//
// Copyright (c) 2017 anygone contributors (see AUTHORS file)
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
//
// * Redistributions of source code must retain the above copyright notice, this
//   list of conditions and the following disclaimer.
//
// * Redistributions in binary form must reproduce the above copyright notice,
//   this list of conditions and the following disclaimer in the documentation
//   and/or other materials provided with the distribution.
//
// * Neither the name of anygone nor the names of its
//   contributors may be used to endorse or promote products derived from
//   this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//

package satp

import (
	"errors"
	"strings"
)

type KDRole int
type KeyUsage int
type Label uint32

const (
	RoleLeft KDRole = iota
	RoleRight

	UsageEncryptKey KeyUsage = iota
	UsageEncryptSalt
	UsageAuthKey

	LabelLeftEncrypt      = 0x356A192B
	LabelRightEncrypt     = 0xDA4B9237
	LabelLeftEncryptSalt  = 0x77DE68DA
	LabelRightEncryptSalt = 0x1B645389
	LabelLeftAuthKey      = 0xAC3478D6
	LabelRightAuthKey     = 0xC1DFD96E
)

func (r KDRole) String() string {
	switch r {
	case RoleLeft:
		return "left"
	case RoleRight:
		return "right"
	}
	return "unknown"
}

func (r *KDRole) FromString(str string) (err error) {
	switch strings.ToLower(str) {
	case "server":
		fallthrough
	case "alice":
		fallthrough
	case "left":
		*r = RoleLeft
	case "client":
		fallthrough
	case "bob":
		fallthrough
	case "right":
		*r = RoleRight
	default:
		return errors.New("invalid role: '" + str + "'")
	}
	return
}

func (r KDRole) MarshalText() (data []byte, err error) {
	data = []byte(r.String())
	return
}

func (r *KDRole) UnmarshalText(data []byte) (err error) {
	return r.FromString(string(data))
}

type KeyDerivation interface {
	Generate(dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error
}

func getKDLabel(role KDRole, dir Direction, usage KeyUsage) uint32 {
	switch usage {
	case UsageEncryptKey:
		if (role == RoleLeft && dir == Outbound) || (role == RoleRight && dir == Inbound) {
			return LabelLeftEncrypt
		}
		return LabelRightEncrypt
	case UsageEncryptSalt:
		if (role == RoleLeft && dir == Outbound) || (role == RoleRight && dir == Inbound) {
			return LabelLeftEncryptSalt
		}
		return LabelRightEncryptSalt
	case UsageAuthKey:
		if (role == RoleLeft && dir == Outbound) || (role == RoleRight && dir == Inbound) {
			return LabelLeftAuthKey
		}
		return LabelRightAuthKey
	}
	panic("Key-derivation: invalid role, direction and/or usage")
}