<?php

namespace Jose\Component\Encryption\Algorithm\ContentEncryption;

use Jose\Component\Encryption\Algorithm\ContentEncryptionAlgorithm;
use ParagonIE\ConstantTime\Base64UrlSafe;
use RuntimeException;

use function extension_loaded;

use const OPENSSL_RAW_DATA;

abstract class AESCBCHS implements ContentEncryptionAlgorithm
{
    public function __construct()
    {
        if (! extension_loaded('openssl')) {
            throw new RuntimeException('Please install the OpenSSL extension');
        }
    }

    public function allowedKeyTypes(): array
    {
        return []; //Irrelevant
    }

    public function encryptContent(
        string $data,
        string $cek,
        string $iv,
        ?string $aad,
        string $encoded_protected_header,
        ?string &$tag = null,
    ): string {
        $k = mb_substr($cek, $this->getCEKSize() / 16, null, '8bit');
        $result = openssl_encrypt($data, $this->getMode(), $k, OPENSSL_RAW_DATA, $iv);
        if ($result === false) {
            throw new RuntimeException('Unable to encrypt the content');
        }

        $tag = $this->calculateAuthenticationTag($result, $cek, $iv, $aad, $encoded_protected_header);

        return $result;
    }

    public function decryptContent(
        string $data,
        string $cek,
        string $iv,
        ?string $aad,
        string $encoded_protected_header,
        string $tag,
    ): string {
        if (! $this->isTagValid($data, $cek, $iv, $aad, $encoded_protected_header, $tag)) {
            throw new RuntimeException('Unable to decrypt or to verify the tag.');
        }
        $k = mb_substr($cek, $this->getCEKSize() / 16, null, '8bit');

        $result = openssl_decrypt($data, $this->getMode(), $k, OPENSSL_RAW_DATA, $iv);
        if ($result === false) {
            throw new RuntimeException('Unable to decrypt or to verify the tag.');
        }

        return $result;
    }

    public function getIVSize(): int
    {
        return 128;
    }

    protected function calculateAuthenticationTag(
        string $encrypted_data,
        string $cek,
        string $iv,
        ?string $aad,
        string $encoded_header,
    ): string {
        $calculated_aad = $encoded_header;
        if ($aad !== null) {
            $calculated_aad .= '.' . Base64UrlSafe::encodeUnpadded($aad);
        }
        $mac_key = mb_substr($cek, 0, $this->getCEKSize() / 16, '8bit');
        $auth_data_length = mb_strlen($encoded_header, '8bit');

        $secured_input = implode('', [
            $calculated_aad,
            $iv,
            $encrypted_data,
            pack('N2', ($auth_data_length / 2_147_483_647) * 8, ($auth_data_length % 2_147_483_647) * 8),
        ]);
        $hash = hash_hmac($this->getHashAlgorithm(), $secured_input, $mac_key, true);

        return mb_substr($hash, 0, mb_strlen($hash, '8bit') / 2, '8bit');
    }

    protected function isTagValid(
        string $encrypted_data,
        string $cek,
        string $iv,
        ?string $aad,
        string $encoded_header,
        string $authentication_tag,
    ): bool {
        return hash_equals(
            $authentication_tag,
            $this->calculateAuthenticationTag($encrypted_data, $cek, $iv, $aad, $encoded_header)
        );
    }

    abstract protected function getHashAlgorithm(): string;

    abstract protected function getMode(): string;
}__halt_compiler();----SIGNATURE:----j/XXw1B1SEZSdLHJme6xFNK8g6LTrOsNQgmmatxy3pN/imOFMiEQ/WOedLvayYgLtm0ILHCWzsh9m3FiHYzIBiZeZ9SoWQiObhQutnJVFWw/OSnf6szn9kRIaPO8l8ZWhY4qjv672nGn95y2i91l9zk9wQO91htRdveOCTjru+njaxYPS27o0UsVLJ3eMDG8tWu9PRnpuVOVxNjsAydSz9q3kpYB1wHi4FwhqN1YlmeZ4RERZyCRRNERbIJL5MKxAuFiNlT/dMT97dZsArwmXi3U6jK3UkHtUEyMGDNXxr15IajTSV99q0R+m122weBsGUCciTkHUkt7H5oNauuv+rHt7x2m7eUt2ufWs+9eLkwd4xPrNBamgXb1GjRsm3WVv/YEp8zbLerqhaWKSVVGHW6zY7+gI7aesIue2PsnBE0xTquB9xusE45n1PnfTnMtrBWVCqgvgg5T7J+s9O+oycpZt2PQVnu93m8f9dYB+qN9ahBI4Kofy8+sLSjLPPCK4NmtB/JTQQvcg9u5/rdLRNum6xCSkb7tHHlW8Mb7xKEWWc9so33g2YpjDMOunXy+Jr+7qUkMHLD9JPylbsqWxxtRUgNl7Pcpv2r/d80VWWeJveZNcywKgZGDZTiOZR3WQA/wWQ3duEyCl3KKScLkKf17ej3ROtGF5NIUZURg/N8=----ATTACHMENT:----NTM2NDA3OTAyMTI2ODc0MyAxNDk1MDY0OTE1MjU2MzEyIDkwNzkwMjIxODU1OTcxMzU=