#include "pgsodium.h"

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box_keypair);
Datum
pgsodium_crypto_box_keypair (PG_FUNCTION_ARGS)
{
	TupleDesc   tupdesc;
	Datum       values[2];
	bool        nulls[2] = { false, false };
	HeapTuple   tuple;
	Datum       result;
	bytea      *publickey;
	bytea      *secretkey;
	size_t      public_size = crypto_box_PUBLICKEYBYTES + VARHDRSZ;
	size_t      secret_size = crypto_box_SECRETKEYBYTES + VARHDRSZ;
	if (get_call_result_type (fcinfo, NULL, &tupdesc) != TYPEFUNC_COMPOSITE)
		ereport (ERROR,
			(errcode (ERRCODE_FEATURE_NOT_SUPPORTED),
				errmsg ("function returning record called in context "
					"that cannot accept type record")));
	publickey = _pgsodium_zalloc_bytea (public_size);
	secretkey = _pgsodium_zalloc_bytea (secret_size);
	crypto_box_keypair (PGSODIUM_UCHARDATA (publickey),
		PGSODIUM_UCHARDATA (secretkey));
	values[0] = PointerGetDatum (publickey);
	values[1] = PointerGetDatum (secretkey);
	tuple = heap_form_tuple (tupdesc, values, nulls);
	result = HeapTupleGetDatum (tuple);
	return result;
}

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box_new_seed);
Datum
pgsodium_crypto_box_new_seed (PG_FUNCTION_ARGS)
{
	size_t      result_size = VARHDRSZ + crypto_box_SEEDBYTES;
	bytea      *result = _pgsodium_zalloc_bytea (result_size);
	randombytes_buf (VARDATA (result), crypto_box_SEEDBYTES);
	PG_RETURN_BYTEA_P (result);
}

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box_seed_keypair);
Datum
pgsodium_crypto_box_seed_keypair (PG_FUNCTION_ARGS)
{
	TupleDesc   tupdesc;
	Datum       values[2];
	bool        nulls[2] = { false, false };
	HeapTuple   tuple;
	Datum       result;
	bytea      *publickey;
	bytea      *secretkey;
	bytea      *seed = PG_GETARG_BYTEA_P (0);
	size_t      public_size = crypto_box_PUBLICKEYBYTES + VARHDRSZ;
	size_t      secret_size = crypto_box_SECRETKEYBYTES + VARHDRSZ;
	ERRORIF (VARSIZE_ANY_EXHDR (seed) != crypto_box_SEEDBYTES,
		"%s: invalid seed");
	if (get_call_result_type (fcinfo, NULL, &tupdesc) != TYPEFUNC_COMPOSITE)
		ereport (ERROR,
			(errcode (ERRCODE_FEATURE_NOT_SUPPORTED),
				errmsg ("function returning record called in context "
					"that cannot accept type record")));
	publickey = _pgsodium_zalloc_bytea (public_size);
	secretkey = _pgsodium_zalloc_bytea (secret_size);
	crypto_box_seed_keypair (PGSODIUM_UCHARDATA (publickey),
		PGSODIUM_UCHARDATA (secretkey), PGSODIUM_UCHARDATA (seed));
	values[0] = PointerGetDatum (publickey);
	values[1] = PointerGetDatum (secretkey);
	tuple = heap_form_tuple (tupdesc, values, nulls);
	result = HeapTupleGetDatum (tuple);
	return result;
}

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box_noncegen);
Datum
pgsodium_crypto_box_noncegen (PG_FUNCTION_ARGS)
{
	size_t      result_size = VARHDRSZ + crypto_box_NONCEBYTES;
	bytea      *result = _pgsodium_zalloc_bytea (result_size);
	randombytes_buf (VARDATA (result), crypto_box_NONCEBYTES);
	PG_RETURN_BYTEA_P (result);
}

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box);
Datum
pgsodium_crypto_box (PG_FUNCTION_ARGS)
{
	bytea      *message = PG_GETARG_BYTEA_P (0);
	bytea      *nonce = PG_GETARG_BYTEA_P (1);
	bytea      *publickey = PG_GETARG_BYTEA_P (2);
	bytea      *secretkey = PG_GETARG_BYTEA_P (3);
	int         success;
	size_t      message_size;
	bytea      *result;
	ERRORIF (VARSIZE_ANY_EXHDR (nonce) != crypto_box_NONCEBYTES,
		"%s: invalid nonce");
	ERRORIF (VARSIZE_ANY_EXHDR (publickey) != crypto_box_PUBLICKEYBYTES,
		"%s: invalid public key");
	ERRORIF (VARSIZE_ANY_EXHDR (secretkey) != crypto_box_SECRETKEYBYTES,
		"%s: invalid secret key");

	message_size = crypto_box_MACBYTES + VARSIZE_ANY (message);
	result = _pgsodium_zalloc_bytea (message_size);
	success = crypto_box_easy (PGSODIUM_UCHARDATA (result),
		PGSODIUM_UCHARDATA (message),
		VARSIZE_ANY_EXHDR (message),
		PGSODIUM_UCHARDATA (nonce),
		PGSODIUM_UCHARDATA (publickey), PGSODIUM_UCHARDATA (secretkey));
	ERRORIF (success != 0, "%s: invalid message");
	PG_RETURN_BYTEA_P (result);
}

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box_open);
Datum
pgsodium_crypto_box_open (PG_FUNCTION_ARGS)
{
	int         success;
	bytea      *message = PG_GETARG_BYTEA_P (0);
	bytea      *nonce = PG_GETARG_BYTEA_P (1);
	bytea      *publickey = PG_GETARG_BYTEA_P (2);
	bytea      *secretkey = PG_GETARG_BYTEA_P (3);
	size_t      message_size;
	bytea      *result;

	ERRORIF (VARSIZE_ANY_EXHDR (nonce) != crypto_box_NONCEBYTES,
		"%s: invalid nonce");
	ERRORIF (VARSIZE_ANY_EXHDR (publickey) != crypto_box_PUBLICKEYBYTES,
		"%s: invalid public key");
	ERRORIF (VARSIZE_ANY_EXHDR (secretkey) != crypto_box_SECRETKEYBYTES,
		"%s: invalid secret key");
	ERRORIF (VARSIZE_ANY_EXHDR (message) <= crypto_box_MACBYTES,
		"%s: invalid message");

	message_size = VARSIZE_ANY (message) - crypto_box_MACBYTES;
	result = _pgsodium_zalloc_bytea (message_size);
	success = crypto_box_open_easy (PGSODIUM_UCHARDATA (result),
		PGSODIUM_UCHARDATA (message),
		VARSIZE_ANY_EXHDR (message),
		PGSODIUM_UCHARDATA (nonce),
		PGSODIUM_UCHARDATA (publickey), PGSODIUM_UCHARDATA (secretkey));
	ERRORIF (success != 0, "%s: invalid message");
	PG_RETURN_BYTEA_P (result);
}

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box_seal);
Datum
pgsodium_crypto_box_seal (PG_FUNCTION_ARGS)
{
	bytea      *message = PG_GETARG_BYTEA_P (0);
	bytea      *public_key = PG_GETARG_BYTEA_P (1);
	size_t      result_size;
	bytea      *result;
	ERRORIF (VARSIZE_ANY_EXHDR (public_key) != crypto_box_PUBLICKEYBYTES,
		"%s: invalid public key");
	result_size = crypto_box_SEALBYTES + VARSIZE (message);
	result = _pgsodium_zalloc_bytea (result_size);
	crypto_box_seal (PGSODIUM_UCHARDATA (result),
		PGSODIUM_UCHARDATA (message),
		VARSIZE_ANY_EXHDR (message), PGSODIUM_UCHARDATA (public_key));
	PG_RETURN_BYTEA_P (result);
}

PG_FUNCTION_INFO_V1 (pgsodium_crypto_box_seal_open);
Datum
pgsodium_crypto_box_seal_open (PG_FUNCTION_ARGS)
{
	int         success;
	bytea      *ciphertext = PG_GETARG_BYTEA_P (0);
	bytea      *public_key = PG_GETARG_BYTEA_P (1);
	bytea      *secret_key = PG_GETARG_BYTEA_P (2);
	size_t      result_size;
	bytea      *result;
	ERRORIF (VARSIZE_ANY_EXHDR (public_key) != crypto_box_PUBLICKEYBYTES,
		"%s: invalid public key");
	ERRORIF (VARSIZE_ANY_EXHDR (secret_key) != crypto_box_SECRETKEYBYTES,
		"%s: invalid secret key");
	ERRORIF (VARSIZE_ANY_EXHDR (ciphertext) <= crypto_box_SEALBYTES,
		"%s: invalid message");

	result_size = VARSIZE (ciphertext) - crypto_box_SEALBYTES;
	result = _pgsodium_zalloc_bytea (result_size);
	success = crypto_box_seal_open (PGSODIUM_UCHARDATA (result),
		PGSODIUM_UCHARDATA (ciphertext),
		VARSIZE_ANY_EXHDR (ciphertext),
		PGSODIUM_UCHARDATA (public_key), PGSODIUM_UCHARDATA (secret_key));
	ERRORIF (success != 0, "%s: invalid message");
	PG_RETURN_BYTEA_P (result);
}