/*
 * Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */

#include <openssl/bn.h>

#include <stdbool.h>

#include <proof_helpers/proof_allocators.h>

#include <bn_utils.h>

/* Abstraction of the BIGNUM struct */
struct bignum_st {
    bool is_initialized;
};

/*
 * Description: BN_new() allocates and initializes a BIGNUM structure.
 * Return values: BN_new() and BN_secure_new() return a pointer to the BIGNUM initialised to the value 0. If the
 * allocation fails, they return NULL and set an error code that can be obtained by ERR_get_error(3).
 */
BIGNUM *BN_new(void) {
    BIGNUM *rv = can_fail_malloc(sizeof(BIGNUM));
    if (rv) {
        rv->is_initialized = true;
    }

    // Assuming error codes can be safely ignored

    return rv;
}

/*
 * Description: BN_dup() creates a new BIGNUM containing the value from.
 * Return values: BN_dup() returns the new BIGNUM, and NULL on error.
 */
BIGNUM *BN_dup(const BIGNUM *from) {
    assert(bignum_is_valid(from));

    // WARNING: somehow CBMC doesn't catch the NULL-ptr deref?
    // *dup = *from;

    return BN_new();  // Guarantees that return value will be either NULL or initialized
}

/*
 * Description: BN_sub() subtracts b from a and places the result in r (r=a-b). r may be the same BIGNUM as a or b.
 * Return values: For all functions, 1 is returned for success, 0 on error. The return value should always be checked
 * (e.g., if (!BN_add(r,a,b)) goto err;).
 */
int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) {
    assert(bignum_is_valid(r));
    assert(bignum_is_valid(a));
    assert(bignum_is_valid(b));

    r->is_initialized = nondet_bool();

    return r->is_initialized;
}

/*
 * Description: BN_free() frees the components of the BIGNUM, and if it was created by BN_new(), also the structure
 * itself.
 */
void BN_free(BIGNUM *a) {
    free(a);  // Assuming BIGNUMs are always allocated dynamically
}

/*
 * Description: BN_clear_free() additionally overwrites the data before the memory is returned to the system. If a is
 * NULL, nothing is done.
 */
void BN_clear_free(BIGNUM *a) {
    // No way currently to model or check that the data is cleared
    free(a);
}

/* CBMC helper functions */

bool bignum_is_valid(BIGNUM *a) {
    return a && a->is_initialized;
}

BIGNUM *bignum_nondet_alloc() {
    return can_fail_malloc(sizeof(BIGNUM));
}