<?php
declare(strict_types=1);

/**
 * Passbolt ~ Open source password manager for teams
 * Copyright (c) Passbolt SA (https://www.passbolt.com)
 *
 * Licensed under GNU Affero General Public License version 3 of the or any later version.
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
 * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
 * @link          https://www.passbolt.com Passbolt(tm)
 * @since         3.6.0
 */
namespace App\Service\OpenPGP;

use App\Error\Exception\CustomValidationException;
use App\Model\Validation\EmailValidationRule;
use App\Utility\OpenPGP\OpenPGPBackendFactory;
use Cake\Http\Exception\InternalErrorException;
use Cake\I18n\DateTime;
use OpenPGP_PublicKeyPacket;

/**
 * Public Key Validation Service
 *
 * Provide another layer of abstraction on top of backends to perform operations public keys
 * Mostly helpers for validation in other services. It works like a model but because there is
 * not DB and a bunch of extra parsing and OpenPGP service it's not in a model.
 *
 * Throws @CustomValidationException so that errors can be presented in an API response in a similar
 * fashion than models.
 */
class PublicKeyValidationService
{
    // Mandatory validation rule
    public const IS_PARSABLE_ARMORED_KEY_RULE = 'isParsableArmoredKeyRule';

    // Other supported validation rules
    public const IS_VALID_ALGORITHM_RULE = 'isValidAlgorithmRule';
    public const IS_VALID_ALGORITHM_STRICT_RULE = 'isValidAlgorithmStrictRule';
    public const IS_VALID_FINGERPRINT_RULE = 'isValidFingerprintRule';
    public const IS_VALID_KEY_ID_RULE = 'isValidKeyIdRule';
    public const IS_VALID_KEY_SIZE_RULE = 'isValidKeySizeRule';
    public const IS_NOT_CREATED_IN_THE_FUTURE_RULE = 'isNotCreatedInTheFutureRule';
    public const IS_NOT_EXPIRED_RULE = 'isNotExpiredRule';
    public const IS_NOT_REVOKED_RULE = 'isNotRevokedRule';
    public const IS_REVOKED_RULE = 'isRevokedRule';
    public const HAS_NO_EXPIRY_DATE_RULE = 'hasNoExpiryDateRule';
    public const HAS_NO_EXTRA_BREAK_LINE_RULE = 'hasNoExtraBreakLineRule';
    public const IS_VALID_KEY_SIZE_STRICT_RULE = 'isValidKeySizeStrictRule';

    // Literal packet containing multiple public keys are not supported by gopenpgp
    // On API and Webext we use the first public key package found and ignore the rest and a user
    // can only have one key. Its probably better to just break and refuse the key.
    public const HAS_MULTIPLE_MAIN_PACKETS_RULE = 'hasMultipleMainPacketsRule';

    /**
     * Used to cache public key information saving us from parsing it each and everytime.
     *
     * @var array
     */
    private static array $publicKeyInfo = [];

    /**
     * This is the historical set of rules used for user public keys
     * See extended rules for better future usage
     *
     * @return array of string, the rules names
     */
    public static function getHistoricalRules(): array
    {
        return [
            self::IS_VALID_ALGORITHM_RULE,
            self::IS_VALID_FINGERPRINT_RULE,
            self::IS_VALID_KEY_ID_RULE,
            self::IS_VALID_KEY_SIZE_RULE,
            self::IS_NOT_CREATED_IN_THE_FUTURE_RULE,
            self::IS_NOT_EXPIRED_RULE,
        ];
    }

    /**
     * Extend set of rules that should now be used as default
     *
     * @return array of string, the rules names
     */
    public static function getDefaultRules(): array
    {
        return array_merge(self::getHistoricalRules(), [
            self::IS_NOT_REVOKED_RULE,
            self::HAS_NO_EXPIRY_DATE_RULE,
            self::HAS_NO_EXTRA_BREAK_LINE_RULE,
            self::HAS_MULTIPLE_MAIN_PACKETS_RULE,
        ]);
    }

    /**
     * Extend set of rules that should be used in the future
     *
     * @return array of string, the rules names
     */
    public static function getStrictRules(): array
    {
        return array_merge(self::getDefaultRules(), [
            self::IS_VALID_KEY_SIZE_STRICT_RULE,
            self::IS_VALID_ALGORITHM_STRICT_RULE,
        ]);
    }

    /**
     * Extend default set for revoked key
     *
     * @return array
     */
    public static function getRevokedKeyRules(): array
    {
        return array_merge([
            // historical rules
            self::IS_VALID_ALGORITHM_RULE,
            self::IS_VALID_FINGERPRINT_RULE,
            self::IS_VALID_KEY_ID_RULE,
            self::IS_VALID_KEY_SIZE_RULE,
            self::IS_NOT_CREATED_IN_THE_FUTURE_RULE,
            //self::IS_NOT_EXPIRED_RULE, // allow expired keys
        ], [
            self::IS_VALID_KEY_SIZE_STRICT_RULE,
            self::HAS_NO_EXTRA_BREAK_LINE_RULE,
            self::IS_REVOKED_RULE,
        ]);
    }

    /**
     * @param string $armoredKey user provided data
     * @param array|null $rules to override default rules
     * @throws \App\Error\Exception\CustomValidationException If parsing public key fails
     * @throws \App\Error\Exception\CustomValidationException Validation rules fails
     * @throws \Cake\Http\Exception\InternalErrorException No public key validation rules
     * @throws \Cake\Http\Exception\InternalErrorException Unknown key validation rule
     * @return array key information (see OpenPGPBackendInterface::getKeyInfo)
     */
    public static function parseAndValidatePublicKey(string $armoredKey, ?array $rules = null): array
    {
        $rules = $rules ?? self::getDefaultRules();
        if (!count($rules)) {
            throw new InternalErrorException('Invalid public key validation rules are missing.');
        }

        // Parsing check is mandatory and always done first
        // We don't even try the other rules if this one fails
        if (!self::isParsableArmoredPublicKey($armoredKey)) {
            throw new CustomValidationException(__('A valid OpenPGP key must be provided.'), [
                'armored_key' => [
                    self::IS_PARSABLE_ARMORED_KEY_RULE => __('The public key could not be parsed.'),
                ],
            ]);
        }

        // Other rules are recommended but not mandatory
        // As one may want to see what's inside the key info for debugging purpose
        $keyInfo = self::getPublicKeyInfo($armoredKey);
        $validationErrors = [];
        foreach ($rules as $ruleName) {
            switch ($ruleName) {
                case self::IS_VALID_ALGORITHM_RULE:
                    if (!self::isValidAlgorithm($keyInfo['type'], false)) {
                        $validationErrors[$ruleName] = __('The algorithm is invalid.');
                    }
                    break;
                case self::IS_VALID_ALGORITHM_STRICT_RULE:
                    if (!self::isValidAlgorithm($keyInfo['type'])) {
                        $validationErrors[$ruleName] = __('The algorithm is invalid.');
                    }
                    break;
                case self::IS_VALID_FINGERPRINT_RULE:
                    if (!self::isValidFingerprint($keyInfo['fingerprint'])) {
                        $validationErrors[$ruleName] = __('The fingerprint id is invalid.');
                    }
                    break;
                case self::IS_VALID_KEY_ID_RULE:
                    if (!self::isValidKeyId($keyInfo['key_id'])) {
                        $validationErrors[$ruleName] = __('The public key id is invalid.');
                    }
                    break;
                case self::IS_VALID_KEY_SIZE_RULE:
                    if (!self::isRecommendedSize($keyInfo['type'], $keyInfo['bits'], false)) {
                        $validationErrors[$ruleName] = __('The key size is not valid.');
                    }
                    break;
                case self::IS_VALID_KEY_SIZE_STRICT_RULE:
                    if (!self::isRecommendedSize($keyInfo['type'], $keyInfo['bits'])) {
                        $validationErrors[$ruleName] = __('The key size must match security recommendations.');
                    }
                    break;
                case self::IS_NOT_CREATED_IN_THE_FUTURE_RULE:
                    if (self::isDateInFuture($keyInfo['key_created'])) {
                        $validationErrors[$ruleName] = __('The key creation date must not be in the future.');
                    }
                    break;
                case self::IS_NOT_EXPIRED_RULE:
                    if (isset($keyInfo['expires']) && !self::isDateInFuture($keyInfo['expires'])) {
                        $validationErrors[$ruleName] = __('The key must not be expired.');
                    }
                    break;
                case self::HAS_NO_EXPIRY_DATE_RULE:
                    if (isset($keyInfo['expires'])) {
                        $validationErrors[$ruleName] = __('The key must not include an expiry date.');
                    }
                    break;
                case self::IS_REVOKED_RULE:
                    if (!$keyInfo['revoked']) {
                        $validationErrors[$ruleName] = __('The key must be revoked.');
                    }
                    break;
                case self::IS_NOT_REVOKED_RULE:
                    if ($keyInfo['revoked']) {
                        $validationErrors[$ruleName] = __('The key must not be revoked.');
                    }
                    break;
                case self::HAS_NO_EXTRA_BREAK_LINE_RULE:
                    if (self::hasExtraBreakline($armoredKey)) {
                        $msg = __('The armored key must not contain an extra line before the end block.');
                        $validationErrors[$ruleName] = $msg;
                    }
                    break;
                case self::HAS_MULTIPLE_MAIN_PACKETS_RULE:
                    if ($keyInfo['public_key_packet_counts'] > 1 || $keyInfo['secret_key_packet_counts'] > 1) {
                        $msg = __('The armored key must not contain multiple keys.');
                        $validationErrors[$ruleName] = $msg;
                    }
                    break;
                default:
                    throw new InternalErrorException(__('Unknown key validation rule: {0}', $ruleName));
            }
        }

        // Wrap all errors together in a custom validation exception
        if (count($validationErrors)) {
            throw new CustomValidationException(__('The public key could not be validated.'), [
                'armored_key' => $validationErrors,
            ]);
        }

        // Or return key information for further use
        // for example for it to be saved in a model
        return $keyInfo;
    }

    /**
     * Return true if the date is in the future, false if in the past or not a valid date
     *
     * @param string|int|null $datetimeString user provider data
     * @return bool
     */
    public static function isDateInFuture(string|int|null $datetimeString = null): bool
    {
        if (!isset($datetimeString) || (!is_string($datetimeString) && !is_int($datetimeString))) {
            return false;
        }

        $frozenTime = new DateTime($datetimeString);

        return $frozenTime->greaterThan(DateTime::now()->addSeconds(300));
    }

    /**
     * Returns true if the key is of the recommended size
     *
     * @param string $algorithm RSA, ECC, etc.
     * @param int $keySize 2048, etc.
     * @param bool $strict default true
     * @return bool if key size is valid
     */
    public static function isRecommendedSize(string $algorithm, int $keySize, bool $strict = true): bool
    {
        if ($algorithm === 'RSA') {
            if ($strict) {
                // As recommended in CURE53 audit PBL-01-005 and ANSSI
                // Ref. https://www.ssi.gouv.fr/entreprise/guide/mecanismes-cryptographiques/
                return $keySize == 3072 || $keySize == 4096;
            } else {
                return $keySize == 2048 || $keySize == 3072 || $keySize == 4096;
            }
        } else {
            // No preferences yet for other algorithms such as ECC
            return true;
        }
    }

    /**
     * Custom validation rule to validate key id
     *
     * /!\ Note that short key ids are considered insecure
     * In any case, we recommend using fingerprint instead.
     * We use this method as a sanity check only
     *
     * @param string|null $keyId user provided data
     * @param bool $strict default false for backward compatibility
     * @return bool
     */
    public static function isValidKeyId(?string $keyId = null, bool $strict = false): bool
    {
        if (!$strict) {
            return self::isValidShortKeyId($keyId) || self::isValidLongKeyId($keyId);
        } else {
            return self::isValidLongKeyId($keyId);
        }
    }

    /**
     * Custom validation rule to validate short key id
     * Note: short key ids are considered insecure
     *
     * @param string|null $keyId user provided data
     * @return bool
     */
    public static function isValidShortKeyId(?string $keyId = null): bool
    {
        if (!isset($keyId)) {
            return false;
        }

        return preg_match('/^[A-F0-9]{8}$/', $keyId) === 1;
    }

    /**
     * Custom validation rule to validate key id
     *
     * @param string|null $keyId user provided data
     * @return bool
     */
    public static function isValidLongKeyId(?string $keyId = null): bool
    {
        if (!isset($keyId)) {
            return false;
        }

        return preg_match('/^[A-F0-9]{16}$/', $keyId) === 1;
    }

    /**
     * Custom validation rule to check if armored key block is parsable
     *
     * @param string|null $armoredKey user provided data
     * @return bool
     */
    public static function isParsableArmoredPublicKey(?string $armoredKey = null): bool
    {
        if (!isset($armoredKey)) {
            return false;
        }

        return OpenPGPBackendFactory::get()->isParsableArmoredPublicKey($armoredKey);
    }

    /**
     * Get Public Key Info
     *
     * @param string $armoredKey user provided data
     * @return array see OpenPGPBackendInterface::getKeyInfo
     * @throws \Cake\Core\Exception\CakeException if the armored key cannot be parsed
     */
    public static function getPublicKeyInfo(string $armoredKey): array
    {
        $key = hash('sha256', $armoredKey);

        if (array_key_exists($key, self::$publicKeyInfo) && !empty(self::$publicKeyInfo[$key])) {
            return self::$publicKeyInfo[$key];
        }

        $keyInfo = OpenPGPBackendFactory::get()->getPublicKeyInfo($armoredKey);
        // Cache key info, so it can be fetched fast next time
        self::$publicKeyInfo[$key] = $keyInfo;

        return $keyInfo;
    }

    /**
     * Return true if string is a valid fingerprint
     *
     * @param string|null $fingerprint user provided data
     * @return bool
     */
    public static function isValidFingerprint(?string $fingerprint = null): bool
    {
        return OpenPGPBackendFactory::get()->isValidFingerprint($fingerprint);
    }

    /**
     * Custom validation rule to validate email inside a OpenPGP key UID string
     *
     * @param string|null $value openpgp key uid
     * @return bool
     */
    public static function uidContainValidEmail(?string $value = null): bool
    {
        if (!isset($value)) {
            return false;
        }
        preg_match('/<(\S+@\S+)>$/', $value, $matches);
        if (isset($matches[1])) {
            return EmailValidationRule::check($matches[1]);
        }

        return false;
    }

    /**
     * Get email from Uid
     *
     * @param string|null $value openpgp key uid
     * @return string|bool
     */
    public static function getEmailFromUid(?string $value = null): string|bool
    {
        if (!isset($value)) {
            return false;
        }
        preg_match('/<(\S+@\S+)>$/', $value, $matches);
        if (isset($matches[1])) {
            return $matches[1];
        }

        return false;
    }

    /**
     * Return true if email address is included in key uid
     *
     * @param string|null $email email
     * @param string|null $uid uid
     * @return bool
     */
    public static function isEmailInUid(?string $email, ?string $uid): bool
    {
        if (!empty($email) && EmailValidationRule::check($email)) {
            $uidEmail = self::getEmailFromUid($uid);
            if ($uidEmail !== false) {
                return $email == $uidEmail;
            }
        }

        return false;
    }

    /**
     * Custom validation rule to validate key algorithm
     *
     * @param string|null $algorithm RSA, ECC, EdDSA, etc. see OpenPGP_PublicKeyPacket::$algorithms.
     * @param bool $strict exclude DSA and ELGAMAL, default true
     * @return bool
     */
    public static function isValidAlgorithm(?string $algorithm = null, bool $strict = true): bool
    {
        if (!isset($algorithm)) {
            return false;
        }
        $supported = OpenPGP_PublicKeyPacket::$algorithms;
        if ($strict === true) {
            // Minus legacy items such as DSA, ELGAMAL
            // Default in openpgp.js v5
            unset($supported[16]);
            unset($supported[17]);
        }
        foreach ($supported as $a) {
            if ($algorithm === $a) {
                return true;
            }
        }

        return false;
    }

    /**
     * Key with extra breakline after checksum and before the end block
     * are known to cause compatibility issues with gopenpgp
     *
     * @param string $publicKey armored format
     * @return bool
     */
    public static function hasExtraBreakLine(string $publicKey): bool
    {
        return OpenPGPBackendFactory::get()->hasExtraBreakLine($publicKey);
    }
}