////////////////////////////////////////////////////////////////////////////////
// Copyright 2019 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////
//
// Description:
//   Classes for generating and decrypting the root of trust id which is
//   included in generated DRM Certificates.

#ifndef COMMON_ROT_ID_GENERATOR_H_
#define COMMON_ROT_ID_GENERATOR_H_

#include <memory>
#include <utility>

#include <cstdint>
#include "common/ecies_crypto.h"
#include "common/rot_id_util.h"
#include "common/status.h"
#include "protos/public/drm_certificate.pb.h"

namespace widevine {

// The RootOfTrustIdGenerator is used to create a root of trust id that is
// associated with the keybox or OEM X.509 certificate that was used as
// authentication during provisioning.
class RootOfTrustIdGenerator {
 public:
  // The constructor for creating the RootOfTrustIdGenerator. |ecies_encryptor|
  // is used to encrypt the unique identifier. It must not be null.  The
  // |wv_shared_salt| is a secret salt used in creating the hash
  // component of the Root of Trust Id. The secret salt is stored securely. The
  // same value is used as part of generating all Root of Trust Ids.
  // The |wv_shared_salt| is also used for creating the unique id hash
  // values. The unique id hash values identify revoked devices and are
  // published in the DCSL and consumed by the License SDK.
  RootOfTrustIdGenerator(std::unique_ptr<EciesEncryptor> ecies_encryptor,
                         const std::string& wv_shared_salt)
      : ecies_encryptor_(std::move(ecies_encryptor)),
        wv_shared_salt_(std::move(wv_shared_salt)) {}

  virtual ~RootOfTrustIdGenerator() {}

  // Creates the root of trust identifier. This fills the fields of the
  // |root_of_trust_id|. The fields are generated per the spec at go/wv-kb-id.
  // The |system_id| is required and must match the system id to which the
  // |unique_id| belongs.
  // Returns INVALID_ARGUMENT if |system_id| is 0, |unique_id| is empty.
  // |roof_of_trust_id| is owned by the caller and must not be null.
  virtual Status Generate(uint32_t system_id, const std::string& unique_id,
                          RootOfTrustId* root_of_trust_id) const;

  // Generates the hash of the |unique_id| per the spec in go/wv-kb-id. This
  // unique id hash (aka inner hash) is the identifier used when revoking an
  // individual device.  The result of this hash is one of the values used to
  // generate Root of Trust Id Hash.
  // |unique_id| should not be empty. If it is, an empty hash
  // is returned.
  std::string GenerateUniqueIdHash(const std::string& unique_id) const;

 private:
  std::unique_ptr<EciesEncryptor> ecies_encryptor_;
  std::string wv_shared_salt_;
};

// The RootOfTrustIdDecryptor is used to decrypt the root of trust id. It
// requires an |ecies_decryptor| which must use the private key that matches
// the public key used with the RootOfTrustIdGenerator. |ecies_decryptor|
// must not be null. The RootOfTrustIdDecryptor will take ownership.
class RootOfTrustIdDecryptor {
 public:
  explicit RootOfTrustIdDecryptor(
      std::unique_ptr<EciesDecryptor> ecies_decryptor,
      const std::string& wv_shared_salt)
      : ecies_decryptor_(std::move(ecies_decryptor)),
        wv_shared_salt_(wv_shared_salt) {}

  // Decrypts the |rot_encrypted_id| using the |system_id| as part of the
  // context. |unique_id| contains the decrypted value on success.
  // |rot_encrypted_id| must not be empty. |unique_id| must not be null.
  // Returns true on success, false on failure.
  Status DecryptUniqueId(uint32_t system_id, const std::string& rot_encrypted_id,
                         std::string* unique_id) const;

  // Decrypts the encrypted id within the |root_of_trust_id|, extacting the
  // |device_unique_id|, and generating the |device_unique_id_hash|. It then
  // generates the rot id revocation hash and verifies that it matches the
  // unique_id_hash from the root_of_trust_id.
  Status VerifyAndExtractAllValues(uint32_t system_id,
                                   const RootOfTrustId& root_of_trust_id,
                                   std::string* device_unique_id,
                                   std::string* device_unique_id_hash) const;

 private:
  std::unique_ptr<EciesDecryptor> ecies_decryptor_;
  std::string wv_shared_salt_;
};

}  // namespace widevine
#endif  // COMMON_ROT_ID_GENERATOR_H_