/*
     This file is part of GNUnet.
     Copyright (C) 2009-2013, 2016 GNUnet e.V.

     GNUnet is free software: you can redistribute it and/or modify it
     under the terms of the GNU Affero General Public License as published
     by the Free Software Foundation, either version 3 of the License,
     or (at your option) any later version.

     GNUnet is distributed in the hope that it will be useful, but
     WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     Affero General Public License for more details.
    
     You should have received a copy of the GNU Affero General Public License
     along with this program.  If not, see <http://www.gnu.org/licenses/>.

     SPDX-License-Identifier: AGPL3.0-or-later
*/


/**
 * @file credential/delegate_misc.c
 * @brief Misc API for delegate
 *
 * @author Martin Schanzenbach
 */
#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_constants.h"
#include "gnunet_credential_service.h"
#include "gnunet_signatures.h"
#include "delegate.h"
#include <inttypes.h>

char*
GNUNET_CREDENTIAL_delegate_to_string (const struct GNUNET_CREDENTIAL_Delegate *cred)
{
  char *cred_str;
  char *subject_pkey;
  char *issuer_pkey;
  char *signature;

  subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
  issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
  GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
                                sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
                                &signature);
  if(0 == cred->subject_attribute_len){
    GNUNET_asprintf (&cred_str,
                      "%s.%s -> %s | %s | %"SCNu64,
                      issuer_pkey,
                      cred->issuer_attribute,
                      subject_pkey,
                      signature,
                      cred->expiration.abs_value_us);
  } else {
    GNUNET_asprintf (&cred_str,
                      "%s.%s -> %s.%s | %s | %"SCNu64,
                      issuer_pkey,
                      cred->issuer_attribute,
                      subject_pkey,
                      cred->subject_attribute,
                      signature,
                      cred->expiration.abs_value_us);
  }
  GNUNET_free (subject_pkey);
  GNUNET_free (issuer_pkey);
  GNUNET_free (signature);

  return cred_str;
}

struct GNUNET_CREDENTIAL_Delegate*
GNUNET_CREDENTIAL_delegate_from_string (const char* s)
{
  struct GNUNET_CREDENTIAL_Delegate *cred;
  size_t enclen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
  if (enclen % 5 > 0)
    enclen += 5 - enclen % 5;
  enclen /= 5; /* 260/5 = 52 */
  char subject_pkey[enclen + 1];
  char issuer_pkey[enclen + 1];
  char iss_attr[253 + 1];
  // Needs to be initialized, in case of Type 1 credential (A.a <- B)
  char sub_attr[253 + 1] = "";
  char signature[256]; //TODO max payload size

  struct GNUNET_CRYPTO_EcdsaSignature *sig;
  struct GNUNET_TIME_Absolute etime_abs;

  // If it's A.a <- B.b...
  if (6 != SSCANF (s,
                   "%52s.%253s -> %52s.%253s | %s | %"SCNu64,
                   issuer_pkey,
                   iss_attr,
                   subject_pkey,
                   sub_attr,
                   signature,
                   &etime_abs.abs_value_us))
  {
    // Try if it's A.a <- B
    if (5 != SSCANF (s,
                   "%52s.%253s -> %52s | %s | %"SCNu64,
                   issuer_pkey,
                   iss_attr,
                   subject_pkey,
                   signature,
                   &etime_abs.abs_value_us))
    {
      GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to parse DEL record string `%s'\n", s);
      return NULL;
    }
  }

  // +1 for \0
  int attr_len;
  if(strcmp(sub_attr,"") == 0) {
    attr_len = strlen (iss_attr) + 1;
  } else {
    attr_len = strlen (iss_attr) + strlen(sub_attr) + 1;
  }
  cred = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_len);

  char tmp_str[attr_len];
  GNUNET_memcpy(tmp_str, iss_attr, strlen(iss_attr));
   if(strcmp(sub_attr,"") != 0) {
    GNUNET_memcpy(tmp_str + strlen(iss_attr), sub_attr, strlen(sub_attr));
  }
  tmp_str[attr_len - 1] = '\0';
  
  GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
                                              strlen (subject_pkey),
                                              &cred->subject_key);
  GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_pkey,
                                              strlen (issuer_pkey),
                                              &cred->issuer_key);
  GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdsaSignature) == GNUNET_STRINGS_base64_decode (signature,
                                strlen (signature),
                                (char**)&sig));
  cred->signature = *sig;
  cred->expiration = etime_abs;
  GNUNET_free (sig);
  GNUNET_memcpy (&cred[1],
                 tmp_str,
                 attr_len);

  cred->issuer_attribute_len = strlen (iss_attr);
  cred->issuer_attribute = strdup(iss_attr);
  if(strcmp(sub_attr,"") == 0) {
    cred->subject_attribute_len = 0;
    cred->subject_attribute = '\0';
  } else {
    cred->subject_attribute_len = strlen (sub_attr);
    cred->subject_attribute = strdup(sub_attr);
  }

  return cred;
}

/**
 * Issue an attribute to a subject
 *
 * @param issuer the ego that should be used to issue the attribute
 * @param subject the subject of the attribute
 * @param attribute the name of the attribute
 * @return handle to the queued request
 */

struct GNUNET_CREDENTIAL_Delegate *
GNUNET_CREDENTIAL_delegate_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
                                    struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
                                    const char *iss_attr,
                                    const char *sub_attr,
                                    struct GNUNET_TIME_Absolute *expiration)
{
  struct DelegateEntry *crd;
  struct GNUNET_CREDENTIAL_Delegate *cred;
  size_t size;
  int attr_len;
  
  if (NULL == sub_attr){
    // +1 for \0
    attr_len = strlen (iss_attr) + 1;
  } else {
    attr_len = strlen (iss_attr) + strlen(sub_attr) + 1;
  }
  size = sizeof (struct DelegateEntry) + attr_len;

  char tmp_str[attr_len];
  GNUNET_memcpy(tmp_str, iss_attr, strlen(iss_attr));
  if (NULL != sub_attr){
    GNUNET_memcpy(tmp_str + strlen(iss_attr), sub_attr, strlen(sub_attr));
  }
  tmp_str[attr_len - 1] = '\0';

  crd = GNUNET_malloc (size);
  crd->purpose.size = htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
  crd->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
  GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
                                      &crd->issuer_key);
  crd->subject_key = *subject;
  crd->expiration = GNUNET_htonll (expiration->abs_value_us);
  crd->issuer_attribute_len = htonl (strlen (iss_attr) + 1);
  if (NULL == sub_attr){
    crd->subject_attribute_len = htonl (0);
  } else {
    crd->subject_attribute_len = htonl (strlen (sub_attr) + 1);
  }

  GNUNET_memcpy (&crd[1],
                 tmp_str,
                 attr_len);
 
  if (GNUNET_OK !=
      GNUNET_CRYPTO_ecdsa_sign (issuer,
                                &crd->purpose,
                                &crd->signature))
  {
    GNUNET_break (0);
    GNUNET_free (crd);
    return NULL;
  }

  cred = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_len);
  cred->signature = crd->signature;
  cred->expiration = *expiration;
  GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
                                      &cred->issuer_key);

  cred->subject_key = *subject;
  cred->issuer_attribute = strdup(iss_attr);
  cred->issuer_attribute_len = strlen(iss_attr);
  if (NULL == sub_attr){
    cred->subject_attribute = '\0';
    cred->subject_attribute_len = 0;
  } else {
    cred->subject_attribute = strdup(sub_attr);
    cred->subject_attribute_len = strlen(sub_attr);
  }

  GNUNET_memcpy (&cred[1],
                 tmp_str,
                 attr_len);

  GNUNET_free (crd);
  return cred;
}