// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine Master
// License Agreement.

#ifndef OEMCRYPTO_INTERFACE_H
#define OEMCRYPTO_INTERFACE_H

#include <memory>
#include <string>
#include <vector>

#include "OEMCryptoCAS.h"
#include "crypto_key.h"

namespace wvcas {

// LoadKeysParams mirrors the parameters in the OEMCrypto API. It's purpose is
// to allow OEMCrypto_LoadKeys to be mocked. OEMCrypto_LoadKeys takes 13
// parameters as of API V14. GoogleMock allows a maximum of 10.
struct LoadKeysParams {
  OEMCrypto_SESSION session = 0;
  const uint8_t* message = nullptr;
  size_t message_length = 0;
  const uint8_t* signature = nullptr;
  size_t signature_length = 0;
  OEMCrypto_Substring enc_mac_keys_iv = {};
  OEMCrypto_Substring enc_mac_keys = {};
  size_t num_keys = 0;
  const OEMCrypto_KeyObject* key_array = nullptr;
  OEMCrypto_Substring pst = {};
  OEMCrypto_Substring srm_requirement = {};
  OEMCrypto_LicenseType license_type = OEMCrypto_ContentLicense;
};

// InputStreamParams mirrors the parameters in OEMCrypto API. The
// purpose is to allow OEMCrypto_Descramble to be mocked. OEMCrypto_Descramble
// takes 11 parameters as of API V15. GoogleMock allows a maximum of 10.
struct InputStreamParams {
  const uint8_t* data_addr;
  size_t data_length;
  bool is_encrypted;

  InputStreamParams(){};
  InputStreamParams(const uint8_t* data_addr, size_t data_length,
                    bool is_encrypted)
      : data_addr(data_addr),
        data_length(data_length),
        is_encrypted(is_encrypted) {}
};

// Calls to oemcrypto are called via this object. The purpose of this object is
// to allow OEMCrypto to be mocked. The implementation of this object only wraps
// OEMCrypto methods adding limited additional functionality. Added
// functionality is limited to adapt the input parameters to the oemcrypto api.
// Method signatures in this class can only have a maximum of 10 parameters to
// maintain compatibility with googlemock.
class OEMCryptoInterface {
 public:
  OEMCryptoInterface();
  virtual ~OEMCryptoInterface();

  virtual OEMCryptoResult OEMCrypto_Initialize(void);
  virtual OEMCryptoResult OEMCrypto_Terminate(void);
  virtual OEMCryptoResult OEMCrypto_OpenSession(
      OEMCrypto_SESSION* session) const;
  virtual OEMCryptoResult OEMCrypto_CloseSession(
      OEMCrypto_SESSION session) const;
  virtual OEMCrypto_ProvisioningMethod OEMCrypto_GetProvisioningMethod() const;
  virtual OEMCryptoResult OEMCrypto_GetKeyData(uint8_t* keyData,
                                               size_t* keyDataLength) const;
  virtual uint32_t OEMCrypto_SupportedCertificates() const;
  virtual OEMCryptoResult OEMCrypto_GenerateNonce(OEMCrypto_SESSION session,
                                                  uint32_t* nonce) const;
  virtual OEMCryptoResult OEMCrypto_GenerateDerivedKeys(
      OEMCrypto_SESSION session, const uint8_t* mac_key_context,
      uint32_t mac_key_context_length, const uint8_t* enc_key_context,
      uint32_t enc_key_context_length) const;
  virtual OEMCryptoResult OEMCrypto_PrepAndSignLicenseRequest(
      OEMCrypto_SESSION session, uint8_t* message, size_t message_length,
      size_t* core_message_size, uint8_t* signature,
      size_t* signature_length) const;
  virtual OEMCryptoResult OEMCrypto_PrepAndSignRenewalRequest(
      OEMCrypto_SESSION session, uint8_t* message, size_t message_length,
      size_t* core_message_size, uint8_t* signature,
      size_t* signature_length) const;
  virtual OEMCryptoResult OEMCrypto_PrepAndSignProvisioningRequest(
      OEMCrypto_SESSION session, uint8_t* message, size_t message_length,
      size_t* core_message_size, uint8_t* signature,
      size_t* signature_length) const;
  virtual OEMCryptoResult OEMCrypto_LoadProvisioning(
      OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
      size_t core_message_length, const uint8_t* signature,
      size_t signature_length, uint8_t* wrapped_private_key,
      size_t* wrapped_private_key_length) const;
  virtual OEMCryptoResult OEMCrypto_GetOEMPublicCertificate(
      OEMCrypto_SESSION session, uint8_t* public_cert,
      size_t* public_cert_length) const;
  virtual OEMCryptoResult OEMCrypto_LoadDRMPrivateKey(
      OEMCrypto_SESSION session, OEMCrypto_PrivateKeyType key_type,
      const uint8_t* wrapped_rsa_key, size_t wrapped_rsa_key_length) const;
  virtual OEMCryptoResult OEMCrypto_GenerateRSASignature(
      OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
      uint8_t* signature, size_t* signature_length,
      RSA_Padding_Scheme padding_scheme) const;
  virtual OEMCryptoResult OEMCrypto_DeriveKeysFromSessionKey(
      OEMCrypto_SESSION session, const uint8_t* enc_session_key,
      size_t enc_session_key_length, const uint8_t* mac_key_context,
      size_t mac_key_context_length, const uint8_t* enc_key_context,
      size_t enc_key_context_length) const;
  virtual OEMCryptoResult OEMCrypto_LoadKeys(
      const LoadKeysParams& load_key_params) const;
  virtual OEMCryptoResult OEMCrypto_LoadLicense(OEMCrypto_SESSION session,
                                                const uint8_t* message,
                                                size_t message_length,
                                                size_t core_message_length,
                                                const uint8_t* signature,
                                                size_t signature_length) const;
  virtual OEMCryptoResult OEMCrypto_LoadRenewal(OEMCrypto_SESSION session,
                                                const uint8_t* message,
                                                size_t message_length,
                                                size_t core_message_length,
                                                const uint8_t* signature,
                                                size_t signature_length) const;
  virtual OEMCryptoResult OEMCrypto_LoadCasECMKeys(
      OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
      const OEMCrypto_EntitledCasKeyObject* even_key,
      const OEMCrypto_EntitledCasKeyObject* odd_key) const;
  virtual OEMCryptoResult OEMCrypto_SelectKey(
      OEMCrypto_SESSION session, const uint8_t* content_key_id,
      size_t content_key_id_length, OEMCryptoCipherMode cipher_mode) const;
  virtual OEMCryptoResult OEMCrypto_GetHDCPCapability(
      OEMCrypto_HDCP_Capability* current, OEMCrypto_HDCP_Capability* max) const;
  virtual OEMCryptoResult OEMCrypto_RefreshKeys(
      OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
      const uint8_t* signature, size_t signature_length, size_t num_keys,
      const OEMCrypto_KeyRefreshObject* key_array);
  virtual OEMCryptoResult OEMCrypto_GetDeviceID(uint8_t* deviceID,
                                                size_t* idLength);
  virtual OEMCryptoResult OEMCrypto_LoadTestKeybox(const uint8_t* buffer,
                                                   size_t length);
  virtual const char* OEMCrypto_SecurityLevel() const;
  virtual OEMCryptoResult OEMCrypto_CreateEntitledKeySession(
      OEMCrypto_SESSION oec_session, OEMCrypto_SESSION* key_session);
  virtual OEMCryptoResult OEMCrypto_RemoveEntitledKeySession(
      OEMCrypto_SESSION key_session);
  virtual uint32_t OEMCrypto_APIVersion() const;

  OEMCryptoInterface(const OEMCryptoInterface&) = delete;
  OEMCryptoInterface& operator=(const OEMCryptoInterface&) = delete;

 private:
  class Impl;
  std::unique_ptr<Impl> impl_;
};

}  // namespace wvcas

#endif  // OEMCRYPTO_INTERFACE_H