/*
 * Copyright 2019 Contributors to the Parsec project.
 * SPDX-License-Identifier: Apache-2.0
 */
syntax = "proto3";

package psa_key_attributes;

import "psa_algorithm.proto";

message KeyAttributes {
  KeyType key_type = 1;
  uint32 key_bits = 2;
  KeyPolicy key_policy = 3;
}

message KeyType {
  message RawData {}
  message Hmac {}
  message Derive {}
  message Aes {}
  message Des {}
  message Camellia {}
  message Arc4 {}
  message Chacha20 {}
  message RsaPublicKey {}
  message RsaKeyPair {}
  message EccKeyPair { EccFamily curve_family = 1; }
  message EccPublicKey { EccFamily curve_family = 1; }
  message DhKeyPair { DhFamily group_family = 1; }
  message DhPublicKey { DhFamily group_family = 1; }
  enum EccFamily {
    ECC_FAMILY_NONE = 0; // This default variant should not be used.
    SECP_K1 = 1;
    SECP_R1 = 2;
    SECP_R2 = 3 [ deprecated = true ];
    SECT_K1 = 4; // DEPRECATED for sect163k1 curve
    SECT_R1 = 5; // DEPRECATED for sect163r1 curve
    SECT_R2 = 6 [ deprecated = true ];
    BRAINPOOL_P_R1 = 7; // DEPRECATED for brainpoolP160r1 curve
    FRP = 8;
    MONTGOMERY = 9;
  }
  enum DhFamily { RFC7919 = 0; }

  oneof variant {
    RawData raw_data = 1;
    // Symmetric keys
    Hmac hmac = 2;
    Derive derive = 3;
    Aes aes = 4;
    Des des = 5 [ deprecated = true ];
    Camellia camellia = 6;
    Arc4 arc4 = 7 [ deprecated = true ];
    Chacha20 chacha20 = 8;
    // RSA keys
    RsaPublicKey rsa_public_key = 9;
    RsaKeyPair rsa_key_pair = 10;
    // Elliptic Curve keys
    EccKeyPair ecc_key_pair = 11;
    EccPublicKey ecc_public_key = 12;
    // Finite Field Diffie Hellman keys
    DhKeyPair dh_key_pair = 13;
    DhPublicKey dh_public_key = 14;
  }
}

message KeyPolicy {
  UsageFlags key_usage_flags = 1;
  psa_algorithm.Algorithm key_algorithm = 2;
}

message UsageFlags {
  bool export = 1;
  bool copy = 2;
  bool cache = 3;
  bool encrypt = 4;
  bool decrypt = 5;
  bool sign_message = 6;
  bool verify_message = 7;
  bool sign_hash = 8;
  bool verify_hash = 9;
  bool derive = 10;
}