/* hash.c
 *
 * Copyright (c) 2019 Apple Computer, Inc. All rights reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * DNS SIG(0) hashature generation for DNSSD SRP using mbedtls.
 *
 * Functions required for loading, saving, and generating public/private keypairs, extracting the public key
 * into KEY RR data, and computing hashatures.
 */

#include <stdio.h>
#include <arpa/inet.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>

#include "srp.h"
#include "dns-msg.h"
#include "srp-crypto.h"

// Function to generate a signature given some data and a private key
void
srp_hmac_iov(hmac_key_t *key, uint8_t *output, size_t max, struct iovec *iov, int count)
{
    int status;
    char errbuf[64];
    mbedtls_md_context_t ctx;
    const mbedtls_md_info_t *md_type;
    int digest_size;
	int i, line;
#define KABLOOIE line = __LINE__ - 1; goto kablooie

    switch(key->algorithm) {
    case  SRP_HMAC_TYPE_SHA256:
        md_type = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
        if (md_type == NULL) {
            ERROR("srp_hmac_iov: HMAC_SHA256 support missing");
            return;
        }
        digest_size = mbedtls_md_get_size(md_type);
        break;
    default:
        ERROR("srp_hmac_iov: unsupported HMAC hash algorithm: %d", key->algorithm);
        return;
    }
    if (max < digest_size) {
        ERROR("srp_hmac_iov: not enough space in output buffer (%lu) for hash (%d).",
              (unsigned long)max, digest_size);
        return;
    }

    if ((status = mbedtls_md_setup(&ctx, md_type, 1)) != 0) {
        KABLOOIE;
    kablooie:
        mbedtls_strerror(status, errbuf, sizeof errbuf);
        ERROR("srp_hmac_iov failed at hmac-mbedtls.c line %d: " PUB_S_SRP, line, errbuf);
    }

    if ((status = mbedtls_md_hmac_starts(&ctx, key->secret, key->length)) != 0) {
        KABLOOIE;
    }
	for (i = 0; i < count; i++) {
        if ((status = mbedtls_md_hmac_update(&ctx, iov[i].iov_base, iov[i].iov_len)) != 0) {
            KABLOOIE;
        }
	}
	if ((status = mbedtls_md_hmac_finish(&ctx, output)) != 0) {
        KABLOOIE;
	}
}

int
srp_base64_parse(char *src, size_t *len_ret, uint8_t *buf, size_t buflen)
{
    size_t slen = strlen(src);
    int ret = mbedtls_base64_decode(buf, buflen, len_ret, (const unsigned char *)src, slen);
    if (ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) {
        return ENOBUFS;
    } else if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) {
        return EILSEQ;
    } else if (ret < 0) {
        return EINVAL;
    }
    return 0;
}

// Local Variables:
// mode: C
// tab-width: 4
// c-file-style: "bsd"
// c-basic-offset: 4
// fill-column: 108
// indent-tabs-mode: nil
// End: