module Sodium

# BinaryBuilder builder has dozen of dependencies, it's extremely complex and
# does nothing more than guix.
const lib = "libsodium.so"

# crypto_pwhash_str is 2x fast if sodium has been initalized
# So remember to init it before using crypto functions
"""Starts libsodium. Makes crypto_pwhash functions fasters,
so you need to call it.

Returns true if success, false else"""
sodium_init() = if ccall((:sodium_init,lib),Int,()) != -1
    @info "Sodium initialized"
else
    @error "Could not init libsodium"
end

const crypto_pwhash_STRBYTES = Ref(Csize_t(0))
const crypto_pwhash_OPSLIMIT_INTERACTIVE = Ref(Csize_t(0))
const crypto_pwhash_OPSLIMIT_MODERATE = Ref(Csize_t(0))
const crypto_pwhash_OPSLIMIT_SENSITIVE = Ref(Csize_t(0))
const crypto_pwhash_MEMLIMIT_INTERACTIVE = Ref(Csize_t(0))
const crypto_pwhash_MEMLIMIT_MODERATE = Ref(Csize_t(0))
const crypto_pwhash_MEMLIMIT_SENSITIVE = Ref(Csize_t(0))

function __init__()
    sodium_init()
    crypto_pwhash_STRBYTES[] = ccall((:crypto_pwhash_strbytes,lib),Csize_t,())

    crypto_pwhash_OPSLIMIT_INTERACTIVE[] =
        ccall((:crypto_pwhash_opslimit_interactive,lib),Csize_t,())
    crypto_pwhash_MEMLIMIT_INTERACTIVE[] =
        ccall((:crypto_pwhash_memlimit_interactive,lib),Csize_t,())

    crypto_pwhash_OPSLIMIT_MODERATE[] =
        ccall((:crypto_pwhash_opslimit_moderate,lib),Csize_t,())
    crypto_pwhash_MEMLIMIT_MODERATE[] =
        ccall((:crypto_pwhash_memlimit_moderate,lib),Csize_t,())

    crypto_pwhash_OPSLIMIT_SENSITIVE[] =
        ccall((:crypto_pwhash_opslimit_sensitive,lib),Csize_t,())
    crypto_pwhash_MEMLIMIT_SENSITIVE[] =
        ccall((:crypto_pwhash_memlimit_sensitive,lib),Csize_t,())
end

"See the libsodium documentation for info"
function crypto_pwhash_str(password::AbstractString,
                           opslimit = crypto_pwhash_OPSLIMIT_SENSITIVE[],
                           memlimit = crypto_pwhash_MEMLIMIT_SENSITIVE[])
    hashed = zeros(UInt8, crypto_pwhash_STRBYTES[])
    if ccall((:crypto_pwhash_str, lib), Int,
             (Ref{UInt8}, Cstring, Int, Csize_t, Csize_t),
             hashed, password, length(password), opslimit, memlimit) == 0
        let s = String(hashed)
            return s[1:(findfirst('\0', s)-1)]
        end
    else
        @error "OOM error"
    end
end

"See the libsodium documentation for info"
function crypto_pwhash_str_verify(password::String, hashed::String)
    ccall((:crypto_pwhash_str_verify, lib), Int,
          (Cstring, Cstring, Int),
          hashed, password, length(password)) == 0
end

"returns an unpredictable value between 0 and 0xffffffff (included)"
randombyte() = ccall((:randombytes_random, lib), UInt32, ())

export sodium_init, crypto_pwhash_str, crypto_pwhash_str_verify, randombyte

end # module