# shellcheck shell=dash

___x_cmd_hub_keypair_save(){
    local X_help_cmd='___x_cmd_hub___help keypair save'
    help:arg:parse

    local x_=; ___x_cmd_hub_keypair___keypath_ "$___X_CMD_HUB_KEYPAIR_NAME" private || return 1
    local prikey_path="$x_"
    x_=; ___x_cmd_hub_keypair___keypath_ "$___X_CMD_HUB_KEYPAIR_NAME" public || return 1
    local pubkey_path="$x_"

    if [ ! -f "$pubkey_path" ] || [ ! -f "$prikey_path" ] ; then
        hub:error "Key not exists, $pubkey_path or $prikey_path"
        return 1
    fi

    hub:info "Please input password for encrypt private key"
    local password1=; local password2=
    while true ; do
        if ! ___x_cmd_runmode_allow_manual ; then
            hub:error "Password required, but not in interactive tty"
            return 1
        fi

        ___X_CMD_TUI_FORM_FINAL_COMMAND=""
        ___x_cmd tui form \
            password1      "Password"           ""  '=~*'  '^.*$' -- \
            password2      "Password (again)"   ""  '=~*'  '^.*$' || return 1
        [ -n "$___X_CMD_TUI_FORM_FINAL_COMMAND" ] || {
            hub:info "Canceled"
            return 1
        }
        [ "$password1" != "$password2" ] || break
        hub:error "Password not match, please try again"
    done


    local private_key_enc_base64_path="$prikey_path.enc.base64"
    ___x_cmd openssl enc -aes-256-cbc -salt -in "$prikey_path" -out - -pbkdf2 -pass pass:"$password1" \
        | ___x_cmd openssl enc -A -base64 > "$private_key_enc_base64_path"
    hub:debug "Encrypted private key => $private_key_enc_base64_path"

    local resp=;
    resp="$(___x_cmd_hub_u_curl post "/api/v0/key?type=private&name=${___X_CMD_HUB_KEYPAIR_NAME}" -F "file=@$private_key_enc_base64_path" )" || {
        ___x_cmd_hub_u_handle_resp false "Failed to put private key"
        return 1
    }

    resp="$(___x_cmd_hub_u_curl post "/api/v0/key?type=public&name=${___X_CMD_HUB_KEYPAIR_NAME}" -F "file=@$pubkey_path" )" || {
        ___x_cmd_hub_u_handle_resp false "Failed to put public key"
        return 1
    }

    hub:info "Key saved"
}
