package encrypt

import (
	"crypto/aes"
	"crypto/hmac"
	"crypto/sha1"
	"errors"
)

//AesEncryptECBSha1prng java AES 加密 SHA1PRNG
func AesEncryptECBSha1prng(src []byte, key []byte) ([]byte, error) {
	sha1prngKey, err := GetSha1prngKey(key, 128)
	if err != nil {
		return nil, err
	}

	return AesEncryptECB(src, sha1prngKey), nil
}

//AesDecryptECBSha1prng java AES 解密 SHA1PRNG
func AesDecryptECBSha1prng(encrypted []byte, key []byte) ([]byte, error) {
	sha1prngKey, err := GetSha1prngKey(key, 128)
	if err != nil {
		return nil, err
	}

	return AesDecryptECB(encrypted, sha1prngKey), nil
}

//AesEncryptECB AES-128-ECB 加密，（php:openssl_encrypt($string, 'AES-128-ECB', $key, OPENSSL_RAW_DATA)）
func AesEncryptECB(src []byte, key []byte) []byte {
	c, _ := aes.NewCipher(generateKey(key))
	length := (len(src) + aes.BlockSize) / aes.BlockSize
	plain := make([]byte, length*aes.BlockSize)
	copy(plain, src)
	pad := byte(len(plain) - len(src))
	for i := len(src); i < len(plain); i++ {
		plain[i] = pad
	}
	encrypted := make([]byte, len(plain))
	// 分组分块加密
	for bs, be := 0, c.BlockSize(); bs <= len(src); bs, be = bs+c.BlockSize(), be+c.BlockSize() {
		c.Encrypt(encrypted[bs:be], plain[bs:be])
	}

	return encrypted
}

//AesDecryptECB AES-128-ECB 解密
func AesDecryptECB(encrypted []byte, key []byte) []byte {
	c, _ := aes.NewCipher(generateKey(key))
	decrypted := make([]byte, len(encrypted))

	for bs, be := 0, c.BlockSize(); bs < len(encrypted); bs, be = bs+c.BlockSize(), be+c.BlockSize() {
		c.Decrypt(decrypted[bs:be], encrypted[bs:be])
	}

	trim := 0
	if len(decrypted) > 0 {
		trim = len(decrypted) - int(decrypted[len(decrypted)-1])
	}

	return decrypted[:trim]
}

// GetSha1prngKey 模拟 java SHA1PRNG 处理，（php:substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true), 0, 16)）
func GetSha1prngKey(keyBytes []byte, encryptLength int) ([]byte, error) {
	hashs := Sha1(Sha1(keyBytes))
	maxLen := len(hashs)
	realLen := encryptLength / 8
	if realLen > maxLen {
		return nil, errors.New("invalid length")
	}

	return hashs[0:realLen], nil
}

//Sha1 Sha1
func Sha1(data []byte) []byte {
	h := sha1.New()
	h.Write(data)
	return h.Sum(nil)
}

// HmacSha1 HmacSha1
func HmacSha1(string, secret string) []byte {
	mac := hmac.New(sha1.New, []byte(secret))
	mac.Write([]byte(string))

	return mac.Sum(nil)
}

func generateKey(key []byte) (genKey []byte) {
	genKey = make([]byte, 16)
	copy(genKey, key)
	for i := 16; i < len(key); {
		for j := 0; j < 16 && i < len(key); j, i = j+1, i+1 {
			genKey[j] ^= key[i]
		}
	}
	return genKey
}