#ifndef PASSWORDMANAGER_H
#define PASSWORDMANAGER_H

#include "Expected.h"
#include <string>

#include <botan/botan.h>
#include <botan/symkey.h>

#include <map>

struct StrengthenedKey {
	Botan::SymmetricKey cipher_key;
	Botan::SymmetricKey mac_key;
	Botan::InitializationVector iv;

	StrengthenedKey() {}
	StrengthenedKey(const Botan::SymmetricKey &ck, const Botan::SymmetricKey &mk,
					const Botan::InitializationVector &i)
		: cipher_key(ck)
		, mac_key(mk)
		, iv(i)
	{}
};


class PasswordManager {
public:

//	static PasswordManager create(const std::string &file_name);

	explicit PasswordManager(int iterations = 8192);
	/** Unlocks the passwords of the connections.
	 *
	 * \return Normally it return a bool specifying if the password was accepted.
	 *   on rare occasions it could return an error.
	 */
	Expected<bool> unlock(const std::string &master_password);

	Expected<bool> changeMasterPassword(const std::string &master_password,
										const std::string &new_master_password);

	/** Forget master password
	 */
	void lock();
	bool locked() const;

	Expected<void> savePassword(const std::string &key, const std::string &password);
	Expected<bool> getPassword(const std::string &key, std::string &out);

private:
	int                   m_iterations;
	Botan::AutoSeeded_RNG m_rng;
	Botan::OctetString    m_keySalt;	  // salt for generating crypto key
	StrengthenedKey       m_masterKey;  // crypto key
	Botan::OctetString    m_hashSalt;   // salt of the hash of the passphrase
	Botan::OctetString    m_masterHash; // hash for checking the passphrase

	using t_KeyPasswords = std::map<std::string, std::string>;

	t_KeyPasswords m_store;

	static Botan::OctetString hashStrengthenedKey(const StrengthenedKey &key, const Botan::OctetString &salt);
};


#endif // PASSWORDMANAGER_H