From 401726f3100bb798dfe3303e62bd813e025a959b Mon Sep 17 00:00:00 2001 From: zpencer Date: Fri, 16 Mar 2018 11:14:35 -0700 Subject: services: update channelz TLS proto to use RFC names (#4233) For context: https://github.com/grpc/proposal/pull/71 --- .../java/io/grpc/channelz/v1/ChannelzProto.java | 129 +++---- .../main/java/io/grpc/channelz/v1/Security.java | 394 ++++++++++++++------- services/src/main/proto/io/grpc/channelz.proto | 12 +- 3 files changed, 341 insertions(+), 194 deletions(-) (limited to 'services') diff --git a/services/src/generated/main/java/io/grpc/channelz/v1/ChannelzProto.java b/services/src/generated/main/java/io/grpc/channelz/v1/ChannelzProto.java index 54a3aa92c..bbe8c6125 100644 --- a/services/src/generated/main/java/io/grpc/channelz/v1/ChannelzProto.java +++ b/services/src/generated/main/java/io/grpc/channelz/v1/ChannelzProto.java @@ -276,70 +276,71 @@ public final class ChannelzProto { "\014\n\004port\030\002 \001(\005\032\036\n\nUdsAddress\022\020\n\010filename\030" + "\001 \001(\t\032A\n\014OtherAddress\022\014\n\004name\030\001 \001(\t\022#\n\005v" + "alue\030\002 \001(\0132\024.google.protobuf.AnyB\t\n\007addr" + - "ess\"\237\002\n\010Security\022*\n\003tls\030\001 \001(\0132\033.grpc.cha" + + "ess\"\270\002\n\010Security\022*\n\003tls\030\001 \001(\0132\033.grpc.cha" + "nnelz.Security.TlsH\000\0226\n\005other\030\002 \001(\0132%.gr" + - "pc.channelz.Security.OtherSecurityH\000\032b\n\003" + - "Tls\022\024\n\014key_exchange\030\001 \001(\t\022\016\n\006cipher\030\002 \001(" + - "\t\022\031\n\021local_certificate\030\003 \001(\014\022\032\n\022remote_c" + - "ertificate\030\004 \001(\014\032B\n\rOtherSecurity\022\014\n\004nam" + - "e\030\001 \001(\t\022#\n\005value\030\002 \001(\0132\024.google.protobuf" + - ".AnyB\007\n\005model\"U\n\014SocketOption\022\014\n\004name\030\001 " + - "\001(\t\022\r\n\005value\030\002 \001(\t\022(\n\nadditional\030\003 \001(\0132\024" + - ".google.protobuf.Any\"B\n\023SocketOptionTime" + - "out\022+\n\010duration\030\001 \001(\0132\031.google.protobuf." + - "Duration\"Q\n\022SocketOptionLinger\022\016\n\006active" + - "\030\001 \001(\010\022+\n\010duration\030\002 \001(\0132\031.google.protob" + - "uf.Duration\"\256\005\n\023SocketOptionTcpInfo\022\022\n\nt" + - "cpi_state\030\001 \001(\r\022\025\n\rtcpi_ca_state\030\002 \001(\r\022\030" + - "\n\020tcpi_retransmits\030\003 \001(\r\022\023\n\013tcpi_probes\030" + - "\004 \001(\r\022\024\n\014tcpi_backoff\030\005 \001(\r\022\024\n\014tcpi_opti" + - "ons\030\006 \001(\r\022\027\n\017tcpi_snd_wscale\030\007 \001(\r\022\027\n\017tc" + - "pi_rcv_wscale\030\010 \001(\r\022\020\n\010tcpi_rto\030\t \001(\r\022\020\n" + - "\010tcpi_ato\030\n \001(\r\022\024\n\014tcpi_snd_mss\030\013 \001(\r\022\024\n" + - "\014tcpi_rcv_mss\030\014 \001(\r\022\024\n\014tcpi_unacked\030\r \001(" + - "\r\022\023\n\013tcpi_sacked\030\016 \001(\r\022\021\n\ttcpi_lost\030\017 \001(" + - "\r\022\024\n\014tcpi_retrans\030\020 \001(\r\022\024\n\014tcpi_fackets\030" + - "\021 \001(\r\022\033\n\023tcpi_last_data_sent\030\022 \001(\r\022\032\n\022tc" + - "pi_last_ack_sent\030\023 \001(\r\022\033\n\023tcpi_last_data" + - "_recv\030\024 \001(\r\022\032\n\022tcpi_last_ack_recv\030\025 \001(\r\022" + - "\021\n\ttcpi_pmtu\030\026 \001(\r\022\031\n\021tcpi_rcv_ssthresh\030" + - "\027 \001(\r\022\020\n\010tcpi_rtt\030\030 \001(\r\022\023\n\013tcpi_rttvar\030\031" + - " \001(\r\022\031\n\021tcpi_snd_ssthresh\030\032 \001(\r\022\025\n\rtcpi_" + - "snd_cwnd\030\033 \001(\r\022\023\n\013tcpi_advmss\030\034 \001(\r\022\027\n\017t" + - "cpi_reordering\030\035 \001(\r\",\n\021GetServersReques" + - "t\022\027\n\017start_server_id\030\001 \001(\003\"H\n\022GetServers" + - "Response\022%\n\006server\030\001 \003(\0132\025.grpc.channelz" + - ".Server\022\013\n\003end\030\002 \001(\010\"E\n\027GetServerSockets" + - "Request\022\021\n\tserver_id\030\001 \001(\003\022\027\n\017start_sock" + - "et_id\030\002 \001(\003\"U\n\030GetServerSocketsResponse\022" + - ",\n\nsocket_ref\030\001 \003(\0132\030.grpc.channelz.Sock" + - "etRef\022\013\n\003end\030\002 \001(\010\"1\n\025GetTopChannelsRequ" + - "est\022\030\n\020start_channel_id\030\001 \001(\003\"N\n\026GetTopC" + - "hannelsResponse\022\'\n\007channel\030\001 \003(\0132\026.grpc." + - "channelz.Channel\022\013\n\003end\030\002 \001(\010\"\'\n\021GetChan" + - "nelRequest\022\022\n\nchannel_id\030\001 \001(\003\"=\n\022GetCha" + - "nnelResponse\022\'\n\007channel\030\001 \001(\0132\026.grpc.cha" + - "nnelz.Channel\"-\n\024GetSubchannelRequest\022\025\n" + - "\rsubchannel_id\030\001 \001(\003\"F\n\025GetSubchannelRes" + - "ponse\022-\n\nsubchannel\030\001 \001(\0132\031.grpc.channel" + - "z.Subchannel\"%\n\020GetSocketRequest\022\021\n\tsock" + - "et_id\030\001 \001(\003\":\n\021GetSocketResponse\022%\n\006sock" + - "et\030\001 \001(\0132\025.grpc.channelz.Socket2\240\004\n\010Chan" + - "nelz\022]\n\016GetTopChannels\022$.grpc.channelz.G" + - "etTopChannelsRequest\032%.grpc.channelz.Get" + - "TopChannelsResponse\022Q\n\nGetServers\022 .grpc" + - ".channelz.GetServersRequest\032!.grpc.chann" + - "elz.GetServersResponse\022c\n\020GetServerSocke" + - "ts\022&.grpc.channelz.GetServerSocketsReque" + - "st\032\'.grpc.channelz.GetServerSocketsRespo" + - "nse\022Q\n\nGetChannel\022 .grpc.channelz.GetCha" + - "nnelRequest\032!.grpc.channelz.GetChannelRe" + - "sponse\022Z\n\rGetSubchannel\022#.grpc.channelz." + - "GetSubchannelRequest\032$.grpc.channelz.Get" + - "SubchannelResponse\022N\n\tGetSocket\022\037.grpc.c" + - "hannelz.GetSocketRequest\032 .grpc.channelz" + - ".GetSocketResponseB&\n\023io.grpc.channelz.v" + - "1B\rChannelzProtoP\001b\006proto3" + "pc.channelz.Security.OtherSecurityH\000\032{\n\003" + + "Tls\022\027\n\rstandard_name\030\001 \001(\tH\000\022\024\n\nother_na" + + "me\030\002 \001(\tH\000\022\031\n\021local_certificate\030\003 \001(\014\022\032\n" + + "\022remote_certificate\030\004 \001(\014B\016\n\014cipher_suit" + + "e\032B\n\rOtherSecurity\022\014\n\004name\030\001 \001(\t\022#\n\005valu" + + "e\030\002 \001(\0132\024.google.protobuf.AnyB\007\n\005model\"U" + + "\n\014SocketOption\022\014\n\004name\030\001 \001(\t\022\r\n\005value\030\002 " + + "\001(\t\022(\n\nadditional\030\003 \001(\0132\024.google.protobu" + + "f.Any\"B\n\023SocketOptionTimeout\022+\n\010duration" + + "\030\001 \001(\0132\031.google.protobuf.Duration\"Q\n\022Soc" + + "ketOptionLinger\022\016\n\006active\030\001 \001(\010\022+\n\010durat" + + "ion\030\002 \001(\0132\031.google.protobuf.Duration\"\256\005\n" + + "\023SocketOptionTcpInfo\022\022\n\ntcpi_state\030\001 \001(\r" + + "\022\025\n\rtcpi_ca_state\030\002 \001(\r\022\030\n\020tcpi_retransm" + + "its\030\003 \001(\r\022\023\n\013tcpi_probes\030\004 \001(\r\022\024\n\014tcpi_b" + + "ackoff\030\005 \001(\r\022\024\n\014tcpi_options\030\006 \001(\r\022\027\n\017tc" + + "pi_snd_wscale\030\007 \001(\r\022\027\n\017tcpi_rcv_wscale\030\010" + + " \001(\r\022\020\n\010tcpi_rto\030\t \001(\r\022\020\n\010tcpi_ato\030\n \001(\r" + + "\022\024\n\014tcpi_snd_mss\030\013 \001(\r\022\024\n\014tcpi_rcv_mss\030\014" + + " \001(\r\022\024\n\014tcpi_unacked\030\r \001(\r\022\023\n\013tcpi_sacke" + + "d\030\016 \001(\r\022\021\n\ttcpi_lost\030\017 \001(\r\022\024\n\014tcpi_retra" + + "ns\030\020 \001(\r\022\024\n\014tcpi_fackets\030\021 \001(\r\022\033\n\023tcpi_l" + + "ast_data_sent\030\022 \001(\r\022\032\n\022tcpi_last_ack_sen" + + "t\030\023 \001(\r\022\033\n\023tcpi_last_data_recv\030\024 \001(\r\022\032\n\022" + + "tcpi_last_ack_recv\030\025 \001(\r\022\021\n\ttcpi_pmtu\030\026 " + + "\001(\r\022\031\n\021tcpi_rcv_ssthresh\030\027 \001(\r\022\020\n\010tcpi_r" + + "tt\030\030 \001(\r\022\023\n\013tcpi_rttvar\030\031 \001(\r\022\031\n\021tcpi_sn" + + "d_ssthresh\030\032 \001(\r\022\025\n\rtcpi_snd_cwnd\030\033 \001(\r\022" + + "\023\n\013tcpi_advmss\030\034 \001(\r\022\027\n\017tcpi_reordering\030" + + "\035 \001(\r\",\n\021GetServersRequest\022\027\n\017start_serv" + + "er_id\030\001 \001(\003\"H\n\022GetServersResponse\022%\n\006ser" + + "ver\030\001 \003(\0132\025.grpc.channelz.Server\022\013\n\003end\030" + + "\002 \001(\010\"E\n\027GetServerSocketsRequest\022\021\n\tserv" + + "er_id\030\001 \001(\003\022\027\n\017start_socket_id\030\002 \001(\003\"U\n\030" + + "GetServerSocketsResponse\022,\n\nsocket_ref\030\001" + + " \003(\0132\030.grpc.channelz.SocketRef\022\013\n\003end\030\002 " + + "\001(\010\"1\n\025GetTopChannelsRequest\022\030\n\020start_ch" + + "annel_id\030\001 \001(\003\"N\n\026GetTopChannelsResponse" + + "\022\'\n\007channel\030\001 \003(\0132\026.grpc.channelz.Channe" + + "l\022\013\n\003end\030\002 \001(\010\"\'\n\021GetChannelRequest\022\022\n\nc" + + "hannel_id\030\001 \001(\003\"=\n\022GetChannelResponse\022\'\n" + + "\007channel\030\001 \001(\0132\026.grpc.channelz.Channel\"-" + + "\n\024GetSubchannelRequest\022\025\n\rsubchannel_id\030" + + "\001 \001(\003\"F\n\025GetSubchannelResponse\022-\n\nsubcha" + + "nnel\030\001 \001(\0132\031.grpc.channelz.Subchannel\"%\n" + + "\020GetSocketRequest\022\021\n\tsocket_id\030\001 \001(\003\":\n\021" + + "GetSocketResponse\022%\n\006socket\030\001 \001(\0132\025.grpc" + + ".channelz.Socket2\240\004\n\010Channelz\022]\n\016GetTopC" + + "hannels\022$.grpc.channelz.GetTopChannelsRe" + + "quest\032%.grpc.channelz.GetTopChannelsResp" + + "onse\022Q\n\nGetServers\022 .grpc.channelz.GetSe" + + "rversRequest\032!.grpc.channelz.GetServersR" + + "esponse\022c\n\020GetServerSockets\022&.grpc.chann" + + "elz.GetServerSocketsRequest\032\'.grpc.chann" + + "elz.GetServerSocketsResponse\022Q\n\nGetChann" + + "el\022 .grpc.channelz.GetChannelRequest\032!.g" + + "rpc.channelz.GetChannelResponse\022Z\n\rGetSu" + + "bchannel\022#.grpc.channelz.GetSubchannelRe" + + "quest\032$.grpc.channelz.GetSubchannelRespo" + + "nse\022N\n\tGetSocket\022\037.grpc.channelz.GetSock" + + "etRequest\032 .grpc.channelz.GetSocketRespo" + + "nseB&\n\023io.grpc.channelz.v1B\rChannelzProt" + + "oP\001b\006proto3" }; com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner = new com.google.protobuf.Descriptors.FileDescriptor. InternalDescriptorAssigner() { @@ -470,7 +471,7 @@ public final class ChannelzProto { internal_static_grpc_channelz_Security_Tls_fieldAccessorTable = new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable( internal_static_grpc_channelz_Security_Tls_descriptor, - new java.lang.String[] { "KeyExchange", "Cipher", "LocalCertificate", "RemoteCertificate", }); + new java.lang.String[] { "StandardName", "OtherName", "LocalCertificate", "RemoteCertificate", "CipherSuite", }); internal_static_grpc_channelz_Security_OtherSecurity_descriptor = internal_static_grpc_channelz_Security_descriptor.getNestedTypes().get(1); internal_static_grpc_channelz_Security_OtherSecurity_fieldAccessorTable = new diff --git a/services/src/generated/main/java/io/grpc/channelz/v1/Security.java b/services/src/generated/main/java/io/grpc/channelz/v1/Security.java index 63084c4fa..fc9d252d9 100644 --- a/services/src/generated/main/java/io/grpc/channelz/v1/Security.java +++ b/services/src/generated/main/java/io/grpc/channelz/v1/Security.java @@ -107,39 +107,43 @@ private static final long serialVersionUID = 0L; /** * 
-     * The key exchange used.  e.g. X25519
+     * The cipher suite name in the RFC 4346 format:
+     * https://tools.ietf.org/html/rfc4346#appendix-C
      *
* - * string key_exchange = 1; + * string standard_name = 1; */ - java.lang.String getKeyExchange(); + java.lang.String getStandardName(); /** * 
-     * The key exchange used.  e.g. X25519
+     * The cipher suite name in the RFC 4346 format:
+     * https://tools.ietf.org/html/rfc4346#appendix-C
      *
* - * string key_exchange = 1; + * string standard_name = 1; */ com.google.protobuf.ByteString - getKeyExchangeBytes(); + getStandardNameBytes(); /** * 
-     * The cipher used. e.g. AES_128_GCM.
+     * Some other way to describe the cipher suite if
+     * the RFC 4346 name is not available.
      *
* - * string cipher = 2; + * string other_name = 2; */ - java.lang.String getCipher(); + java.lang.String getOtherName(); /** * 
-     * The cipher used. e.g. AES_128_GCM.
+     * Some other way to describe the cipher suite if
+     * the RFC 4346 name is not available.
      *
* - * string cipher = 2; + * string other_name = 2; */ com.google.protobuf.ByteString - getCipherBytes(); + getOtherNameBytes(); /** * 
@@ -158,6 +162,8 @@ private static final long serialVersionUID = 0L;
      * bytes remote_certificate = 4;
      */
     com.google.protobuf.ByteString getRemoteCertificate();
+
+    public io.grpc.channelz.v1.Security.Tls.CipherSuiteCase getCipherSuiteCase();
   }
   /**
    * Protobuf type {@code grpc.channelz.Security.Tls}
@@ -172,8 +178,6 @@ private static final long serialVersionUID = 0L;
       super(builder);
     }
     private Tls() {
-      keyExchange_ = "";
-      cipher_ = "";
       localCertificate_ = com.google.protobuf.ByteString.EMPTY;
       remoteCertificate_ = com.google.protobuf.ByteString.EMPTY;
     }
@@ -211,14 +215,14 @@ private static final long serialVersionUID = 0L;
             }
             case 10: {
               java.lang.String s = input.readStringRequireUtf8();
-
-              keyExchange_ = s;
+              cipherSuiteCase_ = 1;
+              cipherSuite_ = s;
               break;
             }
             case 18: {
               java.lang.String s = input.readStringRequireUtf8();
-
-              cipher_ = s;
+              cipherSuiteCase_ = 2;
+              cipherSuite_ = s;
               break;
             }
             case 26: {
@@ -255,84 +259,144 @@ private static final long serialVersionUID = 0L;
               io.grpc.channelz.v1.Security.Tls.class, io.grpc.channelz.v1.Security.Tls.Builder.class);
     }
 
-    public static final int KEY_EXCHANGE_FIELD_NUMBER = 1;
-    private volatile java.lang.Object keyExchange_;
+    private int cipherSuiteCase_ = 0;
+    private java.lang.Object cipherSuite_;
+    public enum CipherSuiteCase
+        implements com.google.protobuf.Internal.EnumLite {
+      STANDARD_NAME(1),
+      OTHER_NAME(2),
+      CIPHERSUITE_NOT_SET(0);
+      private final int value;
+      private CipherSuiteCase(int value) {
+        this.value = value;
+      }
+      /**
+       * @deprecated Use {@link #forNumber(int)} instead.
+       */
+      @java.lang.Deprecated
+      public static CipherSuiteCase valueOf(int value) {
+        return forNumber(value);
+      }
+
+      public static CipherSuiteCase forNumber(int value) {
+        switch (value) {
+          case 1: return STANDARD_NAME;
+          case 2: return OTHER_NAME;
+          case 0: return CIPHERSUITE_NOT_SET;
+          default: return null;
+        }
+      }
+      public int getNumber() {
+        return this.value;
+      }
+    };
+
+    public CipherSuiteCase
+    getCipherSuiteCase() {
+      return CipherSuiteCase.forNumber(
+          cipherSuiteCase_);
+    }
+
+    public static final int STANDARD_NAME_FIELD_NUMBER = 1;
     /**
      * 
-     * The key exchange used.  e.g. X25519
+     * The cipher suite name in the RFC 4346 format:
+     * https://tools.ietf.org/html/rfc4346#appendix-C
      * 

      *
-     * string key_exchange = 1;
+     * string standard_name = 1;
      */
-    public java.lang.String getKeyExchange() {
-      java.lang.Object ref = keyExchange_;
+    public java.lang.String getStandardName() {
+      java.lang.Object ref = "";
+      if (cipherSuiteCase_ == 1) {
+        ref = cipherSuite_;
+      }
       if (ref instanceof java.lang.String) {
         return (java.lang.String) ref;
       } else {
         com.google.protobuf.ByteString bs = 
             (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
-        keyExchange_ = s;
+        if (cipherSuiteCase_ == 1) {
+          cipherSuite_ = s;
+        }
         return s;
       }
     }
     /**
      * 
-     * The key exchange used.  e.g. X25519
+     * The cipher suite name in the RFC 4346 format:
+     * https://tools.ietf.org/html/rfc4346#appendix-C
      * 

      *
-     * string key_exchange = 1;
+     * string standard_name = 1;
      */
     public com.google.protobuf.ByteString
-        getKeyExchangeBytes() {
-      java.lang.Object ref = keyExchange_;
+        getStandardNameBytes() {
+      java.lang.Object ref = "";
+      if (cipherSuiteCase_ == 1) {
+        ref = cipherSuite_;
+      }
       if (ref instanceof java.lang.String) {
         com.google.protobuf.ByteString b = 
             com.google.protobuf.ByteString.copyFromUtf8(
                 (java.lang.String) ref);
-        keyExchange_ = b;
+        if (cipherSuiteCase_ == 1) {
+          cipherSuite_ = b;
+        }
         return b;
       } else {
         return (com.google.protobuf.ByteString) ref;
       }
     }
 
-    public static final int CIPHER_FIELD_NUMBER = 2;
-    private volatile java.lang.Object cipher_;
+    public static final int OTHER_NAME_FIELD_NUMBER = 2;
     /**
      * 
-     * The cipher used. e.g. AES_128_GCM.
+     * Some other way to describe the cipher suite if
+     * the RFC 4346 name is not available.
      * 

      *
-     * string cipher = 2;
+     * string other_name = 2;
      */
-    public java.lang.String getCipher() {
-      java.lang.Object ref = cipher_;
+    public java.lang.String getOtherName() {
+      java.lang.Object ref = "";
+      if (cipherSuiteCase_ == 2) {
+        ref = cipherSuite_;
+      }
       if (ref instanceof java.lang.String) {
         return (java.lang.String) ref;
       } else {
         com.google.protobuf.ByteString bs = 
             (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
-        cipher_ = s;
+        if (cipherSuiteCase_ == 2) {
+          cipherSuite_ = s;
+        }
         return s;
       }
     }
     /**
      * 
-     * The cipher used. e.g. AES_128_GCM.
+     * Some other way to describe the cipher suite if
+     * the RFC 4346 name is not available.
      * 

      *
-     * string cipher = 2;
+     * string other_name = 2;
      */
     public com.google.protobuf.ByteString
-        getCipherBytes() {
-      java.lang.Object ref = cipher_;
+        getOtherNameBytes() {
+      java.lang.Object ref = "";
+      if (cipherSuiteCase_ == 2) {
+        ref = cipherSuite_;
+      }
       if (ref instanceof java.lang.String) {
         com.google.protobuf.ByteString b = 
             com.google.protobuf.ByteString.copyFromUtf8(
                 (java.lang.String) ref);
-        cipher_ = b;
+        if (cipherSuiteCase_ == 2) {
+          cipherSuite_ = b;
+        }
         return b;
       } else {
         return (com.google.protobuf.ByteString) ref;
@@ -377,11 +441,11 @@ private static final long serialVersionUID = 0L;
 
     public void writeTo(com.google.protobuf.CodedOutputStream output)
                         throws java.io.IOException {
-      if (!getKeyExchangeBytes().isEmpty()) {
-        com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyExchange_);
+      if (cipherSuiteCase_ == 1) {
+        com.google.protobuf.GeneratedMessageV3.writeString(output, 1, cipherSuite_);
       }
-      if (!getCipherBytes().isEmpty()) {
-        com.google.protobuf.GeneratedMessageV3.writeString(output, 2, cipher_);
+      if (cipherSuiteCase_ == 2) {
+        com.google.protobuf.GeneratedMessageV3.writeString(output, 2, cipherSuite_);
       }
       if (!localCertificate_.isEmpty()) {
         output.writeBytes(3, localCertificate_);
@@ -397,11 +461,11 @@ private static final long serialVersionUID = 0L;
       if (size != -1) return size;
 
       size = 0;
-      if (!getKeyExchangeBytes().isEmpty()) {
-        size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyExchange_);
+      if (cipherSuiteCase_ == 1) {
+        size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, cipherSuite_);
       }
-      if (!getCipherBytes().isEmpty()) {
-        size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, cipher_);
+      if (cipherSuiteCase_ == 2) {
+        size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, cipherSuite_);
       }
       if (!localCertificate_.isEmpty()) {
         size += com.google.protobuf.CodedOutputStream
@@ -427,14 +491,25 @@ private static final long serialVersionUID = 0L;
       io.grpc.channelz.v1.Security.Tls other = (io.grpc.channelz.v1.Security.Tls) obj;
 
       boolean result = true;
-      result = result && getKeyExchange()
-          .equals(other.getKeyExchange());
-      result = result && getCipher()
-          .equals(other.getCipher());
       result = result && getLocalCertificate()
           .equals(other.getLocalCertificate());
       result = result && getRemoteCertificate()
           .equals(other.getRemoteCertificate());
+      result = result && getCipherSuiteCase().equals(
+          other.getCipherSuiteCase());
+      if (!result) return false;
+      switch (cipherSuiteCase_) {
+        case 1:
+          result = result && getStandardName()
+              .equals(other.getStandardName());
+          break;
+        case 2:
+          result = result && getOtherName()
+              .equals(other.getOtherName());
+          break;
+        case 0:
+        default:
+      }
       result = result && unknownFields.equals(other.unknownFields);
       return result;
     }
@@ -446,14 +521,22 @@ private static final long serialVersionUID = 0L;
       }
       int hash = 41;
       hash = (19 * hash) + getDescriptor().hashCode();
-      hash = (37 * hash) + KEY_EXCHANGE_FIELD_NUMBER;
-      hash = (53 * hash) + getKeyExchange().hashCode();
-      hash = (37 * hash) + CIPHER_FIELD_NUMBER;
-      hash = (53 * hash) + getCipher().hashCode();
       hash = (37 * hash) + LOCAL_CERTIFICATE_FIELD_NUMBER;
       hash = (53 * hash) + getLocalCertificate().hashCode();
       hash = (37 * hash) + REMOTE_CERTIFICATE_FIELD_NUMBER;
       hash = (53 * hash) + getRemoteCertificate().hashCode();
+      switch (cipherSuiteCase_) {
+        case 1:
+          hash = (37 * hash) + STANDARD_NAME_FIELD_NUMBER;
+          hash = (53 * hash) + getStandardName().hashCode();
+          break;
+        case 2:
+          hash = (37 * hash) + OTHER_NAME_FIELD_NUMBER;
+          hash = (53 * hash) + getOtherName().hashCode();
+          break;
+        case 0:
+        default:
+      }
       hash = (29 * hash) + unknownFields.hashCode();
       memoizedHashCode = hash;
       return hash;
@@ -583,14 +666,12 @@ private static final long serialVersionUID = 0L;
       }
       public Builder clear() {
         super.clear();
-        keyExchange_ = "";
-
-        cipher_ = "";
-
         localCertificate_ = com.google.protobuf.ByteString.EMPTY;
 
         remoteCertificate_ = com.google.protobuf.ByteString.EMPTY;
 
+        cipherSuiteCase_ = 0;
+        cipherSuite_ = null;
         return this;
       }
 
@@ -613,10 +694,15 @@ private static final long serialVersionUID = 0L;
 
       public io.grpc.channelz.v1.Security.Tls buildPartial() {
         io.grpc.channelz.v1.Security.Tls result = new io.grpc.channelz.v1.Security.Tls(this);
-        result.keyExchange_ = keyExchange_;
-        result.cipher_ = cipher_;
+        if (cipherSuiteCase_ == 1) {
+          result.cipherSuite_ = cipherSuite_;
+        }
+        if (cipherSuiteCase_ == 2) {
+          result.cipherSuite_ = cipherSuite_;
+        }
         result.localCertificate_ = localCertificate_;
         result.remoteCertificate_ = remoteCertificate_;
+        result.cipherSuiteCase_ = cipherSuiteCase_;
         onBuilt();
         return result;
       }
@@ -658,20 +744,29 @@ private static final long serialVersionUID = 0L;
 
       public Builder mergeFrom(io.grpc.channelz.v1.Security.Tls other) {
         if (other == io.grpc.channelz.v1.Security.Tls.getDefaultInstance()) return this;
-        if (!other.getKeyExchange().isEmpty()) {
-          keyExchange_ = other.keyExchange_;
-          onChanged();
-        }
-        if (!other.getCipher().isEmpty()) {
-          cipher_ = other.cipher_;
-          onChanged();
-        }
         if (other.getLocalCertificate() != com.google.protobuf.ByteString.EMPTY) {
           setLocalCertificate(other.getLocalCertificate());
         }
         if (other.getRemoteCertificate() != com.google.protobuf.ByteString.EMPTY) {
           setRemoteCertificate(other.getRemoteCertificate());
         }
+        switch (other.getCipherSuiteCase()) {
+          case STANDARD_NAME: {
+            cipherSuiteCase_ = 1;
+            cipherSuite_ = other.cipherSuite_;
+            onChanged();
+            break;
+          }
+          case OTHER_NAME: {
+            cipherSuiteCase_ = 2;
+            cipherSuite_ = other.cipherSuite_;
+            onChanged();
+            break;
+          }
+          case CIPHERSUITE_NOT_SET: {
+            break;
+          }
+        }
         this.mergeUnknownFields(other.unknownFields);
         onChanged();
         return this;
@@ -698,22 +793,42 @@ private static final long serialVersionUID = 0L;
         }
         return this;
       }
+      private int cipherSuiteCase_ = 0;
+      private java.lang.Object cipherSuite_;
+      public CipherSuiteCase
+          getCipherSuiteCase() {
+        return CipherSuiteCase.forNumber(
+            cipherSuiteCase_);
+      }
+
+      public Builder clearCipherSuite() {
+        cipherSuiteCase_ = 0;
+        cipherSuite_ = null;
+        onChanged();
+        return this;
+      }
+
 
-      private java.lang.Object keyExchange_ = "";
       /**
        * 
-       * The key exchange used.  e.g. X25519
+       * The cipher suite name in the RFC 4346 format:
+       * https://tools.ietf.org/html/rfc4346#appendix-C
        * 

        *
-       * string key_exchange = 1;
+       * string standard_name = 1;
        */
-      public java.lang.String getKeyExchange() {
-        java.lang.Object ref = keyExchange_;
+      public java.lang.String getStandardName() {
+        java.lang.Object ref = "";
+        if (cipherSuiteCase_ == 1) {
+          ref = cipherSuite_;
+        }
         if (!(ref instanceof java.lang.String)) {
           com.google.protobuf.ByteString bs =
               (com.google.protobuf.ByteString) ref;
           java.lang.String s = bs.toStringUtf8();
-          keyExchange_ = s;
+          if (cipherSuiteCase_ == 1) {
+            cipherSuite_ = s;
+          }
           return s;
         } else {
           return (java.lang.String) ref;
@@ -721,19 +836,25 @@ private static final long serialVersionUID = 0L;
       }
       /**
        * 
-       * The key exchange used.  e.g. X25519
+       * The cipher suite name in the RFC 4346 format:
+       * https://tools.ietf.org/html/rfc4346#appendix-C
        * 

        *
-       * string key_exchange = 1;
+       * string standard_name = 1;
        */
       public com.google.protobuf.ByteString
-          getKeyExchangeBytes() {
-        java.lang.Object ref = keyExchange_;
+          getStandardNameBytes() {
+        java.lang.Object ref = "";
+        if (cipherSuiteCase_ == 1) {
+          ref = cipherSuite_;
+        }
         if (ref instanceof String) {
           com.google.protobuf.ByteString b = 
               com.google.protobuf.ByteString.copyFromUtf8(
                   (java.lang.String) ref);
-          keyExchange_ = b;
+          if (cipherSuiteCase_ == 1) {
+            cipherSuite_ = b;
+          }
           return b;
         } else {
           return (com.google.protobuf.ByteString) ref;
@@ -741,68 +862,78 @@ private static final long serialVersionUID = 0L;
       }
       /**
        * 
-       * The key exchange used.  e.g. X25519
+       * The cipher suite name in the RFC 4346 format:
+       * https://tools.ietf.org/html/rfc4346#appendix-C
        * 

        *
-       * string key_exchange = 1;
+       * string standard_name = 1;
        */
-      public Builder setKeyExchange(
+      public Builder setStandardName(
           java.lang.String value) {
         if (value == null) {
     throw new NullPointerException();
   }
-  
-        keyExchange_ = value;
+  cipherSuiteCase_ = 1;
+        cipherSuite_ = value;
         onChanged();
         return this;
       }
       /**
        * 
-       * The key exchange used.  e.g. X25519
+       * The cipher suite name in the RFC 4346 format:
+       * https://tools.ietf.org/html/rfc4346#appendix-C
        * 

        *
-       * string key_exchange = 1;
+       * string standard_name = 1;
        */
-      public Builder clearKeyExchange() {
-        
-        keyExchange_ = getDefaultInstance().getKeyExchange();
-        onChanged();
+      public Builder clearStandardName() {
+        if (cipherSuiteCase_ == 1) {
+          cipherSuiteCase_ = 0;
+          cipherSuite_ = null;
+          onChanged();
+        }
         return this;
       }
       /**
        * 
-       * The key exchange used.  e.g. X25519
+       * The cipher suite name in the RFC 4346 format:
+       * https://tools.ietf.org/html/rfc4346#appendix-C
        * 

        *
-       * string key_exchange = 1;
+       * string standard_name = 1;
        */
-      public Builder setKeyExchangeBytes(
+      public Builder setStandardNameBytes(
           com.google.protobuf.ByteString value) {
         if (value == null) {
     throw new NullPointerException();
   }
   checkByteStringIsUtf8(value);
-        
-        keyExchange_ = value;
+        cipherSuiteCase_ = 1;
+        cipherSuite_ = value;
         onChanged();
         return this;
       }
 
-      private java.lang.Object cipher_ = "";
       /**
        * 
-       * The cipher used. e.g. AES_128_GCM.
+       * Some other way to describe the cipher suite if
+       * the RFC 4346 name is not available.
        * 

        *
-       * string cipher = 2;
+       * string other_name = 2;
        */
-      public java.lang.String getCipher() {
-        java.lang.Object ref = cipher_;
+      public java.lang.String getOtherName() {
+        java.lang.Object ref = "";
+        if (cipherSuiteCase_ == 2) {
+          ref = cipherSuite_;
+        }
         if (!(ref instanceof java.lang.String)) {
           com.google.protobuf.ByteString bs =
               (com.google.protobuf.ByteString) ref;
           java.lang.String s = bs.toStringUtf8();
-          cipher_ = s;
+          if (cipherSuiteCase_ == 2) {
+            cipherSuite_ = s;
+          }
           return s;
         } else {
           return (java.lang.String) ref;
@@ -810,19 +941,25 @@ private static final long serialVersionUID = 0L;
       }
       /**
        * 
-       * The cipher used. e.g. AES_128_GCM.
+       * Some other way to describe the cipher suite if
+       * the RFC 4346 name is not available.
        * 

        *
-       * string cipher = 2;
+       * string other_name = 2;
        */
       public com.google.protobuf.ByteString
-          getCipherBytes() {
-        java.lang.Object ref = cipher_;
+          getOtherNameBytes() {
+        java.lang.Object ref = "";
+        if (cipherSuiteCase_ == 2) {
+          ref = cipherSuite_;
+        }
         if (ref instanceof String) {
           com.google.protobuf.ByteString b = 
               com.google.protobuf.ByteString.copyFromUtf8(
                   (java.lang.String) ref);
-          cipher_ = b;
+          if (cipherSuiteCase_ == 2) {
+            cipherSuite_ = b;
+          }
           return b;
         } else {
           return (com.google.protobuf.ByteString) ref;
@@ -830,49 +967,54 @@ private static final long serialVersionUID = 0L;
       }
       /**
        * 
-       * The cipher used. e.g. AES_128_GCM.
+       * Some other way to describe the cipher suite if
+       * the RFC 4346 name is not available.
        * 

        *
-       * string cipher = 2;
+       * string other_name = 2;
        */
-      public Builder setCipher(
+      public Builder setOtherName(
           java.lang.String value) {
         if (value == null) {
     throw new NullPointerException();
   }
-  
-        cipher_ = value;
+  cipherSuiteCase_ = 2;
+        cipherSuite_ = value;
         onChanged();
         return this;
       }
       /**
        * 
-       * The cipher used. e.g. AES_128_GCM.
+       * Some other way to describe the cipher suite if
+       * the RFC 4346 name is not available.
        * 

        *
-       * string cipher = 2;
+       * string other_name = 2;
        */
-      public Builder clearCipher() {
-        
-        cipher_ = getDefaultInstance().getCipher();
-        onChanged();
+      public Builder clearOtherName() {
+        if (cipherSuiteCase_ == 2) {
+          cipherSuiteCase_ = 0;
+          cipherSuite_ = null;
+          onChanged();
+        }
         return this;
       }
       /**
        * 
-       * The cipher used. e.g. AES_128_GCM.
+       * Some other way to describe the cipher suite if
+       * the RFC 4346 name is not available.
        * 

        *
-       * string cipher = 2;
+       * string other_name = 2;
        */
-      public Builder setCipherBytes(
+      public Builder setOtherNameBytes(
           com.google.protobuf.ByteString value) {
         if (value == null) {
     throw new NullPointerException();
   }
   checkByteStringIsUtf8(value);
-        
-        cipher_ = value;
+        cipherSuiteCase_ = 2;
+        cipherSuite_ = value;
         onChanged();
         return this;
       }
diff --git a/services/src/main/proto/io/grpc/channelz.proto b/services/src/main/proto/io/grpc/channelz.proto
index 0f5db2296..c107cb4ab 100644
--- a/services/src/main/proto/io/grpc/channelz.proto
+++ b/services/src/main/proto/io/grpc/channelz.proto
@@ -238,10 +238,14 @@ message Address {
 
 message Security {
   message Tls {
-    // The key exchange used.  e.g. X25519
-    string key_exchange = 1;
-    // The cipher used. e.g. AES_128_GCM.
-    string cipher = 2;
+    oneof cipher_suite {
+      // The cipher suite name in the RFC 4346 format:
+      // https://tools.ietf.org/html/rfc4346#appendix-C
+      string standard_name = 1;
+      // Some other way to describe the cipher suite if
+      // the RFC 4346 name is not available.
+      string other_name = 2;
+    }
     // the certificate used by this endpoint.
     bytes local_certificate = 3;
     // the certificate used by the remote endpoint.
-- 
cgit v1.2.3