package inspect

import (
	"crypto/x509"
)

// DERCRLInfo attempts to parse a DER-form X.509 CRL and returns information
// about it.
func DERCRLInfo(loc string, der []byte) Info {
	crl, err := x509.ParseRevocationList(der)
	if err != nil {
		return &BadInfo{
			Typ:        TypeX509CRL,
			Loc:        loc,
			Underlying: err,
		}
	}

	return CRLInfo(loc, crl)
}

// CRLInfo returns information about a CRL. Note it holds a reference to the
// crl argument.
func CRLInfo(loc string, crl *x509.RevocationList) *CRL {
	return &CRL{
		Loc: loc,
		CRL: crl,
	}
}

// CRL holds structured information about a CRL. It implements Info.
type CRL struct {
	// Loc is the location the CRL was encountered.
	Loc string

	// CRL is the raw CRL.
	CRL *x509.RevocationList
}

// Type indicates this is a private key.
func (crl *CRL) Type() Type {
	return TypeX509CRL
}

// Location returns the location data stored by PrivateKeyInfo.
func (crl *CRL) Location() string {
	return crl.Loc
}

// Info returns structured information about the prvate key.
func (crl *CRL) Info() []Section {
	return []Section{
		crl.CRLSection(),
		crl.IssuerSection(),
		crl.RevocationSection(),
	}
}

// CRLSection returns metadata about the CRL itself.
func (crl *CRL) CRLSection() Section {
	return Section{
		Title: "Metadata",
		Fields: []Field{
			Field{
				Key:   "Serial number",
				Value: FormatHexBytes(crl.CRL.Number.Bytes()),
			},
			Field{
				Key:   "Valid from",
				Value: crl.CRL.ThisUpdate,
			},
			Field{
				Key:   "Valid until",
				Value: crl.CRL.NextUpdate,
			},
		},
	}
}

func (crl *CRL) IssuerSection() Section {
	f := []Field{
		Field{
			Key:   "Description",
			Value: crl.CRL.Issuer.CommonName,
		},
	}
	f = appendX509DNField(f, crl.CRL.Issuer)
	if len(crl.CRL.AuthorityKeyId) > 0 {
		f = append(f, Field{
			Key:   "Key ID",
			Value: FormatHexBytes(crl.CRL.AuthorityKeyId),
		})
	}
	return Section{
		Title:  "Issuer",
		Fields: f,
	}
}

func (crl *CRL) RevocationSection() Section {
	revoked := make([]string, len(crl.CRL.RevokedCertificates))
	for i := range crl.CRL.RevokedCertificates {
		revoked[i] = FormatHexBytes(crl.CRL.RevokedCertificates[i].SerialNumber.Bytes())
	}

	return Section{
		Title: "Revoked certificates",
		Fields: []Field{
			Field{
				Key:   "Count",
				Value: len(revoked),
			},
			Field{
				Key:   "Revoked",
				Value: revoked,
			},
		},
	}
}