// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package tls

import (
	"crypto/rsa"
	"io"
	"os"
)

const (
	// maxTLSCiphertext is the maximum length of a plaintext payload.
	maxTLSPlaintext = 16384
	// maxTLSCiphertext is the maximum length payload after compression and encryption.
	maxTLSCiphertext = 16384 + 2048
	// maxHandshakeMsg is the largest single handshake message that we'll buffer.
	maxHandshakeMsg = 65536
	// defaultMajor and defaultMinor are the maximum TLS version that we support.
	defaultMajor = 3
	defaultMinor = 2
)


// TLS record types.
type recordType uint8

const (
	recordTypeChangeCipherSpec recordType = 20
	recordTypeAlert            recordType = 21
	recordTypeHandshake        recordType = 22
	recordTypeApplicationData  recordType = 23
)

// TLS handshake message types.
const (
	typeClientHello       uint8 = 1
	typeServerHello       uint8 = 2
	typeCertificate       uint8 = 11
	typeServerHelloDone   uint8 = 14
	typeClientKeyExchange uint8 = 16
	typeFinished          uint8 = 20
	typeNextProtocol      uint8 = 67 // Not IANA assigned
)

// TLS cipher suites.
var (
	TLS_RSA_WITH_RC4_128_SHA uint16 = 5
)

// TLS compression types.
var (
	compressionNone uint8 = 0
)

// TLS extension numbers
var (
	extensionServerName   uint16 = 0
	extensionNextProtoNeg uint16 = 13172 // not IANA assigned
)

type ConnectionState struct {
	HandshakeComplete  bool
	CipherSuite        string
	Error              alertType
	NegotiatedProtocol string
}

// A Config structure is used to configure a TLS client or server. After one
// has been passed to a TLS function it must not be modified.
type Config struct {
	// Rand provides the source of entropy for nonces and RSA blinding.
	Rand io.Reader
	// Time returns the current time as the number of seconds since the epoch.
	Time         func() int64
	Certificates []Certificate
	RootCAs      *CASet
	// NextProtos is a list of supported, application level protocols.
	// Currently only server-side handling is supported.
	NextProtos []string
}

type Certificate struct {
	Certificate [][]byte
	PrivateKey  *rsa.PrivateKey
}

// A TLS record.
type record struct {
	contentType  recordType
	major, minor uint8
	payload      []byte
}

type handshakeMessage interface {
	marshal() []byte
}

type encryptor interface {
	// XORKeyStream xors the contents of the slice with bytes from the key stream.
	XORKeyStream(buf []byte)
}

// mutualVersion returns the protocol version to use given the advertised
// version of the peer.
func mutualVersion(theirMajor, theirMinor uint8) (major, minor uint8, ok bool) {
	// We don't deal with peers < TLS 1.0 (aka version 3.1).
	if theirMajor < 3 || theirMajor == 3 && theirMinor < 1 {
		return 0, 0, false
	}
	major = 3
	minor = 2
	if theirMinor < minor {
		minor = theirMinor
	}
	ok = true
	return
}

// A nop implements the NULL encryption and MAC algorithms.
type nop struct{}

func (nop) XORKeyStream(buf []byte) {}

func (nop) Write(buf []byte) (int, os.Error) { return len(buf), nil }

func (nop) Sum() []byte { return nil }

func (nop) Reset() {}

func (nop) Size() int { return 0 }