using IdentityShroud.Core.Contracts;
using IdentityShroud.Core.Security;

namespace IdentityShroud.Core.Services;

/// <summary>
/// 
/// </summary>
public class EncryptionService : IEncryptionService
{
    private readonly byte[] encryptionKey;

    public EncryptionService(ISecretProvider secretProvider)
    {
        encryptionKey = Convert.FromBase64String(secretProvider.GetSecret("Master"));
    }

    public byte[] Encrypt(byte[] plain)
    {
        return AesGcmHelper.EncryptAesGcm(plain, encryptionKey);
    }

    public byte[] Decrypt(ReadOnlyMemory<byte> cipher)
    {
        return AesGcmHelper.DecryptAesGcm(cipher, encryptionKey);
    }
}