// Copyright 2015 Joyent, Inc.

module.exports = {

Verifier: Verifier,
Signer: Signer

};

var nacl = require('tweetnacl'); var stream = require('stream'); var util = require('util'); var assert = require('assert-plus'); var Buffer = require('safer-buffer').Buffer; var Signature = require('./signature');

function Verifier(key, hashAlgo) {

if (hashAlgo.toLowerCase() !== 'sha512')
        throw (new Error('ED25519 only supports the use of ' +
            'SHA-512 hashes'));

this.key = key;
this.chunks = [];

stream.Writable.call(this, {});

} util.inherits(Verifier, stream.Writable);

Verifier.prototype._write = function (chunk, enc, cb) {

this.chunks.push(chunk);
cb();

};

Verifier.prototype.update = function (chunk) {

if (typeof (chunk) === 'string')
        chunk = Buffer.from(chunk, 'binary');
this.chunks.push(chunk);

};

Verifier.prototype.verify = function (signature, fmt) {

var sig;
if (Signature.isSignature(signature, [2, 0])) {
        if (signature.type !== 'ed25519')
                return (false);
        sig = signature.toBuffer('raw');

} else if (typeof (signature) === 'string') {
        sig = Buffer.from(signature, 'base64');

} else if (Signature.isSignature(signature, [1, 0])) {
        throw (new Error('signature was created by too old ' +
            'a version of sshpk and cannot be verified'));
}

assert.buffer(sig);
return (nacl.sign.detached.verify(
    new Uint8Array(Buffer.concat(this.chunks)),
    new Uint8Array(sig),
    new Uint8Array(this.key.part.A.data)));

};

function Signer(key, hashAlgo) {

if (hashAlgo.toLowerCase() !== 'sha512')
        throw (new Error('ED25519 only supports the use of ' +
            'SHA-512 hashes'));

this.key = key;
this.chunks = [];

stream.Writable.call(this, {});

} util.inherits(Signer, stream.Writable);

Signer.prototype._write = function (chunk, enc, cb) {

this.chunks.push(chunk);
cb();

};

Signer.prototype.update = function (chunk) {

if (typeof (chunk) === 'string')
        chunk = Buffer.from(chunk, 'binary');
this.chunks.push(chunk);

};

Signer.prototype.sign = function () {

var sig = nacl.sign.detached(
    new Uint8Array(Buffer.concat(this.chunks)),
    new Uint8Array(Buffer.concat([
        this.key.part.k.data, this.key.part.A.data])));
var sigBuf = Buffer.from(sig);
var sigObj = Signature.parse(sigBuf, 'ed25519', 'raw');
sigObj.hashAlgorithm = 'sha512';
return (sigObj);

};