import crypto from "crypto";
import { getConfig } from "blitz";

const { serverRuntimeConfig } = getConfig();

const IV_LENGTH = 16;
const ALGORITHM = "aes-256-cbc";

export function encrypt(text: string, encryptionKey: Buffer | string) {
	const encryptionKeyAsBuffer = Buffer.isBuffer(encryptionKey) ? encryptionKey : Buffer.from(encryptionKey, "hex");
	const iv = crypto.randomBytes(IV_LENGTH);
	const cipher = crypto.createCipheriv(ALGORITHM, encryptionKeyAsBuffer, iv);
	const encrypted = cipher.update(text);
	const encryptedBuffer = Buffer.concat([encrypted, cipher.final()]);

	return `${iv.toString("hex")}:${encryptedBuffer.toString("hex")}`;
}

export function decrypt(encryptedHexText: string, encryptionKey: Buffer | string) {
	const encryptionKeyAsBuffer = Buffer.isBuffer(encryptionKey) ? encryptionKey : Buffer.from(encryptionKey, "hex");
	const [hexIv, hexText] = encryptedHexText.split(":");
	const iv = Buffer.from(hexIv!, "hex");
	const encryptedText = Buffer.from(hexText!, "hex");
	const decipher = crypto.createDecipheriv(ALGORITHM, encryptionKeyAsBuffer, iv);
	const decrypted = decipher.update(encryptedText);
	const decryptedBuffer = Buffer.concat([decrypted, decipher.final()]);

	return decryptedBuffer.toString();
}

export function computeEncryptionKey(userIdentifier: string) {
	return crypto.scryptSync(userIdentifier, serverRuntimeConfig.masterEncryptionKey, 32);
}