/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

/*
 * XSEC
 *
 * DSIGSignature := Class for checking and setting up signature nodes in a DSIG signature
 *
 * Author(s): Berin Lautenbach
 *
 * $Id$
 *
 */

#ifndef DSIGSIGNEDINFO_INCLUDE
#define DSIGSIGNEDINFO_INCLUDE

// XSEC Includes
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/utils/XSECSafeBufferFormatter.hpp>
#include <xsec/dsig/DSIGConstants.hpp>
#include <xsec/dsig/DSIGReferenceList.hpp>

// Xerces Includes

XSEC_DECLARE_XERCES_CLASS(DOMDocument);
XSEC_DECLARE_XERCES_CLASS(DOMNode);
XSEC_DECLARE_XERCES_CLASS(DOMElement);

// General includes

#include <vector>

class XSECEnv;

/**
 * @ingroup pubsig
 */

/**
 * @brief Constructs and holds a SignedInfo.
 *
 * The \<SignedInfo\> node is the container for all the information
 * that is signed.  It contains the ReferenceList and information
 * on the signature and canonicalisation method for the signature.
 *
 * Generally this class should not be manipulated directly.
 *
 */

class XSEC_EXPORT DSIGSignedInfo {

public:

    /** @name Constructors and Destructors */
    //@{

    /**
     * \brief Constructor for existing nodes
     *
     * Called by the library to construct a SignedInfo in cases
     * where the DOM Nodes exist and need to be loaded
     *
     * @param doc The document containing the structure to be loaded
     * @param pFormatter A safeBuffer formatter that will translate to UTF-8
     * @param signedInfoNode The node at the top of the SignedInfo tree fragment
     * @param env Operating environment
     */

    DSIGSignedInfo(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* doc,
        XSECSafeBufferFormatter* pFormatter,
        XERCES_CPP_NAMESPACE_QUALIFIER DOMNode* signedInfoNode,
        const XSECEnv* env);


    /**
     * \brief Constructor for building from scratch
     *
     * Will set up the class in preparation for building the
     * DOM structure
     *
     * @param doc The document to use to construct
     * @param pFormatter Formatter to use to translate to UTF-8
     * @param env Operating environment
     */

    DSIGSignedInfo(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* doc,
                XSECSafeBufferFormatter* pFormatter,
                const XSECEnv* env);

    /**
     * \brief Destructor
     *
     * Delete - but does not destroy the DOM Nodes
     *
     */

    ~DSIGSignedInfo();

    //@}

    /** @name Create and Set */
    //@{

    /**
     * \brief Load from DOM
     *
     * Load the SignedInfo from the DOM Document
     *
     * Does not do any verification of signatures or references -
     * simply loads the values
     */

    void load();

    /**
     * \brief Verify the SignedInfo
     *
     * Validates each reference contained in the SignedInfo.  Does not
     * validate the signature itself - this is done by DSIGSignature
     *
     * @param errStr The safeBuffer that error messages should be written to.
     */

    bool verify(safeBuffer& errStr) const;

    /**
     * \brief Hash the reference list
     *
     * Goes through each reference in the SignedInfo (including referenced
     * manifests), performs the digest operation and adds the digest
     * to the reference element
     *
     * @param interlockingReferences Set to true if any references depend on other
     * references
     */

    void hash(bool interlockingReferences) const;

    /**
     * \brief Create an empty SignedInfo
     *
     * Creates the DOM structure for a SignedInfo
     *
     * Builds the DOM structures and sets the control
     * structures of the SignedInfo
     *
     * @param canonicalizationAlgorithmURI The canonicalisation method to set the SignedInfo as
     * @param signatureAlgorithmURI Signature Method to use
     * @param hm Hash method to use (for the SignedInfo, not the references)
     */

    XERCES_CPP_NAMESPACE_QUALIFIER DOMElement*
        createBlankSignedInfo(
            const XMLCh* canonicalizationAlgorithmURI,
            const XMLCh* signatureAlgorithmURI
        );

    /**
     * \brief Create a reference to add to the SignedInfo
     *
     * Called by DSIGSignature to create and enter a new reference element
     *
     * @param URI What the reference references
     * @param hashAlgorithmURI Digest method to use for the reference
     * @param type Reference type
     */

    DSIGReference* createReference(
        const XMLCh* URI,
        const XMLCh* hashAlgorithmURI,
        const XMLCh* type
    );

    /**
     * \brief Remove a reference from the list
     *
     * Removes the reference at the index point and returns a pointer
     * to the reference removed.
     *
     * @note This also releases ownership.  It is the responsibility of
     * the caller to ensure the reference is deleted.
     *
     * @note This removes the reference from the Signature
     *
     * @param index Point in the list to remove
     */

    DSIGReference* removeReference(DSIGReferenceList::size_type index);

    //@}

    /** @name Getter functions */
    //@{

    /**
     * \brief Get the node pointing to the top of the DOM fragment
     *
     * @returns the SignedInfo node
     */

    XERCES_CPP_NAMESPACE_QUALIFIER DOMNode* getDOMNode(void) const {return mp_signedInfoNode;}

    /**
     * \brief Get the Algorithm URI
     *
     * @returns the URI associated with the Algorithm used to generate
     * the signature
     */

    const XMLCh* getAlgorithmURI() const {return mp_algorithmURI;}

    /**
     * \brief Get the canonicalization method
     *
     * @returns Canonicalization method
     */

    const XMLCh* getCanonicalizationMethod() const {return mp_canonicalizationMethod;}

    /**
     * \brief Get HMAC length
     *
     * HMAC signatures can be truncated to a nominated length.
     * This returns the length used.
     */

    int getHMACOutputLength() const {return m_HMACOutputLength;}

    /**
     * \brief Return the list of references
     *
     * Returns a pointer to the object holding the references
     * contained in the SignedInfo
     */

    DSIGReferenceList* getReferenceList () {return mp_referenceList;}

    /**
     * \brief Return the list of references
     *
     * Returns a pointer to the object holding the references
     * contained in the SignedInfo
     */

    const DSIGReferenceList* getReferenceList () const {return mp_referenceList;}

    //@}


private:
    XSECSafeBufferFormatter* mp_formatter;
    bool m_loaded;                // Have we already loaded?
    XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* mp_doc;
    XERCES_CPP_NAMESPACE_QUALIFIER DOMNode* mp_signedInfoNode;
    const XMLCh* mp_canonicalizationMethod;
    DSIGReferenceList* mp_referenceList;
    int m_HMACOutputLength;
    const XMLCh* mp_algorithmURI;
    const XSECEnv* mp_env;

    // Not implemented constructors

    DSIGSignedInfo();
    // DSIGSignedInfo & operator= (const DSIGSignedInfo &);

};


#endif /* DSIGSIGNEDINFO_INCLUDE */