use gpgme::{Context, Key, Data};
use std::path::Path;
use std::fs::File;
use std::io::BufReader; 


pub enum ScanResult {
    Trusted,
    Unsigned,
    Untrusted 
}

pub trait OpenPGPOpertaions {
    fn get_trusted_keys(&self, keys: &[Key]) -> Vec<Key>;
    fn check_sign(&self, sig_path: &Path, context: &Context, file: &Path) -> Result<ScanResult, gpgme::Error>;
}

impl OpenPGPOpertaions for Key {
    fn get_trusted_keys(&self, keys: &[Key]) -> Vec<Key> {
        let mut trusted_keys = Vec::new();
        for key in keys {
            if key.can_encrypt() || key.can_sign() {
                trusted_keys.push(key.clone());
            }
        }
        trusted_keys
    }
    fn check_sign(&self, sig_path: &Path, context: &Context, file: &Path) -> Result<ScanResult, gpgme::Error> {
        let mut ctx = Context::from_protocol(gpgme::Protocol::OpenPgp)?;

        let file_reader = BufReader::new(File::open(file)?);
        let sig_reader = BufReader::new(File::open(sig_path)?);
        let sig_data = Data::from_reader(sig_reader).map_err(|e| gpgme::Error::from(std::io::Error::other(e)))?; 
        let file_data = Data::from_reader(file_reader).map_err(|e| gpgme::Error::from(std::io::Error::other(e)))?;

        let result = ctx.verify_detached(sig_data, file_data);   

        if result.is_ok() {
            Ok(ScanResult::Trusted)
        } else {
            Ok(ScanResult::Unsigned)
        }
    }

}