/*
 * Copyright (c) 2023-2024 Ian Marco Moffett and the Osmora Team.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * 1. Redistributions of source code must retain the above copyright notice,
 *    this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of Hyra nor the names of its
 *    contributors may be used to endorse or promote products derived from
 *    this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NSTP LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NSTP LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR STPHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef STP_SESSION_H_
#define STP_SESSION_H_

#include <stdint.h>
#include <defs.h>

/*
 * The Session Request is sent from the client to the
 * server and contains a HOP (hash, options, pubkey)
 * payload along with some optional padding. If the 'U'
 * bit of options (see Options/flag bits below) is to
 * be set, then everything but the 'hash' field must
 * be encrypted with the server's AES-128-CBC key and
 * the 'hash' field should contain a SHA256 hash of the
 * username as well as an FNV-1a hash (used for internal
 * lookups in the server) after it. However, if the 'U'
 * bit is to be left unset, the session request packet
 * can be left unencrypted and 'hash' may be zeroed.
 *
 * @hash: SHA256 username hash + FNV-1a username hash.
 * @options: Flags/options
 * @pubkey: Ephemeral public key.
 * @pad: Random padding used to obsecure message length
 *       (can be 8 to 32 bytes, optional)
 *
 * -- Option/flag bits --
 *
 *                         Bit number
 *                        /
 *           0 1 2 3 4 5 6
 *           ~ ~ ~ ~ ~ ~ ~
 *           U R R R R R R
 *                        \
 *                         Purpose
 *
 * U: User auth.
 * R: Reserved, keep zero.
 */
struct session_request {
    char hash[64];
    uint8_t options;
    char pubkey[32];
    char pad[8];
} PACKED;

#endif  /* STP_SESSION_H_ */