// Copyright (c) 2013-2015 IONU Security, Inc. All rights reserved
//
// Encrypted DB class for off-line cache and other local database storage

#ifndef eyeencrypteddb_h
#define eyeencrypteddb_h

#include <map>
#include <string>
#include <openssl/evp.h>
#include "eyedb.h"

#ifndef LIBEYE_DLL
#ifdef WIN32
#  ifdef DLLEXPORT
#    define LIBEYE_DLL __declspec(dllexport)
#  else
#    define LIBEYE_DLL __declspec(dllimport)
#  endif
#else
#define LIBEYE_DLL
#endif
#endif

namespace sequencelogic {

class EyeEncryptedDB: public EyeDB {
 public:
    /**
    * @constructor
    * @param filename of the database
    * @param key 256 bit AES key
    */
    LIBEYE_DLL EyeEncryptedDB (const std::string& filename, const unsigned char* key);

    LIBEYE_DLL ~EyeEncryptedDB ();

    // Missing or invalid key provided will result in get/put/remove failures
    bool IsOpen() { return _DEK != NULL; }

    /**
    * Put a key value pair in specified table (CREATE TABLE IF NOT EXISTS, INSERT OR REPLACE INTO)
    * @param collection name of table
    * @param key index
    * @param value
    * @return true for success
    */
    LIBEYE_DLL bool Put (const std::string& collection, const std::string& key, const std::string& value);

    /**
    * Puts a set of key value pairs (CREATE TABLE IF NOT EXISTS, INSERT OR REPLACE INTO)
    * @param collection name of table
    * @param entries map of key value pairs
    * @param remove when true deletes existing values
    * @return true for success
    */
    LIBEYE_DLL bool PutAll (const std::string& collection, const std::map<std::string, std::string>& entries, bool remove);

    /**
    * Gets the value for specified key
    * @param collection name of table
    * @param key index
    * @return string value or nullptr
    */
    LIBEYE_DLL char* Get (const std::string& collection, const std::string& key);

    /**
    * Gets a set of key value pairs
    * @param collection name of table
    * @return entries map of key value pairs
    */
    LIBEYE_DLL STRING_STRING_MAP GetAll (const std::string& collection);

    /**
    * Remove a key value pair from table
    * @param collection name of table
    * @param key index
    * @return true if removed
    */
    LIBEYE_DLL bool Remove (const std::string& collection, const std::string& key);

    /**
    * Remove a table from database
    * @param collection name of table
    * @return true if removed
    */
    LIBEYE_DLL bool Remove (const std::string& collection);

    /**
     * Rekey the DEK with a new TGI (master) key
     * @param newTGIkey 256 bit TGI key
     * @return true if rekey operation was successful
     */
    LIBEYE_DLL bool ReKey (const unsigned char* newTGIkey);

    /**
    * Debug dump collection from database
    */
    LIBEYE_DLL void Dump (const std::string& collection);

 private:
    std::string _filename;
    unsigned char* _DEK;               // Database Encryption Key (table key)
    unsigned char* _IV;                // Initialization vector
    EVP_CIPHER_CTX _ctx;               // Encryption context
};

} //namespce ionu
#endif