//
// Created by miti on 21/07/19.
//

#include "UntrustedInclude/SealingUntrusted.h"

namespace SealingUntrusted {

    namespace {
        int create_and_seal_signing_key_pair_to_disk(sgx_enclave_id_t enclave_id, char* filename)
        {
            uint32_t ret_status=0, counter=0;
            size_t length=0;
            uint8_t* sealed_data;

            Decryptor_calculate_sealed_keypair_size_wrapper(enclave_id, &length);
            if(length == 0xFFFFFFFF)
                return -31;
            sealed_data=(uint8_t*) malloc(length);
            printf("length: %d\n", length); fflush(stdout);

            Decryptor_create_and_seal_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, &length, sealed_data);
            if(ret_status != SGX_SUCCESS)
            {
                printf("create_and_seal called returned an error: %x", ret_status);
                free(sealed_data);
                return -32;
            }
            printf("It returned sgx_success\n"); fflush(stdout);
            for(counter=0; counter<length; counter++)
                printf("%02x ", sealed_data[counter]);

            ret_status = FileIO::write_to_filename(filename, sealed_data, &length);
            free(sealed_data);

            return ret_status;
        }

        int unseal_signing_key_pair_from_disk(sgx_enclave_id_t enclave_id, char* filename, size_t sealed_msg_length_in_file)
        {
            uint32_t ret_status=0, counter=0;
            size_t length=sealed_msg_length_in_file;
            uint8_t* sealed_data;

            sealed_data = (uint8_t*) malloc(sealed_msg_length_in_file);
            ret_status = FileIO::read_from_filename(filename, sealed_data, &length);
            if(ret_status == -1)
            {
                free(sealed_data);
                return -1;
            }

            printf("Here's the chars my dudes: they are of length %d.\n", length);
            fflush(stdout);
            for(counter=0;counter<length;counter++)
                printf("%x ", *(sealed_data+counter));
            printf("\n");  fflush(stdout);

            Decryptor_unseal_and_restore_long_term_signing_key_pair_wrapper(enclave_id, &ret_status, sealed_data, &length);
            free(sealed_data);
            return -1*ret_status; // ret_status is positive for error in sgx code.
        }
    }

    int look_for_signing_key_or_regenerate_it(sgx_enclave_id_t enclave_id, char* filename)
    {
        size_t sealed_key_size;
        uint32_t ret_status;
        int fd;

        sealed_key_size = FileIO::check_if_file_exists_return_size(filename);
        if(sealed_key_size == 0) // File is empty. create signing key pair.
        {
            printf("Creating new keypair.\n"); fflush(stdout);
            ret_status = create_and_seal_signing_key_pair_to_disk(enclave_id, filename);
        }
        else
        {
            printf("Unsealing keypair of size %d.\n", sealed_key_size); fflush(stdout);
            ret_status = unseal_signing_key_pair_from_disk(enclave_id, filename, sealed_key_size);
        }

        return ret_status;
    }
}