package auth

import (
	logger "eta/eta_mini_ht_api/common/component/log"
	"strings"
)

func Encrypt(plaintext []byte) (encrypted string, err error) {
	aesKey, err := GenerateAESKey()
	if err != nil {
		logger.Error("生成AES密钥失败", err)
		return
	}
	//数据加密
	encryptData, err := EncryptWithAES(aesKey, plaintext)
	if err != nil {
		logger.Error("ASE加密数据失败", err)
		return
	}
	publicKey, err := ParsePublicKeyFromPEM()
	if err != nil {
		logger.Error("解析公钥失败", err)
		return
	}
	EncryptAesKey, err := EncryptWithRSA(publicKey, aesKey)
	encrypted = string(encryptData) + "|" + string(EncryptAesKey)
	return
}

func Decrypt(ciphertext string) (decrypted []byte, err error) {
	strParts := strings.Split(ciphertext, "|")
	privateKey, err := ParsePrivateKeyFromPEM()
	if err != nil {
		logger.Error("解析私钥失败", err)
		return
	}
	aesKey, err := DecryptWithRSA(privateKey, strParts[1])
	if err != nil {
		logger.Error("RSA解密AES秘钥失败", err)
		return
	}
	decrypted, err = DecryptWithAES(aesKey, []byte(strParts[0]))
	if err != nil {
		logger.Error("AES解密数据失败", err)
	}
	return
}