#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <arpa/inet.h>

// open ssl
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>

#include <errno.h>  // for perror()
#include <unistd.h> // for close()

#include <string>
#include <cstring>
#include <cstdlib> // for atoi()
#include <vector>

// load environment variables from .env file, and additional helper functions
#include "helper.h"

using std::string;
using std::vector;

int gcm_decrypt(unsigned char *ciphertext, int ciphertext_len,
                unsigned char *aad, int aad_len,
                unsigned char *tag,
                unsigned char *key,
                unsigned char *iv, int iv_len,
                unsigned char *plaintext)
{
    EVP_CIPHER_CTX *ctx;
    int len, plaintext_len, ret;
    /* Create and initialize the context */
    ctx = EVP_CIPHER_CTX_new();
    if (!ctx)
    {
        ERR_print_errors_fp(stderr);
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }

    /* Initialize the decryption operation. */
    if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, key, iv))
    {
        ERR_print_errors_fp(stderr);
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }
    /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
    if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL))
    {
        ERR_print_errors_fp(stderr);
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }
    /* Initialize key and IV */
    if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
    {
        ERR_print_errors_fp(stderr);
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }
    /*
     * Provide any AAD data. This can be called zero or more times as
     * required
     */
    if (!EVP_DecryptUpdate(ctx, NULL, &len, aad, aad_len))
    {
        ERR_print_errors_fp(stderr);
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }

    /*
    * Provide the message to be decrypted, and obtain the plaintext
   output.
    * EVP_DecryptUpdate can be called multiple times if necessary
    */
    if (!EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
    {
        ERR_print_errors_fp(stderr);
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }
    plaintext_len = len;
    /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
    if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag))
    {
        ERR_print_errors_fp(stderr);
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }
    /*
     * Finalize the decryption. A positive return value indicates success,
     * and anything else is a failure - the plaintext is not trustworthy.
     */
    ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);
    /* Clean up */
    EVP_CIPHER_CTX_free(ctx);
    if (ret > 0)
    {
        /* Success */
        plaintext_len += len;
        return plaintext_len;
    }
    else
    {
        /* Verify failed */
        return 0;
    }
}

int main(void)
{
    printf("Server starting...\n");
    load_env(".env");

    // Declare variables
    const char *server_ip = getenv("SERVER_IP");
    const int server_port = atoi(getenv("SERVER_PORT"));
    char client_message[2048];
    char server_message[2048];
    const char *custom_message_success = "Server: Hello from server, message authenticated!\n";
    const char *custom_message_failed = "Server: Hello from server, message failed authentication!\n";

    // debug
    printf("Server starting at IP: %s, Port: %d\n", server_ip, server_port);

    // encryption parameters
    const char *inital_vector = std::getenv("INITIAL_VECTOR");
    const char *secret_key = std::getenv("SECRET_KEY");
    const char *add = std::getenv("ADD");
    unsigned char key_bytes[32], iv_bytes[16];

    int key_len = hex_to_bytes_upper(secret_key, key_bytes, sizeof(key_bytes));
    int iv_len = hex_to_bytes_upper(inital_vector, iv_bytes, sizeof(iv_bytes));

    if (key_len != 32 || iv_len != 16)
    {
        fprintf(stderr, "Invalid key/IV size for AES-256-GCM\n");
        return 1;
    }

    // Create socket
    const int server_socket = socket(AF_INET, SOCK_STREAM, 0);
    if (server_socket == -1)
    {
        perror("Failed to create socket");
        return 1;
    }

    // Bind to the set port and IP
    struct sockaddr_in server_addr;
    server_addr.sin_family = AF_INET;
    server_addr.sin_port = htons(server_port);
    inet_pton(AF_INET, server_ip, &server_addr.sin_addr);

    if (bind(server_socket, (struct sockaddr *)&server_addr, sizeof(server_addr)) == -1)
    {
        perror("Failed to bind socket");
        close(server_socket);
        return 1;
    }
    printf("Done with binding with IP: %s, Port: %d\n", server_ip, server_port);

    // Listen for clients:
    const char *client_ip = getenv("CLIENT_IP");
    if (listen(server_socket, 1) == -1)
    {
        perror("Failed to listen on socket");
        close(server_socket);
        return 1;
    }
    printf("Listening for incoming connections...\n");

    // Accept an incoming connection
    struct sockaddr_in client_addr;
    socklen_t client_addr_len = sizeof(client_addr);
    int client_socket = accept(server_socket, (struct sockaddr *)&client_addr, &client_addr_len);
    if (client_socket == -1)
    {
        perror("Failed to accept connection");
        close(server_socket);
        return 1;
    }
    printf("Client connected at IP: %s \n", client_ip);

    // clean exising buffer
    memset(client_message, 0, sizeof(client_message));

    // store message history, for TAG calculation
    // msg on odd is msg, and on even is corresponding TAG
    vector<string> message_history;

    // Receive client's message
    while (1)
    {
        // clean exising buffer
        memset(client_message, 0, sizeof(client_message));

        ssize_t n = recv(client_socket, client_message, sizeof(client_message), 0);
        if (n == 0)
            break;
        if (n < 0)
        {
            perror("recv");
            break;
        }

        if (strcmp((char *)client_message, "\\exit\n") == 0)
            break;

        printf("Msg from client: %s \n", byte_to_hex((unsigned char *)client_message, n));
        // store message history for TAG calculation
        message_history.push_back(string((char *)client_message, n));

        // only respond after receiving both msg and TAG
        if (message_history.size() % 2 == 1)
            continue;

        // check TAG
        const string tag_str = message_history.back();
        unsigned char tag[16];
        memcpy(tag, tag_str.c_str(), 16);
        const string ciphertext_str = message_history[message_history.size() - 2];
        char ciphertext_cstr[2048];
        strcpy(ciphertext_cstr, ciphertext_str.c_str());

        unsigned char plaintext[2048];
        memset(plaintext, 0, sizeof(plaintext));
        int plaintext_len = gcm_decrypt((unsigned char *)ciphertext_cstr,
                    strlen(ciphertext_cstr),
                    (unsigned char *)add,
                    strlen(add),
                    tag,
                    key_bytes,
                    iv_bytes,
                    16,
                    plaintext);

        if (plaintext_len == 0)
        {
            fprintf(stderr, "TAG mismatch or invalid message\n");
            memcpy(server_message, custom_message_failed, strlen(custom_message_failed));
            ;
        }
        else
        {
            fprintf(stderr, "Decryption success\n, decrypted message: %s\n", plaintext);
            memcpy(server_message, custom_message_success, strlen(custom_message_success));
            ;
        }
        // Respond to client
        // prepare server message

        size_t reply_len = strlen(server_message);
        if (send(client_socket, server_message, reply_len, 0) == -1)
        {
            perror("Send failed");
            break;
        }

        printf("Response sent to client: %s\n", server_message);
    }
    // Close the socket
    close(client_socket);
    close(server_socket);

    return 0;
}