/*! \file piauth.h
 * \brief PIP Authentication API
*/
/*
	PIP - Platform Independent Primitives
	PIP Authentication API
	Copyright (C) 2018 Andrey Bychkov work.a.b@yandex.ru

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

#ifndef PIAUTH_H
#define PIAUTH_H

#include "piobject.h"
#include "picrypt.h"


class PIP_EXPORT PIAuth : public PIObject
{
	PIOBJECT(PIAuth)
public:
	enum Role {Client, Server};
	enum State {NotConnected, AuthProbe, PassRequest, AuthReply, KeyExchange, Connected};

	PIAuth(const PIByteArray & sign);

	void setInfoData(const PIByteArray & info_) {info = info_;}
	void setAuthorizedPublicKeys(const PIVector<PIByteArray> & pkeys) {auth_pkeys = pkeys;}
	PIVector<PIByteArray> getAuthorizedPublicKeys() {return auth_pkeys;}
	PIByteArray getSignPublicKey() {return sign_pk;}


	void stop();
	void startClient();
	PIByteArray startServer();
	State receive(PIByteArray & ba);
	PIByteArray getSecretKey();


	static PIByteArray generateSign(const PIByteArray & seed);

	EVENT(disconnected)
	EVENT(connected)
	EVENT2(authorize, PIByteArray, data, bool *, ok)
	EVENT1(passwordRequest, PIString *, pass)
	EVENT2(passwordCheck, PIByteArray, phash, bool *, ok)


	//EVENT_HANDLER1(void, received, PIByteArray, data);

private:
	State disconnect(PIByteArray & ba, const PIString & error = PIString());
	bool isAuthorizedKey(const PIByteArray & pkey);

	PIByteArray createSKMessage();

	Role role;
	State state;
	PIByteArray info;
	PICrypt crypt;
	PIByteArray sign_sk, sign_pk;
	PIByteArray auth_sign;
	PIByteArray box_sk, box_pk;
	PIByteArray my_pk;
	PIByteArray secret_key;
	PIVector<PIByteArray> auth_pkeys;
};

#endif // PIAUTH_H