# -*- Mode: Python -*-
#
# QAPI crypto definitions

##
# QCryptoTLSCredsEndpoint:
#
# The type of network endpoint that will be using the credentials.
# Most types of credential require different setup / structures
# depending on whether they will be used in a server versus a
# client.
#
# @client: the network endpoint is acting as the client
#
# @server: the network endpoint is acting as the server
#
# Since: 2.5
##
{ 'enum': 'QCryptoTLSCredsEndpoint',
  'prefix': 'QCRYPTO_TLS_CREDS_ENDPOINT',
  'data': ['client', 'server']}


##
# QCryptoSecretFormat:
#
# The data format that the secret is provided in
#
# @raw: raw bytes. When encoded in JSON only valid UTF-8 sequences can be used
# @base64: arbitrary base64 encoded binary data
# Since: 2.6
##
{ 'enum': 'QCryptoSecretFormat',
  'prefix': 'QCRYPTO_SECRET_FORMAT',
  'data': ['raw', 'base64']}


##
# QCryptoHashAlgorithm:
#
# The supported algorithms for computing content digests
#
# @md5: MD5. Should not be used in any new code, legacy compat only
# @sha1: SHA-1. Should not be used in any new code, legacy compat only
# @sha256: SHA-256. Current recommended strong hash.
# Since: 2.6
##
{ 'enum': 'QCryptoHashAlgorithm',
  'prefix': 'QCRYPTO_HASH_ALG',
  'data': ['md5', 'sha1', 'sha256']}


##
# QCryptoCipherAlgorithm:
#
# The supported algorithms for content encryption ciphers
#
# @aes-128: AES with 128 bit / 16 byte keys
# @aes-192: AES with 192 bit / 24 byte keys
# @aes-256: AES with 256 bit / 32 byte keys
# @des-rfb: RFB specific variant of single DES. Do not use except in VNC.
# Since: 2.6
##
{ 'enum': 'QCryptoCipherAlgorithm',
  'prefix': 'QCRYPTO_CIPHER_ALG',
  'data': ['aes-128', 'aes-192', 'aes-256', 'des-rfb']}


##
# QCryptoCipherMode:
#
# The supported modes for content encryption ciphers
#
# @ecb: Electronic Code Book
# @cbc: Cipher Block Chaining
# Since: 2.6
##
{ 'enum': 'QCryptoCipherMode',
  'prefix': 'QCRYPTO_CIPHER_MODE',
  'data': ['ecb', 'cbc']}