/*
 * Copyright 2021 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <string>
#include <vector>

#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h>
#include <android/binder_manager.h>
#include <cppbor.h>
#include <gflags/gflags.h>
#include <keymaster/cppcose/cppcose.h>
#include <openssl/base64.h>
#include <remote_prov/remote_prov_utils.h>
#include <sys/random.h>

using aidl::android::hardware::security::keymint::DeviceInfo;
using aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent;
using aidl::android::hardware::security::keymint::MacedPublicKey;
using aidl::android::hardware::security::keymint::ProtectedData;
using aidl::android::hardware::security::keymint::RpcHardwareInfo;
using aidl::android::hardware::security::keymint::remote_prov::generateEekChain;
using aidl::android::hardware::security::keymint::remote_prov::getProdEekChain;
using aidl::android::hardware::security::keymint::remote_prov::jsonEncodeCsrWithBuild;

using namespace cppbor;
using namespace cppcose;

DEFINE_bool(test_mode, false, "If enabled, a fake EEK key/cert are used.");

DEFINE_string(output_format, "csr", "How to format the output. Defaults to 'csr'.");

namespace {

// Various supported --output_format values.
constexpr std::string_view kBinaryCsrOutput = "csr";     // Just the raw csr as binary
constexpr std::string_view kBuildPlusCsr = "build+csr";  // Text-encoded (JSON) build
                                                         // fingerprint plus CSR.

constexpr size_t kChallengeSize = 16;

std::string toBase64(const std::vector<uint8_t>& buffer) {
    size_t base64Length;
    int rc = EVP_EncodedLength(&base64Length, buffer.size());
    if (!rc) {
        std::cerr << "Error getting base64 length. Size overflow?" << std::endl;
        exit(-1);
    }

    std::string base64(base64Length, ' ');
    rc = EVP_EncodeBlock(reinterpret_cast<uint8_t*>(base64.data()), buffer.data(), buffer.size());
    ++rc;  // Account for NUL, which BoringSSL does not for some reason.
    if (rc != base64Length) {
        std::cerr << "Error writing base64. Expected " << base64Length
                  << " bytes to be written, but " << rc << " bytes were actually written."
                  << std::endl;
        exit(-1);
    }
    return base64;
}

std::vector<uint8_t> generateChallenge() {
    std::vector<uint8_t> challenge(kChallengeSize);

    ssize_t bytesRemaining = static_cast<ssize_t>(challenge.size());
    uint8_t* writePtr = challenge.data();
    while (bytesRemaining > 0) {
        int bytesRead = getrandom(writePtr, bytesRemaining, /*flags=*/0);
        if (bytesRead < 0) {
            if (errno == EINTR) {
                continue;
            } else {
                std::cerr << errno << ": " << strerror(errno) << std::endl;
                exit(-1);
            }
        }
        bytesRemaining -= bytesRead;
        writePtr += bytesRead;
    }

    return challenge;
}

Array composeCertificateRequest(const ProtectedData& protectedData,
                                const DeviceInfo& verifiedDeviceInfo,
                                const std::vector<uint8_t>& challenge,
                                const std::vector<uint8_t>& keysToSignMac) {
    Array macedKeysToSign = Array()
                                .add(std::vector<uint8_t>(0))  // empty protected headers as bstr
                                .add(Map())                    // empty unprotected headers
                                .add(Null())                   // nil for the payload
                                .add(keysToSignMac);           // MAC as returned from the HAL

    Array deviceInfo =
        Array().add(EncodedItem(verifiedDeviceInfo.deviceInfo)).add(Map());  // Empty device info

    Array certificateRequest = Array()
                                   .add(std::move(deviceInfo))
                                   .add(challenge)
                                   .add(EncodedItem(protectedData.protectedData))
                                   .add(std::move(macedKeysToSign));
    return certificateRequest;
}

std::vector<uint8_t> getEekChain(uint32_t curve) {
    if (FLAGS_test_mode) {
        const std::vector<uint8_t> kFakeEekId = {'f', 'a', 'k', 'e', 0};
        auto eekOrErr = generateEekChain(curve, 3 /* chainlength */, kFakeEekId);
        if (!eekOrErr) {
            std::cerr << "Failed to generate test EEK somehow: " << eekOrErr.message() << std::endl;
            exit(-1);
        }
        auto [eek, pubkey, privkey] = eekOrErr.moveValue();
        std::cout << "EEK raw keypair:" << std::endl;
        std::cout << "  pub:  " << toBase64(pubkey) << std::endl;
        std::cout << "  priv: " << toBase64(privkey) << std::endl;
        return eek;
    }

    return getProdEekChain(curve);
}

void writeOutput(const std::string instance_name, const Array& csr) {
    if (FLAGS_output_format == kBinaryCsrOutput) {
        auto bytes = csr.encode();
        std::copy(bytes.begin(), bytes.end(), std::ostream_iterator<char>(std::cout));
    } else if (FLAGS_output_format == kBuildPlusCsr) {
        auto [json, error] = jsonEncodeCsrWithBuild(instance_name, csr);
        if (!error.empty()) {
            std::cerr << "Error JSON encoding the output: " << error;
            exit(1);
        }
        std::cout << json << std::endl;
    } else {
        std::cerr << "Unexpected output_format '" << FLAGS_output_format << "'" << std::endl;
        std::cerr << "Valid formats:" << std::endl;
        std::cerr << "  " << kBinaryCsrOutput << std::endl;
        std::cerr << "  " << kBuildPlusCsr << std::endl;
        exit(1);
    }
}

// Callback for AServiceManager_forEachDeclaredInstance that writes out a CSR
// for every IRemotelyProvisionedComponent.
void getCsrForInstance(const char* name, void* /*context*/) {
    const std::vector<uint8_t> challenge = generateChallenge();

    auto fullName = std::string(IRemotelyProvisionedComponent::descriptor) + "/" + name;
    AIBinder* rkpAiBinder = AServiceManager_getService(fullName.c_str());
    ::ndk::SpAIBinder rkp_binder(rkpAiBinder);
    auto rkp_service = IRemotelyProvisionedComponent::fromBinder(rkp_binder);
    if (!rkp_service) {
        std::cerr << "Unable to get binder object for '" << fullName << "', skipping.";
        exit(-1);
    }

    std::vector<uint8_t> keysToSignMac;
    std::vector<MacedPublicKey> emptyKeys;
    DeviceInfo verifiedDeviceInfo;
    ProtectedData protectedData;
    RpcHardwareInfo hwInfo;
    ::ndk::ScopedAStatus status = rkp_service->getHardwareInfo(&hwInfo);
    if (!status.isOk()) {
        std::cerr << "Failed to get hardware info for '" << fullName
                  << "'. Error code: " << status.getServiceSpecificError() << "." << std::endl;
        exit(-1);
    }
    status = rkp_service->generateCertificateRequest(
        FLAGS_test_mode, emptyKeys, getEekChain(hwInfo.supportedEekCurve), challenge,
        &verifiedDeviceInfo, &protectedData, &keysToSignMac);
    if (!status.isOk()) {
        std::cerr << "Bundle extraction failed for '" << fullName
                  << "'. Error code: " << status.getServiceSpecificError() << "." << std::endl;
        exit(-1);
    }
    auto request =
        composeCertificateRequest(protectedData, verifiedDeviceInfo, challenge, keysToSignMac);
    writeOutput(std::string(name), request);
}

}  // namespace

int main(int argc, char** argv) {
    gflags::ParseCommandLineFlags(&argc, &argv, /*remove_flags=*/true);

    AServiceManager_forEachDeclaredInstance(IRemotelyProvisionedComponent::descriptor,
                                            /*context=*/nullptr, getCsrForInstance);

    return 0;
}