package utils

import (
	"crypto"
	"crypto/rsa"
	"crypto/sha256"
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"strings"
)

// 验证私钥的签名， publicKey从证书里获取公钥 certificate.PublicKey
func VerifySignature(publicKey any, data, signature []byte) bool {
	rsaPublicKey := publicKey.(*rsa.PublicKey)
	hashed := sha256.Sum256(data)
	err := rsa.VerifyPKCS1v15(rsaPublicKey, crypto.SHA256, hashed[:], signature)

	return err == nil
}

// 解析证书信息
func ParseCert(carCertificate string) (*x509.Certificate, error) {
	// 解析头尾需要换行符
	result := strings.Split(carCertificate, "-----")
	result[2] = "\n" + result[2] + "\n"
	carCertificate = strings.Join(result, "-----")

	// 解码证书
	block, _ := pem.Decode([]byte(carCertificate))
	if block == nil {
		return nil, fmt.Errorf("无法解码证书")
	}

	// 解析证书
	certificate, err := x509.ParseCertificate(block.Bytes)
	if err != nil {
		return nil, err
	}
	return certificate, nil
}