/*
 Copyright 2005 Matthew J. Battey

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software distributed
	under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
	CONDITIONS OF ANY KIND, either express or implied. See the License for the
	specific language governing permissions and limitations under the License.




This software implements a platform independent C++ interface to TCP/IP socket
communications.
*/
#ifndef _SSLSOCKET_H_
#define _SSLSOCKET_H_

#include "tcpsocket.h"
#include <string>
#include <exception>

namespace tcpsocket {

struct SSLSocketData;

struct X509Data;

/**
An exception thrown by the SSLSocket class.  This exception
is generated in response to an error generated by the SSL library.
*/
class SSLSocketException : public SocketException {
public:
	/**
	Default Constructor
	*/
    SSLSocketException() throw() {
	}
	/**
	Constructs from a string message
	@param error The error to be represented in this exception
	*/
    SSLSocketException(const char* error)  throw() {
		_what = error;
	}
	/**
	Copy constructor.
	@param src the source exception
	*/
    SSLSocketException(const std::exception& src) throw() {
		*this = src;
	}
	/**
	Copy operator.
	@param src Source object
	@return A reference to this object
	*/
    std::exception& operator= (const std::exception& src) throw() {
		_what = src.what();
		return  *this;
	}
	/**
	Destructor
	*/
    virtual ~SSLSocketException() throw () {
	}
	/**
	Provides the error message.
	@return The error message
	*/
    virtual const char* what() const throw() {
		return _what.c_str();
	}

protected:
	std::string	_what;
};


/**
Represents an X509 Certificate object.  This object provides access to
an X509 certificate object.
*/
class X509Certificate 
{
public:
	X509Certificate(const X509Data* certificate);
	virtual ~X509Certificate();

	std::string			getSerialNumber();
	std::string			getIssuerName();
	std::string			getSubjectName();
	std::string			getNotBefore();
	std::string			getNotAfter();

	void* getX509();

	std::string			toString();
protected:
	X509Data*	certificate;
};


/**
Implements a Secure Sockets Layer socket connection.
*/
class SSLSocket : public Socket
{
public:
	/// An enumeration of SLL versions to use with the <code>SSLSocket</code>
	enum ssl_ver { 
		/// No SSL Version
		none, 
		/// Use SSLv2 when communicating
		sslv2, 
		/// Use SSLv3 when communicating, note the server/client must also use only SSLv3
		sslv3, 
		/// Use SSLv2 or SSLv3 when communicating, communications will start in SSLv2 and then be negotiated to SSLv3 when using OpenSSL
		sslv23 };

	/// An enumeration of SSL Certificate/Private Key file types
	enum file_type {
		/// PEM file type
		ssl_pem, 
		/// ASN1 file type
		ssl_asn1};

	/// An enumeration SSL Conneciton types indicating whether the object will be used as a client or server
	enum con_type { 
		/// A client connection
		con_client, 
		/// A server connection
		con_server };

	explicit SSLSocket();
	explicit SSLSocket(int socket_handle, con_type type=con_client, ssl_ver version=sslv23);
	explicit SSLSocket(int socket_handle, SSLSocketData* pData, con_type type=con_server) throw (SSLSocketException);

	SSLSocket(const SSLSocket& s);
	explicit SSLSocket(const char* host, short port, ssl_ver version=sslv23) throw (SSLSocketException,SocketException);
	virtual ~SSLSocket();
	SSLSocket& operator=(const SSLSocket& s);
	
	virtual size_t send(const char* sendBuffer, size_t length)	throw (SSLSocketException);
	virtual size_t receive(char* readBuffer, size_t length)		throw (SSLSocketException);
	virtual size_t receiveSome(char* readBuffer, size_t length)	throw (SSLSocketException);
	virtual void close() throw (SocketException);

	virtual Socket* clone() const;

	virtual bool setCertificateFile(const char* fname, file_type type);
	virtual bool setPrivateKeyFile(const char* fname, file_type type);
	
	virtual X509Certificate* getPeerCertificate();
	virtual int getVerifyResult();

	virtual std::string getErrorMessage();

	virtual void* getSSL();
	virtual void* getCTX();

protected:
	void init();
	void init_ssl(ssl_ver version);

	SSLSocketData*	pdata;
};

/**
Implements a Secure Sockets Layer server socket.
*/
class SSLServerSocket : protected SSLSocket
{
public:

	SSLServerSocket(short bindPort, ssl_ver version=sslv23, unsigned long bindAddress = INADDR_ANY, int listenerBacklog = 5) throw (SocketException);
	SSLServerSocket(short bindPort, const char* key_file, file_type key_type, const char* cert_file, file_type cert_type, ssl_ver version=sslv23, unsigned long bindAddress = INADDR_ANY, int listenerBacklog = 5) throw (SocketException);
	virtual ~SSLServerSocket() throw (SocketException);

	SSLSocket acceptConnection() throw (SocketException);
	void close() throw (SocketException);
	void enableVerification();

	virtual bool setCertificateFile(const char* fname, file_type type);
	virtual bool setPrivateKeyFile(const char* fname, file_type type);
	virtual void* getCTX();
protected:
	void init(short bindPort, ssl_ver version, unsigned long bindAddress, int listenerBacklog) throw (SocketException);
	void init_ssl(SSLSocket::ssl_ver version);
};

}

#endif