#!/bin/sh

#  Copyright (c) 2017, 2018 Taylor R. Campbell
#  All rights reserved.
#
#  Redistribution and use in source and binary forms, with or without
#  modification, are permitted provided that the following conditions
#  are met:
#  1. Redistributions of source code must retain the above copyright
#     notice, this list of conditions and the following disclaimer.
#  2. Redistributions in binary form must reproduce the above copyright
#     notice, this list of conditions and the following disclaimer in the
#     documentation and/or other materials provided with the distribution.
#
#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
#  ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
#  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
#  ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
#  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
#  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
#  OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
#  HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
#  LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
#  OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
#  SUCH DAMAGE.

set -Ceu

err () { echo >&2 t_oniongen1: "$@"; exit 1; }
clean () { rm -f t_oniongen1.sock t_oniongen1.secret t_oniongen1.onion; }
trap clean EXIT HUP INT TERM

check ()
{
  keytype="$1"
  shift 1

  clean
  ./oniongen1 ${1+"$@"} t_oniongen1.secret t_oniongen1.onion

  secret="$(cat t_oniongen1.secret)" || err 'no secret generated'
  case $secret in $keytype:*);; *) err "non-$keytype secret generated";; esac
  case $keytype in
  RSA1024)
    b64_priv=${secret#RSA1024:}
    folded_priv="$(printf '%s' "$b64_priv" | fold -bw 64)"
    pem_head='-----BEGIN RSA PRIVATE KEY-----'
    pem_foot='-----END RSA PRIVATE KEY-----'
    pem_priv="$(printf '%s\n%s\n%s\n' "$pem_head" "$folded_priv" "$pem_foot")"
    if ! printf '%s' "$pem_priv" | openssl rsa -check >>/dev/null 2>&1; then
      err 'openssl chokes on generated secret'
    fi
  ;;
  esac

  onion="$(cat t_oniongen1.onion)" || err 'no onion generated'
  case $onion in *.onion);; *) err 'invalid onion generated';; esac
  clean
}

check RSA1024
check RSA1024 -V 2
check RSA1024 -t BEST
check RSA1024 -t RSA1024
check ED25519-V3 -V 3
check ED25519-V3 -t ED25519-V3
echo t_oniongen1: success