/**
 * TLSConfig
 * 
 * A set of configuration parameters for use by a TLSSocket or a TLSEngine.
 * Most parameters are optional and will be set to appropriate default values for most use.
 * 
 * Copyright (c) 2007 Henri Torgemane
 * 
 * See LICENSE.txt for full license information.
 */
package com.hurlant.crypto.tls {
	import flash.utils.ByteArray;
	import com.hurlant.util.der.PEM;
	import com.hurlant.crypto.rsa.RSAKey;
	import com.hurlant.crypto.cert.X509CertificateCollection;
	import com.hurlant.crypto.cert.MozillaRootCertificates;
	
	public class TLSConfig {
		public var entity:uint; // SERVER | CLIENT
		
		public var certificate:ByteArray;
		public var privateKey:RSAKey;
		
		public var cipherSuites:Array;
		
		public var compressions:Array;
		public var ignoreCommonNameMismatch:Boolean = false;
		public var trustAllCertificates:Boolean = false;
		public var trustSelfSignedCertificates:Boolean = false;
		public var promptUserForAcceptCert:Boolean = false;
		public var CAStore:X509CertificateCollection;
		public var localKeyStore:X509CertificateCollection;
		public var version:uint;
		
		public function TLSConfig(	entity:uint, cipherSuites:Array = null, compressions:Array = null, 
									certificate:ByteArray = null, privateKey:RSAKey = null, CAStore:X509CertificateCollection = null, ver:uint = 0x00) {
			this.entity = entity;
			this.cipherSuites = cipherSuites;
			this.compressions = compressions;
			this.certificate = certificate;
			this.privateKey = privateKey;
			this.CAStore = CAStore;
			this.version = ver;
			// default settings.
			if (cipherSuites==null) {
				this.cipherSuites = CipherSuites.getDefaultSuites();
			}
			if (compressions==null) {
				this.compressions = [TLSSecurityParameters.COMPRESSION_NULL];
			}
			
			if (CAStore==null) {
				this.CAStore = new MozillaRootCertificates;
			}
			
			if (ver==0x00) {
				// Default to TLS
				this.version = TLSSecurityParameters.PROTOCOL_VERSION;
			} 
		}
		
		public function setPEMCertificate(cert:String, key:String = null):void {
			if (key == null) {
				key = cert; // for folks who like to concat those two in one file.
			}
			certificate = PEM.readCertIntoArray(cert);
			privateKey = PEM.readRSAPrivateKey(key);
		}
	}
}