use crate::config::{NebulaConfig, CONFIG};
use ed25519_dalek::{SigningKey, VerifyingKey};
use log::debug;
use serde::{Deserialize, Serialize};
use std::error::Error;
use std::fs;
use trifid_pki::cert::NebulaCertificate;
use trifid_pki::x25519_dalek::PublicKey;

#[derive(Serialize, Deserialize, Clone)]
pub struct Keystore {
    #[serde(default = "default_vec")]
    pub hosts: Vec<KeystoreHostInformation>,
}

fn default_vec<T>() -> Vec<T> {
    vec![]
}

pub fn keystore_init() -> Result<Keystore, Box<dyn Error>> {
    let mut ks_fp = CONFIG.crypto.local_keystore_directory.clone();
    ks_fp.push("tfks.toml");

    if !ks_fp.exists() {
        return Ok(Keystore { hosts: vec![] });
    }

    let f_str = fs::read_to_string(ks_fp)?;
    let keystore: Keystore = toml::from_str(&f_str)?;

    Ok(keystore)
}

pub fn keystore_flush(ks: &Keystore) -> Result<(), Box<dyn Error>> {
    let mut ks_fp = CONFIG.crypto.local_keystore_directory.clone();
    ks_fp.push("tfks.toml");

    debug!("writing to {}", ks_fp.display());

    fs::write(ks_fp, toml::to_string(ks)?)?;

    Ok(())
}

#[derive(Serialize, Deserialize, Clone)]
pub struct KeystoreHostInformation {
    pub id: String,

    pub current_signing_key: u64,
    pub current_client_key: u64,

    pub current_config: u64,
    pub current_cert: u64,

    pub certs: Vec<KSCert>,
    pub config: Vec<KSConfig>,
    pub signing_keys: Vec<KSSigningKey>,
    pub client_keys: Vec<KSClientKey>,
}

#[derive(Serialize, Deserialize, Clone)]
pub struct KSCert {
    pub id: u64,
    pub cert: NebulaCertificate,
}

#[derive(Serialize, Deserialize, Clone)]
pub struct KSConfig {
    pub id: u64,
    pub config: NebulaConfig,
}

#[derive(Serialize, Deserialize, Clone)]
pub struct KSSigningKey {
    pub id: u64,
    pub key: SigningKey,
}

#[derive(Serialize, Deserialize, Clone)]
pub struct KSClientKey {
    pub id: u64,
    pub dh_pub: PublicKey,
    pub ed_pub: VerifyingKey,
}