import type { GenEnum, GenFile, GenMessage } from '@bufbuild/protobuf/codegenv1';
import type { Metadata } from '../common/common_pb';
import type { Message } from '@bufbuild/protobuf';
/**
 * Describes the file virtru/policy/objects.proto.
 */
export declare const file_virtru_policy_objects: GenFile;
/**
 * @generated from message virtru.policy.Certificate
 */
export type Certificate = Message<'virtru.policy.Certificate'> & {
    /**
     * @generated from field: string id = 1;
     */
    id: string;
    /**
     * @generated from field: string key_id = 2;
     */
    keyId: string;
    /**
     * @generated from field: virtru.policy.Algorithm key_algorithm = 3;
     */
    keyAlgorithm: Algorithm;
    /**
     * @generated from field: virtru.policy.KeyStatus key_status = 4;
     */
    keyStatus: KeyStatus;
    /**
     * @generated from field: string pem = 5;
     */
    pem: string;
    /**
     * The name of the certificate.
     *
     * @generated from field: string name = 6;
     */
    name: string;
    /**
     * The key mode of the certificate.
     *
     * @generated from field: virtru.policy.KeyMode key_mode = 7;
     */
    keyMode: KeyMode;
    /**
     * The fingerprint of the certificate.
     *
     * @generated from field: string fingerprint = 8;
     */
    fingerprint: string;
    /**
     * @generated from field: virtru.common.Metadata metadata = 100;
     */
    metadata?: Metadata;
};
/**
 * Describes the message virtru.policy.Certificate.
 * Use `create(CertificateSchema)` to create a new message.
 */
export declare const CertificateSchema: GenMessage<Certificate>;
/**
 * @generated from message virtru.policy.CertificateMapping
 */
export type CertificateMapping = Message<'virtru.policy.CertificateMapping'> & {
    /**
     * @generated from field: string id = 1;
     */
    id: string;
    /**
     * @generated from field: string certificate_id = 2;
     */
    certificateId: string;
    /**
     * @generated from field: string namespace_id = 3;
     */
    namespaceId: string;
    /**
     * @generated from field: virtru.common.Metadata metadata = 100;
     */
    metadata?: Metadata;
};
/**
 * Describes the message virtru.policy.CertificateMapping.
 * Use `create(CertificateMappingSchema)` to create a new message.
 */
export declare const CertificateMappingSchema: GenMessage<CertificateMapping>;
/**
 * @generated from enum virtru.policy.Algorithm
 */
export declare enum Algorithm {
    /**
     * @generated from enum value: ALGORITHM_UNSPECIFIED = 0;
     */
    UNSPECIFIED = 0,
    /**
     * @generated from enum value: ALGORITHM_RSA_2048 = 1;
     */
    RSA_2048 = 1,
    /**
     * @generated from enum value: ALGORITHM_RSA_4096 = 2;
     */
    RSA_4096 = 2,
    /**
     * @generated from enum value: ALGORITHM_EC_P256 = 3;
     */
    EC_P256 = 3,
    /**
     * @generated from enum value: ALGORITHM_EC_P384 = 4;
     */
    EC_P384 = 4,
    /**
     * @generated from enum value: ALGORITHM_EC_P521 = 5;
     */
    EC_P521 = 5
}
/**
 * Describes the enum virtru.policy.Algorithm.
 */
export declare const AlgorithmSchema: GenEnum<Algorithm>;
/**
 * @generated from enum virtru.policy.KeyStatus
 */
export declare enum KeyStatus {
    /**
     * @generated from enum value: KEY_STATUS_UNSPECIFIED = 0;
     */
    UNSPECIFIED = 0,
    /**
     * @generated from enum value: KEY_STATUS_ACTIVE = 1;
     */
    ACTIVE = 1,
    /**
     * @generated from enum value: KEY_STATUS_ROTATED = 2;
     */
    ROTATED = 2
}
/**
 * Describes the enum virtru.policy.KeyStatus.
 */
export declare const KeyStatusSchema: GenEnum<KeyStatus>;
/**
 * Describes the management and operational mode of a cryptographic key.
 *
 * @generated from enum virtru.policy.KeyMode
 */
export declare enum KeyMode {
    /**
     * KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.
     *
     * @generated from enum value: KEY_MODE_UNSPECIFIED = 0;
     */
    UNSPECIFIED = 0,
    /**
     * KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)
     * sourced from local configuration. Unwrapping and all cryptographic operations are performed locally.
     *
     * @generated from enum value: KEY_MODE_CONFIG_ROOT_KEY = 1;
     */
    CONFIG_ROOT_KEY = 1,
    /**
     * KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)
     * managed by an external provider (e.g., a Hardware Security Module or Cloud KMS).
     * Key unwrapping is delegated to the external provider; subsequent cryptographic operations
     * are performed locally using the unwrapped key.
     *
     * @generated from enum value: KEY_MODE_PROVIDER_ROOT_KEY = 2;
     */
    PROVIDER_ROOT_KEY = 2,
    /**
     * KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic
     * operations are performed by, a remote Key Management Service (KMS) or HSM.
     * The private key material never leaves the secure boundary of the remote system.
     *
     * @generated from enum value: KEY_MODE_REMOTE = 3;
     */
    REMOTE = 3,
    /**
     * KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,
     * typically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).
     * The corresponding private key is not managed or accessible by this system.
     *
     * @generated from enum value: KEY_MODE_PUBLIC_KEY_ONLY = 4;
     */
    PUBLIC_KEY_ONLY = 4
}
/**
 * Describes the enum virtru.policy.KeyMode.
 */
export declare const KeyModeSchema: GenEnum<KeyMode>;