// Copyright 2021 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
//
//  Reference implementation utilities of OEMCrypto APIs
//
#ifndef WVOEC_UTIL_CMAC_H_
#define WVOEC_UTIL_CMAC_H_

#include <stddef.h>
#include <stdint.h>

#include <memory>
#include <vector>

#include <openssl/cmac.h>

namespace wvoec {
namespace util {
class Cmac {
 public:
  // Creates an AES-128-CMAC or an AES-256-CMAC depending on |key_size|.
  // Returns an empty pointer if the key size is not valid.
  static std::unique_ptr<Cmac> Create(const uint8_t* key, size_t key_size);
  static std::unique_ptr<Cmac> Create(const std::vector<uint8_t>& key);

  // Updates the CMAC with more data.  This allows for streaming or
  // scatter-gather based MAC generation.
  // Returns true if the data was updated successfully and false
  // if any unexpected errors occur.
  bool Update(const uint8_t* data, size_t data_length);
  bool Update(const std::vector<uint8_t>& data);
  bool Update(uint8_t datum);

  // Generates the final MAC and stores it in the |mac| output
  // parameter.
  // After finalizing, one must reset the Cmac instance before it
  // can digest additional information.
  bool Finalize(std::vector<uint8_t>* mac);
  // Similar to Finalize() except that the output is appended to
  // the end of the provided |mac| buffer.
  bool FinalizeAppend(std::vector<uint8_t>* mac);

  // Clears the underlying CMAC without clearing the key.  Resetting
  // it to its post-initialization state.
  void Reset();

  ~Cmac();

 private:
  Cmac() {}

  // Assumes |key_size| is a valid AES-128 or AES-256 key.
  bool Init(const uint8_t* key, size_t key_size);

  CMAC_CTX* ctx_ = nullptr;
  bool ready_ = false;
};
}  // namespace util
}  // namespace wvoec
#endif  // WVOEC_UTIL_CMAC_H_