#! /usr/bin/env python

from __future__ import print_function

import argparse
import json
import os
import sys
import yaml

from . import *

def read_base64_file(filename):
    """Read a base64 file, dropping any CR/LF characters"""
    with open(filename, "rb") as f:
        return f.read().translate(None, "\r\n")

def build_arg_parser():
    parser = argparse.ArgumentParser()
    parser.add_argument("--key", help="Account encryption key", default="")
    commands = parser.add_subparsers()

    create_account = commands.add_parser("create_account", help="Create a new account")
    create_account.add_argument("account_file", help="Local account file")

    def do_create_account(args):
        if os.path.exists(args.account_file):
            sys.stderr.write("Account %r file already exists" % (
                args.account_file,
            ))
            sys.exit(1)
        account = Account()
        account.create()
        with open(args.account_file, "wb") as f:
            f.write(account.pickle(args.key))

    create_account.set_defaults(func=do_create_account)

    keys = commands.add_parser("keys", help="List public keys for an account")
    keys.add_argument("account_file", help="Local account file")
    keys.add_argument("--json", action="store_true", help="Output as JSON")

    def do_keys(args):
        account = Account()
        account.unpickle(args.key, read_base64_file(args.account_file))
        result = {
            "account_keys": account.identity_keys(),
            "one_time_keys": account.one_time_keys(),
        }
        try:
            if args.json:
                json.dump(result, sys.stdout, indent=4)
            else:
                yaml.safe_dump(result, sys.stdout, default_flow_style=False)
        except:
            pass

    keys.set_defaults(func=do_keys)

    def do_id_key(args):
        account = Account()
        account.unpickle(args.key, read_base64_file(args.account_file))
        print(account.identity_keys()['curve25519'])

    id_key = commands.add_parser("identity_key", help="Get the identity key for an account")
    id_key.add_argument("account_file", help="Local account file")
    id_key.set_defaults(func=do_id_key)

    def do_one_time_key(args):
        account = Account()
        account.unpickle(args.key, read_base64_file(args.account_file))
        keys = account.one_time_keys()['curve25519'].values()
        key_num = args.key_num
        if key_num < 1 or key_num > len(keys):
            print(
                "Invalid key number %i: %i keys available" %
                   (key_num, len(keys)),
                file=sys.stderr
            )
            sys.exit(1)
        print (keys[key_num-1])

    one_time_key = commands.add_parser("one_time_key",
                                       help="Get a one-time key for the account")
    one_time_key.add_argument("account_file", help="Local account file")
    one_time_key.add_argument("--key-num", "-n", type=int, default=1,
                              help="Index of key to retrieve (default: 1)")
    one_time_key.set_defaults(func=do_one_time_key)


    sign = commands.add_parser("sign", help="Sign a message")
    sign.add_argument("account_file", help="Local account file")
    sign.add_argument("message_file", help="Message to sign")
    sign.add_argument("signature_file", help="Signature to output")

    def do_sign(args):
        account = Account()
        account.unpickle(args.key, read_base64_file(args.account_file))
        with open_in(args.message_file) as f:
             message = f.read()
        signature = account.sign(message)
        with open_out(args.signature_file) as f:
             f.write(signature)

    sign.set_defaults(func=do_sign)


    generate_keys = commands.add_parser("generate_keys", help="Generate one time keys")
    generate_keys.add_argument("account_file", help="Local account file")
    generate_keys.add_argument("count", type=int, help="Number of keys to generate")

    def do_generate_keys(args):
        account = Account()
        account.unpickle(args.key, read_base64_file(args.account_file))
        account.generate_one_time_keys(args.count)
        with open(args.account_file, "wb") as f:
            f.write(account.pickle(args.key))

    generate_keys.set_defaults(func=do_generate_keys)


    outbound = commands.add_parser("outbound", help="Create an outbound session")
    outbound.add_argument("account_file", help="Local account file")
    outbound.add_argument("session_file", help="Local session file")
    outbound.add_argument("identity_key", help="Remote identity key")
    outbound.add_argument("one_time_key", help="Remote one time key")

    def do_outbound(args):
        if os.path.exists(args.session_file):
            sys.stderr.write("Session %r file already exists" % (
                args.session_file,
            ))
            sys.exit(1)
        account = Account()
        account.unpickle(args.key, read_base64_file(args.account_file))
        session = Session()
        session.create_outbound(
            account, args.identity_key, args.one_time_key
        )
        with open(args.session_file, "wb") as f:
            f.write(session.pickle(args.key))

    outbound.set_defaults(func=do_outbound)

    def open_in(path):
        if path == "-":
            return sys.stdin
        else:
            return open(path, "rb")

    def open_out(path):
        if path == "-":
            return sys.stdout
        else:
            return open(path, "wb")

    inbound = commands.add_parser("inbound", help="Create an inbound session")
    inbound.add_argument("account_file", help="Local account file")
    inbound.add_argument("session_file", help="Local session file")
    inbound.add_argument("message_file", help="Message", default="-")
    inbound.add_argument("plaintext_file", help="Plaintext", default="-")

    def do_inbound(args):
        if os.path.exists(args.session_file):
            sys.stderr.write("Session %r file already exists" % (
                args.session_file,
            ))
            sys.exit(1)
        account = Account()
        account.unpickle(args.key, read_base64_file(args.account_file))
        with open_in(args.message_file) as f:
            message_type = f.read(8)
            message = f.read()
        if message_type != "PRE_KEY ":
            sys.stderr.write("Expecting a PRE_KEY message")
            sys.exit(1)
        session = Session()
        session.create_inbound(account, message)
        plaintext = session.decrypt(0, message)
        with open(args.session_file, "wb") as f:
            f.write(session.pickle(args.key))
        with open_out(args.plaintext_file) as f:
            f.write(plaintext)

    inbound.set_defaults(func=do_inbound)

    session_id = commands.add_parser("session_id", help="Session ID")
    session_id.add_argument("session_file", help="Local session file")

    def do_session_id(args):
        session = Session()
        session.unpickle(args.key, read_base64_file(args.session_file))
        sys.stdout.write(session.session_id() + "\n")

    session_id.set_defaults(func=do_session_id)

    encrypt = commands.add_parser("encrypt", help="Encrypt a message")
    encrypt.add_argument("session_file", help="Local session file")
    encrypt.add_argument("plaintext_file", help="Plaintext", default="-")
    encrypt.add_argument("message_file", help="Message", default="-")

    def do_encrypt(args):
        session = Session()
        session.unpickle(args.key, read_base64_file(args.session_file))
        with open_in(args.plaintext_file) as f:
            plaintext = f.read()
        message_type, message = session.encrypt(plaintext)
        with open(args.session_file, "wb") as f:
            f.write(session.pickle(args.key))
        with open_out(args.message_file) as f:
            f.write(["PRE_KEY ", "MESSAGE "][message_type])
            f.write(message)

    encrypt.set_defaults(func=do_encrypt)

    decrypt = commands.add_parser("decrypt", help="Decrypt a message")
    decrypt.add_argument("session_file", help="Local session file")
    decrypt.add_argument("message_file", help="Message", default="-")
    decrypt.add_argument("plaintext_file", help="Plaintext", default="-")

    def do_decrypt(args):
        session = Session()
        session.unpickle(args.key, read_base64_file(args.session_file))
        with open_in(args.message_file) as f:
            message_type = f.read(8)
            message = f.read()
        if message_type not in {"PRE_KEY ", "MESSAGE "}:
            sys.stderr.write("Expecting a PRE_KEY or MESSAGE message")
            sys.exit(1)
        message_type = 1 if message_type == "MESSAGE " else 0
        plaintext = session.decrypt(message_type, message)
        with open(args.session_file, "wb") as f:
            f.write(session.pickle(args.key))
        with open_out(args.plaintext_file) as f:
            f.write(plaintext)

    decrypt.set_defaults(func=do_decrypt)

    outbound_group = commands.add_parser("outbound_group", help="Create an outbound group session")
    outbound_group.add_argument("session_file", help="Local group session file")
    outbound_group.set_defaults(func=do_outbound_group)

    group_credentials = commands.add_parser("group_credentials", help="Export the current outbound group session credentials")
    group_credentials.add_argument("session_file", help="Local outbound group session file")
    group_credentials.add_argument("credentials_file", help="File to write credentials to (default stdout)",
                                   type=argparse.FileType('w'), nargs='?',
                                   default=sys.stdout)
    group_credentials.set_defaults(func=do_group_credentials)

    group_encrypt = commands.add_parser("group_encrypt", help="Encrypt a group message")
    group_encrypt.add_argument("session_file", help="Local outbound group session file")
    group_encrypt.add_argument("plaintext_file", help="Plaintext file (default stdin)",
                               type=argparse.FileType('rb'), nargs='?',
                               default=sys.stdin)
    group_encrypt.add_argument("message_file", help="Message file (default stdout)",
                               type=argparse.FileType('w'), nargs='?',
                               default=sys.stdout)
    group_encrypt.set_defaults(func=do_group_encrypt)

    inbound_group = commands.add_parser(
        "inbound_group",
        help=("Create an inbound group session based on credentials from an "+
              "outbound group session"))
    inbound_group.add_argument("session_file", help="Local inbound group session file")
    inbound_group.add_argument("credentials_file",
                               help="File to read credentials from (default stdin)",
                               type=argparse.FileType('r'), nargs='?',
                               default=sys.stdin)
    inbound_group.set_defaults(func=do_inbound_group)

    group_decrypt = commands.add_parser("group_decrypt", help="Decrypt a group message")
    group_decrypt.add_argument("session_file", help="Local inbound group session file")
    group_decrypt.add_argument("message_file", help="Message file (default stdin)",
                               type=argparse.FileType('r'), nargs='?',
                               default=sys.stdin)
    group_decrypt.add_argument("plaintext_file", help="Plaintext file (default stdout)",
                               type=argparse.FileType('wb'), nargs='?',
                               default=sys.stdout)
    group_decrypt.set_defaults(func=do_group_decrypt)
    return parser

def do_outbound_group(args):
    if os.path.exists(args.session_file):
        sys.stderr.write("Session %r file already exists" % (
            args.session_file,
        ))
        sys.exit(1)
    session = OutboundGroupSession()
    with open(args.session_file, "wb") as f:
            f.write(session.pickle(args.key))

def do_group_encrypt(args):
    session = OutboundGroupSession()
    session.unpickle(args.key, read_base64_file(args.session_file))
    plaintext = args.plaintext_file.read()
    message = session.encrypt(plaintext)
    with open(args.session_file, "wb") as f:
        f.write(session.pickle(args.key))
    args.message_file.write(message)

def do_group_credentials(args):
    session = OutboundGroupSession()
    session.unpickle(args.key, read_base64_file(args.session_file))
    result = {
        'message_index': session.message_index(),
        'session_key': session.session_key(),
    }
    json.dump(result, args.credentials_file, indent=4)

def do_inbound_group(args):
    if os.path.exists(args.session_file):
        sys.stderr.write("Session %r file already exists\n" % (
            args.session_file,
        ))
        sys.exit(1)
    credentials = json.load(args.credentials_file)
    for k in ('session_key', ):
        if not k in credentials:
            sys.stderr.write("Credentials file is missing %s\n" % k)
            sys.exit(1);

    session = InboundGroupSession()
    session.init(credentials['session_key'])
    with open(args.session_file, "wb") as f:
        f.write(session.pickle(args.key))

def do_group_decrypt(args):
    session = InboundGroupSession()
    session.unpickle(args.key, read_base64_file(args.session_file))
    message = args.message_file.read()
    plaintext, message_index = session.decrypt(message)
    with open(args.session_file, "wb") as f:
        f.write(session.pickle(args.key))
    args.plaintext_file.write(plaintext)

if __name__ == '__main__':
    parser = build_arg_parser()
    args = parser.parse_args()
    args.func(args)