xdf, 0xe6, 0x6d, 0xae, 0x3e, 0xad, 0xe8, 0x2b, 0x89,
    0x3e, 0x1c, 0xa3, 0xa0, 0x10, 0xcd, 0x60, 0xd7, 0xf2, 0xba, 0x41, 0x9b, 0xb9, 0xc9, 0x4f, 0x4c,
    0x34, 0x1a, 0x50, 0x7e, 0xce, 0x5b, 0xb4, 0x41, 0x7d, 0xc9, 0x76, 0x99, 0x63, 0x4b, 0xba, 0x2d,
    0x6d, 0x19, 0x08, 0x42, 0x5f, 0x07, 0x54, 0x48, 0x7c, 0x0b, 0xa6, 0x5c, 0xde, 0xa2, 0x3b, 0xac,
    0x55, 0x44, 0xcb, 0x68, 0x75, 0xba, 0x0e, 0xe1, 0x71, 0x25, 0x1f, 0x51, 0x36, 0x9f, 0x92, 0x7c,
    0x94, 0xda, 0x6c, 0x19, 0xdf, 0x10, 0x2c, 0x8d, 0x50, 0x11, 0x1e, 0x77, 0x05, 0xc5, 0x8f, 0x20,
    0x2f, 0x54, 0x44, 0xa9, 0xcc, 0x54, 0x0d, 0xf3, 0xa2, 0x65, 0xe6, 0xa6, 0x10, 0x81, 0xed, 0x3a,
    0x29, 0x37, 0x61, 0xe0, 0x1a, 0xcc, 0x38, 0x67, 0xc2, 0x45, 0x4d, 0x09, 0x54, 0xb2, 0x04, 0x06,
    0xea, 0x93, 0x41, 0x8e, 0xf1, 0x13, 0xc1, 0x62, 0xa4, 0x4e, 0xcf, 0x75, 0x99, 0x4e, 0xf9, 0x00,
    0x26, 0x7d, 0xde, 0xa5, 0xaa, 0xb9, 0xd9, 0x6a, 0x39, 0x4b, 0x3b, 0x62, 0x12, 0xde, 0xa5, 0x75,
    0xad, 0x88, 0x88, 0x42, 0xe3, 0x9b, 0x30, 0xe1, 0x08, 0x5f, 0x35, 0x54, 0xa8, 0x4f, 0x85, 0xc7,
    0x95, 0x89, 0xc6, 0x36, 0x21, 0x51, 0x0c, 0xcf, 0xc3, 0x7f, 0x92, 0x77, 0xa8, 0x5b, 0x9c, 0x88,
    0x4c, 0x23, 0xf1, 0x01, 0x6f, 0x41, 0xc1, 0xde, 0xb7, 0x59, 0xd7, 0x6e, 0xb2, 0x2e, 0x93, 0xfd,
    0xe2, 0xa4, 0x2a, 0x77, 0x67, 0x54, 0xb9, 0x6d, 0x8f, 0x3a, 0x66, 0x6d, 0x80, 0x40, 0x86, 0xe8,
    0xc6, 0x67, 0x04, 0xe5, 0xec, 0xa9, 0x12, 0xd7, 0xaf, 0x72, 0x79, 0xf8, 0x05, 0xcc, 0x29, 0x50,
    0x8f, 0xf6, 0x9a, 0xd4, 0x17, 0x7b, 0xcc, 0x53, 0x13, 0xcd, 0x56, 0x57, 0xc6, 0xf6, 0xb5, 0xf5,
    0x17, 0x4e, 0x66, 0x23, 0xfe, 0xd9, 0xd9, 0x58, 0x82, 0xc5, 0x0d, 0x2a, 0x09, 0xe7, 0xb2, 0x51,
    0xbb, 0x68, 0xb6, 0xf1, 0x04, 0xca, 0xd9, 0xe9, 0xa4, 0xeb, 0xe5, 0xe1, 0xfb, 0x8e, 0x3a, 0x2f,
    0x0c, 0x5f, 0xe7, 0x02, 0xdc, 0xd8, 0xa0, 0xf2, 0xa5, 0xdb, 0xe5, 0x4e, 0xe7, 0x19, 0xed, 0xa7,
    0xc2, 0x3e, 0xcc, 0x0f, 0x87, 0x13, 0xc1, 0x25, 0x80, 0x40, 0x05, 0x77, 0x3a, 0xb4, 0x9f, 0xe8,
    0x4d, 0x07, 0x29, 0x0c, 0x3f, 0x86, 0xa9, 0x7d, 0xea, 0x0b, 0xc6, 0xdd, 0x64, 0xb7, 0x16, 0xb3,
    0x06, 0x7f, 0x15, 0x43, 0xea, 0x93, 0x07, 0xc7, 0x95, 0x1c, 0x49, 0x19, 0xd5, 0x0f, 0x1a, 0x68,
    0x8d, 0x1a, 0x7e, 0x8f, 0x54, 0xed, 0x0b, 0x43, 0x61, 0x2b, 0x4b, 0x6b, 0x8c, 0x3b, 0xa5, 0xb5,
    0xab, 0x13, 0xe2, 0xf1, 0x8c, 0xff, 0x7f, 0x7c, 0xff, 0xfd, 0x55, 0xd3, 0xae, 0x23, 0xfc, 0x16,
    0x0a, 0x83, 0x06, 0xe0, 0x95, 0x11, 0x5a, 0xe7, 0x9d, 0x2b, 0xad, 0x5e, 0x0e, 0x4c, 0x8a, 0x2d,
    0xa8, 0x62, 0x73, 0x70, 0x4d, 0x21, 0xef, 0xf5, 0x6c, 0xd7, 0x6e, 0x53, 0xbf, 0xfa, 0x45, 0x03,
    0xb5, 0x57, 0x89, 0x15, 0x59, 0x5b, 0x99, 0x6d, 0xc5, 0x98, 0x7f, 0x65, 0xb6, 0x15, 0xe3, 0x16,
    0x7e, 0xc0, 0x8a, 0x8f, 0x08, 0x16, 0x32, 0x9f, 0x24, 0xbc, 0x36, 0x6a, 0xad, 0x47, 0xbd, 0x81,
    0xa5, 0xf5, 0x7f, 0x60, 0x9c, 0x6f, 0xa4, 0x7e, 0xfb, 0xe0, 0x44, 0xcf, 0x1d, 0x9d, 0xe8, 0xb9,
    0x77, 0xa1, 0x8e, 0x0e, 0x42, 0x1d, 0x1d, 0x86, 0x3a, 0xfa, 0x15, 0xea, 0xe8, 0xd3, 0xa9, 0x9e,
    0x3b, 0x3c, 0xd5, 0x73, 0x47, 0xa7, 0x7a, 0xae, 0x99, 0x57, 0xaf, 0xf1, 0xfd, 0x3f, 0x01, 0x00,
    0x00, 0xff, 0xff, 0xd2, 0x82, 0x20, 0x1b, 0x73, 0x06, 0x00, 0x00,
}

type authenticatedWrapperCAServer struct {
    local     CAServer
    authorize func(context.Context, []string) error
}

func NewAuthenticatedWrapperCAServer(local CAServer, authorize func(context.Context, []string) error) CAServer {
    return &authenticatedWrapperCAServer{
        local:     local,
        authorize: authorize,
    }
}

func (p *authenticatedWrapperCAServer) GetRootCACertificate(ctx context.Context, r *GetRootCACertificateRequest) (*GetRootCACertificateResponse, error) {

    return p.local.GetRootCACertificate(ctx, r)
}

func (p *authenticatedWrapperCAServer) GetUnlockKey(ctx context.Context, r *GetUnlockKeyRequest) (*GetUnlockKeyResponse, error) {

    if err := p.authorize(ctx, []string{"swarm-manager"}); err != nil {
        return nil, err
    }
    return p.local.GetUnlockKey(ctx, r)
}

type authenticatedWrapperNodeCAServer struct {
    local     NodeCAServer
    authorize func(context.Context, []string) error
}

func NewAuthenticatedWrapperNodeCAServer(local NodeCAServer, authorize func(context.Context, []string) error) NodeCAServer {
    return &authenticatedWrapperNodeCAServer{
        local:     local,
        authorize: authorize,
    }
}

func (p *authenticatedWrapperNodeCAServer) IssueNodeCertificate(ctx context.Context, r *IssueNodeCertificateRequest) (*IssueNodeCertificateResponse, error) {

    return p.local.IssueNodeCertificate(ctx, r)
}

func (p *authenticatedWrapperNodeCAServer) NodeCertificateStatus(ctx context.Context, r *NodeCertificateStatusRequest) (*NodeCertificateStatusResponse, error) {

    return p.local.NodeCertificateStatus(ctx, r)
}

func (m *NodeCertificateStatusRequest) Copy() *NodeCertificateStatusRequest {
    if m == nil {
        return nil
    }
    o := &NodeCertificateStatusRequest{}
    o.CopyFrom(m)
    return o
}

func (m *NodeCertificateStatusRequest) CopyFrom(src interface{}) {

    o := src.(*NodeCertificateStatusRequest)
    *m = *o
}

func (m *NodeCertificateStatusResponse) Copy() *NodeCertificateStatusResponse {
    if m == nil {
        return nil
    }
    o := &NodeCertificateStatusResponse{}
    o.CopyFrom(m)
    return o
}

func (m *NodeCertificateStatusResponse) CopyFrom(src interface{}) {

    o := src.(*NodeCertificateStatusResponse)
    *m = *o
    if o.Status != nil {
        m.Status = &IssuanceStatus{}
        github_com_moby_swarmkit_v2_api_deepcopy.Copy(m.Status, o.Status)
    }
    if o.Certificate != nil {
        m.Certificate = &Certificate{}
        github_com_moby_swarmkit_v2_api_deepcopy.Copy(m.Certificate, o.Certificate)
    }
}

func (m *IssueNodeCertificateRequest) Copy() *IssueNodeCertificateRequest {
    if m == nil {
        return nil
    }
    o := &IssueNodeCertificateRequest{}
    o.CopyFrom(m)
    return o
}

func (m *IssueNodeCertificateRequest) CopyFrom(src interface{}) {

    o := src.(*IssueNodeCertificateRequest)
    *m = *o
    if o.CSR != nil {
        m.CSR = make([]byte, len(o.CSR))
        copy(m.CSR, o.CSR)
    }
}

func (m *IssueNodeCertificateResponse) Copy() *IssueNodeCertificateResponse {
    if m == nil {
        return nil
    }
    o := &IssueNodeCertificateResponse{}
    o.CopyFrom(m)
    return o
}

func (m *IssueNodeCertificateResponse) CopyFrom(src interface{}) {

    o := src.(*IssueNodeCertificateResponse)
    *m = *o
}

func (m *GetRootCACertificateRequest) Copy() *GetRootCACertificateRequest {
    if m == nil {
        return nil
    }
    o := &GetRootCACertificateRequest{}
    o.CopyFrom(m)
    return o
}

func (m *GetRootCACertificateRequest) CopyFrom(src interface{}) {}
func (m *GetRootCACertificateResponse) Copy() *GetRootCACertificateResponse {
    if m == nil {
        return nil
    }
    o := &GetRootCACertificateResponse{}
    o.CopyFrom(m)
    return o
}

func (m *GetRootCACertificateResponse) CopyFrom(src interface{}) {

    o := src.(*GetRootCACertificateResponse)
    *m = *o
    if o.Certificate != nil {
        m.Certificate = make([]byte, len(o.Certificate))
        copy(m.Certificate, o.Certificate)
    }
}

func (m *GetUnlockKeyRequest) Copy() *GetUnlockKeyRequest {
    if m == nil {
        return nil
    }
    o := &GetUnlockKeyRequest{}
    o.CopyFrom(m)
    return o
}

func (m *GetUnlockKeyRequest) CopyFrom(src interface{}) {}
func (m *GetUnlockKeyResponse) Copy() *GetUnlockKeyResponse {
    if m == nil {
        return nil
    }
    o := &GetUnlockKeyResponse{}
    o.CopyFrom(m)
    return o
}

func (m *GetUnlockKeyResponse) CopyFrom(src interface{}) {

    o := src.(*GetUnlockKeyResponse)
    *m = *o
    if o.UnlockKey != nil {
        m.UnlockKey = make([]byte, len(o.UnlockKey))
        copy(m.UnlockKey, o.UnlockKey)
    }
    github_com_moby_swarmkit_v2_api_deepcopy.Copy(&m.Version, &o.Version)
}

// Reference imports to suppress errors if they are not otherwise used.
var _ context.Context
var _ grpc.ClientConn

// This is a compile-time assertion to ensure that this generated file
// is compatible with the grpc package it is being compiled against.
const _ = grpc.SupportPackageIsVersion4

// CAClient is the client API for CA service.
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
type CAClient interface {
    GetRootCACertificate(ctx context.Context, in *GetRootCACertificateRequest, opts ...grpc.CallOption) (*GetRootCACertificateResponse, error)
    // GetUnlockKey returns the current unlock key for the cluster for the role of the client
    // asking.
    GetUnlockKey(ctx context.Context, in *GetUnlockKeyRequest, opts ...grpc.CallOption) (*GetUnlockKeyResponse, error)
}

type cAClient struct {
    cc *grpc.ClientConn
}

func NewCAClient(cc *grpc.ClientConn) CAClient {
    return &cAClient{cc}
}

func (c *cAClient) GetRootCACertificate(ctx context.Context, in *GetRootCACertificateRequest, opts ...grpc.CallOption) (*GetRootCACertificateResponse, error) {
    out := new(GetRootCACertificateResponse)
    err := c.cc.Invoke(ctx, "/docker.swarmkit.v1.CA/GetRootCACertificate", in, out, opts...)
    if err != nil {
        return nil, err
    }
    return out, nil
}

func (c *cAClient) GetUnlockKey(ctx context.Context, in *GetUnlockKeyRequest, opts ...grpc.CallOption) (*GetUnlockKeyResponse, error) {
    out := new(GetUnlockKeyResponse)
    err := c.cc.Invoke(ctx, "/docker.swarmkit.v1.CA/GetUnlockKey", in, out, opts...)
    if err != nil {
        return nil, err
    }
    return out, nil
}

// CAServer is the server API for CA service.
type CAServer interface {
    GetRootCACertificate(context.Context, *GetRootCACertificateRequest) (*GetRootCACertificateResponse, error)
    // GetUnlockKey returns the current unlock key for the cluster for the role of the client
    // asking.
    GetUnlockKey(context.Context, *GetUnlockKeyRequest) (*GetUnlockKeyResponse, error)
}

// UnimplementedCAServer can be embedded to have forward compatible implementations.
type UnimplementedCAServer struct {
}

func (*UnimplementedCAServer) GetRootCACertificate(ctx context.Context, req *GetRootCACertificateRequest) (*GetRootCACertificateResponse, error) {
    return nil, status.Errorf(codes.Unimplemented, "method GetRootCACertificate not implemented")
}
func (*UnimplementedCAServer) GetUnlockKey(ctx context.Context, req *GetUnlockKeyRequest) (*GetUnlockKeyResponse, error) {
    return nil, status.Errorf(codes.Unimplemented, "method GetUnlockKey not implemented")
}

func RegisterCAServer(s *grpc.Server, srv CAServer) {
    s.RegisterService(&_CA_serviceDesc, srv)
}

func _CA_GetRootCACertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
    in := new(GetRootCACertificateRequest)
    if err := dec(in); err != nil {
        return nil, err
    }
    if interceptor == nil {
        return srv.(CAServer).GetRootCACertificate(ctx, in)
    }
    info := &grpc.UnaryServerInfo{
        Server:     srv,
        FullMethod: "/docker.swarmkit.v1.CA/GetRootCACertificate",
    }
    handler := func(ctx context.Context, req interface{}) (interface{}, error) {
        return srv.(CAServer).GetRootCACertificate(ctx, req.(*GetRootCACertificateRequest))
    }
    return interceptor(ctx, in, info, handler)
}

func _CA_GetUnlockKey_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
    in := new(GetUnlockKeyRequest)
    if err := dec(in); err != nil {
        return nil, err
    }
    if interceptor == nil {
        return srv.(CAServer).GetUnlockKey(ctx, in)
    }
    info := &grpc.UnaryServerInfo{
        Server:     srv,
        FullMethod: "/docker.swarmkit.v1.CA/GetUnlockKey",
    }
    handler := func(ctx context.Context, req interface{}) (interface{}, error) {
        return srv.(CAServer).GetUnlockKey(ctx, req.(*GetUnlockKeyRequest))
    }
    return interceptor(ctx, in, info, handler)
}

var _CA_serviceDesc = grpc.ServiceDesc{
    ServiceName: "docker.swarmkit.v1.CA",
    HandlerType: (*CAServer)(nil),
    Methods: []grpc.MethodDesc{
        {
            MethodName: "GetRootCACertificate",
            Handler:    _CA_GetRootCACertificate_Handler,
        },
        {
            MethodName: "GetUnlockKey",
            Handler:    _CA_GetUnlockKey_Handler,
        },
    },
    Streams:  []grpc.StreamDesc{},
    Metadata: "github.com/docker/swarmkit/api/ca.proto",
}

// NodeCAClient is the client API for NodeCA service.
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
type NodeCAClient interface {
    IssueNodeCertificate(ctx context.Context, in *IssueNodeCertificateRequest, opts ...grpc.CallOption) (*IssueNodeCertificateResponse, error)
    NodeCertificateStatus(ctx context.Context, in *NodeCertificateStatusRequest, opts ...grpc.CallOption) (*NodeCertificateStatusResponse, error)
}

type nodeCAClient struct {
    cc *grpc.ClientConn
}

func NewNodeCAClient(cc *grpc.ClientConn) NodeCAClient {
    return &nodeCAClient{cc}
}

func (c *nodeCAClient) IssueNodeCertificate(ctx context.Context, in *IssueNodeCertificateRequest, opts ...grpc.CallOption) (*IssueNodeCertificateResponse, error) {
    out := new(IssueNodeCertificateResponse)
    err := c.cc.Invoke(ctx, "/docker.swarmkit.v1.NodeCA/IssueNodeCertificate", in, out, opts...)
    if err != nil {
        return nil, err
    }
    return out, nil
}

func (c *nodeCAClient) NodeCertificateStatus(ctx context.Context, in *NodeCertificateStatusRequest, opts ...grpc.CallOption) (*NodeCertificateStatusResponse, error) {
    out := new(NodeCertificateStatusResponse)
    err := c.cc.Invoke(ctx, "/docker.swarmkit.v1.NodeCA/NodeCertificateStatus", in, out, opts...)
    if err != nil {
        return nil, err
    }
    return out, nil
}

// NodeCAServer is the server API for NodeCA service.
type NodeCAServer interface {
    IssueNodeCertificate(context.Context, *IssueNodeCertificateRequest) (*IssueNodeCertificateResponse, error)
    NodeCertificateStatus(context.Context, *NodeCertificateStatusRequest) (*NodeCertificateStatusResponse, error)
}

// UnimplementedNodeCAServer can be embedded to have forward compatible implementations.
type UnimplementedNodeCAServer struct {
}

func (*UnimplementedNodeCAServer) IssueNodeCertificate(ctx context.Context, req *IssueNodeCertificateRequest) (*IssueNodeCertificateResponse, error) {
    return nil, status.Errorf(codes.Unimplemented, "method IssueNodeCertificate not implemented")
}
func (*UnimplementedNodeCAServer) NodeCertificateStatus(ctx context.Context, req *NodeCertificateStatusRequest) (*NodeCertificateStatusResponse, error) {
    return nil, status.Errorf(codes.Unimplemented, "method NodeCertificateStatus not implemented")
}

func RegisterNodeCAServer(s *grpc.Server, srv NodeCAServer) {
    s.RegisterService(&_NodeCA_serviceDesc, srv)
}

func _NodeCA_IssueNodeCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
    in := new(IssueNodeCertificateRequest)
    if err := dec(in); err != nil {
        return nil, err
    }
    if interceptor == nil {
        return srv.(NodeCAServer).IssueNodeCertificate(ctx, in)
    }
    info := &grpc.UnaryServerInfo{
        Server:     srv,
        FullMethod: "/docker.swarmkit.v1.NodeCA/IssueNodeCertificate",
    }
    handler := func(ctx context.Context, req interface{}) (interface{}, error) {
        return srv.(NodeCAServer).IssueNodeCertificate(ctx, req.(*IssueNodeCertificateRequest))
    }
    return interceptor(ctx, in, info, handler)
}

func _NodeCA_NodeCertificateStatus_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
    in := new(NodeCertificateStatusRequest)
    if err := dec(in); err != nil {
        return nil, err
    }
    if interceptor == nil {
        return srv.(NodeCAServer).NodeCertificateStatus(ctx, in)
    }
    info := &grpc.UnaryServerInfo{
        Server:     srv,
        FullMethod: "/docker.swarmkit.v1.NodeCA/NodeCertificateStatus",
    }
    handler := func(ctx context.Context, req interface{}) (interface{}, error) {
        return srv.(NodeCAServer).NodeCertificateStatus(ctx, req.(*NodeCertificateStatusRequest))
    }
    return interceptor(ctx, in, info, handler)
}

var _NodeCA_serviceDesc = grpc.ServiceDesc{
    ServiceName: "docker.swarmkit.v1.NodeCA",
    HandlerType: (*NodeCAServer)(nil),
    Methods: []grpc.MethodDesc{
        {
            MethodName: "IssueNodeCertificate",
            Handler:    _NodeCA_IssueNodeCertificate_Handler,
        },
        {
            MethodName: "NodeCertificateStatus",
            Handler:    _NodeCA_NodeCertificateStatus_Handler,
        },
    },
    Streams:  []grpc.StreamDesc{},
    Metadata: "github.com/docker/swarmkit/api/ca.proto",
}

func (m *NodeCertificateStatusRequest) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *NodeCertificateStatusRequest) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *NodeCertificateStatusRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    if len(m.NodeID) > 0 {
        i -= len(m.NodeID)
        copy(dAtA[i:], m.NodeID)
        i = encodeVarintCa(dAtA, i, uint64(len(m.NodeID)))
        i--
        dAtA[i] = 0xa
    }
    return len(dAtA) - i, nil
}

func (m *NodeCertificateStatusResponse) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *NodeCertificateStatusResponse) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *NodeCertificateStatusResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    if m.Certificate != nil {
        {
            size, err := m.Certificate.MarshalToSizedBuffer(dAtA[:i])
            if err != nil {
                return 0, err
            }
            i -= size
            i = encodeVarintCa(dAtA, i, uint64(size))
        }
        i--
        dAtA[i] = 0x12
    }
    if m.Status != nil {
        {
            size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
            if err != nil {
                return 0, err
            }
            i -= size
            i = encodeVarintCa(dAtA, i, uint64(size))
        }
        i--
        dAtA[i] = 0xa
    }
    return len(dAtA) - i, nil
}

func (m *IssueNodeCertificateRequest) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *IssueNodeCertificateRequest) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *IssueNodeCertificateRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    if m.Availability != 0 {
        i = encodeVarintCa(dAtA, i, uint64(m.Availability))
        i--
        dAtA[i] = 0x20
    }
    if len(m.Token) > 0 {
        i -= len(m.Token)
        copy(dAtA[i:], m.Token)
        i = encodeVarintCa(dAtA, i, uint64(len(m.Token)))
        i--
        dAtA[i] = 0x1a
    }
    if len(m.CSR) > 0 {
        i -= len(m.CSR)
        copy(dAtA[i:], m.CSR)
        i = encodeVarintCa(dAtA, i, uint64(len(m.CSR)))
        i--
        dAtA[i] = 0x12
    }
    if m.Role != 0 {
        i = encodeVarintCa(dAtA, i, uint64(m.Role))
        i--
        dAtA[i] = 0x8
    }
    return len(dAtA) - i, nil
}

func (m *IssueNodeCertificateResponse) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *IssueNodeCertificateResponse) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *IssueNodeCertificateResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    if m.NodeMembership != 0 {
        i = encodeVarintCa(dAtA, i, uint64(m.NodeMembership))
        i--
        dAtA[i] = 0x10
    }
    if len(m.NodeID) > 0 {
        i -= len(m.NodeID)
        copy(dAtA[i:], m.NodeID)
        i = encodeVarintCa(dAtA, i, uint64(len(m.NodeID)))
        i--
        dAtA[i] = 0xa
    }
    return len(dAtA) - i, nil
}

func (m *GetRootCACertificateRequest) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *GetRootCACertificateRequest) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *GetRootCACertificateRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    return len(dAtA) - i, nil
}

func (m *GetRootCACertificateResponse) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *GetRootCACertificateResponse) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *GetRootCACertificateResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    if len(m.Certificate) > 0 {
        i -= len(m.Certificate)
        copy(dAtA[i:], m.Certificate)
        i = encodeVarintCa(dAtA, i, uint64(len(m.Certificate)))
        i--
        dAtA[i] = 0xa
    }
    return len(dAtA) - i, nil
}

func (m *GetUnlockKeyRequest) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *GetUnlockKeyRequest) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *GetUnlockKeyRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    return len(dAtA) - i, nil
}

func (m *GetUnlockKeyResponse) Marshal() (dAtA []byte, err error) {
    size := m.Size()
    dAtA = make([]byte, size)
    n, err := m.MarshalToSizedBuffer(dAtA[:size])
    if err != nil {
        return nil, err
    }
    return dAtA[:n], nil
}

func (m *GetUnlockKeyResponse) MarshalTo(dAtA []byte) (int, error) {
    size := m.Size()
    return m.MarshalToSizedBuffer(dAtA[:size])
}

func (m *GetUnlockKeyResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) {
    i := len(dAtA)
    _ = i
    var l int
    _ = l
    {
        size, err := m.Version.MarshalToSizedBuffer(dAtA[:i])
        if err != nil {
            return 0, err
        }
        i -= size
        i = encodeVarintCa(dAtA, i, uint64(size))
    }
    i--
    dAtA[i] = 0x12
    if len(m.UnlockKey) > 0 {
        i -= len(m.UnlockKey)
        copy(dAtA[i:], m.UnlockKey)
        i = encodeVarintCa(dAtA, i, uint64(len(m.UnlockKey)))
        i--
        dAtA[i] = 0xa
    }
    return len(dAtA) - i, nil
}

func encodeVarintCa(dAtA []byte, offset int, v uint64) int {
    offset -= sovCa(v)
    base := offset
    for v >= 1<<7 {
        dAtA[offset] = uint8(v&0x7f | 0x80)
        v >>= 7
        offset++
    }
    dAtA[offset] = uint8(v)
    return base
}

type raftProxyCAServer struct {
    local                       CAServer
    connSelector                raftselector.ConnProvider
    localCtxMods, remoteCtxMods []func(context.Context) (context.Context, error)
}

func NewRaftProxyCAServer(local CAServer, connSelector raftselector.ConnProvider, localCtxMod, remoteCtxMod func(context.Context) (context.Context, error)) CAServer {
    redirectChecker := func(ctx context.Context) (context.Context, error) {
        p, ok := peer.FromContext(ctx)
        if !ok {
            return ctx, status.Errorf(codes.InvalidArgument, "remote addr is not found in context")
        }
        addr := p.Addr.String()
        md, ok := metadata.FromIncomingContext(ctx)
        if ok && len(md["redirect"]) != 0 {
            return ctx, status.Errorf(codes.ResourceExhausted, "more than one redirect to leader from: %s", md["redirect"])
        }
        if !ok {
            md = metadata.New(map[string]string{})
        }
        md["redirect"] = append(md["redirect"], addr)
        return metadata.NewOutgoingContext(ctx, md), nil
    }
    remoteMods := []func(context.Context) (context.Context, error){redirectChecker}
    remoteMods = append(remoteMods, remoteCtxMod)

    var localMods []func(context.Context) (context.Context, error)
    if localCtxMod != nil {
        localMods = []func(context.Context) (context.Context, error){localCtxMod}
    }

    return &raftProxyCAServer{
        local:         local,
        connSelector:  connSelector,
        localCtxMods:  localMods,
        remoteCtxMods: remoteMods,
    }
}
func (p *raftProxyCAServer) runCtxMods(ctx context.Context, ctxMods []func(context.Context) (context.Context, error)) (context.Context, error) {
    var err error
    for _, mod := range ctxMods {
        ctx, err = mod(ctx)
        if err != nil {
            return ctx, err
        }
    }
    return ctx, nil
}
func (p *raftProxyCAServer) pollNewLeaderConn(ctx context.Context) (*grpc.ClientConn, error) {
    ticker := rafttime.NewTicker(500 * rafttime.Millisecond)
    defer ticker.Stop()
    for {
        select {
        case <-ticker.C:
            conn, err := p.connSelector.LeaderConn(ctx)
            if err != nil {
                return nil, err
            }

            client := NewHealthClient(conn)

            resp, err := client.Check(ctx, &HealthCheckRequest{Service: "Raft"})
            if err != nil || resp.Status != HealthCheckResponse_SERVING {
                continue
            }
            return conn, nil
        case <-ctx.Done():
            return nil, ctx.Err()
        }
    }
}

func (p *raftProxyCAServer) GetRootCACertificate(ctx context.Context, r *GetRootCACertificateRequest) (*GetRootCACertificateResponse, error) {

    conn, err := p.connSelector.LeaderConn(ctx)
    if err != nil {
        if err == raftselector.ErrIsLeader {
            ctx, err = p.runCtxMods(ctx, p.localCtxMods)
            if err != nil {
                return nil, err
            }
            return p.local.GetRootCACertificate(ctx, r)
        }
        return nil, err
    }
    modCtx, err := p.runCtxMods(ctx, p.remoteCtxMods)
    if err != nil {
        return nil, err
    }

    resp, err := NewCAClient(conn).GetRootCACertificate(modCtx, r)
    if err != nil {
        if !strings.Contains(err.Error(), "is closing") && !strings.Contains(err.Error(), "the connection is unavailable") && !strings.Contains(err.Error(), "connection error") {
            return resp, err
        }
        conn, err := p.pollNewLeaderConn(ctx)
        if err != nil {
            if err == raftselector.ErrIsLeader {
                return p.local.GetRootCACertificate(ctx, r)
            }
            return nil, err
        }
        return NewCAClient(conn).GetRootCACertificate(modCtx, r)
    }
    return resp, err
}

func (p *raftProxyCAServer) GetUnlockKey(ctx context.Context, r *GetUnlockKeyRequest) (*GetUnlockKeyResponse, error) {

    conn, err := p.connSelector.LeaderConn(ctx)
    if err != nil {
        if err == raftselector.ErrIsLeader {
            ctx, err = p.runCtxMods(ctx, p.localCtxMods)
            if err != nil {
                return nil, err
            }
            return p.local.GetUnlockKey(ctx, r)
        }
        return nil, err
    }
    modCtx, err := p.runCtxMods(ctx, p.remoteCtxMods)
    if err != nil {
        return nil, err
    }

    resp, err := NewCAClient(conn).GetUnlockKey(modCtx, r)
    if err != nil {
        if !strings.Contains(err.Error(), "is closing") && !strings.Contains(err.Error(), "the connection is unavailable") && !strings.Contains(err.Error(), "connection error") {
            return resp, err
        }
        conn, err := p.pollNewLeaderConn(ctx)
        if err != nil {
            if err == raftselector.ErrIsLeader {
                return p.local.GetUnlockKey(ctx, r)
            }
            return nil, err
        }
        return NewCAClient(conn).GetUnlockKey(modCtx, r)
    }
    return resp, err
}

type raftProxyNodeCAServer struct {
    local                       NodeCAServer
    connSelector                raftselector.ConnProvider
    localCtxMods, remoteCtxMods []func(context.Context) (context.Context, error)
}

func NewRaftProxyNodeCAServer(local NodeCAServer, connSelector raftselector.ConnProvider, localCtxMod, remoteCtxMod func(context.Context) (context.Context, error)) NodeCAServer {
    redirectChecker := func(ctx context.Context) (context.Context, error) {
        p, ok := peer.FromContext(ctx)
        if !ok {
            return ctx, status.Errorf(codes.InvalidArgument, "remote addr is not found in context")
        }
        addr := p.Addr.String()
        md, ok := metadata.FromIncomingContext(ctx)
        if ok && len(md["redirect"]) != 0 {
            return ctx, status.Errorf(codes.ResourceExhausted, "more than one redirect to leader from: %s", md["redirect"])
        }
        if !ok {
            md = metadata.New(map[string]string{})
        }
        md["redirect"] = append(md["redirect"], addr)
        return metadata.NewOutgoingContext(ctx, md), nil
    }
    remoteMods := []func(context.Context) (context.Context, error){redirectChecker}
    remoteMods = append(remoteMods, remoteCtxMod)

    var localMods []func(context.Context) (context.Context, error)
    if localCtxMod != nil {
        localMods = []func(context.Context) (context.Context, error){localCtxMod}
    }

    return &raftProxyNodeCAServer{
        local:         local,
        connSelector:  connSelector,
        localCtxMods:  localMods,
        remoteCtxMods: remoteMods,
    }
}
func (p *raftProxyNodeCAServer) runCtxMods(ctx context.Context, ctxMods []func(context.Context) (context.Context, error)) (context.Context, error) {
    var err error
    for _, mod := range ctxMods {
        ctx, err = mod(ctx)
        if err != nil {
            return ctx, err
        }
    }
    return ctx, nil
}
func (p *raftProxyNodeCAServer) pollNewLeaderConn(ctx context.Context) (*grpc.ClientConn, error) {
    ticker := rafttime.NewTicker(500 * rafttime.Millisecond)
    defer ticker.Stop()
    for {
        select {
        case <-ticker.C:
            conn, err := p.connSelector.LeaderConn(ctx)
            if err != nil {
                return nil, err
            }

            client := NewHealthClient(conn)

            resp, err := client.Check(ctx, &HealthCheckRequest{Service: "Raft"})
            if err != nil || resp.Status != HealthCheckResponse_SERVING {
                continue
            }
            return conn, nil
        case <-ctx.Done():
            return nil, ctx.Err()
        }
    }
}

func (p *raftProxyNodeCAServer) IssueNodeCertificate(ctx context.Context, r *IssueNodeCertificateRequest) (*IssueNodeCertificateResponse, error) {

    conn, err := p.connSelector.LeaderConn(ctx)
    if err != nil {
        if err == raftselector.ErrIsLeader {
            ctx, err = p.runCtxMods(ctx, p.localCtxMods)
            if err != nil {
                return nil, err
            }
            return p.local.IssueNodeCertificate(ctx, r)
        }
        return nil, err
    }
    modCtx, err := p.runCtxMods(ctx, p.remoteCtxMods)
    if err != nil {
        return nil, err
    }

    resp, err := NewNodeCAClient(conn).IssueNodeCertificate(modCtx, r)
    if err != nil {
        if !strings.Contains(err.Error(), "is closing") && !strings.Contains(err.Error(), "the connection is unavailable") && !strings.Contains(err.Error(), "connection error") {
            return resp, err
        }
        conn, err := p.pollNewLeaderConn(ctx)
        if err != nil {
            if err == raftselector.ErrIsLeader {
                return p.local.IssueNodeCertificate(ctx, r)
            }
            return nil, err
        }
        return NewNodeCAClient(conn).IssueNodeCertificate(modCtx, r)
    }
    return resp, err
}

func (p *raftProxyNodeCAServer) NodeCertificateStatus(ctx context.Context, r *NodeCertificateStatusRequest) (*NodeCertificateStatusResponse, error) {

    conn, err := p.connSelector.LeaderConn(ctx)
    if err != nil {
        if err == raftselector.ErrIsLeader {
            ctx, err = p.runCtxMods(ctx, p.localCtxMods)
            if err != nil {
                return nil, err
            }
            return p.local.NodeCertificateStatus(ctx, r)
        }
        return nil, err
    }
    modCtx, err := p.runCtxMods(ctx, p.remoteCtxMods)
    if err != nil {
        return nil, err
    }

    resp, err := NewNodeCAClient(conn).NodeCertificateStatus(modCtx, r)
    if err != nil {
        if !strings.Contains(err.Error(), "is closing") && !strings.Contains(err.Error(), "the connection is unavailable") && !strings.Contains(err.Error(), "connection error") {
            return resp, err
        }
        conn, err := p.pollNewLeaderConn(ctx)
        if err != nil {
            if err == raftselector.ErrIsLeader {
                return p.local.NodeCertificateStatus(ctx, r)
            }
            return nil, err
        }
        return NewNodeCAClient(conn).NodeCertificateStatus(modCtx, r)
    }
    return resp, err
}

func (m *NodeCertificateStatusRequest) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    l = len(m.NodeID)
    if l > 0 {
        n += 1 + l + sovCa(uint64(l))
    }
    return n
}

func (m *NodeCertificateStatusResponse) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    if m.Status != nil {
        l = m.Status.Size()
        n += 1 + l + sovCa(uint64(l))
    }
    if m.Certificate != nil {
        l = m.Certificate.Size()
        n += 1 + l + sovCa(uint64(l))
    }
    return n
}

func (m *IssueNodeCertificateRequest) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    if m.Role != 0 {
        n += 1 + sovCa(uint64(m.Role))
    }
    l = len(m.CSR)
    if l > 0 {
        n += 1 + l + sovCa(uint64(l))
    }
    l = len(m.Token)
    if l > 0 {
        n += 1 + l + sovCa(uint64(l))
    }
    if m.Availability != 0 {
        n += 1 + sovCa(uint64(m.Availability))
    }
    return n
}

func (m *IssueNodeCertificateResponse) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    l = len(m.NodeID)
    if l > 0 {
        n += 1 + l + sovCa(uint64(l))
    }
    if m.NodeMembership != 0 {
        n += 1 + sovCa(uint64(m.NodeMembership))
    }
    return n
}

func (m *GetRootCACertificateRequest) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    return n
}

func (m *GetRootCACertificateResponse) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    l = len(m.Certificate)
    if l > 0 {
        n += 1 + l + sovCa(uint64(l))
    }
    return n
}

func (m *GetUnlockKeyRequest) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    return n
}

func (m *GetUnlockKeyResponse) Size() (n int) {
    if m == nil {
        return 0
    }
    var l int
    _ = l
    l = len(m.UnlockKey)
    if l > 0 {
        n += 1 + l + sovCa(uint64(l))
    }
    l = m.Version.Size()
    n += 1 + l + sovCa(uint64(l))
    return n
}

func sovCa(x uint64) (n int) {
    return (math_bits.Len64(x|1) + 6) / 7
}
func sozCa(x uint64) (n int) {
    return sovCa(uint64((x << 1) ^ uint64((int64(x) >> 63))))
}
func (this *NodeCertificateStatusRequest) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&NodeCertificateStatusRequest{`,
        `NodeID:` + fmt.Sprintf("%v", this.NodeID) + `,`,
        `}`,
    }, "")
    return s
}
func (this *NodeCertificateStatusResponse) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&NodeCertificateStatusResponse{`,
        `Status:` + strings.Replace(fmt.Sprintf("%v", this.Status), "IssuanceStatus", "IssuanceStatus", 1) + `,`,
        `Certificate:` + strings.Replace(fmt.Sprintf("%v", this.Certificate), "Certificate", "Certificate", 1) + `,`,
        `}`,
    }, "")
    return s
}
func (this *IssueNodeCertificateRequest) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&IssueNodeCertificateRequest{`,
        `Role:` + fmt.Sprintf("%v", this.Role) + `,`,
        `CSR:` + fmt.Sprintf("%v", this.CSR) + `,`,
        `Token:` + fmt.Sprintf("%v", this.Token) + `,`,
        `Availability:` + fmt.Sprintf("%v", this.Availability) + `,`,
        `}`,
    }, "")
    return s
}
func (this *IssueNodeCertificateResponse) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&IssueNodeCertificateResponse{`,
        `NodeID:` + fmt.Sprintf("%v", this.NodeID) + `,`,
        `NodeMembership:` + fmt.Sprintf("%v", this.NodeMembership) + `,`,
        `}`,
    }, "")
    return s
}
func (this *GetRootCACertificateRequest) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&GetRootCACertificateRequest{`,
        `}`,
    }, "")
    return s
}
func (this *GetRootCACertificateResponse) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&GetRootCACertificateResponse{`,
        `Certificate:` + fmt.Sprintf("%v", this.Certificate) + `,`,
        `}`,
    }, "")
    return s
}
func (this *GetUnlockKeyRequest) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&GetUnlockKeyRequest{`,
        `}`,
    }, "")
    return s
}
func (this *GetUnlockKeyResponse) String() string {
    if this == nil {
        return "nil"
    }
    s := strings.Join([]string{`&GetUnlockKeyResponse{`,
        `UnlockKey:` + fmt.Sprintf("%v", this.UnlockKey) + `,`,
        `Version:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Version), "Version", "Version", 1), `&`, ``, 1) + `,`,
        `}`,
    }, "")
    return s
}
func valueToStringCa(v interface{}) string {
    rv := reflect.ValueOf(v)
    if rv.IsNil() {
        return "nil"
    }
    pv := reflect.Indirect(rv).Interface()
    return fmt.Sprintf("*%v", pv)
}
func (m *NodeCertificateStatusRequest) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: NodeCertificateStatusRequest: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: NodeCertificateStatusRequest: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        case 1:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field NodeID", wireType)
            }
            var stringLen uint64
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                stringLen |= uint64(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            intStringLen := int(stringLen)
            if intStringLen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + intStringLen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            m.NodeID = string(dAtA[iNdEx:postIndex])
            iNdEx = postIndex
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func (m *NodeCertificateStatusResponse) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: NodeCertificateStatusResponse: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: NodeCertificateStatusResponse: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        case 1:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
            }
            var msglen int
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                msglen |= int(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            if msglen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + msglen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            if m.Status == nil {
                m.Status = &IssuanceStatus{}
            }
            if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
                return err
            }
            iNdEx = postIndex
        case 2:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field Certificate", wireType)
            }
            var msglen int
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                msglen |= int(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            if msglen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + msglen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            if m.Certificate == nil {
                m.Certificate = &Certificate{}
            }
            if err := m.Certificate.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
                return err
            }
            iNdEx = postIndex
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func (m *IssueNodeCertificateRequest) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: IssueNodeCertificateRequest: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: IssueNodeCertificateRequest: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        case 1:
            if wireType != 0 {
                return fmt.Errorf("proto: wrong wireType = %d for field Role", wireType)
            }
            m.Role = 0
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                m.Role |= NodeRole(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
        case 2:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field CSR", wireType)
            }
            var byteLen int
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                byteLen |= int(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            if byteLen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + byteLen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            m.CSR = append(m.CSR[:0], dAtA[iNdEx:postIndex]...)
            if m.CSR == nil {
                m.CSR = []byte{}
            }
            iNdEx = postIndex
        case 3:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field Token", wireType)
            }
            var stringLen uint64
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                stringLen |= uint64(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            intStringLen := int(stringLen)
            if intStringLen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + intStringLen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            m.Token = string(dAtA[iNdEx:postIndex])
            iNdEx = postIndex
        case 4:
            if wireType != 0 {
                return fmt.Errorf("proto: wrong wireType = %d for field Availability", wireType)
            }
            m.Availability = 0
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                m.Availability |= NodeSpec_Availability(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func (m *IssueNodeCertificateResponse) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: IssueNodeCertificateResponse: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: IssueNodeCertificateResponse: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        case 1:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field NodeID", wireType)
            }
            var stringLen uint64
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                stringLen |= uint64(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            intStringLen := int(stringLen)
            if intStringLen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + intStringLen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            m.NodeID = string(dAtA[iNdEx:postIndex])
            iNdEx = postIndex
        case 2:
            if wireType != 0 {
                return fmt.Errorf("proto: wrong wireType = %d for field NodeMembership", wireType)
            }
            m.NodeMembership = 0
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                m.NodeMembership |= NodeSpec_Membership(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func (m *GetRootCACertificateRequest) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: GetRootCACertificateRequest: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: GetRootCACertificateRequest: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func (m *GetRootCACertificateResponse) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: GetRootCACertificateResponse: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: GetRootCACertificateResponse: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        case 1:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field Certificate", wireType)
            }
            var byteLen int
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                byteLen |= int(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            if byteLen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + byteLen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            m.Certificate = append(m.Certificate[:0], dAtA[iNdEx:postIndex]...)
            if m.Certificate == nil {
                m.Certificate = []byte{}
            }
            iNdEx = postIndex
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func (m *GetUnlockKeyRequest) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: GetUnlockKeyRequest: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: GetUnlockKeyRequest: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func (m *GetUnlockKeyResponse) Unmarshal(dAtA []byte) error {
    l := len(dAtA)
    iNdEx := 0
    for iNdEx < l {
        preIndex := iNdEx
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return ErrIntOverflowCa
            }
            if iNdEx >= l {
                return io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= uint64(b&0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        fieldNum := int32(wire >> 3)
        wireType := int(wire & 0x7)
        if wireType == 4 {
            return fmt.Errorf("proto: GetUnlockKeyResponse: wiretype end group for non-group")
        }
        if fieldNum <= 0 {
            return fmt.Errorf("proto: GetUnlockKeyResponse: illegal tag %d (wire type %d)", fieldNum, wire)
        }
        switch fieldNum {
        case 1:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field UnlockKey", wireType)
            }
            var byteLen int
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                byteLen |= int(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            if byteLen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + byteLen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            m.UnlockKey = append(m.UnlockKey[:0], dAtA[iNdEx:postIndex]...)
            if m.UnlockKey == nil {
                m.UnlockKey = []byte{}
            }
            iNdEx = postIndex
        case 2:
            if wireType != 2 {
                return fmt.Errorf("proto: wrong wireType = %d for field Version", wireType)
            }
            var msglen int
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                msglen |= int(b&0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            if msglen < 0 {
                return ErrInvalidLengthCa
            }
            postIndex := iNdEx + msglen
            if postIndex < 0 {
                return ErrInvalidLengthCa
            }
            if postIndex > l {
                return io.ErrUnexpectedEOF
            }
            if err := m.Version.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
                return err
            }
            iNdEx = postIndex
        default:
            iNdEx = preIndex
            skippy, err := skipCa(dAtA[iNdEx:])
            if err != nil {
                return err
            }
            if (skippy < 0) || (iNdEx+skippy) < 0 {
                return ErrInvalidLengthCa
            }
            if (iNdEx + skippy) > l {
                return io.ErrUnexpectedEOF
            }
            iNdEx += skippy
        }
    }

    if iNdEx > l {
        return io.ErrUnexpectedEOF
    }
    return nil
}
func skipCa(dAtA []byte) (n int, err error) {
    l := len(dAtA)
    iNdEx := 0
    depth := 0
    for iNdEx < l {
        var wire uint64
        for shift := uint(0); ; shift += 7 {
            if shift >= 64 {
                return 0, ErrIntOverflowCa
            }
            if iNdEx >= l {
                return 0, io.ErrUnexpectedEOF
            }
            b := dAtA[iNdEx]
            iNdEx++
            wire |= (uint64(b) & 0x7F) << shift
            if b < 0x80 {
                break
            }
        }
        wireType := int(wire & 0x7)
        switch wireType {
        case 0:
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return 0, ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return 0, io.ErrUnexpectedEOF
                }
                iNdEx++
                if dAtA[iNdEx-1] < 0x80 {
                    break
                }
            }
        case 1:
            iNdEx += 8
        case 2:
            var length int
            for shift := uint(0); ; shift += 7 {
                if shift >= 64 {
                    return 0, ErrIntOverflowCa
                }
                if iNdEx >= l {
                    return 0, io.ErrUnexpectedEOF
                }
                b := dAtA[iNdEx]
                iNdEx++
                length |= (int(b) & 0x7F) << shift
                if b < 0x80 {
                    break
                }
            }
            if length < 0 {
                return 0, ErrInvalidLengthCa
            }
            iNdEx += length
        case 3:
            depth++
        case 4:
            if depth == 0 {
                return 0, ErrUnexpectedEndOfGroupCa
            }
            depth--
        case 5:
            iNdEx += 4
        default:
            return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
        }
        if iNdEx < 0 {
            return 0, ErrInvalidLengthCa
        }
        if depth == 0 {
            return iNdEx, nil
        }
    }
    return 0, io.ErrUnexpectedEOF
}

var (
    ErrInvalidLengthCa        = fmt.Errorf("proto: negative length found during unmarshaling")
    ErrIntOverflowCa          = fmt.Errorf("proto: integer overflow")
    ErrUnexpectedEndOfGroupCa = fmt.Errorf("proto: unexpected end of group")
)