# Copyright Rodolphe Breard (2017)
# Author: Rodolphe Breard (2017)
#
# This software is a computer library whose purpose is to offer a
# collection of tools for user authentication.
#
# This software is governed by the CeCILL  license under French law and
# abiding by the rules of distribution of free software.  You can  use,
# modify and/ or redistribute the software under the terms of the CeCILL
# license as circulated by CEA, CNRS and INRIA at the following URL
# "http://www.cecill.info".
#
# As a counterpart to the access to the source code and  rights to copy,
# modify and redistribute granted by the license, users are provided only
# with a limited warranty  and the software's author,  the holder of the
# economic rights,  and the successive licensors  have only  limited
# liability.
#
# In this respect, the user's attention is drawn to the risks associated
# with loading,  using,  modifying and/or developing or reproducing the
# software by the user in light of its specific status of free software,
# that may mean  that it is complicated to manipulate,  and  that  also
# therefore means  that it is reserved for developers  and  experienced
# professionals having in-depth computer knowledge. Users are therefore
# encouraged to load and test the software's suitability as regards their
# requirements in conditions enabling the security of their systems and/or
# data to be ensured and,  more generally, to use and operate it in the
# same conditions as regards security.
#
# The fact that you are presently reading this means that you have had
# knowledge of the CeCILL license and that you accept its terms.

from ctypes import *
from . import lib

PASSWORD_MIN_LEN = 8
PASSWORD_MAX_LEN = 128
PASSWORD_STORAGE_LEN = 1024

NOSTANDARD = 0
NIST80063B = 1


class LibreAuthPassError(Exception):
    """Exception raised for errors in the password authentication module.

    Attributes:
        code -- error code
        message -- explanation of the error
    """

    def __init__(self, code):
        valid_codes = {
            0: 'success',
            1: 'password is too short',
            2: 'password is too long',
            10: 'invalid password format',
            20: 'not enough space',
        }
        self.code = code
        if code in valid_codes:
            self.message = valid_codes[code]
        else:
            self.message = 'unknown error'

def password_hash(password, standard=NOSTANDARD):
    pass_len = len(password)
    if pass_len < PASSWORD_MIN_LEN:
        raise LibreAuthPassError(1)
    if pass_len > PASSWORD_MAX_LEN:
        raise LibreAuthPassError(2)
    buff = create_string_buffer(b'\000' * PASSWORD_STORAGE_LEN)
    c_pass = create_string_buffer(password)
    err = lib.libreauth_password_hash(c_pass, buff, PASSWORD_STORAGE_LEN, standard)
    if err != 0:
        raise LibreAuthPassError(err)
    return str(buff.value, encoding="utf-8")

def is_valid(password, reference):
    c_pass = create_string_buffer(password)
    c_ref = create_string_buffer(bytes(reference, encoding='utf-8'))
    return bool(lib.libreauth_password_is_valid(c_pass, c_ref))