package unionpay

import (
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"encoding/pem"
	"errors"
	"io/ioutil"
)

// RSAEncrypt RSA 加密
func RSAEncrypt(publicKey, src []byte) (data []byte, err error) {
	block, _ := pem.Decode(publicKey)
	if block == nil {
		err = errors.New(`public key error`)
		return
	}
	pubI, e := x509.ParsePKIXPublicKey(block.Bytes)
	if e != nil {
		err = e
		return
	}
	pub := pubI.(*rsa.PublicKey)
	data, err = rsa.EncryptPKCS1v15(rand.Reader, pub, src)
	return
}

// RSADecrypt RSA 解密
func RSADecrypt(priveKey, ciphertext []byte) (data []byte, err error) {
	block, _ := pem.Decode(priveKey)
	if block == nil {
		err = errors.New(`priveKey key error`)
		return
	}
	priv, e := x509.ParsePKCS1PrivateKey(block.Bytes)
	if e != nil {
		err = e
		return
	}
	rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
	return
}

// GetCertificate 获取证书信息
func GetCertificate(filename string) (cert *x509.Certificate, data []byte, err error) {
	data, err = ioutil.ReadFile(filename)
	if err != nil {
		return
	}

	block, _ := pem.Decode(data)
	if block == nil {
		err = errors.New(`pem Decode error`)
		return
	}

	cert, err = x509.ParseCertificate(block.Bytes)
	return
}