# @file fors_authpath_basic.py (2023-03-16T14:29Z)
# @author David Ireland <www.di-mgt.com.au/contact>
# @copyright 2023 DI Management Services Pty Ltd
# @license Apache-2.0

"""Initial basic calcs for authpath of first FORS tree."""

import hashlib

# sk = PRF(SK.seed, ADRS)
# node = F(PK.seed, ADRS, sk)

def SHA256(hexval):
    return hashlib.sha256(bytes.fromhex(hexval)).hexdigest()

def PRF(hexval):
    return SHA256(hexval)[:32]

def F(PKseed, adrs, M):
    # Pad PK.seed to 64 bytes with zeros (NB in hex)
    PKseed_pad = PKseed + "0" * (128 - len(PKseed))
    # print(PKseed_pad, len(PKseed_pad))
    return SHA256(PKseed_pad + adrs + M)[:32]

PKseed = 'B505D7CFAD1B497499323C8686325E47'
SKseed = '7C9935A0B07694AA0C6D10E4DB6B1ADD'

# sk with index = 26 (left sibling of sk[0]), treeHeight=0
adrs_c= '0028daecdc86eb87610300000006000000000000001a'
print(f"ADRS={adrs_c}")
sk = PRF(SKseed + adrs_c)
print(f"sk26={sk}")
node = F(PKseed, adrs_c, sk)
print(f"node={node}")
# 90d9d26cf0068d14f2125ffa16dce594

# Next auth path node is parent of node[24] and node[25]
adrs_c= '0028daecdc86eb876103000000060000000000000018'
print(f"ADRS={adrs_c}")
sk = PRF(SKseed + adrs_c)
print(f"sk24={sk}")
node0 = F(PKseed, adrs_c, sk)
print(f"node0={node0}")
adrs_c= '0028daecdc86eb876103000000060000000000000019'
print(f"ADRS={adrs_c}")
sk = PRF(SKseed + adrs_c)
print(f"sk25={sk}")
node1 = F(PKseed, adrs_c, sk)
print(f"node1={node1}")

# treeIndex = 25//2 = 12 = 0x0c
# treeHeight = 1
adrs_c= '0028daecdc86eb87610300000006000000010000000c'
print(f"ADRS={adrs_c}")
node = F(PKseed, adrs_c, node0+node1)
print(f"node={node}")
# 3af75452a07b7bc67344a77fba2bc51f
print("OK  =3af75452a07b7bc67344a77fba2bc51f")