///
/// Core crypto contract used by message/attachment pipelines.
///

/// Generic encryption/decryption contract.
///
/// Implementations include:
/// - plaintext/testing providers,
/// - CCC isolate-backed providers,
/// - native FFI-backed providers.
abstract class CryptoAbstract<T> {
  /// Human readable provider name for logs/diagnostics.
  String get providerName;

  /// True when provider does not apply real cryptographic protection.
  bool get isPlaintextMode;

  /// Encrypt typed input into bytes.
  Future<List<int>> encrypt(T input, {CryptoContext? context});

  /// Decrypt bytes back to typed data.
  Future<T> decrypt(List<int> data, {CryptoContext? context});
}

/// Per-operation context for crypto providers.
///
/// Providers that require channel-scoped or message-scoped key derivation
/// can consume these values. Plaintext/testing providers can ignore them.
class CryptoContext {
  /// Stable channel UUID used for channel-scoped keying.
  final String? channelUuid;

  /// Optional message sequence used for per-message key derivation.
  final int? messageSequence;

  /// Priority hint for provider internals.
  final bool isUserMessage;

  /// Optional channel-derived cipher sequence override.
  final List<int>? cipherSequence;

  /// Optional channel-derived cipher params override.
  final Map<String, dynamic>? cipherParams;

  const CryptoContext({
    this.channelUuid,
    this.messageSequence,
    this.isUserMessage = false,
    this.cipherSequence,
    this.cipherParams,
  });
}

CryptoProviderMode cryptoProviderModeFromString(String raw) {
  final value = raw.trim().toLowerCase();
  switch (value) {
    case 'plaintext':
      return CryptoProviderMode.plaintext;
    case 'ccc':
      return CryptoProviderMode.ccc;
    default:
      throw ArgumentError('Unsupported crypto provider mode: $raw');
  }
}

enum CryptoProviderMode {
  plaintext,
  ccc,
}