# gpg_api.py

from flask import Flask, request, jsonify, send_file
import subprocess
import tempfile
import os
from werkzeug.utils import secure_filename

app = Flask(__name__)
UPLOAD_DIR = "/tmp/gpg_files"
os.makedirs(UPLOAD_DIR, exist_ok=True)

@app.route("/api/setup/gnupg", methods=["GET"])
def setup_gnupg():
    try:
        subprocess.run(["gpg", "--version"], check=True)
        return jsonify({"status": "GnuPG is already installed"})
    except Exception:
        subprocess.run(["apt", "update"], check=True)
        subprocess.run(["apt", "install", "-y", "gnupg"], check=True)
        return jsonify({"status": "GnuPG installed"})

@app.route("/api/generate-key", methods=["POST"])
def generate_key():
    data = request.json
    name = data['name']
    email = data['email']
    comment = data.get('comment', '')
    passphrase = data['passphrase']

    key_input = f"""
    %echo Generating GPG Key
    Key-Type: RSA
    Key-Length: 4096
    Name-Real: {name}
    Name-Email: {email}
    Name-Comment: {comment}
    Expire-Date: 0
    Passphrase: {passphrase}
    %commit
    %echo Done
    """

    with tempfile.NamedTemporaryFile(mode='w+', delete=False) as f:
        f.write(key_input)
        keyfile_path = f.name

    try:
        subprocess.run(["gpg", "--batch", "--generate-key", keyfile_path], check=True)
        return jsonify({"status": "Key generated successfully"})
    except subprocess.CalledProcessError as e:
        return jsonify({"error": "Key generation failed", "details": str(e)}), 500
    finally:
        os.remove(keyfile_path)

@app.route("/api/download/public-key", methods=["GET"])
def export_key():
    email = request.args.get('email')
    filename = os.path.join(UPLOAD_DIR, f"{secure_filename(email)}_public.asc")
    try:
        subprocess.run(["gpg", "--armor", "--output", filename, "--export", email], check=True)
        return send_file(filename, as_attachment=True)
    except Exception as e:
        return jsonify({"error": "Export failed", "details": str(e)}), 500

@app.route("/api/upload-decrypt", methods=["POST"])
def upload_and_decrypt():
    if 'file' not in request.files:
        return jsonify({"error": "Missing file"}), 400
    file = request.files['file']
    passphrase = request.form.get('passphrase')

    filename = secure_filename(file.filename)
    gpg_path = os.path.join(UPLOAD_DIR, filename)
    output_path = os.path.join(UPLOAD_DIR, f"decrypted_{filename[:-4]}.zip")
    file.save(gpg_path)

    try:
        subprocess.run([
            "gpg", "--batch", "--yes",
            "--passphrase", passphrase,
            "--output", output_path,
            "--decrypt", gpg_path
        ], check=True)
        return send_file(output_path, as_attachment=True)
    except subprocess.CalledProcessError as e:
        return jsonify({"error": "Decryption failed", "details": str(e)}), 500

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=8080, debug=True)