package sys

/*
#cgo  LDFLAGS: -lcrypto

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/opensslv.h>

char* pw_hash(const char *password, unsigned char *salt) {
	const EVP_MD *digest;
	unsigned char *password_hash;
	unsigned int hash_len;

#if OPENSSL_VERSION_NUMBER < 0x10100000L
	EVP_MD_CTX context;
#else
	EVP_MD_CTX *context;
#endif

#if OPENSSL_VERSION_NUMBER < 0x10100000L || OPENSSL_API_COMPAT < 0x10100000L
	OpenSSL_add_all_digests();
#else
	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
			| OPENSSL_INIT_ADD_ALL_DIGESTS \
			| OPENSSL_INIT_LOAD_CONFIG, NULL);
#endif

	digest = EVP_get_digestbyname("sha512");
	if(!digest){
		return NULL;
	}

	password_hash = malloc(64 * sizeof(unsigned char));

#if OPENSSL_VERSION_NUMBER < 0x10100000L
		EVP_MD_CTX_init(&context);
		EVP_DigestInit_ex(&context, digest, NULL);
		EVP_DigestUpdate(&context, password, strlen(password));
		EVP_DigestUpdate(&context, salt, 12);
		EVP_DigestFinal_ex(&context, password_hash, &hash_len);
		EVP_MD_CTX_cleanup(&context);
#else
		context = EVP_MD_CTX_new();
		EVP_DigestInit_ex(context, digest, NULL);
		EVP_DigestUpdate(context, password, strlen(password));
		EVP_DigestUpdate(context, salt, 12);
		EVP_DigestFinal_ex(context, password_hash, &hash_len);
		EVP_MD_CTX_free(context);
#endif

	return password_hash;
}
*/
//import "C"
import (
	"crypto/sha512"
	"encoding/base64"
	"fmt"
	"math/rand"
	"time"
	// "unsafe"
)

const EVP_MAX_MD_SIZE = 64
const SALT_LEN = 12

func RandBytes(n int) []byte {
	rand.Seed(time.Now().UnixNano())
	str := "0123456789abcdefghijklmnopqrstuvwxyz"
	bytes := []byte(str)

	var result []byte
	for i := 0; i < n; i++ {
		result = append(result, bytes[rand.Intn(len(bytes))])
	}

	return result
}

func cSSLPassword(username, password string) (text string) {

	// saltByte := RandBytes(SALT_LEN)
	// salt64 := base64.StdEncoding.EncodeToString(saltByte)

	// passwordPtr := C.CString(password)
	// defer C.free(unsafe.Pointer(passwordPtr))

	// passwordHash := C.pw_hash((*C.char)(unsafe.Pointer(passwordPtr)), (*C.uchar)(unsafe.Pointer(&saltByte[0])))
	// defer C.free(unsafe.Pointer(passwordHash))

	// hashByte := C.GoBytes(unsafe.Pointer(passwordHash), 64)

	// hash64 := base64.StdEncoding.EncodeToString(hashByte)

	// text = fmt.Sprintf("%s:$6$%s$%s", username, salt64, hash64)

	return
}

/*
mosquitto生成用户密码的go实现
*/
func OutputNewPassword(username, password string) (text string) {
	pw := []byte(password)
	saltByte := RandBytes(SALT_LEN)
	salt64 := base64.StdEncoding.EncodeToString(saltByte)

	sha512Hasher := sha512.New()
	// pw = append(pw, saltByte...)

	sha512Hasher.Write(pw)

	hashedPw := sha512Hasher.Sum(nil)
	hash64 := base64.StdEncoding.EncodeToString(hashedPw)
	text = fmt.Sprintf("%s:$6$%s$%s", username, salt64, hash64)

	return
}