package db

import (
	"git.tcp.direct/kayos/chestnut"
	"git.tcp.direct/kayos/chestnut/encryptor/aes"
	"git.tcp.direct/kayos/chestnut/encryptor/crypto"
	"git.tcp.direct/kayos/chestnut/log"
	"git.tcp.direct/kayos/chestnut/storage/bitcask"
	"github.com/awnumar/memguard"

	"git.tcp.direct/tcp.direct/IR5EC/config"
)

var Store *chestnut.Chestnut
var enclave *memguard.Enclave

func getSecret(Secret crypto.Secret) []byte {
	o, err := enclave.Open()
	if err != nil {
		log.Log.Error(err)
	}
	o.RLock()
	defer o.RUnlock()
	return o.Bytes()
}

func Initialize(path string) {
	enclave = memguard.NewEnclave([]byte(config.Opt.StorePassword))
	Store = chestnut.NewChestnut(
		bitcask.NewStore(path),
		chestnut.WithZerologLogger(log.DebugLevel),
		chestnut.WithAES(
			crypto.Key256, aes.CFB,
			crypto.NewSecureSecret("main", getSecret),
		),
		chestnut.OverwritesForbidden(),
	)
}