// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine License
// Agreement.
//
// Description:
//   Declaration of classes representing AES and RSA public keys used
//   for signature verification and encryption.
//
// AES encryption details:
//   Algorithm: AES-CBC
//
// RSA signature details:
//   Algorithm: RSASSA-PSS
//   Hash algorithm: SHA1
//   Mask generation function: mgf1SHA1
//   Salt length: 20 bytes
//   Trailer field: 0xbc
//
// RSA encryption details:
//   Algorithm: RSA-OAEP
//   Mask generation function: mgf1SHA1
//   Label (encoding paramter): empty string
//
#ifndef WIDEVINE_CAS_PRIVACY_CRYPTO_H_
#define WIDEVINE_CAS_PRIVACY_CRYPTO_H_

#include <cstdint>
#include <string>

namespace wvcas {

class AesCbcKey {
 public:
  AesCbcKey();
  ~AesCbcKey();

  bool Init(const std::string& key);
  bool Encrypt(const std::string& in, const std::string& iv, std::string* out,
               bool has_padding = true);
  bool Decrypt(const std::string& in, const std::string& iv, std::string* out,
               bool has_padding = true);

 private:
  std::string key_;
};  // class AesCbcKey

class RsaPublicKey {
 public:
  RsaPublicKey();
  ~RsaPublicKey();

  // Initializes an RsaPublicKey object using a DER encoded PKCS#1 RSAPublicKey
  bool Init(const std::string& serialized_key);

  // Encrypt a message using RSA-OAEP. Caller retains ownership of all
  // parameters. Returns true if successful, false otherwise.
  bool Encrypt(const std::string& plaintext, std::string* ciphertext);

  // Verify RSASSA-PSS signature. Caller retains ownership of all parameters.
  // Returns true if validation succeeds, false otherwise.
  bool VerifySignature(const std::string& message,
                       const std::string& signature);

 private:
  std::string serialized_key_;
};  // class RsaPublicKey

/**
 * Extracts an integer value from the extensions in a certificate.
 * @param cert A PKCS7 encoded X.509 certificate chain.
 * @param extension_oid The ID of the extension to get.
 * @param cert_index The zero-based index of the certificate in the chain to
 *   fetch from.
 * @param value [OUT] Will contain the extracted value.
 * @return True on success, false on error.
 */
bool ExtractExtensionValueFromCertificate(const std::string& cert,
                                          const std::string& extension_oid,
                                          size_t cert_index, uint32_t* value);

std::string Md5Hash(const std::string& data);
std::string Sha1Hash(const std::string& data);
std::string Sha256Hash(const std::string& data);
std::string Sha512Hash(const std::string& data);
}  // namespace wvcas
#endif  // WIDEVINE_CAS_PRIVACY_CRYPTO_H_