package go_pgp

import (
	"bytes"
	"errors"
	"io"

	"github.com/ProtonMail/go-crypto/openpgp"
	"github.com/ProtonMail/go-crypto/openpgp/armor"
)

func CreateSignature(data []byte, signer *Entity) ([]byte, error) {
	if signer == nil {
		return nil, errors.New("signer undefined")
	}
	var result []byte
	var err error

	buf := bytes.NewBuffer([]byte{})

	err = openpgp.ArmoredDetachSign(buf, &signer.Entity, bytes.NewBuffer(data), signer.cfg)

	if err == nil {
		result = buf.Bytes()
	}

	return result, err
}

func CreateTextSignature(text string, signer *Entity) ([]byte, error) {
	if signer == nil {
		return nil, errors.New("signer undefined")
	}
	var result []byte
	var err error

	buf := bytes.NewBuffer([]byte{})

	err = openpgp.DetachSignText(buf, &signer.Entity, bytes.NewBufferString(text), signer.cfg)

	if err == nil {
		result = buf.Bytes()
	}

	return result, err
}

func CreateArmoredSignature(data []byte, signer *Entity) (string, error) {
	if signer == nil {
		return "", errors.New("signer undefined")
	}
	result := ""
	var err error

	buf := bytes.NewBufferString("")

	err = openpgp.ArmoredDetachSign(buf, &signer.Entity, bytes.NewBuffer(data), signer.cfg)

	if err == nil {
		result = buf.String()
	}

	return result, err
}

func CreateArmoredTextSignature(text string, signer *Entity) (string, error) {
	if signer == nil {
		return "", errors.New("signer undefined")
	}
	result := ""
	var err error

	buf := bytes.NewBufferString("")

	err = openpgp.ArmoredDetachSignText(buf, &signer.Entity, bytes.NewBufferString(text), signer.cfg)

	if err == nil {
		result = buf.String()
	}

	return result, err
}

func CheckSignature(keyring EntityList, signed, signature []byte) (*Entity, error) {
	var _signed io.Reader
	var _signature io.Reader

	// Default readers
	_signed = bytes.NewBuffer(signed)
	_signature = bytes.NewBuffer(signature)

	// Unarmor signature if possible
	if unarmored, err := armor.Decode(_signature); err == nil {
		_signature = unarmored.Body
	}

	// Check signature
	signer, err := openpgp.CheckDetachedSignature(keyring, _signed, _signature, nil)

	if signer != nil {
		return &Entity{*signer, nil}, err
	}
	return nil, err
}