#ifndef __LIBCREDDY_H__
#define __LIBCREDDY_H__

#include <stdio.h>

#define CREDDY_SUCCESS                      0
#define CREDDY_GENERATE_INVALID_CN          -1
#define CREDDY_GENERATE_INVALID_VALIDITY    -2

/**
 * Creddy identifiers.
 */

typedef struct _creddy_id_t creddy_id_t;

// create an ID from an X.509 certificate
creddy_id_t *creddy_id_from_file(char *filename);

// load an X.509 private key for an from a file
// handles keys with a password
int creddy_id_load_privkey(creddy_id_t *id, char *filename);

// generate an ID
// returns one of CREDDY_SUCCESS or CREDDY_GENERATE_* (see top)
int creddy_id_generate(creddy_id_t **ret, char *cn, int validity);

// get the SHA1 keyid, pointer is valid for the lifetime of the object
char *creddy_id_keyid(creddy_id_t *id);

// default filename for the cert: ${CN}_ID.pem
// caller must free the returned string
char *creddy_id_cert_filename(creddy_id_t *id);

// write the cert fo an open file pointer
void creddy_id_write_cert(creddy_id_t *id, FILE *out);

// default filename for the private key: ${CN}_key.pem
// caller must free the return value
char *creddy_id_privkey_filename(creddy_id_t *id);

// write the private key to a file
// it is recommended that you open this file mode 0600
void creddy_id_write_privkey(creddy_id_t *id, FILE *out);

// destroy the id
void creddy_id_free(creddy_id_t *id);

#endif /* __LIBCREDDY_H__ */