import sys as _sys
import argparse as _argparse

import helpers.string as _string
import helpers.certinfo as _certinfo


def main():
	## args
	argument_parser = _argparse.ArgumentParser(
		prog = "tls-verify",
		description = "compares the fingerprints of a TLS certificate on the machine with the one delivered through the internet for a given domain",
	)
	argument_parser.add_argument(
		"domain",
		type = str,
		metavar = "<domain>",
	)
	argument_parser.add_argument(
		"-d",
		"--cert-directory",
		type = str,
		default = "/etc/ssl/fullchains",
		metavar = "<cert-directory>",
	)
	argument_parser.add_argument(
		"-e",
		"--file-extension",
		type = str,
		default = "pem",
		metavar = "<file-extension>",
	)
	args = argument_parser.parse_args()
	
	## exec
	fingerprint_shall = _certinfo.extract_fingerprint(
		_certinfo.get_certificate_info_from_file(
			_string.coin(
				"{{directory}}/{{domain}}.{{extension}}",
				{
					"directory": args.cert_directory,
					"domain": args.domain,
					"extension": args.file_extension
				}
			)
		)
	)
	fingerprint_is = _certinfo.extract_fingerprint(
		_certinfo.get_certificate_info_from_internet(
			args.domain
		)
	)
	if (fingerprint_shall == fingerprint_is):
		_sys.stdout.write("ok\n")
		_sys.exit(0)
	else:
		_sys.stderr.write("!MISMATCH!\n")
		_sys.stderr.write("[shall] %s\n" % fingerprint_shall)
		_sys.stderr.write("[is   ] %s\n" % fingerprint_is)
		_sys.exit(1)