using System;
using System.IO;
using System.Security.Cryptography;

using UnityEngine;

namespace Framework.Storage {

  /// <summary>XML serializer that offers some basic tamper detection</summary>
  /// <typeparam name="T">Type of the structure that will be serialized</typeparam>
  public class TamperDetectingSerializer<T> {

    /// <summary>
    ///   Sequence of random characters that are used to salt the file's hash code 
    /// </summary>
    public string Salt;

    /// <summary>Delegate to a method that reads the hash code from the structure</summary>
    public Func<T, string> ReadHashCodeDelegate;

    /// <summary>Delegate to a method that assigns the hash code to the structure</summary>
    public Action<T, string> AssignHashCodeDelegate;

    /// <summary>Initialized a new tamper-detecting serializer</summary>
    /// <param name="readHashCodeDelegate">
    ///   Delegate for the method that reads the SHA-256 sum from the structure
    /// </param>
    /// <param name="assignHashCodeDelegate">
    ///   Delegate for a method that assigns the SHA-256 to the structure
    /// </param>
    public TamperDetectingSerializer(
      Func<T, string> readHashCodeDelegate,
      Action<T, string> assignHashCodeDelegate
    ) {
      this.ReadHashCodeDelegate = readHashCodeDelegate;
      this.AssignHashCodeDelegate = assignHashCodeDelegate;
      this.Salt = Application.productName;
    }
    
    /// <summary>Loads the state of an object from a file</summary>
    /// <param name="instance">Instance into which the state will be loaded</param>
    /// <param name="path">File from which the state will be loaded</param>
    /// <returns>True if the file was genuine, false if it was tampered with</returns>
    public bool Load(T instance, string path) {
      SimpleXmlSerializer.Load(instance, path);

      string savedSha256 = this.ReadHashCodeDelegate(instance);
      string computedSha256 = getSha256(instance);
      return (savedSha256 == computedSha256);
    }

    /// <summary>Loads the state of an object from a file</summary>
    /// <param name="instance">Instance into which the state will be loaded</param>
    /// <param name="path">File from which the state will be loaded</param>
    /// <param name="rootElementName">Expected name of the root element</param>
    /// <returns>True if the file was genuine, false if it was tampered with</returns>
    public bool Load(T instance, string path, string rootElementName) {
      SimpleXmlSerializer.Load(instance, path, rootElementName);

      string savedSha256 = this.ReadHashCodeDelegate(instance);
      string computedSha256 = getSha256(instance);
      return (savedSha256 == computedSha256);
    }

    /// <summary>Loads the state of an object from a file</summary>
    /// <param name="instance">Instance into which the state will be loaded</param>
    /// <param name="stream">Stream from which the state will be loaded</param>
    /// <returns>True if the file was genuine, false if it was tampered with</returns>
    public bool Load(T instance, Stream stream) {
      SimpleXmlSerializer.Load(instance, stream);

      string savedSha256 = this.ReadHashCodeDelegate(instance);
      string computedSha256 = getSha256(instance);
      return (savedSha256 == computedSha256);
    }

    /// <summary>Loads the state of an object from a file</summary>
    /// <param name="instance">Instance into which the state will be loaded</param>
    /// <param name="stream">Stream from which the state will be loaded</param>
    /// <param name="rootElementName">Expected name of the root element</param>
    /// <returns>True if the file was genuine, false if it was tampered with</returns>
    public bool Load(T instance, Stream stream, string rootElementName) {
      SimpleXmlSerializer.Load(instance, stream, rootElementName);

      string savedSha256 = this.ReadHashCodeDelegate(instance);
      string computedSha256 = getSha256(instance);
      return (savedSha256 == computedSha256);
    }

    /// <summary>Saves the state of an object into a file</summary>
    /// <param name="instance">Instance whose state will be saved</param>
    /// <param name="path">File into which the state will be saved</param>
    public void Save(T instance, string path) {
      string computedSha256 = getSha256(instance);
      this.AssignHashCodeDelegate(instance, computedSha256);

      SimpleXmlSerializer.Save(instance, path);
    }

    /// <summary>Saves the state of an object into a file</summary>
    /// <param name="instance">Instance whose state will be saved</param>
    /// <param name="path">File into which the state will be saved</param>
    /// <param name="rootElementName">Name that will be given to the root element</param>
    public void Save(T instance, string path, string rootElementName) {
      string computedSha256 = getSha256(instance);
      this.AssignHashCodeDelegate(instance, computedSha256);

      SimpleXmlSerializer.Save(instance, path, rootElementName);
    }

    /// <summary>Saves the state of an object into a file</summary>
    /// <param name="instance">Instance whose state will be saved</param>
    /// <param name="path">File into which the state will be saved</param>
    public void Save(T instance, Stream stream) {
      string computedSha256 = getSha256(instance);
      this.AssignHashCodeDelegate(instance, computedSha256);

      SimpleXmlSerializer.Save(instance, stream);
    }

    /// <summary>Saves the state of an object into a file</summary>
    /// <param name="instance">Instance whose state will be saved</param>
    /// <param name="path">File into which the state will be saved</param>
    /// <param name="rootElementName">Name that will be given to the root element</param>
    public void Save(T instance, Stream stream, string rootElementName) {
      string computedSha256 = getSha256(instance);
      this.AssignHashCodeDelegate(instance, computedSha256);

      SimpleXmlSerializer.Save(instance, stream, rootElementName);
    }

    /// <summary>Returns the SHA-256 sum of a structure serialized to XML</summary>
    /// <param name="instance">
    ///   Structure whose SHA-256 when serialized to XML will be returned
    /// </param>
    /// <param name="rootElementName">
    ///   Name of the root element in the XML file, when null is passed,
    ///   defaults to the type name of the structure. 
    /// </param>
    /// <returns>The SHA-256 sum of the structure as a string</returns>
    private string getSha256(T instance, string rootElementName = null) {
      byte[] hashCode;
      using(var memoryStream = new MemoryStream()) {
        
        // Fill the hash code with a default so the SHA-256 is reproducible
        // before saving and after loading the file (assuming the salt is the same)
        if(string.IsNullOrEmpty(this.Salt)) {
          this.AssignHashCodeDelegate(instance, this.Salt);
        } else {
          this.AssignHashCodeDelegate(instance, string.Empty);
        }

        // Make sure the salt is removed again and doesn't linger in memory.
        // Just a tiny measure to make it a little bit harder to tamper with.
        try {

          // Now serialize the structure into an in-memory XML stream of which
          // we can compute the SHA-256 sum
          if(rootElementName == null) {
            SimpleXmlSerializer.Save(instance, memoryStream);
          } else {
            SimpleXmlSerializer.Save(instance, memoryStream, rootElementName);
          }

          // Compute the hash code of the XML stream with salt in it
          {
            var sha256 = new SHA256Managed();
            //sha256.Initialize();
            hashCode = sha256.ComputeHash(memoryStream.GetBuffer(), 0, (int) memoryStream.Length);
          }
          
        }
        finally {
          this.AssignHashCodeDelegate(instance, string.Empty);
          Array.Clear(memoryStream.GetBuffer(), 0, (int)memoryStream.Length);
        }

      }

      return BitConverter.ToString(hashCode);
    }

  }
  
} // namespace Framework.Storage