# frozen_string_literal: true
require 'json'
require 'openssl'

module NoradBeacon
  class Result
    attr_reader :nid, :sir, :status, :output, :title, :description, :signature

    # I'm making both of these values constants to reinforce the idea that these values should
    # *never* change. If they do, all ignore rules in the Norad database we'll be invalidated.
    SIGNATURE_DIGEST = OpenSSL::Digest.new('sha256')
    SIGNATURE_KEY = 'n0r4dRULES'

    # rubocop:disable ParameterLists
    def initialize(nid, status, output, title, description, sir = 'unevaluated')
      @nid = nid
      @sir = cvss_to_sir(sir)
      @status = status
      @output = output
      @title = title
      @description = description
      @signature = compute_signature
    end
    # rubocop:enable ParameterLists

    def to_json(*a)
      {
        nid: nid,
        sir: sir,
        status: status,
        output: output,
        title: title,
        description: description,
        signature: signature
      }.to_json(*a)
    end

    private

    def cvss_to_sir(sir)
      return sir if sir !~ /\A\d+\.?\d*\z/
      case sir.to_f
      when 0.0..3.9 then return 'low'
      when 4.0..6.9 then return 'medium'
      when 7.0..8.9 then return 'high'
      when 9.0..10.0 then return 'critical'
      else
        return 'unevaluated'
      end
    end

    def compute_signature
      result_for_signature = nid.to_s + title.to_s + status.to_s
      OpenSSL::HMAC.hexdigest(SIGNATURE_DIGEST, SIGNATURE_KEY, result_for_signature)
    end
  end
end