#include "crypto.h"
#include "system.h"
#include "constants.h"
#include "storage.h"

#include <string.h>
#include <mbedtls/build_info.h>
#include <mbedtls/platform.h>
#include <mbedtls/entropy.h>
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/ecdsa.h>
#include <mbedtls/sha256.h>
#include <mbedtls/pk.h>

#define ECPARAMS MBEDTLS_ECP_DP_SECP256R1

static const char *pers = "ecdsa";

static void seed_ctr_drbg_context(mbedtls_entropy_context *entropy, mbedtls_ctr_drbg_context *ctr_drbg)
{
    int ret;

    mbedtls_entropy_init(entropy);
    mbedtls_ctr_drbg_init(ctr_drbg);

    printf("Seed Mbedtls\n");
    if ((ret = mbedtls_ctr_drbg_seed(ctr_drbg, mbedtls_entropy_func, entropy,
                                     (const unsigned char *)pers,
                                     strlen(pers))) != 0)
    {
        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
        reboot();
    }
}

bool crypto_gen_priv_key()
{
    // Check if a private key has already been defined for this device
    if (storage_get_priv_key(NULL) > 0)
        return false;

    int ret = 1;

    mbedtls_pk_context key;
    mbedtls_pk_init(&key);

    mbedtls_entropy_context entropy;
    mbedtls_ctr_drbg_context ctr_drbg;
    seed_ctr_drbg_context(&entropy, &ctr_drbg);

    printf("PK info from type\n");
    if ((ret = mbedtls_pk_setup(&key, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY))) != 0)
    {
        mbedtls_printf(" failed\n  !  mbedtls_pk_setup returned -0x%04x", (unsigned int)-ret);
        reboot();
    }

    // Generate private key
    printf("Generate private key\n");
    ret = mbedtls_ecp_gen_key(ECPARAMS,
                              mbedtls_pk_ec(key),
                              mbedtls_ctr_drbg_random, &ctr_drbg);
    if (ret != 0)
    {
        mbedtls_printf(" failed\n  !  mbedtls_ecp_gen_key returned -0x%04x",
                       (unsigned int)-ret);
        reboot();
    }

    // Export private key
    printf("Export private key\n");
    unsigned char *key_buff = malloc(PRV_KEY_DER_MAX_BYTES);
    if ((ret = mbedtls_pk_write_key_der(&key, key_buff, PRV_KEY_DER_MAX_BYTES)) < 1)
    {
        mbedtls_printf(" failed\n  !  mbedtls_pk_write_key_der returned -0x%04x",
                       (unsigned int)-ret);
        reboot();
    }

    storage_set_priv_key(key_buff + PRV_KEY_DER_MAX_BYTES - ret, ret);
    free(key_buff);

    return true;
}

void crypto_print_priv_key()
{
    int ret;

    unsigned char *key_buff = malloc(PRV_KEY_DER_MAX_BYTES);
    size_t key_len = storage_get_priv_key(key_buff);
    assert(key_len > 0);

    mbedtls_pk_context key;
    mbedtls_pk_init(&key);

    mbedtls_entropy_context entropy;
    mbedtls_ctr_drbg_context ctr_drbg;
    seed_ctr_drbg_context(&entropy, &ctr_drbg);

    printf("Parse private key (len = %d)\n", key_len);
    if ((ret = mbedtls_pk_parse_key(&key, key_buff, key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0)
    {
        mbedtls_printf(" failed\n  !  mbedtls_pk_parse_key returned -0x%04x",
                       (unsigned int)-ret);
        reboot();
    }

    printf("Show private key\n");
    unsigned char *out = malloc(16000);
    memset(out, 0, 16000);
    if ((ret = mbedtls_pk_write_key_pem(&key, out, 16000)) != 0)
    {
        mbedtls_printf(" failed\n  !  mbedtls_pk_write_key_pem returned -0x%04x",
                       (unsigned int)-ret);
        reboot();
    }

    printf("%s", out);
    free(out);

    free(key_buff);
}