find_program(SSL openssl)
find_program(PYTHON python3)

# generate a keypair
add_custom_command(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/keypair.pem"
    COMMAND ${SSL} genrsa -out "${CMAKE_CURRENT_BINARY_DIR}/keypair.pem" 4096)

# export public key
add_custom_command(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/pubkey.pem"
    DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/keypair.pem"
    COMMAND ${SSL} rsa -in "${CMAKE_CURRENT_BINARY_DIR}/keypair.pem" -pubout -out "${CMAKE_CURRENT_BINARY_DIR}/pubkey.pem")

# turn the public key into a header
add_custom_command(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/publicKey.h"
    DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/pubkey.pem"
    COMMAND ${PYTHON} "${CMAKE_CURRENT_SOURCE_DIR}/ssl-keygen.py"
      --private "${CMAKE_CURRENT_BINARY_DIR}/keypair.pem"
      --public "${CMAKE_CURRENT_BINARY_DIR}/pubkey.pem"
      --output "${CMAKE_CURRENT_BINARY_DIR}/publicKey.h" --array-name=publicKey_pem)

add_library(pluginloader STATIC pluginloader.h pluginloader.cpp "${CMAKE_CURRENT_BINARY_DIR}/publicKey.h")
target_link_libraries(pluginloader PUBLIC OpenSSL::SSL Qt5::Core)
target_include_directories(pluginloader PUBLIC . PRIVATE "${CMAKE_CURRENT_BINARY_DIR}")

## Testing
# sigmatch
add_executable(pluginloader_sigmatch test/pluginloader-sigmatch.cpp)
target_link_libraries(pluginloader_sigmatch PRIVATE pluginloader Catch2::Catch2 fmt)
#target_sanitize(pluginloader_sigmatch)

# load
add_executable(pluginloader_load test/pluginloader-load.cpp)
target_link_libraries(pluginloader_load PRIVATE pluginloader Catch2::Catch2 fmt)
target_sanitize(pluginloader_load)

# generate a random file and properly sign it
add_test(NAME good.dat COMMAND ${PYTHON} ${CMAKE_CURRENT_SOURCE_DIR}/write-random.py --output=good.dat)
add_test(NAME good.dat.sig COMMAND ${SSL} dgst -sha256 -sign=keypair.pem -out=good.dat.sig good.dat)
set_tests_properties(good.dat.sig PROPERTIES DEPENDS good.dat)
# generate a random file and improperly sign it
add_test(NAME bad.dat COMMAND ${PYTHON} ${CMAKE_CURRENT_SOURCE_DIR}/write-random.py --output=bad.dat)
add_test(NAME bad.dat.sig COMMAND ${PYTHON} ${CMAKE_CURRENT_SOURCE_DIR}/write-random.py --output=bad.dat.sig)
# generate a random file and don't sign it
add_test(NAME none.dat COMMAND ${PYTHON} ${CMAKE_CURRENT_SOURCE_DIR}/write-random.py --output=none.dat)

add_test(NAME pluginloader_sigmatch COMMAND pluginloader_sigmatch)
set_tests_properties(pluginloader_sigmatch PROPERTIES
    DEPENDS "good.dat;good.dat.sig;bad.dat;bad.dat.sig;none.dat"
    REQUIRED_FILES "good.dat;good.dat.sig;bad.dat;bad.dat.sig;none.dat"
    ENVIRONMENT "SIGNEDFILE=${CMAKE_CURRENT_BINARY_DIR}/good.dat;UNSIGNEDFILE=${CMAKE_CURRENT_BINARY_DIR}/none.dat;BADSIGNEDFILE=${CMAKE_CURRENT_BINARY_DIR}/bad.dat")

# make sure this fails when no plugin or an invalid file is passed
#test('load', poi_plugin_loader, suite: 'pluginloader', should_fail: true)
#test('load', poi_plugin_loader, suite: 'pluginloader', args: files('meson.build'), should_fail: true)