#include "member-tpm.h"

typedef enum memberstate {
    ON,
    ISSUERPUB,
    RCVPUBLIC,
    JOIN,
    APPEND,
    JOINPROCEED,
    JOINED,
} memberstate_e;

typedef struct member {
    struct ecdaa_member_public_key_FP256BN mpk;
    memberstate_e state;
    uint8_t nonce[NONCE_SIZE];
    struct ecdaa_credential_FP256BN cred;
    struct ecdaa_issuer_public_key_FP256BN ipk;
    uint8_t bsn[MAX_BSNSIZE];
    size_t bsn_len;
    struct ecdaa_tpm_context ctx;
    TPM2_HANDLE pk_handle;
    //ECP_FP256BN public_key;
    unsigned char pk_in[ECP_FP256BN_LENGTH];
    unsigned char tcti_buffer[256];
} member_t;

member_t member;
uint8_t msg[MAX_MSGSIZE];
size_t msg_len;

int init_tpm();
int free_tpm();

static int read_public_key_from_files(uint8_t *public_key, TPM2_HANDLE *key_handle, const char *tpm_key_file, const char *tpm_handle_file);

int member_join(char *buffer);

int member_verifymsg(char *buffer);

int member_publish(char *buffer);

int member_joinappend(char *buffer);

int member_joinfinish(char *buffer);

int main(int argc, char *argv[]) {
    char buffer[MAX_BUFSIZE];
    char *remote_ip = argv[2];
    int ret = 0;
    TPM2_HANDLE sk_handle = 0;

    //strncpy(member.bsn, "mybasename", 10);
    //member.bsn_len = strlen(member.bsn);
    switch(argc) {
        case 3:
            if(0 == strncasecmp("--join", argv[1], 6) || 0 == strncasecmp("-j", argv[1], 2)) {
		if (0 != read_public_key_from_files(member.pk_in, &sk_handle, tpm_key_file, tpm_handle_file)) {
                    printf("Error: error reading in public key files '%s' and '%s'\n", tpm_key_file, tpm_handle_file);
		    return 1;
		}
                member.state = ON;
                ret = client_connect(&member_join, remote_ip, ISSUERPORT);
                if (0 >= ret || JOINED != member.state) {
                    printf("Join process failed!\n");
                    return 1;
                } else {
                    printf("Join process was successful\n");
                }
            } else {
                printf("2 arguments but not join\n");
            }
            break;
        case 4:
            if(0 == strncasecmp("--send", argv[1], 6) || 0 == strncasecmp("-s", argv[1], 2)) {
                msg_len = ecdaa_read_from_file(msg, MAX_MSGSIZE, argv[3]);
                if (msg_len < 0) {
                    printf("Could not open message file %s\n", argv[3]);
                    return 1;
                }
		if (0 != read_public_key_from_files(member.pk_in, &sk_handle, tpm_key_file, tpm_handle_file)) {
                    printf("Error: reading in public key files '%s' and '%s' failed\n", tpm_key_file, tpm_handle_file);
		    return 1;
		}
                if (0 > ecdaa_read_from_file(member.nonce, NONCE_SIZE, member_nonce_file) ||
                        0 != ecdaa_member_public_key_FP256BN_deserialize_file(&member.mpk, member_public_key_file, member.nonce, NONCE_SIZE) ||
                        0 != ecdaa_credential_FP256BN_deserialize_file(&member.cred, member_credential_file)) {
                    printf("Could not import key files. importing from %s, %s or %s was not successful\n",
                        member_nonce_file, member_public_key_file, member_credential_file);
                    return 1;
                }
                member.state = JOINED;
                ret = client_connect(&member_verifymsg, remote_ip, VERIFIERPORT);
                if (0 >= ret || JOINED != member.state) {
                    printf("connection to verifier failed\n");
                }
            } else {
                printf("3 arguments but not send\n");
            }
            break;
        default:
            printf("Usage: \n Join an issuer's group: %s --join <issuer's IPv4>\n", argv[0]);
            printf("Send a signed message to the verifier: %s --send <verifier's IPv4> <msgfile>\n", argv[0]);
            printf("Before sending a DAA-signed message, the member must join a DAA group\n");
            break;
    }
    return 0;
}

int init_tpm()
{
    const char *device_conf = "/dev/tpm0";

    int init_ret;

    memset(member.tcti_buffer, 0, sizeof(member.tcti_buffer));

    TSS2_TCTI_CONTEXT *tcti_ctx = (TSS2_TCTI_CONTEXT*)member.tcti_buffer;

    size_t size;
    init_ret = Tss2_Tcti_Device_Init(NULL, &size, device_conf);
    if (TSS2_RC_SUCCESS != init_ret) {
        printf("Failed to get allocation size for tcti context\n");
        return -1;
    }
    if (size > sizeof(member.tcti_buffer)) {
        printf("Error: device TCTI context size larger than pre-allocated buffer\n");
        return -1;
    }
    init_ret = Tss2_Tcti_Device_Init(tcti_ctx, &size, device_conf);
    if (TSS2_RC_SUCCESS != init_ret) {
        printf("Error: Unable to initialize device TCTI context\n");
        return -1;
    }

    //initialize ecdaa tpm context
    if(0 != ecdaa_tpm_context_init(&member.ctx, member.pk_handle, NULL, 0, tcti_ctx)) {
        printf("\necdaa context failed\n");
        return -1;
    }
    printf("\necdaa context initialized\n");
    return 0;
}

int free_tpm() {
    ecdaa_tpm_context_free(&member.ctx);
    return 0;
}

int member_join(char *buffer) {
    int ret = 0;

    switch (member.state) {
        case ON:
            bzero(buffer, MAX_BUFSIZE);
            strncpy(buffer, "PUBLISH\n", 8);
            member.state = ISSUERPUB;
            break;
        case ISSUERPUB:
            if (0 == strncasecmp("PUBLISH", buffer, 7)) {
                printf("ISSUER > MEMBER: %s\n", buffer);
                uint8_t binbuf[MAX_BUFSIZE];
                char *current = &buffer[8];
                ecdaa_decode(current, binbuf, ECDAA_ISSUER_PUBLIC_KEY_FP256BN_LENGTH);
                ret = ecdaa_issuer_public_key_FP256BN_deserialize(&member.ipk, binbuf);
                if (-1 == ret) {
                    printf("member_getpublic: issuer public key is malformed!\n");
                    ret = -1;
                } else if (-2 == ret) {
                    printf("member_getpublic: signature of issuer public key is invalid\n");
                    ret = -1;
                } else {
                    bzero(buffer, MAX_BUFSIZE);
                    strncpy(buffer, "JOIN\n", 5);
                    member.state = APPEND;
                    ret = 0;
                }
            } else {
                printf("member_getpublic: did not get public key from issuer\n");
                member.state = ON;
                ret = -1;
            }
            break;
        case APPEND:
            if (0 == strncasecmp("JOINSTART", buffer, 9)) {
                printf("ISSUER > MEMBER: %s\n", buffer);
                member_joinappend(buffer);
                member.state = JOINPROCEED;
            } else {
                printf("member_join: did not get nonce from issuer\n");
                member.state = RCVPUBLIC;
                ret = -1;
            }
            break;
        case JOINPROCEED:
            if (0 == strncasecmp("JOINPROCEED", buffer, 11)) {
                printf("ISSUER > MEMBER: %s\n", buffer);
                member_joinfinish(buffer);
                member.state = JOINED;
                ret = 1;
            } else {
                printf("member_getpublic: did not get credentials from issuer\n");
                member.state = RCVPUBLIC;
                ret = -1;
            }
            break;
        default:
            ret = -1;
    }
    if (0 == ret) {
        printf("ISSUER < MEMBER: %s", buffer);
    }
    return ret;
}

//"VERIFYMSG" > "VERIFYMSG <attestval>"
int member_verifymsg(char *buffer) {
    char *current = buffer;
    uint8_t binbuf[MAX_BUFSIZE];
    uint8_t has_nym = member.bsn_len > 0 ? 1 : 0;
    struct ecdaa_signature_FP256BN sig;
    size_t sig_len = has_nym ? ecdaa_signature_FP256BN_with_nym_length() : ecdaa_signature_FP256BN_length();
    int ret = 0;

    if (0 == strncasecmp("OK", buffer, 2)) {
        return 1;
    } else if (0 == strncasecmp("ERR", buffer, 3)) {
        printf("member_verifymsg: Verifier refused signature\n");
        return 1;
    }

    bzero(buffer, MAX_BUFSIZE);
    strncpy(current, "VERIFYMSG ", 10);
    current = &current[10];

    ret = ecdaa_encode(msg, current, msg_len);
    current = &current[2 * MAX_MSGSIZE];
    if(has_nym) {
        if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, msg, msg_len, member.bsn, member.bsn_len, &member.cred, ecdaa_rand, &member.ctx)) {
            printf("member_verifymsg: Signing message failed\n");
        }
        current[0] = '1';
        current = &current[1];
        strncpy(current, (char *)member.bsn, MAX_BSNSIZE);
        current = &current[MAX_BSNSIZE];
    } else {
        if (0 != ecdaa_signature_TPM_FP256BN_sign(&sig, msg, msg_len, NULL, 0, &member.cred, ecdaa_rand, &member.ctx)) {
            printf("member_verifymsg: Signing message failed\n");
        }
        current[0] = '0';
        current = &current[1];
    }

    bzero(binbuf, MAX_BUFSIZE);
    ecdaa_signature_FP256BN_serialize(binbuf, &sig, has_nym);
    ret = ecdaa_encode(binbuf, current, sig_len);
    printf("member_verifymsg: has_nym: %u, sig_len: %lu\n",has_nym, sig_len);
    printf("member_verifymsg: msg: %s, len: %lu\n",msg, msg_len);
    printf("member_verifymsg: bsn: %s, len: %lu\n",(char *)member.bsn, strlen((char *)member.bsn));
    printf("member_verifymsg: sig: %s, len: %lu\n", current, sig_len);

    current[ret] = '\n';
    return 0;
}

//"PUBLISH" > "PUBLISH <member.mpk>"
/* int member_publish(char *buffer) { */
/*     char *current; */
/*     int ret = 0; */
/*     uint8_t binbuf[MAX_BUFSIZE]; */
/*     bzero(buffer, MAX_BUFSIZE); */

/*     strncpy(buffer, "PUBLISH ", 8); */

/*     current = &buffer[8]; */
/*     bzero(binbuf, MAX_BUFSIZE); */
/*     ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk); */
/*     ret = ecdaa_encode(binbuf, current, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH); */

/*     current[ret] = '\n'; */

/*     return 0; */
/* } */

//"JOINSTART <issuer.nonce>" > "APPEND <member.mpk>"
int member_joinappend(char *buffer) {
    char *current = &buffer[10];
    uint8_t binbuf[MAX_BUFSIZE];
    int ret = ecdaa_decode(current, member.nonce, NONCE_SIZE);
    ecdaa_write_buffer_to_file(member_nonce_file, member.nonce, NONCE_SIZE);
    ret = ecdaa_member_key_pair_TPM_FP256BN_generate(&member.mpk, member.pk_in, member.nonce, NONCE_SIZE, &member.ctx);
    if (0 != ret) {
        fprintf(stderr, "Error generating member key-pair. Error %d\n", ret);
        return -1;
    }
    bzero(buffer, MAX_BUFSIZE);
    strncpy(buffer, "APPEND ", 7);

    current = &buffer[7];
    bzero(binbuf, MAX_BUFSIZE);
    ecdaa_member_public_key_FP256BN_serialize(binbuf, &member.mpk);
    ret = ecdaa_encode(binbuf, current, ECDAA_MEMBER_PUBLIC_KEY_FP256BN_LENGTH);
    current[ret] = '\n';
    return 0;
}

//"JOINPROCEED <member.cred><member.cred_sig>" > ""
int member_joinfinish(char *buffer) {
    char *current = &buffer[12];
    uint8_t *bincur;
    uint8_t binbuf[MAX_BUFSIZE];
    int ret = 0;
    bzero(binbuf, MAX_BUFSIZE);
    ret = ecdaa_decode(current, binbuf, ECDAA_CREDENTIAL_FP256BN_LENGTH);

    current = &current[ret];
    bincur = &binbuf[ECDAA_CREDENTIAL_FP256BN_LENGTH];
    ecdaa_decode(current, bincur, ECDAA_CREDENTIAL_FP256BN_SIGNATURE_LENGTH);
    ret = ecdaa_credential_FP256BN_deserialize_with_signature(&member.cred, &member.mpk, &member.ipk.gpk, binbuf, bincur);
    if(-1 == ret) {
        printf("member_joinfinish: credential is malformed!\n");
        strncpy(buffer, "ERR", 3);
        ret = -1;
    } else if(-2 == ret) {
        printf("member_joinfinish: siganture of credential is invalid\n");
        strncpy(buffer, "ERR", 3);
        ret = -1;
    }
    printf("member_joinfinish: writing key-pair and credential to disk\n");
    if(0 != ecdaa_member_public_key_FP256BN_serialize_file(member_public_key_file, &member.mpk) ||
            0 != ecdaa_credential_FP256BN_serialize_file(member_credential_file, &member.cred)) {
        printf("issuer_setup: Error saving key-pair or credential to disk\n");
        strncpy(buffer, "ERR", 3);
        ret = -1;
    } else {
        strncpy(buffer, "OK", 2);
    }

    return ret;
}

int read_public_key_from_files(uint8_t *public_key, TPM2_HANDLE *key_handle, const char *pub_key_filename, const char *handle_filename)
{
    int ret = 0;

    FILE *pub_key_file_ptr = fopen(pub_key_filename, "r");
    if (NULL == pub_key_file_ptr) {
    	printf("read_public_key: error opening public key\n");
        return -1;
    }
    do {
        for (unsigned i=0; i < ECP_FP256BN_LENGTH; i++) {
            unsigned char byt;
	    int ret=0;
            //if (fscanf(pub_key_file_ptr, "%02X", &byt) != 1) {
            if (ret = fscanf(pub_key_file_ptr, "%c", &byt) != 1) {
    		printf("read_public_key: i=%d, len=%d, returnvalue=%d\n", i, ECP_FP256BN_LENGTH, ret);
                ret = -1;
                break;
            }
            public_key[i] = (uint8_t)byt;
        }
    } while(0);
    (void)fclose(pub_key_file_ptr);
    if (0 != ret) {
    	printf("read_public_key: error reading public key file\n");
        return -1;
    }

    FILE *handle_file_ptr = fopen(handle_filename, "r");
    if (NULL == handle_file_ptr) {
    	printf("read_public_key: error opening handle\n");
        return -1;
    }

    do {
        for (int i=(sizeof(TPM2_HANDLE)-1); i >= 0; i--) {
            unsigned char byt;
            //if (fscanf(handle_file_ptr, "%02X", &byt) != 1) {
            if (fscanf(handle_file_ptr, "%c", &byt) != 1) {
                ret = -1;
                break;
            }
            *key_handle += byt<<(i*8);
        }
        if (0 != ret)
            break;
    } while(0);
    (void)fclose(handle_file_ptr);

    if (0 != ret) {
    	printf("read_public_key: error closing public key\n");
        return -1;
    }
    return ret;
}