package main

import (
	"crypto/rsa"
	encrypt "fckeuspy-go/lib"
	"html/template"
	"log"
	"net/http"
)

var (
	priv    *rsa.PrivateKey
	pubPEM  []byte
	certPEM []byte // self-signed cert jen pro sdílení identity (volitelné)
	tmpl    *template.Template

	privPath = "identity_key.pem"
	pubPath  = "public.pem"
	certPath = "identity.crt"
)

type envelope struct {
	// Encrypted AES key, Nonce, Ciphertext (GCM)
	EK string `json:"ek"` // base64(RSA-OAEP(aesKey))
	N  string `json:"n"`  // base64(nonce 12B)
	CT string `json:"ct"` // base64(GCM(ciphertext||tag))
}

func main() {
	var err error
	// 1) načti nebo vygeneruj klíče
	priv, pubPEM, certPEM, err = encrypt.LoadOrGenerateKeys(privPath, pubPath, certPath)
	if err != nil {
		log.Fatal(err)
	}

	// 2) šablony
	tmpl = template.Must(template.ParseGlob("templates/*.html"))

	muxServer := NewServer()
	log.Fatal(http.ListenAndServe(":8080", muxServer))
}