use clap::{App, Arg, ArgMatches, SubCommand};
use rust_util::util_clap::{Command, CommandError};
use yubikey::piv::{AlgorithmId, SlotId};
use yubikey::YubiKey;

pub struct CommandImpl;

impl Command for CommandImpl {
    fn name(&self) -> &str { "piv-sign" }

    fn subcommand<'a>(&self) -> App<'a, 'a> {
        SubCommand::with_name(self.name()).about("PIV Sign subcommand")
            .arg(Arg::with_name("pass").short("p").long("pass").takes_value(true).default_value("123456").help("OpenPGP card password"))
        // .arg(Arg::with_name("json").long("json").help("JSON output"))
    }

    fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
        warning!("This feature is not complete");
        let pass_opt = sub_arg_matches.value_of("pass");
        let pass = opt_value_result!(pass_opt, "Pass must be assigned");

        let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}");
        opt_result!(yk.verify_pin(pass.as_bytes()), "YubiKey verify pin failed: {}");
        let raw_in = [1_u8; 256];
        let sign_result = yubikey::piv::sign_data(&mut yk, &raw_in, AlgorithmId::Rsa2048, SlotId::Signature);
        let sign = opt_result!(sign_result, "Sign data failed: {}");
        let sign_bytes = sign.as_slice();
        success!("Signature HEX: {}", hex::encode(sign_bytes));
        success!("Signature base64: {}", base64::encode(sign_bytes));
        Ok(None)
    }
}