package vars

var (

	// tag

	Tag_P256Label         = "syscrypt/p256tag"         // TagLabel
	Tag_MLKem768p256Label = "syscrypt/mlkem768p256tag" // MLKemLabel
	Tag_Syscrypt1Tag1     = "syscrypt1tag1"            // LabelSyscrypt1Tag1
	Tag_MLKem768X25519    = "syscrypt/mlkem768x25519"  // MLKem768X25519
	Tag_Syscrypt1TagPq1   = "syscrypt1tagpq1"          //

	// post quantum

	Pq_PrivateKeyLabel = "SYSCRYPT-PQ-PRIVATE-KEY-" // PrivateKeyPQPrefix
	Pq_PublicKeyLabel  = "syscrypt1pq1"             // PublicKeyPQPrefix

	// plugins

	Plugin_Label           = "syscrypt-plugin-" // PluginLabel
	Plugin_PrivateKeyLabel = "SYSCRYPT-PLUGIN-" //PluginPrivateKeyLabel

	// ssh

	SSH_Label = "ssh-"

	// Github

	Github_label = "github:"

	// OAEP

	OAEP_Label = "syscrypt/base/v1/ssh-rsa" // OAEPLabel

	// ED25519

	ED25519_Label = "syscrypt/base/v1/ssh-ed25519" // ED25519Label

	// X25519

	X25519_Label = "syscrypt/base/v1/X25519" // X25519Label

	// encrypt, decrypt

	DefaultPrefixLabel           = "syscrypt--"             // DefaultPrefix
	PrivateKeyPrefixLabel        = "SYSCRYPT-PRIVATE-KEY--" // PrivateKeyPrefix
	PublicKeyPrefixLabel         = "syscrypt--"             // PublicKeyPrefix
	DefaultPrivateKeyPrefixLabel = "SYSCRYPT--"
	PQPublicKeyPrefixLabel       = "syscrypt-pq--"
	PQPrivateKeyPrefixLabel      = "SYSCRYPT-PRIVATE-KEY-PQ--"

	// Other

	SyscryptLabel        = "syscrypt/base/v1/"
	ScryptLabel          = "syscrypt/base/v1/scrypt"
	PrivateKeyHeader     = "-----BEGIN ENCRYPTED DATA-----" // PrivateKeyHeader
	PrivateKeyStartTrunc = "-----BEGIN"
	PrivateKeyEndTrunc   = "-----END"
	PrivateKeyFooter     = "-----END ENCRYPTED DATA-----" // PrivateKeyFooter
	VersionLabel         = "syscrypt/base/v1/[serial]"

	// Lock

	LockPrivateKeyStartTrunc = "-----BEGIN LOCK ENCRYPTED DATA-----"
	LockPrivateKeyEndTrunc   = "-----END LOCK ENCRYPTED DATA-----"
	LockVersionLabel         = "syscrypt/lock/v1/[serial]"
	LockedLabel              = "syscrypt/lock/"
	LockedLabelVersion       = "syscrypt/lock/v1/"

	// Anchors

	StartAnchor    = "/v1/"
	EndAnchor      = "--"
	BoundaryAnchor = []byte("---")
	FooterAnchor   = "---"
)

var (
	Version      string
	VersionFlag  bool   // version
	CommandFlag  string // -c
	ArmoredFlag  bool   // -a
	KeyFlag      string // -k
	InputFlag    string // -i
	OutputFlag   string // -o
	LockFlag     bool   // -L
	ApiFlag      string // -A
	MasterPass   string // -P
	Comment      string // -COMMENT
	StringFlag   string // -s
	PQFlag       bool   // post quantum
	KeyPath      string // -K
	FriendlyName string // -f
)

const (
	PassTagSize = 28   // 12 bytes nonce/ct + 16 bytes poly1305 tag
	KyberCTSize = 1088 // Kyber768 Ciphertext size
)

type FlagRequirement struct {
	Flag       string
	IsRequired bool
}

type ExpectedKeys struct {
	File string
}