#include <SFNUL/TlsConnection.hpp>

#include <SFNUL/ConfigInternal.hpp>

#include <SFNUL/Concurrency.hpp>

#include <SFNUL/MakeUnique.hpp>

#include <botan/tls_client.h>

#include <botan/tls_server.h>

#include <botan/data_src.h>

#include <botan/pkcs8.h>

#include <botan/auto_rng.h>

#include <botan/init.h>

namespace {

struct TlsCertificateMaker : public sfn::TlsCertificate {};

struct TlsKeyMaker : public sfn::TlsKey {};

class TlsPolicy : public Botan::TLS::Policy {

};

}

namespace sfn {

class TlsResource::LibraryImpl {

Botan::AutoSeeded_RNG rng;

TlsPolicy tls_policy;

static std::weak_ptr<LibraryImpl> library;

};

std::weak_ptr<TlsResource::LibraryImpl> TlsResource::LibraryImpl::library{};

TlsResource::TlsResource() :

}

class TlsCertificate::TlsCertificateImpl {

TlsCertificateImpl( Botan::X509_Certificate the_certificate ) : certificate{ the_certificate } {}

Botan::X509_Certificate certificate;

};

TlsCertificate::TlsCertificate() = default;

TlsCertificate::~TlsCertificate() = default;

TlsCertificate::Ptr TlsCertificate::Create( const std::string& certificate ) {

}

void TlsCertificate::LoadCertificate( const std::string& certificate ) {

Botan::DataSource_Memory data_source{ certificate };

m_impl = make_unique<TlsCertificateImpl>( Botan::X509_Certificate( data_source ) );

}

class TlsKey::TlsKeyImpl {

Botan::Private_Key* key;

};

TlsKey::TlsKey() :

m_impl{ make_unique<TlsKeyImpl>() }

{

}

TlsKey::~TlsKey() = default;

TlsKey::Ptr TlsKey::Create( const std::string& key, const std::string& password ) {

}

void TlsKey::LoadKey( const std::string& key, const std::string& password ) {

Botan::DataSource_Memory data_source{ key };

m_impl->key = Botan::PKCS8::load_key( data_source, m_library->rng, password );

}

class TlsConnectionBase::TlsConnectionBaseImpl : public Botan::Credentials_Manager, public Botan::TLS::Callbacks {

TlsConnectionBaseImpl( Botan::RandomNumberGenerator& the_rng ) : session_manager{ the_rng }, rng{ &the_rng } {}

std::vector<Botan::Certificate_Store*> trusted_certificate_authorities( const std::string& type, const std::string& /*context*/ ) override {

}

std::vector<Botan::X509_Certificate> cert_chain( const std::vector<std::string>& cert_key_types, const std::string& /*type*/, const std::string& /*context*/ ) override {

}

Botan::Private_Key* private_key_for( const Botan::X509_Certificate& /*cert*/, const std::string& /*type*/, const std::string& /*context*/ ) override {

if( key && key->m_impl->key ) {

return key->m_impl->key;

}

ErrorMessage() << "No private key loaded for certificate.\n";

return nullptr;

// TODO

}

Botan::SymmetricKey psk( const std::string& type, const std::string& context, const std::string& identity ) override {

}

std::string psk_identity( const std::string& /*type*/, const std::string& /*context*/, const std::string& /*identity_hint*/ ) override {

return "";

// TODO

}

std::string psk_identity_hint( const std::string& /*type*/, const std::string& /*context*/ ) override {

return "";

// TODO

}

bool attempt_srp( const std::string& /*type*/, const std::string& /*context*/ ) override {

return false;

// TODO

}

std::string srp_identifier( const std::string& /*type*/, const std::string& /*context*/ ) override {

return "";

// TODO

}

std::string srp_password( const std::string& /*type*/, const std::string& /*context*/, const std::string& /*identifier*/ ) override {

return "";

// TODO

}

bool srp_verifier( const std::string& /*type*/, const std::string& /*context*/, const std::string& /*identifier*/, std::string& /*group_name*/, Botan::BigInt& /*verifier*/, std::vector<unsigned char>& /*salt*/, bool /*generate_fake_on_unknown*/ ) override {

return false;

// TODO

}

void tls_emit_data( const uint8_t data[], size_t size ) override {

}

void tls_record_received( uint64_t, const uint8_t data[], size_t size ) override {

}

void tls_alert( Botan::TLS::Alert alert ) override {

}

bool tls_session_established( const Botan::TLS::Session& session ) override {

}

void tls_verify_cert_chain( const std::vector<Botan::X509_Certificate>& cert_chain, const std::vector<std::shared_ptr<const Botan::OCSP::Response>>& ocsp_responses, const std::vector<Botan::Certificate_Store*>& trusted_roots, Botan::Usage_Type usage, const std::string& hostname, const Botan::TLS::Policy& policy ) override {

}

OutputFunction output_callback;

DataFunction data_callback;

AlertFunction alert_callback;

HandshakeFunction handshake_callback;

std::vector<std::unique_ptr<Botan::Certificate_Store_In_Memory>> certificate_stores;

TlsVerificationResult last_verification_result{ TlsVerificationResult::NotTrusted };

Botan::SymmetricKey session_ticket_key;

Botan::TLS::Session_Manager_In_Memory session_manager;

TlsCertificate::Ptr server_cert;

TlsKey::Ptr key;

std::string common_name;

Botan::RandomNumberGenerator* rng;

std::unique_ptr<Botan::TLS::Channel> endpoint;

std::vector<unsigned char> pre_cert_receive_buffer;

};

TlsConnectionBase::TlsConnectionBase( TlsEndpointType type, TlsVerificationType verify ) :

}

TlsConnectionBase::~TlsConnectionBase() = default;

void TlsConnectionBase::AddTrustedCertificate( TlsCertificate::Ptr certificate ) {

}

void TlsConnectionBase::SetPeerCommonName( const std::string& name ) {

m_impl->common_name = name;

}

void TlsConnectionBase::SetCertificateKeyPair( TlsCertificate::Ptr certificate, TlsKey::Ptr key ) {

}

TlsVerificationResult TlsConnectionBase::GetVerificationResult() const {

return m_impl->last_verification_result;

}

void TlsConnectionBase::SetEndpoint( TlsEndpointType type, OutputFunction output_callback, DataFunction data_callback, AlertFunction alert_callback, HandshakeFunction handshake_callback ) {

}

bool TlsConnectionBase::EndpointIsActive() const {

return m_impl->endpoint && m_impl->endpoint->is_active();

}

void TlsConnectionBase::CloseEndpoint() {

}

void TlsConnectionBase::ResetEndpoint() {

m_impl->endpoint.reset();

}

void TlsConnectionBase::EndpointSend( const unsigned char* data, std::size_t size ) {

}

void TlsConnectionBase::EndpointReceive( const unsigned char* data, std::size_t size ) {

}

}