package de.mlessmann.certassist.openssl;

import java.nio.file.Path;
import org.springframework.lang.Nullable;

/**
 * Instance of a certificate that is temporarily stored on disk to be available for use in command line calls.
 * The instance implements AutoCloseable to enable cleanup after the stored files are no longer needed.
 * @implSpec The files should be removed from disk when the instance is closed, UNLESS the provided paths are the permanent storage location for the certificate files.
 */
public interface CertificateUsage extends AutoCloseable {
    /**
     * Returns the path to the certificate file (on disk, potentially temporary depending on the storage implementation).
     */
    Path certificatePath();

    /**
     * Returns the path to the private key file (on disk, potentially temporary depending on the storage implementation).
     * This file should also be encrypted.
     * @see CertificatePasswordProvider
     */
    Path certificateKeyPath();

    /**
     * Returns the path to the fullchain file (on disk, potentially temporary depending on the storage implementation).
     * This should contain the entire certification chain from (inclusive) the certificate to the root authority (inclusive).
     * @implSpec This method may return {@code null} if the certificate is self-signed.
     */
    @Nullable
    Path fullchainPath();

    /**
     * String representation of the certificate's fingerprint.
     * In case of OpenSSL, this should be in the form of: {@code SHA1;<HEX>:<HEX>:...}
     */
    String fingerprint();

    @Override
    void close();
}