"use strict";

import { once } from 'events';

import log from '../io/NamespacedLog.mjs'; const l = log("rekey");
import jpake from 'jpake';

export default async function rekey(connection, secret_join) {
	// 0: Setup jpake
	let jpake_inst = new jpake.JPake(secret_join);
	
	// 1: Round 1
	connection.send("rekey", { round: 1, content: jpake_inst.GetRound1Message() });
	
	// 2: Round 2
	
	const their_round1 = (await once(connection, "message-rekey"))[0];
	l.debug(`THEIR_ROUND1`, their_round1);
	
	if(typeof their_round1 !== "object"
		|| their_round1.round !== 1
		|| typeof their_round1.content !== "string")
		throw new Error(`Error: Received invalid round 1 from peer`);
	
	l.debug(`REKEY GOT ROUND 1`);
	
	const our_round2 = jpake_inst.GetRound2Message(their_round1.content);
	if(typeof our_round2 !== "string") throw new Error(`Error: Failed to compute rekey round 2`);
	
	
	connection.send("rekey", { round: 2, content: our_round2 });
	
	// 3: Compute new shared key
	const their_round2 = (await once(connection, "message-rekey"))[0];
		
	if(typeof their_round2 !== "object"
		|| their_round2.round !== 2
		|| typeof their_round2.content !== "string")
		throw new Error(`Error: Received invalid round 2 from peer`);
		
	l.debug(`REKEY GOT ROUND 2`);
	
	const new_shared_key = jpake_inst.ComputeSharedKey(their_round2.content);
	if(typeof new_shared_key !== "string") 
		throw new Error(`Error: Failed to compute shared key`);
	
	l.debug(`REKEY COMPLETE`);
	
	return Buffer.from(new_shared_key, "hex");
	
	// let data_bytes = response[0].toString("base64");
	// 
	// const cert_theirs = decrypt(secret_join, data_bytes.toString("base64"));
	// if(cert_theirs === null) {
	// 	socket.destroy();
	// 	return null;
	// }
	// console.log(`STARTTLS cert_theirs`, cert_theirs);
}