/*
 * Copyright (C) 2018 Red Hat, Inc.
 *
 * Author: Nikos Mavrogiannopoulos
 *
 * This file is part of GnuTLS.
 *
 * GnuTLS is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * GnuTLS is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <gnutls/gnutls.h>
#include <gnutls/gnutlsxx.h>
#include <iostream>

extern "C" {
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "cert-common.h"
#include <setjmp.h>
#include <cmocka.h>
#include <minmax.h>
}

/* This is a basic test for C++ API */
static void tls_log_func(int level, const char *str)
{
	std::cerr << level << "| " << str << "\n";
}

static char to_server[64 * 1024];
static size_t to_server_len = 0;

static char to_client[64 * 1024];
static size_t to_client_len = 0;

static ssize_t
client_push(gnutls_transport_ptr_t tr, const void *data, size_t len)
{
	size_t newlen;

	len = MIN(len, sizeof(to_server) - to_server_len);

	newlen = to_server_len + len;
	memcpy(to_server + to_server_len, data, len);
	to_server_len = newlen;

	return len;
}

static ssize_t
client_pull(gnutls_transport_ptr_t tr, void *data, size_t len)
{
	if (to_client_len == 0) {
		gnutls_transport_set_errno ((gnutls_session_t)tr, EAGAIN);
		return -1;
	}

	len = MIN(len, to_client_len);

	memcpy(data, to_client, len);

	memmove(to_client, to_client + len, to_client_len - len);
	to_client_len -= len;
	return len;
}

static ssize_t
server_pull(gnutls_transport_ptr_t tr, void *data, size_t len)
{
	if (to_server_len == 0) {
		gnutls_transport_set_errno ((gnutls_session_t)tr, EAGAIN);
		return -1;
	}

	len = MIN(len, to_server_len);
	memcpy(data, to_server, len);

	memmove(to_server, to_server + len, to_server_len - len);
	to_server_len -= len;

	return len;
}

static ssize_t
server_push(gnutls_transport_ptr_t tr, const void *data, size_t len)
{
	size_t newlen;

	len = MIN(len, sizeof(to_client) - to_client_len);

	newlen = to_client_len + len;
	memcpy(to_client + to_client_len, data, len);
	to_client_len = newlen;

	return len;
}

inline static void reset_buffers(void)
{
	to_server_len = 0;
	to_client_len = 0;
}

#define MSG "test message"
static void test_handshake(void **glob_state, const char *prio,
			   gnutls::server_session& server, gnutls::client_session& client)
{
        gnutls::certificate_credentials serverx509cred;
	int sret, cret;
	gnutls::certificate_credentials clientx509cred;
	char buffer[64];
	int ret;

	/* General init. */
	reset_buffers();
	gnutls_global_set_log_function(tls_log_func);

	try {
		serverx509cred.set_x509_key(server_cert, server_key, GNUTLS_X509_FMT_PEM);
		server.set_credentials(serverx509cred);

		server.set_priority(prio, NULL);

		server.set_transport_push_function(server_push);
		server.set_transport_pull_function(server_pull);
		server.set_transport_ptr(server.ptr());

		client.set_priority(prio, NULL);
		client.set_credentials(clientx509cred);

		client.set_transport_push_function(client_push);
		client.set_transport_pull_function(client_pull);
		client.set_transport_ptr(client.ptr());
	}
	catch (std::exception &ex) {
		std::cerr << "Exception caught: " << ex.what() << std::endl;
		fail();
	}

	sret = cret = GNUTLS_E_AGAIN;

	do {
		if (cret == GNUTLS_E_AGAIN) {
			try {
				cret = client.handshake();
			} catch(gnutls::exception &ex) {
				cret = ex.get_code();
				if (cret == GNUTLS_E_INTERRUPTED || cret == GNUTLS_E_AGAIN)
					cret = GNUTLS_E_AGAIN;
			}
		}
		if (sret == GNUTLS_E_AGAIN) {
			try {
				sret = server.handshake();
			} catch(gnutls::exception &ex) {
				sret = ex.get_code();
				if (sret == GNUTLS_E_INTERRUPTED || sret == GNUTLS_E_AGAIN)
					sret = GNUTLS_E_AGAIN;
			}
		}
	}
	while ((cret == GNUTLS_E_AGAIN || (cret == 0 && sret == GNUTLS_E_AGAIN)) &&
	       (sret == GNUTLS_E_AGAIN || (sret == 0 && cret == GNUTLS_E_AGAIN)));

	if (sret < 0 || cret < 0) {
		fail();
	}

	try {
		client.send(MSG, sizeof(MSG)-1);
		ret = server.recv(buffer, sizeof(buffer));

		assert(ret == sizeof(MSG)-1);
		assert(memcmp(buffer, MSG, sizeof(MSG)-1) == 0);
		
		client.bye(GNUTLS_SHUT_WR);
		server.bye(GNUTLS_SHUT_WR);
	}
	catch (std::exception &ex) {
		std::cerr << "Exception caught: " << ex.what() << std::endl;
		fail();
	}

	return;
}

static void tls_handshake(void **glob_state)
{
        gnutls::server_session server;
	gnutls::client_session client;

	test_handshake(glob_state, "NORMAL", server, client);
}

static void tls_handshake_alt(void **glob_state)
{
        gnutls::server_session server(0);
	gnutls::client_session client(0);

	test_handshake(glob_state, "NORMAL", server, client);
}

static void tls12_handshake(void **glob_state)
{
        gnutls::server_session server;
	gnutls::client_session client;

	test_handshake(glob_state, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2", server, client);
}

static void tls13_handshake(void **glob_state)
{
        gnutls::server_session server;
	gnutls::client_session client;

	test_handshake(glob_state, "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3", server, client);
}

int main(void)
{
	const struct CMUnitTest tests[] = {
		cmocka_unit_test(tls_handshake),
		cmocka_unit_test(tls_handshake_alt),
		cmocka_unit_test(tls13_handshake),
		cmocka_unit_test(tls12_handshake)
	};
	return cmocka_run_group_tests(tests, NULL, NULL);
}