using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Modes;
using Org.BouncyCastle.Crypto.Paddings;
using Org.BouncyCastle.Crypto.Parameters;
using System;
using System.Security.Cryptography;
using System.Text;

namespace IRaCIS.Core.Infrastructure.Encryption;

public class AesEncryption
{
    // AES 加密（不带 IV）
    public static string Encrypt(string plainText, string key)
    {
        var keyBytes = Encoding.UTF8.GetBytes(key);

        // 使用 AES 引擎 + PKCS7 填充
        var engine = new AesEngine();
        var blockCipher = new PaddedBufferedBlockCipher(engine, new Pkcs7Padding());
        blockCipher.Init(true, new KeyParameter(keyBytes)); // true 表示加密

        var inputBytes = Encoding.UTF8.GetBytes(plainText);
        var encryptedBytes = ProcessCipher(blockCipher, inputBytes);

        // 返回 Base64 编码的加密字符串
        return Convert.ToBase64String(encryptedBytes);
    }

    // AES 解密（不带 IV）
    public static string Decrypt(string encryptedText, string key)
    {
        var keyBytes = Encoding.UTF8.GetBytes(key);
        var cipherBytes = Convert.FromBase64String(encryptedText);

        // 使用 AES 引擎 + PKCS7 填充
        var engine = new AesEngine();
        var blockCipher = new PaddedBufferedBlockCipher(engine, new Pkcs7Padding());
        blockCipher.Init(false, new KeyParameter(keyBytes)); // false 表示解密

        var decryptedBytes = ProcessCipher(blockCipher, cipherBytes);
        return Encoding.UTF8.GetString(decryptedBytes);
    }

    // AES 加密（带 IV）
    /// <summary>
    /// AES 密钥的长度必须是以下之一：128 位（16 字节）192 位（24 字节）256 位（32 字节）
    /// IV must be 16 bytes
    /// </summary>
    /// <param name="plainText"></param>
    /// <param name="key"></param>
    /// <param name="iv"></param>
    /// <returns></returns>
    public static string Encrypt(string plainText, string key, string iv)
    {
        var keyBytes = Encoding.UTF8.GetBytes(key.PadRight(32, '0').Substring(0, 32));
        var ivBytes = Encoding.UTF8.GetBytes(iv.PadRight(16, '0').Substring(0, 16));

        // 使用 AES 引擎 + PKCS7 填充 + CBC 模式
        var engine = new AesEngine();
        var blockCipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(engine), new Pkcs7Padding());
        blockCipher.Init(true, new ParametersWithIV(new KeyParameter(keyBytes), ivBytes)); // true 表示加密

        var inputBytes = Encoding.UTF8.GetBytes(plainText);
        var encryptedBytes = ProcessCipher(blockCipher, inputBytes);

        // 返回 Base64 编码的加密字符串
        return Convert.ToBase64String(encryptedBytes);
    }

    // AES 解密（带 IV）
    public static string Decrypt(string encryptedText, string key, string iv)
    {
        var keyBytes = Encoding.UTF8.GetBytes(key.PadRight(32, '0').Substring(0, 32));
        var ivBytes = Encoding.UTF8.GetBytes(iv.PadRight(16, '0').Substring(0, 16));
        var cipherBytes = Convert.FromBase64String(encryptedText);

        // 使用 AES 引擎 + PKCS7 填充 + CBC 模式
        var engine = new AesEngine();
        var blockCipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(engine), new Pkcs7Padding());
        blockCipher.Init(false, new ParametersWithIV(new KeyParameter(keyBytes), ivBytes)); // false 表示解密

        var decryptedBytes = ProcessCipher(blockCipher, cipherBytes);
        return Encoding.UTF8.GetString(decryptedBytes);
    }

    // 处理加密/解密数据
    private static byte[] ProcessCipher(IBufferedCipher cipher, byte[] input)
    {
        var output = new byte[cipher.GetOutputSize(input.Length)];
        int length = cipher.ProcessBytes(input, 0, input.Length, output, 0);
        length += cipher.DoFinal(output, length);
        Array.Resize(ref output, length); // 调整输出数组大小以适应实际数据长度
        return output;
    }

    public static string DefaultKey = "12345678901234567890123456789012";

    public static string EncryptPartial(string plainText, int unencryptedPrefixLength)
    {
        if (plainText.Length <= unencryptedPrefixLength)
        {
            return Encrypt(plainText, DefaultKey); // 如果文本太短，直接加密
        }

        var prefix = plainText.Substring(0, unencryptedPrefixLength);
        var suffix = plainText.Substring(unencryptedPrefixLength);

        return prefix + Encrypt(suffix, DefaultKey); // 前缀保留，后缀加密
    }

    public static string DecryptPartial(string encryptedText, int unencryptedPrefixLength)
    {
        if (encryptedText.Length <= unencryptedPrefixLength)
        {
            return Decrypt(encryptedText, DefaultKey); // 如果文本太短，直接解密
        }

        var prefix = encryptedText.Substring(0, unencryptedPrefixLength);
        var suffix = encryptedText.Substring(unencryptedPrefixLength);

        return prefix + Decrypt(suffix, DefaultKey); // 前缀保留，后缀解密
    }

    //public static string Encrypt(string plainText)
    //{
    //    using var aes = Aes.Create();
    //    aes.Key = Encoding.UTF8.GetBytes(EncryptionKey);
    //    aes.Mode = CipherMode.ECB; // 根据需要选择加密模式，这里使用 ECB 模式
    //    aes.Padding = PaddingMode.PKCS7;

    //    var encryptor = aes.CreateEncryptor();
    //    var plainBytes = Encoding.UTF8.GetBytes(plainText);
    //    var encryptedBytes = encryptor.TransformFinalBlock(plainBytes, 0, plainBytes.Length);

    //    return Convert.ToBase64String(encryptedBytes);
    //}

    //public static string Decrypt(string encryptedText)
    //{
    //    using var aes = Aes.Create();
    //    aes.Key = Encoding.UTF8.GetBytes(EncryptionKey);
    //    aes.Mode = CipherMode.ECB;
    //    aes.Padding = PaddingMode.PKCS7;

    //    var decryptor = aes.CreateDecryptor();
    //    var encryptedBytes = Convert.FromBase64String(encryptedText);
    //    var decryptedBytes = decryptor.TransformFinalBlock(encryptedBytes, 0, encryptedBytes.Length);

    //    return Encoding.UTF8.GetString(decryptedBytes);
    //}
}