package pgp

import (
	"bytes"
	_ "crypto/sha256"
	"errors"
	"fmt"
	"io/ioutil"

	"golang.org/x/crypto/openpgp"
	"golang.org/x/crypto/openpgp/armor"
	_ "golang.org/x/crypto/ripemd160"
)

func Decrypt(entity *openpgp.Entity, encrypted []byte) ([]byte, error) {
	// Decode message
	block, err := armor.Decode(bytes.NewReader(encrypted))
	if err != nil {
		return []byte{}, fmt.Errorf("error decoding: %v", err)
	}
	if block.Type != "PGP MESSAGE" {
		return []byte{}, errors.New("invalid message type")
	}

	// Decrypt message
	entityList := openpgp.EntityList{entity}
	messageReader, err := openpgp.ReadMessage(block.Body, entityList, nil, nil)
	if err != nil {
		return []byte{}, fmt.Errorf("error reading message: %v", err)
	}
	var read []byte
	read, err = ioutil.ReadAll(messageReader.UnverifiedBody)
	if err != nil {
		return []byte{}, fmt.Errorf("error reading unverified body: %v", err)
	}

	// Return output - an unencrypted, and uncompressed message
	return read, nil
}