package dns_api

import (
	"encoding/base32"
	"encoding/base64"
	"git.gammaspectra.live/givna.me/dns-api/ed25519"
	"golang.org/x/crypto/sha3"
	"strings"
)

var base32Encoding = base32.NewEncoding(strings.ToLower("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567")).WithPadding(base32.NoPadding)

const onionV3Version = byte(0x3)
const onionChecksumData = ".onion checksum"

func PublicKeyToOnionV3(publicKey ed25519.PublicKey) string {
	checksumBuf := make([]byte, 0, ed25519.PublicKeySize+1+len(onionChecksumData))
	buf := make([]byte, 0, ed25519.PublicKeySize+2+1)

	checksumBuf = append(checksumBuf, onionChecksumData...)
	checksumBuf = append(checksumBuf, publicKey...)
	checksumBuf = append(checksumBuf, onionV3Version)

	h := sha3.New256()
	h.Write(checksumBuf)
	checksum := h.Sum([]byte{})[:2]

	buf = append(buf, publicKey...)
	buf = append(buf, checksum...)
	buf = append(buf, onionV3Version)
	return base32Encoding.EncodeToString(buf)
}

const torPrivateKeyPrefix = "== ed25519v1-secret: type0 ==\x00\x00\x00"
const torPublicKeyPrefix = "== ed25519v1-public: type0 ==\x00\x00\x00"

func DecodeTorPrivateKey(key string) ed25519.PrivateKey {
	priv, err := base64.RawStdEncoding.DecodeString(key)
	if err != nil {
		return nil
	}

	return ed25519.NewKeyFromRaw(priv[32:])
}

func DecodePrivateKey(buf string) ed25519.PrivateKey {
	priv, err := base64.RawStdEncoding.DecodeString(buf)
	if err != nil {
		return nil
	}

	return ed25519.NewKeyFromRaw(priv)
}