//! Wrap [tor_cell::chancell::codec::ChannelCodec] for use with the asynchronous_codec

//! crate.

use digest::Digest;

use tor_bytes::Reader;

use tor_cell::chancell::{

    AnyChanCell, ChanCell, ChanCmd, ChanMsg, codec,

    msg::{self, AnyChanMsg},

};

use tor_error::internal;

use tor_llcrypto as ll;

use bytes::BytesMut;

use crate::{channel::msg::LinkVersion, util::err::Error as ChanError};

use super::{ChannelType, msg::MessageFilter};

/// An authentication rolling digest value.

pub(crate) type AuthLogDigest = [u8; 32];

/// The rolling digest for the bytes sent on a channel. (Received by the responder).

#[derive(Debug, PartialEq)]

pub(crate) struct ClogDigest(AuthLogDigest);

/// The rolling digest for the bytes received on a channel. (Sent by the responder).

#[derive(Debug, PartialEq)]

pub(crate) struct SlogDigest(AuthLogDigest);

impl ClogDigest {

    /// Constructor from a `AuthLogDigest`

}

impl SlogDigest {

    /// Constructor from a `AuthLogDigest`

}

impl AsRef<[u8]> for ClogDigest {

}

impl AsRef<[u8]> for SlogDigest {

}

/// Channel cell handler which is always in three state.

///

/// This ALWAYS starts the handler at New. This can only be constructed from a [ChannelType] which

/// forces it to start at New.

///

/// From the New state, it will automatically transition to the right state as information is

/// attached to it (ex: link protocol version).

pub(crate) enum ChannelCellHandler {

    /// When a network connection opens to another endpoint, the channel is considered "New" and

    /// so we use this handler to start the handshake.

    New(NewChannelHandler),

    /// We opened and negotiated a VERSIONS cell. If successful, we transition to this cell handler

    /// with sole purpose to handle the handshake phase.

    Handshake(HandshakeChannelHandler),

    /// Once the handshake is successful, the channel is Open and we use this handler.

    Open(OpenChannelHandler),

}

/// This is the only way to construct a ChannelCellHandler, from the channel type which will always

/// start the handler at the New state.

impl From<super::ChannelType> for ChannelCellHandler {

}

impl ChannelCellHandler {

    /// Return the [`ChannelType`] of the inner handler.

        }

    /// Set link protocol for this channel cell handler. This transition the handler into the

    /// handshake handler state.

    ///

    /// An error is returned if the current handler is NOT the New one or if the link version is

    /// unknown.

        };

    /// This transition into the open handler state.

    ///

    /// An error is returned if the current handler is NOT the Handshake one.

        };

    /// Mark this handler as authenticated.

    ///

    /// This can only happen during the Handshake process as a New handler can't be authenticated

    /// from the start and an Open handler can only be opened after authentication.

        };

    /// The digest of bytes sent on this channel.

    ///

    /// This should only ever be called once as it consumes the send log.

    ///

    /// This will return an error if one of:

    /// - The channel is not recording the send log.

    /// - The send log digest has already been taken.

    /// - This cell handler is not using a handshake handler.

        } else {

        }

    /// The digest of bytes received on this channel.

    ///

    /// This should only ever be called once as it consumes the receive log.

    ///

    /// This will return `None` if one of:

    /// - The channel is not recording the receive log.

    /// - The receive log digest has already been taken.

    /// - This cell handler is not using a handshake handler.

        } else {

        }

}

// Security Consideration.

//

// Here is an explanation on why AnyChanCell is used as Item in the Handshake and Open handler and

// thus the higher level ChannelCellHandler.

//

// Technically, we could use a restricted message set and so the decoding and encoding wouldn't do

// anything if the cell/data was not part of that set.

//

// However, with relay and client, we have multiple channel types which means we have now a lot

// more sets of restricted message (see msg.rs) and each of them are per link protocol version, per

// stage of the channel opening process and per direction (inbound or outbound).

//

// To go around this, we use [MessageFilter] in order to decode on the specific restricted message

// set but still return a [AnyChanCell].

//

// If someone wants to contribute a more elegant solution that wouldn't require us to duplicate

// code for each restricted message set, by all means, go for it :).

impl asynchronous_codec::Decoder for ChannelCellHandler {

    type Item = AnyChanCell;

    type Error = ChanError;

        }

}

impl asynchronous_codec::Encoder for ChannelCellHandler {

    type Item<'a> = AnyChanCell;

    type Error = ChanError;

                // The new handler pins the only possible message to be a Versions. That is why we

                // extract it here and validate before else we can't pass Item to encode().

                };

            }

        }

}

/// A new channel handler used when a channel is created but before the handshake meaning there is no

/// link protocol version yet associated with it.

///

/// This handler only handles the VERSIONS cell.

pub(crate) struct NewChannelHandler {

    /// The channel type for this handler.

    channel_type: ChannelType,

    /// The digest of bytes sent on this channel.

    ///

    /// Will be used for the SLOG or CLOG of the AUTHENTICATE cell.

    send_log: Option<ll::d::Sha256>,

    /// The digest of bytes received on this channel.

    ///

    /// Will be used for the SLOG or CLOG of the AUTHENTICATE cell.

    recv_log: Option<ll::d::Sha256>,

}

impl NewChannelHandler {

    /// Return a handshake handler ready for the given link protocol.

}

impl From<ChannelType> for NewChannelHandler {

            // Relay responder might not need clog/slog but that is fine. We don't know until the

            // end of the handshake.

        }

}

impl asynchronous_codec::Decoder for NewChannelHandler {

    type Item = msg::Versions;

    type Error = ChanError;

        // NOTE: Until the body can be extracted from src buffer, it MUST NOT be modified as in

        // advanced with the Buf trait or modified in any ways. Reason is that we can realize we

        // don't have enough bytes in the src buffer for the expected body length from the header

        // so we have to leave the src buffer untouched and wait for more bytes.

        // See tor-spec, starting a handshake, all cells are variable length so the first 5 bytes

        // are: CircId as u16, Command as u8, Length as u16 totalling 5 bytes.

        const HEADER_SIZE: usize = 5;

        // Below this amount, this is not a valid cell we can decode. This is important because we

        // can get an empty buffer in normal circumstances (see how Framed work) and so we have to

        // return that we weren't able to decode and thus no Item.

        // Get the CircID and Command from the header. This is safe due to the header size check

        // above.

        // We are only expecting these specific commands. We have to do this by hand here as after

        // that we can use a proper codec.

        // Get the body length now from the next two bytes. This is still safe due to the first

        // header size check at the start.

        // See https://gitlab.torproject.org/tpo/core/tor/-/issues/10365. The gist is that because

        // version numbers are u16, an odd payload would mean we have a trailing byte that is

        // unused which shouldn't be and because we don't expect not controlled that byte, as maxi

        // precaution, we don't allow.

        // Make sure we have enough bytes in our payload.

            // We don't haven't received enough data to decode the expected length from the header

            // so return no Item.

            //

            // IMPORTANT: The src buffer here can't be advance before reaching this check.

        // Extract the exact data we will be looking at.

        // Update the receive log digest with the entire cell up to the end of the payload hence the

        // data we are looking at (and not the whole source). Even on error, this doesn't matter

        // because if decoding fails, the channel is closed.

        // Get the actual body from the data.

        // Decode the VERSIONS.

}

impl asynchronous_codec::Encoder for NewChannelHandler {

    type Item<'a> = msg::Versions;

    type Error = ChanError;

        // Update the send log digest.

        // Special encoding for the VERSIONS cell.

}

/// The handshake channel handler which is used to decode and encode cells onto a channel that is

/// handshaking with an endpoint.

pub(crate) struct HandshakeChannelHandler {

    /// Message filter used to allow or not a certain message.

    filter: MessageFilter,

    /// The cell codec that we'll use to encode and decode our cells.

    inner: codec::ChannelCodec,

    /// The digest of bytes sent on this channel.

    ///

    /// Will be used for the SLOG or CLOG of the AUTHENTICATE cell.

    send_log: Option<ll::d::Sha256>,

    /// The digest of bytes received on this channel.

    ///

    /// Will be used for the SLOG or CLOG of the AUTHENTICATE cell.

    recv_log: Option<ll::d::Sha256>,

}

impl HandshakeChannelHandler {

    /// Constructor

    /// Internal helper: Take a SHA256 digest and finalize it if any. None is returned if no log

    /// digest is given.

    /// Return an open handshake handler.

        )

    /// The digest of bytes sent on this channel.

    ///

    /// This should only ever be called once as it consumes the send log.

    ///

    /// This will return `None` if one of:

    /// - The channel is not recording the send log.

    /// - The send log digest has already been taken.

    /// The digest of bytes received on this channel.

    ///

    /// This should only ever be called once as it consumes the receive log.

    ///

    /// This will return `None` if one of:

    /// - The channel is not recording the receive log.

    /// - The receive log digest has already been taken.

    /// Return the [`ChannelType`] of this handler.

    /// Mark this handler as authenticated.

}

impl asynchronous_codec::Encoder for HandshakeChannelHandler {

    type Item<'a> = AnyChanCell;

    type Error = ChanError;

}

impl asynchronous_codec::Decoder for HandshakeChannelHandler {

    type Item = AnyChanCell;

    type Error = ChanError;

}

/// The open channel handler which is used to decode and encode cells onto an open Channel.

pub(crate) struct OpenChannelHandler {

    /// Message filter used to allow or not a certain message.

    filter: MessageFilter,

    /// The cell codec that we'll use to encode and decode our cells.

    inner: codec::ChannelCodec,

}

impl OpenChannelHandler {

    /// Constructor

    /// Return the [`ChannelType`] of this handler.

}

impl asynchronous_codec::Encoder for OpenChannelHandler {

    type Item<'a> = AnyChanCell;

    type Error = ChanError;

}

impl asynchronous_codec::Decoder for OpenChannelHandler {

    type Item = AnyChanCell;

    type Error = ChanError;

}

#[cfg(test)]

pub(crate) mod test {

    #![allow(clippy::unwrap_used)]

    use bytes::BytesMut;

    use digest::Digest;

    use futures::io::{AsyncRead, AsyncWrite, Cursor, Result};

    use futures::sink::SinkExt;

    use futures::stream::StreamExt;

    use futures::task::{Context, Poll};

    use hex_literal::hex;

    use std::pin::Pin;

    use tor_bytes::Writer;

    use tor_llcrypto as ll;

    use tor_rtcompat::StreamOps;

    use crate::channel::msg::LinkVersion;

    use crate::channel::{ChannelType, new_frame};

    use super::{ChannelCellHandler, OpenChannelHandler};

    use tor_cell::chancell::{AnyChanCell, ChanCmd, ChanMsg, CircId, msg};

    /// Helper type for reading and writing bytes to/from buffers.

    pub(crate) struct MsgBuf {

        /// Data we have received as a reader.

        inbuf: futures::io::Cursor<Vec<u8>>,

        /// Data we write as a writer.

        outbuf: futures::io::Cursor<Vec<u8>>,

    }

    impl AsyncRead for MsgBuf {

        fn poll_read(

            mut self: Pin<&mut Self>,

            cx: &mut Context<'_>,

            buf: &mut [u8],

        ) -> Poll<Result<usize>> {

            Pin::new(&mut self.inbuf).poll_read(cx, buf)

        }

    }

    impl AsyncWrite for MsgBuf {

        fn poll_write(

            mut self: Pin<&mut Self>,

            cx: &mut Context<'_>,

            buf: &[u8],

        ) -> Poll<Result<usize>> {

            Pin::new(&mut self.outbuf).poll_write(cx, buf)

        }

        fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Result<()>> {

            Pin::new(&mut self.outbuf).poll_flush(cx)

        }

        fn poll_close(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Result<()>> {

            Pin::new(&mut self.outbuf).poll_close(cx)

        }

    }

    impl StreamOps for MsgBuf {}

    impl MsgBuf {

        pub(crate) fn new<T: Into<Vec<u8>>>(output: T) -> Self {

            let inbuf = Cursor::new(output.into());

            let outbuf = Cursor::new(Vec::new());

            MsgBuf { inbuf, outbuf }

        }

        pub(crate) fn consumed(&self) -> usize {

            self.inbuf.position() as usize

        }

        pub(crate) fn all_consumed(&self) -> bool {

            self.inbuf.get_ref().len() == self.consumed()

        }

        pub(crate) fn into_response(self) -> Vec<u8> {

            self.outbuf.into_inner()

        }

    }

    fn new_client_open_frame(

        mbuf: MsgBuf,

    ) -> asynchronous_codec::Framed<MsgBuf, ChannelCellHandler> {

        let open_handler = ChannelCellHandler::Open(OpenChannelHandler::new(

            LinkVersion::V5,

            ChannelType::ClientInitiator,

        ));

        asynchronous_codec::Framed::new(mbuf, open_handler)

    }

    #[test]

    fn check_client_encoding() {

        tor_rtcompat::test_with_all_runtimes!(|_rt| async move {

            let mb = MsgBuf::new(&b""[..]);

            let mut framed = new_client_open_frame(mb);

            let destroycell = msg::Destroy::new(2.into());

            framed

                .send(AnyChanCell::new(CircId::new(7), destroycell.into()))

                .await

                .unwrap();

            framed.flush().await.unwrap();

            let data = framed.into_inner().into_response();

            assert_eq!(&data[0..10], &hex!("00000007 04 0200000000")[..]);

        });

    }

    #[test]

    fn check_client_decoding() {

        tor_rtcompat::test_with_all_runtimes!(|_rt| async move {

            let mut dat = Vec::new();

            // DESTROY cell.

            dat.extend_from_slice(&hex!("00000007 04 0200000000")[..]);

            dat.resize(514, 0);

            let mb = MsgBuf::new(&dat[..]);

            let mut framed = new_client_open_frame(mb);

            let destroy = framed.next().await.unwrap().unwrap();

            let circ_id = CircId::new(7);

            assert_eq!(destroy.circid(), circ_id);

            assert_eq!(destroy.msg().cmd(), ChanCmd::DESTROY);

            assert!(framed.into_inner().all_consumed());

        });

    }

    #[test]

    fn handler_transition() {

        // Start as a client initiating a channel to a relay.

        let mut handler: ChannelCellHandler = ChannelType::ClientInitiator.into();

        assert!(matches!(handler, ChannelCellHandler::New(_)));

        // Set the link version protocol. Should transition to Handshake.

        let r = handler.set_link_version(5);

        assert!(r.is_ok());

        assert!(matches!(handler, ChannelCellHandler::Handshake(_)));

        // Set the link version protocol.

        let r = handler.set_open();

        assert!(r.is_ok());

        assert!(matches!(handler, ChannelCellHandler::Open(_)));

    }

    #[test]

    fn clog_digest() {

        tor_rtcompat::test_with_all_runtimes!(|_rt| async move {

            let mut our_clog = ll::d::Sha256::new();

            let mbuf = MsgBuf::new(*b"");

            let mut frame = new_frame(mbuf, ChannelType::RelayInitiator);

            // This is a VERSIONS cell with value 5 in it.

            our_clog.update(hex!("0000 07 0002 0005"));

            let version_cell = AnyChanCell::new(

                None,

                msg::Versions::new(vec![5]).expect("Fail VERSIONS").into(),

            );

            let _ = frame.send(version_cell).await.unwrap();

            frame

                .codec_mut()

                .set_link_version(5)

                .expect("Fail link version set");

            // This is what an empty CERTS cell looks like.

            our_clog.update(hex!("0000 0000 81 0001 00"));

            let certs_cell = msg::Certs::new_empty();

            frame

                .send(AnyChanCell::new(None, certs_cell.into()))

                .await

                .unwrap();

            // Final CLOG should match.

            let clog_hash: [u8; 32] = our_clog.finalize().into();

            assert_eq!(frame.codec_mut().take_send_log_digest().unwrap(), clog_hash);

        });

    }

    #[test]

    fn slog_digest() {

        tor_rtcompat::test_with_all_runtimes!(|_rt| async move {

            let mut our_slog = ll::d::Sha256::new();

            // Build a VERSIONS cell to start with.

            let mut data = BytesMut::new();

            data.extend_from_slice(

                msg::Versions::new(vec![5])

                    .unwrap()

                    .encode_for_handshake()

                    .expect("Fail VERSIONS encoding")

                    .as_slice(),

            );

            our_slog.update(&data);

            let mbuf = MsgBuf::new(data);

            let mut frame = new_frame(mbuf, ChannelType::RelayInitiator);

            // Receive the VERSIONS

            let _ = frame.next().await.transpose().expect("Fail to get cell");

            // Set the link version which will move the handler to Handshake state and then we'll be

            // able to decode the AUTH_CHALLENGE.

            frame

                .codec_mut()

                .set_link_version(5)

                .expect("Fail link version set");

            // Setup a new buffer for the next cell.

            let mut data = BytesMut::new();

            // This is a variable length cell with a wide circ ID of 0.

            data.write_u32(0);

            data.write_u8(ChanCmd::AUTH_CHALLENGE.into());

            data.write_u16(36); // This is the length of the payload.

            msg::AuthChallenge::new([42_u8; 32], vec![3])

                .encode_onto(&mut data)

                .expect("Fail AUTH_CHALLENGE encoding");

            our_slog.update(&data);

            // Change the I/O part of the Framed with this new buffer containing our new cell.

            *frame = MsgBuf::new(data);

            // Receive the AUTH_CHALLENGE

            let _ = frame.next().await.transpose().expect("Fail to get cell");

            // Final SLOG should match.

            let slog_hash: [u8; 32] = our_slog.finalize().into();

            assert_eq!(frame.codec_mut().take_recv_log_digest().unwrap(), slog_hash);

        });

    }

}