use rsa::{
    RsaPrivateKey, RsaPublicKey,
    pkcs8::{EncodePrivateKey, EncodePublicKey, LineEnding},
};

use crate::error::AppError;

/// A private/public key pair used for HTTP signatures
#[derive(Debug, Clone)]
pub struct Keypair {
    /// Private key in PEM format
    pub private_key: String,
    /// Public key in PEM format
    pub public_key: String,
}

impl Keypair {
    /// Helper method to turn this into an openssl private key
    #[cfg(test)]
    pub(crate) fn private_key(&self) -> Result<RsaPrivateKey, anyhow::Error> {
        use rsa::pkcs8::DecodePrivateKey;

        Ok(RsaPrivateKey::from_pkcs8_pem(&self.private_key)?)
    }
}

pub fn generate_actor_keypair() -> Result<Keypair, AppError> {
    let mut rng = rand::thread_rng();
    let rsa = RsaPrivateKey::new(&mut rng, 2048)?;
    let pkey = RsaPublicKey::from(&rsa);
    let public_key = pkey.to_public_key_pem(LineEnding::default())?;
    let private_key = rsa.to_pkcs8_pem(LineEnding::default())?.to_string();
    Ok(Keypair {
        private_key,
        public_key,
    })
}