// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0

using System;
using System.Collections.Immutable;
using Wrappers_Compile;
using software.amazon.cryptography.primitives.internaldafny.types;
using Org.BouncyCastle.Math;
using ibyteseq = Dafny.ISequence<byte>;
using byteseq = Dafny.Sequence<byte>;
using _IDigestAlgorithm = software.amazon.cryptography.primitives.internaldafny.types._IDigestAlgorithm;
using Error_Opaque = software.amazon.cryptography.primitives.internaldafny.types.Error_Opaque;

namespace HMAC {

    public partial class __default {
        public static _IResult<ibyteseq, _IError> Digest(_IHMacInput input)
        {
            var maybeHmac = HMac.Build(input.dtor_digestAlgorithm);

            if (maybeHmac.is_Failure)
            {
                return (maybeHmac).PropagateFailure<Dafny.ISequence<byte>>();
            }
            var hmac = maybeHmac.Extract();
            hmac.Init(input.dtor_key);
            hmac.BlockUpdate(input.dtor_message);
            return Result<ibyteseq, _IError>.create_Success(hmac.GetResult());
        }
    }

    public partial class HMac {

        private Org.BouncyCastle.Crypto.Macs.HMac hmac;

        public static _IResult<HMac, _IError> Build(_IDigestAlgorithm digest)
        {
            try
            {
                return Result<HMac, _IError>.create_Success(new HMac(digest));
            }
            catch (Exception ex)
            {
                return Wrappers_Compile.Result<HMac, _IError>
                    .create_Failure(AWS.Cryptography.Primitives.TypeConversion.ToDafny_CommonError(ex));
            }
            
        }

        public HMac(_IDigestAlgorithm digest) {
            Org.BouncyCastle.Crypto.IDigest bouncyCastleDigest;
            if(digest.is_SHA__256) {
                bouncyCastleDigest = new Org.BouncyCastle.Crypto.Digests.Sha256Digest();
            } else if(digest.is_SHA__384) {
                bouncyCastleDigest = new Org.BouncyCastle.Crypto.Digests.Sha384Digest();
            } else if(digest.is_SHA__512) {
                bouncyCastleDigest = new Org.BouncyCastle.Crypto.Digests.Sha512Digest();
            } else
            {
                throw new System.Exception(String.Format("Unsupported digest: {0}", digest.ToString()));
            }
            hmac = new Org.BouncyCastle.Crypto.Macs.HMac(bouncyCastleDigest);
        }

        public void Init(ibyteseq input) {
            // KeyParameter/ Init should not mutate input, but this is safer than using input.Elements directly
            byte[] elemCopy = (byte[]) input.Elements.Clone();
            var keyParams = new Org.BouncyCastle.Crypto.Parameters.KeyParameter(elemCopy);
            hmac.Init(keyParams);
            // elemCopy may contain sensitive info; zeroize it to reduce time this lives in memory
            Array.Clear(elemCopy, 0, elemCopy.Length);
            elemCopy = null;
        }

        public void BlockUpdate(ibyteseq input) {
            // BlockUpdate should not mutate input, but this is safer than using input.Elements directly
            byte[] elemCopy = (byte[]) input.Elements.Clone();
            hmac.BlockUpdate(elemCopy, 0, elemCopy.Length);
            // elemCopy may contain sensitive info; zeroize it to reduce time this lives in memory
            Array.Clear(elemCopy, 0, elemCopy.Length);
            elemCopy = null;
        }

        public ibyteseq GetResult() {
            byte[] output = new byte[hmac.GetMacSize()];
            hmac.DoFinal(output, 0);
            return byteseq.FromArray(output);
        }
        
    }
}