/*
 * Copyright (C) 2016 Samsung Electronics. Co. Ltd,
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef __SKPM_TLS_H__
#define __SKPM_TLS_H__

#include "tz_log.h"
#include "platform.h"
#include "crypto_module.h"

#define TLS_MASTER_SECRET_SIZE                  48
#define TLS_KEY_BLOB_SIZE                       256

#define SSL_MAX_CONTENT_LEN                     16384   /**< Size of the input / output buffer */

#define MBEDTLS_MODE_GCM                        6
#define MBEDTLS_MODE_CCM                        8

typedef struct tls_session_info_st {
    rsa_key_t serviceRsaKey;

    ecc_key_t clientkey;
    uint8_t serverPubkey[ECC_PUBKEY_SIZE];

    uint8_t preMasterKey[ECC_SECRET_SIZE];
    uint8_t masterSecretKey[TLS_MASTER_SECRET_SIZE];
    uint8_t keyBlobs[TLS_KEY_BLOB_SIZE];
    
    uint32_t tlsKeyLen;
    uint32_t tlsFixed_ivlen;
    uint32_t tlsMinLen;
    uint32_t tlsIvLen;
    uint32_t tlsMacLen;

    uint8_t cipher_enc_key[AES_256_KEY_SIZE];
    uint8_t cipher_dec_key[AES_256_KEY_SIZE];

    uint8_t mac_enc_key[SHA1_DIGEST_SIZE];
    uint8_t mac_dec_key[SHA1_DIGEST_SIZE];

    uint8_t iv_enc[AES_BLOCK_SIZE];           /*!<  IV (encryption)         */
    uint8_t iv_dec[AES_BLOCK_SIZE];           /*!<  IV (decryption)         */

#ifdef SUPPORT_GUARDIAN_M
    uint8_t isGuardianM;
#endif
} tls_session_info_t, *p_tls_session_info_t;


// SKPM OTA Provisining
void setTlsSessionServerPubkey(p_cmd_t cmd, p_rsp_t rsp);
void getTlsSessionClientPubkey(p_cmd_t cmd, p_rsp_t rsp);

void generateTlsSessionPremasterKey(p_cmd_t cmd, p_rsp_t rsp);
void generateTlsSessionMasterSecretKey(p_cmd_t cmd, p_rsp_t rsp);
void generateTlsSessionKeyBlobs(p_cmd_t cmd, p_rsp_t rsp);
void generateTlsSessionFinishHash(p_cmd_t cmd, p_rsp_t rsp);

void setTlsSessionKeyInfos(p_cmd_t cmd, p_rsp_t rsp);
void generateTlsSessionCipherAndMacKeys(p_cmd_t cmd, p_rsp_t rsp);

void encryptTlsSessionBuf(p_cmd_t cmd, p_rsp_t rsp);
void decryptTlsSessionBuf(p_cmd_t cmd, p_rsp_t rsp);

void signWithClientKey(p_cmd_t cmd, p_rsp_t rsp);

#endif