/*
 * Copyright (C) 2002-2016 Free Software Foundation, Inc.
 * Copyright (C) 2014-2016 Nikos Mavrogiannopoulos
 * Copyright (C) 2015-2018 Red Hat, Inc.
 *
 * Author: Nikos Mavrogiannopoulos
 *
 * This file is part of GnuTLS.
 *
 * The GnuTLS is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
 *
 */

#include "replace.h"
#include "gnutls_helpers.h"
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>

int legacy_gnutls_server_end_point_cb(gnutls_session_t session,
				      bool is_server,
				      gnutls_datum_t * cb)
{
	/*
	 * copied from the logic in gnutls_session_channel_binding()
	 * introduced by gnutls commit (as LGPL 2.1+):
	 *
	 * commit 9ebee00c793e40e3e8c797c645577c9e025b9f1e
	 * Author: Ruslan N. Marchenko <me@ruff.mobi>
	 * Date:   Sat May 1 23:05:54 2021 +0200
	 *
	 *  Add tls-server-end-point tls channel binding implementation.
	 *  ...
	 */
	const gnutls_datum_t *ders = NULL;
	unsigned int num_certs = 1;
	int ret;
	size_t rlen;
	gnutls_x509_crt_t cert;
	gnutls_digest_algorithm_t algo;

	/* Only X509 certificates are supported for this binding type */
	ret = gnutls_certificate_type_get(session);
	if (ret != GNUTLS_CRT_X509) {
		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
	}

	if (is_server) {
		ders = gnutls_certificate_get_ours(session);
	} else {
		ders = gnutls_certificate_get_peers(session, &num_certs);
	}

	/* Previous check indicated we have x509 but you never know */
	if (!ders || num_certs == 0) {
		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
	}

	ret = gnutls_x509_crt_list_import(&cert,
					  &num_certs,
					  ders,
					  GNUTLS_X509_FMT_DER,
					  0);
	/* Again, this is not supposed to happen (normally) */
	if (ret < 0 || num_certs == 0) {
		return GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE;
	}

	/* Obtain signature algorithm used by certificate */
	ret = gnutls_x509_crt_get_signature_algorithm(cert);
	if (ret < 0 || ret == GNUTLS_SIGN_UNKNOWN) {
		gnutls_x509_crt_deinit(cert);
		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
	}

	/* obtain hash function from signature and normalize it */
	algo = gnutls_sign_get_hash_algorithm(ret);
	switch (algo) {
	case GNUTLS_DIG_MD5:
	case GNUTLS_DIG_SHA1:
		algo = GNUTLS_DIG_SHA256;
		break;
	case GNUTLS_DIG_UNKNOWN:
	case GNUTLS_DIG_NULL:
	case GNUTLS_DIG_MD5_SHA1:
		/* double hashing not supported either */
		gnutls_x509_crt_deinit(cert);
		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
	default:
		break;
	}

	/* preallocate 512 bits buffer as maximum supported digest */
	rlen = 64;
	cb->data = gnutls_malloc(rlen);
	if (cb->data == NULL) {
		gnutls_x509_crt_deinit(cert);
		return GNUTLS_E_MEMORY_ERROR;
	}

	ret = gnutls_x509_crt_get_fingerprint(cert,
					      algo,
					      cb->data,
					      &rlen);
	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
		cb->data = gnutls_realloc(cb->data, cb->size);
		if (cb->data == NULL) {
			gnutls_x509_crt_deinit(cert);
			return GNUTLS_E_MEMORY_ERROR;
		}
		ret = gnutls_x509_crt_get_fingerprint(cert,
						      algo,
						      cb->data,
						      &rlen);
	}

	cb->size = rlen;
	gnutls_x509_crt_deinit(cert);
	return ret;
}