package main

import (
	yara "github.com/hillu/go-yara"
	"io/ioutil"
	"os"
	"fmt"
)

func main() {
	//rule := "rule test : tag1 { meta: author = \"Matt Blewitt\" strings: $a = \"abc\" fullword condition: $a }"
	rule := `rule test
	{
	meta:
		date = "2021-07-26"
		description = "this is a test"
        tag = "test"
	strings:
		$dev = "xiaomi" nocase
	condition:
		$dev
	}`
	compiler, err := yara.NewCompiler()
	if compiler == nil || err != nil {
		return
	}
	if err = compiler.AddString(rule, ""); err != nil {
		return
	}
	rules, err := compiler.GetRules()
	if err != nil {
		return
	}
	s, err := yara.NewScanner(rules)
	if err != nil {
		return
	}
	testFile, _ := ioutil.TempFile("", "TestFile")
	defer os.Remove(testFile.Name())
	testFile.Write([]byte("xiaomi10"))
	testFile.Close()
	var matchRules yara.MatchRules
	if err := s.SetCallback(&matchRules).ScanFile(testFile.Name()); err != nil {
		return
	} else if len(matchRules) != 1 {
		return
	}
	fmt.Printf("Matches: %+v", matchRules)
}