package orchestrator

import (
	"crypto/ed25519"
	"crypto/rand"
	"encoding/pem"
	"fmt"

	"golang.org/x/crypto/ssh"
)

type KeyPair struct {
	PrivateKey string
	PublicKey  string
}

func GenerateEphemeralKey() (*KeyPair, error) {
	pub, priv, err := ed25519.GenerateKey(rand.Reader)
	if err != nil {
		return nil, fmt.Errorf("generate ed25519 key: %w", err)
	}

	sshPub, err := ssh.NewPublicKey(pub)
	if err != nil {
		return nil, fmt.Errorf("ssh public key: %w", err)
	}
	pubStr := string(ssh.MarshalAuthorizedKey(sshPub))

	privBytes, err := ssh.MarshalPrivateKey(priv, "")
	if err != nil {
		return nil, fmt.Errorf("marshal private key: %w", err)
	}
	privStr := string(pem.EncodeToMemory(privBytes))

	return &KeyPair{
		PrivateKey: privStr,
		PublicKey:  pubStr,
	}, nil
}