package main

import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha256"
	"crypto/x509"
	"encoding/base64"
	"encoding/pem"
	"flag"
	"fmt"
	"os"
)

var UserName *string

func init() {
	//cfile := flag.String("c", defaultConfigFile, "config file")
	//pv := flag.Bool("v", false, "print version")
	//ph := flag.Bool("h", false, "print help")
	UserName = flag.String("u", "omc", "user name")

	flag.Parse()
	// if *pv {
	// 	os.Exit(0)
	// }
	// if *ph {
	// 	flag.Usage()
	// 	os.Exit(0)
	// }

	//ReadConfig(*cfile)
}

func main() {
	// 假设你已经有了CMCA证书私钥和userName登录用户名
	privateKeyBytes, err := os.ReadFile("./private_key.pem")
	if err != nil {
		fmt.Println("Failed to read private key file:", err)
		return
	}
	//userName := "omc"

	// 解析私钥
	privateKey, err := parsePrivateKey(privateKeyBytes)
	if err != nil {
		fmt.Println("Failed to parse private key:", err)
		return
	}

	// 对用户名进行签名
	signature, err := sign(privateKey, *UserName)
	if err != nil {
		fmt.Println("Failed to sign username:", err)
		return
	}

	// 将签名按Base64编码格式化输出
	signatureBase64 := base64.StdEncoding.EncodeToString(signature)
	fmt.Println("Signature:", signatureBase64)
}

// 解析私钥
// func parsePrivateKey(privateKeyBytes []byte) (*rsa.PrivateKey, error) {
// 	privateKey, err := parsePrivateKey(privateKeyBytes)
// 	if err != nil {
// 		return nil, err
// 	}
// 	return privateKey, nil
// }

// 解析私钥
func parsePrivateKey(privateKeyBytes []byte) (*rsa.PrivateKey, error) {
	block, _ := pem.Decode(privateKeyBytes)
	if block == nil {
		return nil, fmt.Errorf("failed to decode private key")
	}

	//privateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
	privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
	if err != nil {
		return nil, err
	}

	// rsaPrivateKey, ok := privateKey.(*rsa.PrivateKey)
	// if !ok {
	// 	return nil, fmt.Errorf("private key is not RSA")
	// }

	return privateKey, nil
}

// 对数据进行签名
func sign(privateKey *rsa.PrivateKey, data string) ([]byte, error) {
	hashed := sha256.Sum256([]byte(data))
	signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed[:])
	if err != nil {
		return nil, err
	}
	return signature, nil
}

func readPrivateKey() {
	// 读取私钥文件
	privateKeyBytes, err := os.ReadFile("./private_key.pem")
	if err != nil {
		fmt.Println("Failed to read private key file:", err)
		return
	}

	// 输出私钥内容
	fmt.Println(string(privateKeyBytes))
}