// Copyright 2015 Joyent, Inc.

module.exports = {

read: read,
write: write

};

var assert = require('assert-plus'); var Buffer = require('safer-buffer').Buffer; var rfc4253 = require('./rfc4253'); var utils = require('../utils'); var Key = require('../key'); var PrivateKey = require('../private-key');

var sshpriv = require('./ssh-private');

/JSSTYLED/ var SSHKEY_RE = /^([a-z0-9-]+)[ t]+([a-zA-Z0-9+/]+[=]*)([ t]+([^ t][^n]*[n]*)?)?$/; /JSSTYLED/ var SSHKEY_RE2 = /^([a-z0-9-]+)[ tn]+([a-zA-Z0-9+/][a-zA-Z0-9+/ tn=]*)([^a-zA-Z0-9+/ tn=].*)?$/;

function read(buf, options) {

if (typeof (buf) !== 'string') {
        assert.buffer(buf, 'buf');
        buf = buf.toString('ascii');
}

var trimmed = buf.trim().replace(/[\\\r]/g, '');
var m = trimmed.match(SSHKEY_RE);
if (!m)
        m = trimmed.match(SSHKEY_RE2);
assert.ok(m, 'key must match regex');

var type = rfc4253.algToKeyType(m[1]);
var kbuf = Buffer.from(m[2], 'base64');

/*
 * This is a bit tricky. If we managed to parse the key and locate the
 * key comment with the regex, then do a non-partial read and assert
 * that we have consumed all bytes. If we couldn't locate the key
 * comment, though, there may be whitespace shenanigans going on that
 * have conjoined the comment to the rest of the key. We do a partial
 * read in this case to try to make the best out of a sorry situation.
 */
var key;
var ret = {};
if (m[4]) {
        try {
                key = rfc4253.read(kbuf);

        } catch (e) {
                m = trimmed.match(SSHKEY_RE2);
                assert.ok(m, 'key must match regex');
                kbuf = Buffer.from(m[2], 'base64');
                key = rfc4253.readInternal(ret, 'public', kbuf);
        }
} else {
        key = rfc4253.readInternal(ret, 'public', kbuf);
}

assert.strictEqual(type, key.type);

if (m[4] && m[4].length > 0) {
        key.comment = m[4];

} else if (ret.consumed) {
        /*
         * Now the magic: trying to recover the key comment when it's
         * gotten conjoined to the key or otherwise shenanigan'd.
         *
         * Work out how much base64 we used, then drop all non-base64
         * chars from the beginning up to this point in the the string.
         * Then offset in this and try to make up for missing = chars.
         */
        var data = m[2] + (m[3] ? m[3] : '');
        var realOffset = Math.ceil(ret.consumed / 3) * 4;
        data = data.slice(0, realOffset - 2). /*JSSTYLED*/
            replace(/[^a-zA-Z0-9+\/=]/g, '') +
            data.slice(realOffset - 2);

        var padding = ret.consumed % 3;
        if (padding > 0 &&
            data.slice(realOffset - 1, realOffset) !== '=')
                realOffset--;
        while (data.slice(realOffset, realOffset + 1) === '=')
                realOffset++;

        /* Finally, grab what we think is the comment & clean it up. */
        var trailer = data.slice(realOffset);
        trailer = trailer.replace(/[\r\n]/g, ' ').
            replace(/^\s+/, '');
        if (trailer.match(/^[a-zA-Z0-9]/))
                key.comment = trailer;
}

return (key);

}

function write(key, options) {

assert.object(key);
if (!Key.isKey(key))
        throw (new Error('Must be a public key'));

var parts = [];
var alg = rfc4253.keyTypeToAlg(key);
parts.push(alg);

var buf = rfc4253.write(key);
parts.push(buf.toString('base64'));

if (key.comment)
        parts.push(key.comment);

return (Buffer.from(parts.join(' ')));

}