using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;

namespace Masuit.Tools.Security;

/// <summary>
/// RSA加密解密及RSA签名和验证
/// </summary>
public static class RsaCrypt
{
    private static RsaKey RsaKey;

    #region RSA 加密解密

    #region RSA 的密钥产生

    /// <summary>
    /// 生成 RSA 公钥和私钥
    /// </summary>
    /// <param name="type">密钥类型</param>
    /// <param name="length">密钥长度</param>
    /// <returns></returns>
    public static RsaKey GenerateRsaKeys(RsaKeyType type = RsaKeyType.PKCS8, int length = 1024)
    {
        var rsa = new RSA(length);
        return type switch
        {
            RsaKeyType.PKCS1 => RsaKey ??= new RsaKey
            {
                PrivateKey = rsa.ToPEM_PKCS1(),
                PublicKey = rsa.ToPEM_PKCS1(true)
            },
            RsaKeyType.PKCS8 => RsaKey ??= new RsaKey
            {
                PrivateKey = rsa.ToPEM_PKCS8(),
                PublicKey = rsa.ToPEM_PKCS8(true)
            },
            RsaKeyType.XML => RsaKey ??= new RsaKey
            {
                PrivateKey = rsa.ToXML(),
                PublicKey = rsa.ToXML(true)
            },
            _ => throw new ArgumentOutOfRangeException(nameof(type), type, null)
        };
    }

    #endregion RSA 的密钥产生

    #region RSA的加密函数

    /// <summary>
    /// RSA的加密函数 string
    /// </summary>
    /// <param name="publicKey">公钥</param>
    /// <param name="value">需要加密的字符串</param>
    /// <returns>加密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSAEncrypt(this string value, string publicKey)
    {
        var rsa = new RSA(publicKey);
        return rsa.Encrypt(value);
    }

    /// <summary>
    /// RSA的加密函数 string
    /// </summary>
    /// <param name="value">需要加密的字符串</param>
    /// <returns>加密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSAEncrypt(this string value)
    {
        return RSAEncrypt(value, RsaKey.PublicKey);
    }

    /// <summary>
    /// RSA的加密函数 byte[]
    /// </summary>
    /// <param name="data">需要加密的字节数组</param>
    /// <param name="publicKey">公钥</param>
    /// <returns>加密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSAEncrypt(this byte[] data, string publicKey)
    {
        var rsa = new RSA(publicKey);
        return Convert.ToBase64String(rsa.Encrypt(data));
    }

    /// <summary>
    /// RSA的加密函数 byte[]
    /// </summary>
    /// <param name="data">需要加密的字节数组</param>
    /// <returns>加密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSAEncrypt(this byte[] data)
    {
        return RSAEncrypt(data, RsaKey.PublicKey);
    }

    #endregion RSA的加密函数

    #region RSA的解密函数

    /// <summary>
    /// RSA的解密函数  string
    /// </summary>
    /// <param name="value">需要解密的字符串</param>
    /// <param name="privateKey">私钥</param>
    /// <returns>解密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSADecrypt(this string value, string privateKey)
    {
        var rsa = new RSA(privateKey);
        return rsa.DecryptOrNull(value);
    }

    /// <summary>
    /// RSA的解密函数  string
    /// </summary>
    /// <param name="value">需要解密的字符串</param>
    /// <returns>解密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSADecrypt(this string value)
    {
        return RSADecrypt(value, RsaKey.PrivateKey);
    }

    /// <summary>
    /// RSA的解密函数  byte
    /// </summary>
    /// <param name="data">需要解密的字符串</param>
    /// <param name="privateKey">私钥</param>
    /// <returns>解密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSADecrypt(this byte[] data, string privateKey)
    {
        var rsa = new RSA(privateKey);
        return new UnicodeEncoding().GetString(rsa.DecryptOrNull(data));
    }

    /// <summary>
    /// RSA的解密函数  byte
    /// </summary>
    /// <param name="data">需要解密的字符串</param>
    /// <returns>解密后的内容</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    public static string RSADecrypt(this byte[] data)
    {
        return RSADecrypt(data, RsaKey.PrivateKey);
    }

    #endregion RSA的解密函数

    #endregion RSA 加密解密

    #region RSA数字签名

    #region 获取Hash描述表

    /// <summary>
    /// 获取Hash描述表
    /// </summary>
    /// <param name="value">源数据</param>
    /// <returns>Hash描述表</returns>
    public static byte[] GetHashBytes(this string value)
    {
        //从字符串中取得Hash描述
        using var md5 = MD5.Create();
        var buffer = Encoding.UTF8.GetBytes(value);
        return md5.ComputeHash(buffer);
    }

    /// <summary>
    /// 获取Hash描述表
    /// </summary>
    /// <param name="value">源数据</param>
    /// <returns>Hash描述表</returns>
    public static string GetHashString(this string value)
    {
        //从字符串中取得Hash描述
        using var md5 = MD5.Create();
        var buffer = Encoding.UTF8.GetBytes(value);
        var hashData = md5.ComputeHash(buffer);
        return Convert.ToBase64String(hashData);
    }

    /// <summary>
    /// 从文件流获取Hash描述表
    /// </summary>
    /// <param name="file">源文件</param>
    /// <returns>Hash描述表</returns>
    public static byte[] GetHashBytes(this FileStream file)
    {
        //从文件中取得Hash描述
        using var md5 = MD5.Create();
        return md5.ComputeHash(file);
    }

    /// <summary>
    /// 从文件流获取Hash描述表
    /// </summary>
    /// <param name="file">源文件</param>
    /// <returns>Hash描述表</returns>
    public static string GetHashString(this FileStream file)
    {
        //从文件中取得Hash描述
        using var md5 = MD5.Create();
        var hashData = md5.ComputeHash(file);
        return Convert.ToBase64String(hashData);
    }

    #endregion 获取Hash描述表

    #region RSA签名

    /// <summary>
    /// RSA签名
    /// </summary>
    /// <param name="data">签名字节数据</param>
    /// <param name="privateKey">私钥</param>
    /// <param name="halg">hash算法</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static byte[] SignatureBytes(this byte[] data, string privateKey, HashAlgo halg = HashAlgo.MD5)
    {
        var rsa = new RSA(privateKey);
        return rsa.Sign(halg.ToString(), data);
    }

    /// <summary>
    /// RSA签名
    /// </summary>
    /// <param name="data">签名字节数据</param>
    /// <param name="privateKey">私钥</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static string SignatureString(this byte[] data, string privateKey)
    {
        return Convert.ToBase64String(SignatureBytes(data, privateKey));
    }

    /// <summary>
    /// RSA签名
    /// </summary>
    /// <param name="value">签名字符串数据</param>
    /// <param name="privateKey">私钥</param>
    /// <param name="halg">hash算法</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static byte[] SignatureBytes(this string value, string privateKey, HashAlgo halg = HashAlgo.MD5)
    {
        var rsa = new RSA(privateKey);
        return Encoding.UTF32.GetBytes(rsa.Sign(halg.ToString(), value));
    }

    /// <summary>
    /// RSA签名
    /// </summary>
    /// <param name="value">签名字符串数据</param>
    /// <param name="privateKey">私钥</param>
    /// <param name="halg">hash算法</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static string SignatureString(this string value, string privateKey, HashAlgo halg = HashAlgo.MD5)
    {
        var rsa = new RSA(privateKey);
        return rsa.Sign(halg.ToString(), value);
    }

    #endregion RSA签名

    #region RSA 签名验证

    /// <summary>
    /// RSA 签名验证
    /// </summary>
    /// <param name="data">反格式化字节数据</param>
    /// <param name="publicKey">公钥</param>
    /// <param name="sign">哈希字节数据</param>
    /// <param name="halg">hash算法</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static bool SignatureDeformatter(this byte[] data, string publicKey, byte[] sign, HashAlgo halg = HashAlgo.MD5)
    {
        var rsa = new RSA(publicKey);
        return rsa.Verify(halg.ToString(), sign, data);
    }

    /// <summary>
    /// RSA 签名验证
    /// </summary>
    /// <param name="data">反格式化字节数据</param>
    /// <param name="publicKey">公钥</param>
    /// <param name="sign">哈希字符串数据</param>
    /// <param name="halg">hash算法</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static bool SignatureDeformatter(this byte[] data, string publicKey, string sign, HashAlgo halg = HashAlgo.MD5)
    {
        var rsa = new RSA(publicKey);
        return rsa.Verify(halg.ToString(), Convert.FromBase64String(sign), data);
    }

    /// <summary>
    /// RSA 签名验证
    /// </summary>
    /// <param name="value">反格式化字符串数据</param>
    /// <param name="publicKey">公钥</param>
    /// <param name="sign">哈希字节数据</param>
    /// <param name="halg">hash算法</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static bool SignatureDeformatter(this string value, string publicKey, byte[] sign, HashAlgo halg = HashAlgo.MD5)
    {
        var rsa = new RSA(publicKey);
        return rsa.Verify(halg.ToString(), sign, Convert.FromBase64String(value));
    }

    /// <summary>
    /// RSA 签名验证
    /// </summary>
    /// <param name="value">格式字符串数据</param>
    /// <param name="publicKey">公钥</param>
    /// <param name="sign">哈希字符串数据</param>
    /// <param name="halg">hash算法</param>
    /// <returns>处理结果</returns>
    /// <exception cref="CryptographicException">The cryptographic service provider (CSP) cannot be acquired. </exception>
    /// <exception cref="CryptographicUnexpectedOperationException">The key is null.-or- The hash algorithm is null. </exception>
    public static bool SignatureDeformatter(this string value, string publicKey, string sign, HashAlgo halg = HashAlgo.MD5)
    {
        var rsa = new RSA(publicKey);
        return rsa.Verify(halg.ToString(), sign, value);
    }

    #endregion RSA 签名验证

    #endregion RSA数字签名
}