require 'sshkey'
require 'openssl'
require 'base64'

module Railsonfire
  module Helper
    module Keys
      def create_ssh_key
        SSHKey.generate()
      end


      def create_keys key
        {}.tap do |keys|
          cipher_data = create_encryption_cipher
          keys[:cipher_iv] = encode(encrypt(cipher_data[:iv]))
          keys[:cipher_key] = encode(encrypt(cipher_data[:key]))
          keys[:public_key] = key.ssh_public_key
          keys[:private_key] = encode(encrypt_symmetrically key.rsa_private_key, cipher_data[:cipher])
        end
      end

      private
      def create_encryption_cipher
        cipher = OpenSSL::Cipher.new("AES256")
        cipher.encrypt
        iv = cipher.random_iv
        key = cipher.random_key
        {:cipher => cipher, :iv => iv, :key => key}
      end

      def encrypt content
        rsa_key = OpenSSL::PKey::RSA.new(ENV["public-key"])
        rsa_key.public_encrypt(content)
      end

      def encrypt_symmetrically content, cipher
        ciphertext = cipher.update(content)
        ciphertext << cipher.final
        ciphertext
      end

      def encode content
        Base64.encode64 content
      end
    end
  end
end