/*
 * encryption.h
 * class for AES128 Encryption-Data for send to server
 * for encryption of user-data
 * 
 * author Creator P.Rebesky
 * Copyright (©): 2020-2032 by Peter Rebesky
 * This code can use in private cases only. Every business or companies using of this codes or codes parts is required an approval of us (me)
 * Every private use can exchange some parts of code or modify some code-lines. This code can change for private use only.
 * This software is basicly owned by Peter Rebesky and any comercial using is forbidden without approval of us (me).
 * Version 1.00
 * 28.04.2023
 */
#ifndef ENCRYPTION_H_
#define ENCRYPTION_H_

#include "global.h"
#include <Crypto.h>
#include <AES.h>
#include <base64.h>

AES128 aes;

class encryptData{
  private:
    byte Key[16];
    byte Key4Xor[16];
    byte SystemFrame[16]={0x53,0x74,0x72,0x6f,0x6d,0x4c,0x6f,0x67,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x02}; //StromLog 0 0 0 1 0 0 0 2
    int  aesType=1; // value of identify of encryption-type
    String encryptBlock(String data);
    String encodeByBase64(String data);

  public:
    void   begin(); // constructor for arduino compatibility
    void   setKey(char hash[]);
    void   incFrame();
    void   createUniqueFrame(String data);
    String encryptionString(String input); // new AES128 encryption
    String encryptDataByAES(String input,uint32_t userID); // new AES function
    String encryptByHashKey(String input,uint32_t userID,String pwHash); // old DES function

    void   showKey();
    void   showFrame();
    void   showArray(char data[],int length);
};

//**** function begin is just for compatibility *********/
void encryptData::begin(){
// do nothing
}
//**** set key for encription ***************************/
void encryptData::setKey(char hash[]){
  for(int i=0;i<16;i++){
    this->Key[i]=hash[i];
  }
  aes.setKey(this->Key,16);// Setting Key for AES-CTR (GCM)
  aesType=1; // set standard eas-type 
}
//**** set frame for encryption *************************/
void encryptData::incFrame(){ // frame counter SystemFrame[8] til [11]
  uint32_t fcount=0; byte oneByte=0;
  for(int i=0;i<4;i++){ // get counter from array
    fcount = fcount << 8;
    fcount += SystemFrame[i+8]; 
  }
  fcount++; // increment frame-counter
  for(int i=3;i>=0;i--){ // write counter back into array
    oneByte = fcount;
    SystemFrame[i+8]=oneByte;
    fcount = fcount >> 8;
  }
//  showFrame();
}
//**** create unique Frame by user-name for aes=2 *******/
void encryptData::createUniqueFrame(String data){
  int dataLength=data.length();
  for(int i=0;i<8;i++){ // maximum 8 bytes
    if(i<dataLength) SystemFrame[i]=data[i];
    else SystemFrame[i]=0;
  }
  aesType=2; // set aes-type as 2 -> individual frame by user-name
  showFrame();
}
//**** transfer encrypted data to base64 string *********/
String encryptData::encodeByBase64(String data){
  uint length=data.length();
  String Data64 = base64::encode(data,data.length());
  length = length/3*4;
  for (int i=0; i<length;i++){
    if(Data64[i] == 0x2b) Data64[i]=0x2d; // eliminate and exchange "+" to "-"
  }
  return Data64;
}
//**** encrypt data by AES128 algorithm *****************/
String encryptData::encryptionString(String input){
  uint length=input.length();
  if(length % 16 > 0){ // stretch length of input by multi of 16 bytes
    int i=16 - length % 16;
    length +=i;
    for(int s=0;s<=i;s++){
      input += " "; // add some spaces
    }
  }
//  aes.setKey(this->Key,16);// Setting Key for AES-GCM -> is here not necessary because setting start ESP or new password
  SystemFrame[15]=2; // begin on side two
  for(int i=0;i<length-1;i+=16){
    aes.encryptBlock(this->Key4Xor,this->SystemFrame); // create one crypt block by frame and key
    for(int x=0;x<16;x++){
      input[i+x]=input[i+x] ^ Key4Xor[x]; // encrypt by aes128 generated key
    }
    SystemFrame[15]++; // increment side by every round -> that's make every block unique
  }
  this->incFrame(); // increment frame -> that's make every send data unique from data before
  return input;
}
//**** create the whole encryption string with frame and data ****//
String encryptData::encryptDataByAES(String input,uint32_t userID){ // userID is required for fetch key from database
  String ret="aes="; ret+=aesType; // set aes-type for identification on server
  ret +="&usid="; ret+=userID; ret+="&data=";  // 'aes=1' is necessary for identification of encryption-typ on server
  String encryptData;
  for(int i=0;i<12;i++){ // add frame to send data (is a type of public key)
    encryptData +=" "; // add one byte
    if(aesType>1 && i<8){encryptData[i]=0;} // if type > 1 then dont write the begin of frame and hide it
    else {encryptData[i] = SystemFrame[i];} // and  overwrite it by frame-byte 
  }
  encryptData += encryptionString(input); // add meter data
  ret += encodeByBase64(encryptData); // base64 coded and combine all together
  return ret;
}
//**** show data on serial for debug ********************/
void encryptData::showKey(){
  for(int i=0; i<16;i++){
    Serial.write(Key[i]);
  }
  Serial.println();
}
//**** show data on serial for debug ********************/
void encryptData::showArray(char data[],int length){
  for(int i=0; i<length;i++){
    Serial.write(data[i]);
  }
  Serial.println();
}
//**** show data on serial for debug ********************/
void encryptData::showFrame(){
  for(int i=0; i<16;i++){
    Serial.write(SystemFrame[i]);
  }
  Serial.println();
}
//**** old DES encryption function for compatibility ****/
String encryptData::encryptByHashKey(String input,uint32_t userID,String pwHash){
  String encryptData = "usid="; encryptData += userID; encryptData +="&data=";
  int x=0; // block counter
  unsigned int lengt=input.length();
  for (int i=0; i<lengt;i++){
    input[i] = input[i]^pwHash[x++];
    if(x>39)x=0;
  }
  encryptData += encodeByBase64(input); 
return encryptData;
}


#endif //*** ENCRYPTION_H_