using System.Security.Cryptography;
using IdentityShroud.Core.Contracts;
using IdentityShroud.Core.Model;

namespace IdentityShroud.Core.Services;

public class KeyProvisioningService(
    IEncryptionService encryptionService,
    IClock clock) : IKeyProvisioningService
{
    public RealmKey CreateRsaKey(int keySize = 2048)
    {
        using var rsa = RSA.Create(keySize);
        return CreateKey("RSA", rsa.ExportPkcs8PrivateKey());
    }

    private RealmKey CreateKey(string keyType, byte[] keyData) =>
        new RealmKey(
            Guid.NewGuid(),
            keyType,
            encryptionService.Encrypt(keyData),
            clock.UtcNow());

    // public byte[] GetPrivateKey(IEncryptionService encryptionService)
    // {
    //     if (_privateKeyDecrypted.Length == 0 && PrivateKeyEncrypted.Length > 0)
    //         _privateKeyDecrypted = encryptionService.Decrypt(PrivateKeyEncrypted);
    //     return _privateKeyDecrypted;
    // }
}