package secure

import (
	"crypto/ecdsa"
	"crypto/elliptic"
	randcrypto "crypto/rand"
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"math/rand"
	"time"
)

type PassLevel string

const (
	High   PassLevel = "advance"
	Mid    PassLevel = "mix"
	Low    PassLevel = "char"
	Danger PassLevel = "num"

	nUmStr  = "0123456789"
	charStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
	specStr = "+=-@#~,.[]()!%^*$"
)

var (
	r = rand.New(rand.NewSource(time.Now().UnixNano()))
)

func GeneratePasswd(level PassLevel, length int32) string {
	var passwd = make([]byte, length, length)
	var sourceStr string
	switch level {
	case Danger:
		sourceStr = nUmStr
	case Low:
		sourceStr = charStr
	case Mid:
		sourceStr = fmt.Sprintf("%s%s", nUmStr, charStr)
	case High:
		sourceStr = fmt.Sprintf("%s%s%s", nUmStr, charStr, specStr)
	default:
		sourceStr = fmt.Sprintf("%s%s", nUmStr, charStr)
	}
	for i := range passwd {
		index := r.Intn(len(sourceStr))
		passwd[i] = sourceStr[index]
	}
	return string(passwd)
}

func GenerateECDSAKeyPem() (primaryKey, publicKey []byte, e error) {
	var (
		key *ecdsa.PrivateKey
		sec []byte
		pk  []byte
	)
	if key, e = ecdsa.GenerateKey(elliptic.P256(), randcrypto.Reader); e != nil {
		return
	}
	if sec, e = x509.MarshalECPrivateKey(key); e != nil {
		return
	}
	if pk, e = x509.MarshalPKIXPublicKey(key.Public()); e != nil {
		return
	}
	primaryKey = pem.EncodeToMemory(&pem.Block{Type: "ECD PRIVATE KEY", Bytes: sec})
	publicKey = pem.EncodeToMemory(&pem.Block{Type: "ECD PUBLIC KEY", Bytes: pk})
	return
}