// Copyright 2012 Google Inc. All Rights Reserved.
//
// OEMCrypto Client - wrapper class for C-style OEMCrypto interface
//
#ifndef CDM_BASE_CRYPTO_SESSSION_H_
#define CDM_BASE_CRYPTO_SESSSION_H_

#include <string>
#include <map>

#include "crypto_key.h"
#include "OEMCryptoCENC.h"
#include "wv_cdm_types.h"

namespace wvcdm {

typedef std::map<CryptoKeyId,CryptoKey*> CryptoKeyMap;

class CryptoSession {
 public:
  CryptoSession();
  explicit CryptoSession(const std::string& sname);
  ~CryptoSession();

  bool Open();
  void Close();

  bool IsValid() { return valid_; }
  bool IsOpen() { return open_; }
  bool SuccessStatus();
  CryptoResult session_status() { return session_status_; }
  CryptoSessionId oec_session_id() { return oec_session_id_; }
  CdmSessionId cdm_session_id() { return cdm_session_id_; }

  // Key request/response
  void GenerateRequestId(std::string& req_id_str);
  bool PrepareRequest(const std::string& key_deriv_message,
                      std::string* signature);
  bool PrepareRenewalRequest(const std::string& message,
                             std::string* signature);
  bool LoadKeys(const std::string& message,
                const std::string& signature,
                const std::string& mac_key_iv,
                const std::string& mac_key,
                int num_keys,
                const CryptoKey* key_array);
  bool LoadCertificatePrivateKey(std::string& wrapped_key);
  bool RefreshKeys(const std::string& message,
                   const std::string& signature,
                   int num_keys,
                   const CryptoKey* key_array);
  bool GenerateNonce(uint32_t* nonce);
  bool GenerateDerivedKeys(const std::string& message);
  bool GenerateDerivedKeys(const std::string& message,
                           const std::string& session_key);
  bool GenerateSignature(const std::string& message,
                         std::string* signature);
  bool RewrapDeviceRSAKey(const std::string& message,
                          const std::string& signature,
                          const std::string& nonce,
                          const std::string& enc_rsa_key,
                          size_t enc_rsa_key_length,
                          const std::string& rsa_key_iv,
                          uint8_t* wrapped_rsa_key,
                          size_t* wrapped_rsa_key_length);

  // Media data path
  bool SelectKey(const std::string& key_id);
  CdmResponseType Decrypt(bool is_encrypted,
                          bool is_secure,
                          const uint8_t* encrypt_buffer,
                          size_t encrypt_length,
                          const std::vector<uint8_t>& iv,
                          size_t block_offset,
                          void* decrypt_buffer,
                          size_t decrypt_buffer_offset,
                          bool is_video);

 private:
  static const size_t kSignatureSize = 32; // size for HMAC-SHA256 signature

  void GenerateMacContext(const std::string& input_context,
                          std::string* deriv_context);
  void GenerateEncryptContext(const std::string& input_context,
                              std::string* deriv_context);
  size_t GetOffset(std::string message, std::string field);
  bool SetDestinationBufferType();

  bool valid_;
  bool open_;
  CdmSessionId cdm_session_id_;
  CryptoSessionId oec_session_id_;
  CryptoResult session_status_;

  OEMCryptoBufferType destination_buffer_type_;
  bool is_destination_buffer_type_valid_;

  CryptoKeyMap keys_;

  CORE_DISALLOW_COPY_AND_ASSIGN(CryptoSession);
};

}; // namespace wvcdm

#endif  // CDM_BASE_CRYPTO_SESSSION_H_