Align Key Generation API with contract

- Update GenerateKemRequest and GenerateKemResponse JSON tags to use
snake_case.

- Update KemAlgorithm enum string representation to remove
KEM_ALGORITHM_ prefix.

- Update tests to reflect these changes.

Author: atulpatildbz

keymanager/workload_service/proto_enums.go

@@ -19,11 +19,11 @@ const (
 var (
 	kemAlgorithmToString = map[KemAlgorithm]string{
 		KemAlgorithmUnspecified:           "KEM_ALGORITHM_UNSPECIFIED",
-		KemAlgorithmDHKEMX25519HKDFSHA256: "KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256",
+		KemAlgorithmDHKEMX25519HKDFSHA256: "DHKEM_X25519_HKDF_SHA256",
 	}
 	stringToKemAlgorithm = map[string]KemAlgorithm{
-		"KEM_ALGORITHM_UNSPECIFIED":              KemAlgorithmUnspecified,
-		"KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256": KemAlgorithmDHKEMX25519HKDFSHA256,
+		"KEM_ALGORITHM_UNSPECIFIED": KemAlgorithmUnspecified,
+		"DHKEM_X25519_HKDF_SHA256":  KemAlgorithmDHKEMX25519HKDFSHA256,
 	}
 )
 

keymanager/workload_service/server.go

@@ -146,7 +146,7 @@ func (s *Server) handleGenerateKem(w http.ResponseWriter, r *http.Request) {
 		http.Error(
 			w,
 			fmt.Sprintf(
-				"unsupported algorithm: only KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256 (%d) is supported",
+				"unsupported algorithm: only DHKEM_X25519_HKDF_SHA256 (%d) is supported",
 				KemAlgorithmDHKEMX25519HKDFSHA256,
 			),
 			http.StatusBadRequest,

keymanager/workload_service/server_test.go

@@ -144,7 +144,7 @@ func TestHandleGenerateKemBadRequest(t *testing.T) {
 			body: GenerateKemRequest{Algorithm: KemAlgorithmDHKEMX25519HKDFSHA256, KeyProtectionMechanism: KeyProtectionMechanismVM, Lifespan: ProtoDuration{Seconds: 0}},
 		},
 		{
-			name: "missing algorithm (defaults to UNSPECIFIED)",
+			name: "missing algorithm (defaults to 0)",
 			body: GenerateKemRequest{KeyProtectionMechanism: KeyProtectionMechanismVM, Lifespan: ProtoDuration{Seconds: 3600}},
 		},
 	}
@@ -175,14 +175,9 @@ func TestHandleGenerateKemBadJSON(t *testing.T) {
 		body string
 	}{
 		{"not json", "not json"},
-		{"lifespan as integer", `{"algorithm":"KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256","key_protection_mechanism":"KEY_PROTECTION_VM","lifespan":3600}`},
-		{"lifespan missing s suffix", `{"algorithm":"KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256","key_protection_mechanism":"KEY_PROTECTION_VM","lifespan":"3600"}`},
-		{"lifespan negative", `{"algorithm":"KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256","key_protection_mechanism":"KEY_PROTECTION_VM","lifespan":"-1s"}`},
-		// Added tests for invalid enum strings
-		{"invalid algorithm", `{"algorithm":"INVALID","key_protection_mechanism":"KEY_PROTECTION_VM","lifespan":"3600s"}`},
-		{"invalid protection mechanism", `{"algorithm":"KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256","key_protection_mechanism":"INVALID","lifespan":"3600s"}`},
-		// Test wrong type for enums (int instead of string), if we want to enforce string only
-		{"algorithm as int", `{"algorithm":1,"key_protection_mechanism":"KEY_PROTECTION_VM","lifespan":"3600s"}`},
+		{"lifespan as integer", `{"algorithm":1,"key_protection_mechanism":2,"lifespan":3600}`},
+		{"lifespan missing s suffix", `{"algorithm":1,"key_protection_mechanism":2,"lifespan":"3600"}`},
+		{"lifespan negative", `{"algorithm":1,"key_protection_mechanism":2,"lifespan":"-1s"}`},
 	}
 
 	for _, tc := range badBodies {