Description
When trying to add encrypted metadata into the new golang client I came across issues posting freeform metadata to kas like the spec says is possible.
Metadata associated with the TDF, and the request. The contents of the metadata are freeform, and are used to pass information from the client, and any plugins that may be in use by the KAS. The metadata stored here should not be used for primary access decisions
type Metadata struct {
Algorithm string `json:"algorithm"`
IV []byte `json:"iv"`
CipherText []byte `json:"ciphertext"`
}But it seems like now there is some structure around this metadata digging through the kas code. https://github.com/opentdf/backend/blob/main/containers/kas/kas_core/tdf3_kas_core/models/key_access/key_access_helpers_test.py#L171-L174
I feel like this is something that should be added to the spec because otherwise its another place that could make clients incompatible when building an implementation from the spec.