/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright 2018 Olaf Wintermann. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   1. Redistributions of source code must retain the above copyright
 *      notice, this list of conditions and the following disclaimer.
 *
 *   2. Redistributions in binary form must reproduce the above copyright
 *      notice, this list of conditions and the following disclaimer in the
 *      documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef DAV_CRYPTO_H
#define	DAV_CRYPTO_H

#include "webdav.h"
#include <ucx/string.h>

#ifdef __APPLE__
/* macos */

#define DAV_CRYPTO_COMMON_CRYPTO

#define DAV_AES_CTX              CCCryptorRef
#define DAV_SHA_CTX              CC_SHA256_CTX
#define DAV_SHA256_DIGEST_LENGTH 32

#include <CommonCrypto/CommonCrypto.h>
#include <CommonCrypto/CommonDigest.h>

#elif defined(_WIN32)

#define DAV_CRYPTO_CNG

#include <windows.h>
#include <bcrypt.h>

typedef struct WinBCryptCTX {
    BCRYPT_ALG_HANDLE hAlg;
    BCRYPT_KEY_HANDLE hKey;
    void              *pbKeyObject;
    unsigned char     pbIV[16];
    
    unsigned char     buf[16];
    ULONG             buflen;
} WinBCryptCTX;

typedef struct WinBCryptSHACTX {
    BCRYPT_ALG_HANDLE  hAlg;
    BCRYPT_HASH_HANDLE hHash;    
    void               *pbHashObject;
} WinBCryptSHACTX;

#define DAV_AES_CTX              WinBCryptCTX
#define DAV_SHA_CTX              WinBCryptSHACTX
#define DAV_SHA256_DIGEST_LENGTH 32

#else
/* unix/linux */

#define DAV_USE_OPENSSL

#define DAV_AES_CTX              EVP_CIPHER_CTX*
#define DAV_SHA_CTX              SHA256_CTX
#define DAV_SHA256_DIGEST_LENGTH 32

#include <openssl/evp.h>
#include <openssl/rand.h>

#if defined(__sun) && defined(__SunOS_5_10)
#include <sha2.h>
#define SHA256_Init     SHA256Init
#define SHA256_Update   SHA256Update
#define SHA256_Final    SHA256Final
#else
#include <openssl/sha.h>
#endif

#endif

#ifdef	__cplusplus
extern "C" {
#endif

#define DAV_PWFUNC_PBKDF2_SHA256 0
#define DAV_PWFUNC_PBKDF2_SHA512 1
    
#define DAV_CRYPTO_ITERATION_COUNT 4000
    
typedef struct {
    DAV_AES_CTX    ctx;
    DAV_SHA_CTX    sha256;
    void           *stream;
    dav_write_func write;
    DavKey         *key;
    int            init;
    unsigned char  ivtmp[16];
    size_t         ivpos;
} AESDecrypter;

typedef struct {
    DAV_AES_CTX    ctx;
    DAV_SHA_CTX    sha256;
    void           *iv;
    size_t         ivlen;
    void           *stream;
    dav_read_func  read;
    dav_seek_func  seek;
    char           *tmp;
    size_t         tmplen;
    size_t         tmpoff;
    int            end;
} AESEncrypter;

typedef struct DavHashContext DavHashContext;

int dav_rand_bytes(unsigned char *buf, size_t len);

AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func);
size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec);
void aes_decrypter_shutdown(AESDecrypter *dec);
void aes_decrypter_close(AESDecrypter *dec);

AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func);
size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc);
void aes_encrypter_close(AESEncrypter *enc);
int aes_encrypter_reset(AESEncrypter  *enc, curl_off_t offset, int origin);

char* aes_encrypt(const char *in, size_t len, DavKey *key);
char* aes_decrypt(const char *in, size_t *len, DavKey *key);

void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf);

char* dav_create_hash(const char *data, size_t len);

DAV_SHA_CTX* dav_hash_init(void);
void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len);
void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf);

DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc);

UcxBuffer* aes_encrypt_buffer(UcxBuffer *buf, DavKey *key);
UcxBuffer* aes_decrypt_buffer(UcxBuffer *buf, DavKey *key);

#ifdef	__cplusplus
}
#endif

#endif	/* DAV_CRYPTO_H */