#!/usr/bin/python
# -*- coding: utf-8 -*-
# (C) Christoph Egger <christoph@christoph-egger.org>

from __future__ import print_function

import os.path
import logging

from acme import client
from acme import jose
from acme import messages

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization

from sicceggetools.acme import constants

logging.basicConfig()
logging.getLogger().setLevel(logging.INFO)

if not os.path.exists("data"):
    logging.info("Creating data directory")
    os.mkdir("data")
    os.chmod("data", 0700)
    

if not os.path.exists("data/account.key.pem"):
    logging.info("Creating account key")
    private_key = rsa.generate_private_key(
        public_exponent=65537,
        key_size=constants.KEY_SIZE,
        backend=default_backend()
        )

    pem = private_key.private_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PrivateFormat.TraditionalOpenSSL,
        encryption_algorithm=serialization.NoEncryption()
        )

    with open("data/account.key.pem", "wb") as keyfd:
        keyfd.write(pem)
else:
    logging.info("Loading account key")
    with open("data/account.key.pem", "rb") as keyfd:
        private_key = serialization.load_pem_private_key(
            keyfd.read(),
            password=None,
            backend=default_backend()
            )

if not os.path.exists("data/registration.json"):
    logging.info("registering")
    acmeclient = client.Client(constants.DIRECTORY_URL, jose.JWKRSA(key=private_key))
    registration = messages.NewRegistration(contact=constants.CONTACT)
    registration = acmeclient.register(registration)
    registration = acmeclient.agree_to_tos(registration)

    with open("data/registration.json", "wb") as regfd:
        regfd.write(registration.json_dumps_pretty())