package storage

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
)

// Copied and adjusted from: https://bruinsslot.jp/post/golang-crypto/

func Encrypt(key, data []byte) ([]byte, error) {
	// key, salt, err := DeriveKey(key, nil)
	// if err != nil {
	//     return nil, err
	// }
	//
	blockCipher, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	gcm, err := cipher.NewGCM(blockCipher)
	if err != nil {
		return nil, err
	}

	nonce := make([]byte, gcm.NonceSize())
	if _, err = rand.Read(nonce); err != nil {
		return nil, err
	}

	ciphertext := gcm.Seal(nonce, nonce, data, nil)

	// ciphertext = append(ciphertext, salt...)

	return ciphertext, nil
}

func Decrypt(key, data []byte) ([]byte, error) {
	// salt, data := data[len(data)-32:], data[:len(data)-32]

	// key, _, err := DeriveKey(key, salt)
	// if err != nil {
	//     return nil, err
	// }
	//
	blockCipher, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	gcm, err := cipher.NewGCM(blockCipher)
	if err != nil {
		return nil, err
	}

	nonce, ciphertext := data[:gcm.NonceSize()], data[gcm.NonceSize():]

	plaintext, err := gcm.Open(nil, nonce, ciphertext, nil)
	if err != nil {
		return nil, err
	}

	return plaintext, nil
}