////////////////////////////////////////////////////////////////////////////////
// Copyright 2019 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////

#ifndef COMMON_KEYBOX_CLIENT_CERT_H_
#define COMMON_KEYBOX_CLIENT_CERT_H_

#include "common/client_cert.h"

namespace widevine {

//
class KeyboxClientCert : public ClientCert {
 public:
  KeyboxClientCert() {}
  ~KeyboxClientCert() override {}
  KeyboxClientCert(const KeyboxClientCert&) = delete;
  KeyboxClientCert& operator=(const KeyboxClientCert&) = delete;
  Status Initialize(const std::string& keybox_token);

  Status VerifySignature(const std::string& message,
                         const std::string& signature,
                         ProtocolVersion protocol_version) const override;

  void GenerateSigningKey(const std::string& message,
                          ProtocolVersion protocol_version) override;

  const std::string& encrypted_key() const override { return unimplemented_; }
  const std::string& key() const override { return device_key_; }
  const std::string& serial_number() const override { return serial_number_; }
  const std::string& service_id() const override { return unimplemented_; }
  const std::string& signing_key() const override { return signing_key_; }
  const std::string& signer_serial_number() const override {
    return unimplemented_;
  }
  uint32_t signer_creation_time_seconds() const override { return 0; }
  bool signed_by_provisioner() const override { return false; }
  uint32_t system_id() const override { return system_id_; }
  widevine::ClientIdentification::TokenType type() const override {
    return ClientIdentification::KEYBOX;
  }

  // Set the system-wide pre-provisioning keys; argument must be human-readable
  // hex digits.
  // Must be called before any other method of this class is called, unless
  // created by ClientCert::CreateWithPreProvisioningKey(...).
  static void SetPreProvisioningKeys(
      const std::multimap<uint32_t, std::string>& keymap);
  static bool IsSystemIdKnown(const uint32_t system_id);
  static uint32_t GetSystemId(const std::string& keybox_bytes);

 private:
  std::string unimplemented_;
  std::string device_key_;
  uint32_t system_id_;
  std::string serial_number_;
  std::string signing_key_;
};

}  // namespace widevine

#endif  // COMMON_KEYBOX_CLIENT_CERT_H_