/* * $Id$ * * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ // This proto file is used to define the hsm key data that needs // to be persisted for the enforcer package ods.hsmkey; import "xmlext.proto"; import "orm.proto"; // hsm key info from libhsm is used to initialize some of the values // in a HsmKey object. // locator is hsm key info 'id' // bits is hsm key info 'keysize'ss // key_type is hsm key info 'algorithm_name' message HsmKey { required string locator = 1; optional bool candidate_for_sharing = 2 [default = false]; optional uint32 bits = 3 [default = 2048]; optional string policy = 4 [default = "default"]; // from kasp optional uint32 algorithm = 5 [default = 1]; // from kasp optional keyrole role = 6 [default = ZSK]; // from kasp repeated string used_by_zones = 7; // maintainted by enforcer optional uint32 inception = 8; // 'now' assigned on first use of key in any zone optional bool revoke = 9 [default = false, (orm.column).name = "isrevoked"]; optional string key_type = 10; // key type name derived from name in PKCS#11 spec e.g. CKK_RSA becomes "RSA" optional string repository = 11; // repository in which the key was found e.g. SoftHSM optional bool backmeup = 12 [default=false]; optional bool backedup = 13 [default=false]; optional bool requirebackup = 14 [default=false]; } enum keyrole { KSK = 1; ZSK = 2; CSK = 3; }