/***
    Copyright (C) 2021 J Reece Wilson (a/k/a "Reece"). All rights reserved.

    File: X509.hpp
    Date: 2021-6-11
    Author: Reece
***/
#pragma once

#include "ESignatureAlgorithm.hpp"

namespace Aurora::Crypto::X509
{
    // yes, these structure completely disregards the principles of the x509 structure and the rationales behind certain extensions
    // however, this is not intended to be a grandiose TLS stack
    // 
    // PKSC#1 and #8, and x509 extensions (ie: rfc5280 key-ids, v3 exts) are not supported in our deps
    // we had to reimplement them ourselves >:(
    // lets worry about the more important issues

    struct CertName
    {
        AuString commonName;   // Tbs

        AuString department;   // Tbs
        AuString organization; // Tbs
        AuString state;        // Tbs
        AuString countryCode;  // Tbs

        AuString name;         // Tbs
        AuString email;        // Tbs
        AuString title;        // Tbs
    };

    struct DecodedCertificate
    {
        // TODO:
        //SignatureAlgorithm signature;
        struct Issuer : CertName
        {
            Memory::ByteBuffer id;
        } issuer;
        struct Subject : CertName
        {
            Memory::ByteBuffer id;
        } subject;
        struct Vaildity            // Tbs
        {                          // Tbs
            AuUInt issued;         // Tbs
            AuUInt expire;         // Tbs
        } validity;                // Tbs
        AuList<AuUInt8> serialNumber; // Tbs
        AuList<AuUInt8> algorithmOid; // Tbs
        // TODO: usage             // extension
        AuList<AuString> AIAs;
        // TODO: AuString CRL;
        // TODO: AuList<String> subjectNames;
    };

    AUKN_SYM bool Decode(const Certificate &der, DecodedCertificate &out);
    AUKN_SYM bool Validate(const Certificate &der, const Certificate &parentDer);
}