use std::error::Error;
use std::io::{Cursor, ErrorKind};

use rustls::{Certificate, PrivateKey};
use rustls_pemfile::{read_one, Item};

/// Parse PEM certificates bytes into a [`rustls::Certificate`] structure
pub fn parse_pem_certificates(certs: &[u8]) -> Result<Vec<Certificate>, Box<dyn Error>> {
    Ok(rustls_pemfile::certs(&mut Cursor::new(certs))?
        .into_iter()
        .map(Certificate)
        .collect())
}

/// Parse PEM private key bytes into a [`rustls::PrivateKey`] structure
pub fn parse_pem_private_key(privkey: &[u8]) -> Result<PrivateKey, Box<dyn Error>> {
    let key = match read_one(&mut Cursor::new(privkey))? {
        None => {
            Err(std::io::Error::new(
                ErrorKind::Other,
                "Failed to extract private key!",
            ))?;
            unreachable!()
        }
        Some(Item::PKCS8Key(key)) => key,
        Some(Item::RSAKey(key)) => key,
        _ => {
            Err(std::io::Error::new(
                ErrorKind::Other,
                "Unsupported private key type!",
            ))?;
            unreachable!();
        }
    };

    Ok(PrivateKey(key))
}