////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google Inc.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////

// ProvisioningSession internal implementation.

#ifndef PROVISIONING_SDK_INTERNAL_PROVISIONING_SESSION_IMPL_H_
#define PROVISIONING_SDK_INTERNAL_PROVISIONING_SESSION_IMPL_H_

#include <stdint.h>
#include <memory>
#include <string>
#include <utility>

#include "common/rsa_key.h"
#include "provisioning_sdk/internal/oem_device_cert.h"
#include "provisioning_sdk/internal/provisioning_engine_impl.h"
#include "provisioning_sdk/public/provisioning_status.h"
#include "protos/public/certificate_provisioning.pb.h"
#include "protos/public/client_identification.pb.h"
#include "protos/public/device_certificate.pb.h"
#include "protos/public/provisioned_device_info.pb.h"

namespace widevine {

class ProvisioningSessionImpl {
 public:
  ProvisioningSessionImpl(const ProvisioningEngineImpl& engine,
                          const OemDeviceCert& oem_device_cert,
                          const RsaPrivateKey& service_private_key);
  ~ProvisioningSessionImpl();

  // Initialize provisioning session with given public key and private key.
  ProvisioningStatus Initialize(const std::string& device_public_key,
                                const std::string& device_private_key);

  // Process a message from the client device.
  // * |message| is the message received from the client device.
  // * |response| will contain, upon successful return, a message to be sent
  //   back to the client device as a response to |message|.
  // Returns OK if successful, or an appropriate error status code otherwise.
  ProvisioningStatus ProcessMessage(const std::string& message, std::string* response);

  // * Returns a ProvisioneddeviceInfo message containing information about the
  //   type of device being provisioned. May return nullptr.
  const ProvisionedDeviceInfo* GetDeviceInfo() const {
    return device_info_.get();
  }

 private:
  friend class ProvisioningSessionImplTest;

  ProvisioningSessionImpl(const ProvisioningSessionImpl&) = delete;
  ProvisioningSessionImpl& operator=(const ProvisioningSessionImpl&) = delete;

  bool ValidateAndDeserializeRequest(const std::string& message,
                                     SignedProvisioningMessage* signed_request,
                                     ProvisioningRequest* request) const;
  bool DecryptClientIdentification(
      const EncryptedClientIdentification& encrypted_client_id,
      ClientIdentification* client_id);
  ProvisioningStatus GenerateProvisioningResponse(
      uint32_t system_id, const std::string& oem_ca_serial_number,
      const std::string& provider_id, const std::string& certificate_serial_number,
      const RsaPublicKey& cert_public_key, ProvisioningResponse* response);

  // Inject rsa_key_factory for testing.
  void set_rsa_key_factory(std::unique_ptr<RsaKeyFactory> rsa_key_factory) {
    rsa_key_factory_ = std::move(rsa_key_factory);
  }

  const ProvisioningEngineImpl& engine_;
  const OemDeviceCert& oem_device_cert_;
  const RsaPrivateKey& service_private_key_;

  std::unique_ptr<RsaKeyFactory> rsa_key_factory_;
  std::string device_public_key_;
  std::string device_private_key_;
  std::shared_ptr<ProvisionedDeviceInfo> device_info_;
};

}  // namespace widevine

#endif  // PROVISIONING_SDK_INTERNAL_PROVISIONING_SESSION_IMPL_H_