syntax = "proto3";

option go_package = "github.com/hashicorp/vault/sdk/physical";

package physical;

message EncryptedBlobInfo {
    bytes ciphertext = 1;
    bytes iv  = 2;
    bytes hmac = 3;
    bool wrapped = 4;
    SealKeyInfo key_info = 5;

    // Key is the Key value for the entry that corresponds to
    // physical.Entry.Key's value
    string key = 6;
}

// SealKeyInfo contains information regarding the seal used to encrypt the entry.
message SealKeyInfo {
    // Mechanism is the method used by the seal to encrypt and sign the
    // data as defined by the seal.
    uint64 Mechanism = 1;
    uint64 HMACMechanism = 2;

    // This is an opaque ID used by the seal to identify the specific
    // key to use as defined by the seal.  This could be a version, key 
    // label, or something else.
    string KeyID = 3;
    string HMACKeyID = 4;

    // These value are used when generating our own data encryption keys
    // and encrypting them using the autoseal
    bytes WrappedKey = 5;

    // Mechanism specific flags
    uint64 Flags = 6;
}