package rpc

import (
	"context"
	"crypto"
	"crypto/rsa"
	"crypto/sha256"
	"crypto/x509"
	"encoding/base64"
	"encoding/pem"
	"eta/eta_bridge/global"
	"google.golang.org/grpc"
	"os"
)

type encryptedRequest struct {
	Message   interface{} `json:"ciphertext"`
	Nonce     string      `json:"nonce"`     // 添加随机字符串
	Timestamp int64       `json:"timestamp"` // 添加时间戳
}

// 签名验证拦截器
func SignatureInterceptor(ctx context.Context, req interface{}, _ *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {

	return handler(ctx, req)
}

// 验证签名
func verifySignature(message []byte, signature string, publicKey *rsa.PublicKey) bool {
	hash := sha256.Sum256(message)
	signatureBytes, err := base64.StdEncoding.DecodeString(signature)
	if err != nil {
		return false
	}
	err = rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, hash[:], signatureBytes)
	return err == nil
}

func parsePublicKeyFromPEM() (pubKey *rsa.PublicKey, err error) {
	pemBlock, err := os.ReadFile("./config/rsa_public_key.pem")
	block, _ := pem.Decode(pemBlock)
	if block == nil {
		global.LOG.Error("公钥解析失败")
	}
	pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
	pubKey, ok := pubInterface.(*rsa.PublicKey)
	if !ok {
		global.LOG.Error("公钥解析失败")
	}
	if err != nil {
		return nil, err
	}
	return
}