// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0

package salt

import (
	"context"
	"crypto/hmac"
	"crypto/sha1"
	"crypto/sha256"
	"encoding/hex"
	"fmt"
	"hash"

	"github.com/hashicorp/errwrap"
	uuid "github.com/hashicorp/go-uuid"
	"github.com/hashicorp/vault/sdk/logical"
)

const (
	// DefaultLocation is the path in the view we store our key salt
	// if no other path is provided.
	DefaultLocation = "salt"
)

// Salt is used to manage a persistent salt key which is used to
// hash values. This allows keys to be generated and recovered
// using the global salt. Primarily, this allows paths in the storage
// backend to be obfuscated if they may contain sensitive information.
type Salt struct {
	config    *Config
	salt      string
	generated bool
}

type HashFunc func([]byte) []byte

// Config is used to parameterize the Salt
type Config struct {
	// Location is the path in the storage backend for the
	// salt. Uses DefaultLocation if not specified.
	Location string

	// HashFunc is the hashing function to use for salting.
	// Defaults to SHA1 if not provided.
	HashFunc HashFunc

	// HMAC allows specification of a hash function to use for
	// the HMAC helpers
	HMAC func() hash.Hash

	// String prepended to HMAC strings for identification.
	// Required if using HMAC
	HMACType string
}

// NewSalt creates a new salt based on the configuration
func NewSalt(ctx context.Context, view logical.Storage, config *Config) (*Salt, error) {
	// Setup the configuration
	if config == nil {
		config = &Config{}
	}
	if config.Location == "" {
		config.Location = DefaultLocation
	}
	if config.HashFunc == nil {
		config.HashFunc = SHA256Hash
	}
	if config.HMAC == nil {
		config.HMAC = sha256.New
		config.HMACType = "hmac-sha256"
	}

	// Create the salt
	s := &Salt{
		config: config,
	}

	// Look for the salt
	var raw *logical.StorageEntry
	var err error
	if view != nil {
		raw, err = view.Get(ctx, config.Location)
		if err != nil {
			return nil, errwrap.Wrapf("failed to read salt: {{err}}", err)
		}
	}

	// Restore the salt if it exists
	if raw != nil {
		s.salt = string(raw.Value)
	}

	// Generate a new salt if necessary
	if s.salt == "" {
		s.salt, err = uuid.GenerateUUID()
		if err != nil {
			return nil, errwrap.Wrapf("failed to generate uuid: {{err}}", err)
		}
		s.generated = true
		if view != nil {
			raw := &logical.StorageEntry{
				Key:   config.Location,
				Value: []byte(s.salt),
			}
			if err := view.Put(ctx, raw); err != nil {
				return nil, errwrap.Wrapf("failed to persist salt: {{err}}", err)
			}
		}
	}

	if config.HMAC != nil {
		if len(config.HMACType) == 0 {
			return nil, fmt.Errorf("HMACType must be defined")
		}
	}

	return s, nil
}

// NewNonpersistentSalt creates a new salt with default configuration and no storage usage.
func NewNonpersistentSalt() *Salt {
	// Setup the configuration
	config := &Config{}
	config.Location = ""
	config.HashFunc = SHA256Hash
	config.HMAC = sha256.New
	config.HMACType = "hmac-sha256"

	s := &Salt{
		config: config,
	}
	s.salt, _ = uuid.GenerateUUID()
	s.generated = true
	return s
}

// SaltID is used to apply a salt and hash function to an ID to make sure
// it is not reversible
func (s *Salt) SaltID(id string) string {
	return SaltID(s.salt, id, s.config.HashFunc)
}

// GetHMAC is used to apply a salt and hash function to data to make sure it is
// not reversible, with an additional HMAC
func (s *Salt) GetHMAC(data string) string {
	hm := hmac.New(s.config.HMAC, []byte(s.salt))
	hm.Write([]byte(data))
	return hex.EncodeToString(hm.Sum(nil))
}

// GetIdentifiedHMAC is used to apply a salt and hash function to data to make
// sure it is not reversible, with an additional HMAC, and ID prepended
func (s *Salt) GetIdentifiedHMAC(data string) string {
	return s.config.HMACType + ":" + s.GetHMAC(data)
}

// DidGenerate returns true if the underlying salt value was generated
// on initialization.
func (s *Salt) DidGenerate() bool {
	return s.generated
}

// SaltIDHashFunc uses the supplied hash function instead of the configured
// hash func in the salt.
func (s *Salt) SaltIDHashFunc(id string, hashFunc HashFunc) string {
	return SaltID(s.salt, id, hashFunc)
}

// SaltID is used to apply a salt and hash function to an ID to make sure
// it is not reversible
func SaltID(salt, id string, hash HashFunc) string {
	comb := salt + id
	hashVal := hash([]byte(comb))
	return hex.EncodeToString(hashVal)
}

func HMACValue(salt, val string, hashFunc func() hash.Hash) string {
	hm := hmac.New(hashFunc, []byte(salt))
	hm.Write([]byte(val))
	return hex.EncodeToString(hm.Sum(nil))
}

func HMACIdentifiedValue(salt, val, hmacType string, hashFunc func() hash.Hash) string {
	return hmacType + ":" + HMACValue(salt, val, hashFunc)
}

// SHA1Hash returns the SHA1 of the input
func SHA1Hash(inp []byte) []byte {
	hashed := sha1.Sum(inp)
	return hashed[:]
}

// SHA256Hash returns the SHA256 of the input
func SHA256Hash(inp []byte) []byte {
	hashed := sha256.Sum256(inp)
	return hashed[:]
}