<?php

namespace app\utils;

/**
 * RSA 加密工具类
 */
class RsaUtil{
    const RSA_ALGORITHM_KEY_TYPE = OPENSSL_KEYTYPE_RSA;
    const RSA_ALGORITHM_SIGN = OPENSSL_ALGO_SHA256;

    protected $public_key; // 公钥
    protected $private_key; // 私钥
    protected $key_len;

    /**
     * @throws \Exception
     */
    public function __construct($pub_key = '', $pri_key = '')
    {
        $pub_key = file_get_contents(!empty($pub_key) ? $pub_key : APP_PATH.'/utils/certs/public_key.pem'); // 获取公钥文件中的数据
        $pri_key = file_get_contents(!empty($pri_key) ? $pri_key : APP_PATH.'/utils/certs/private_key.pem'); // 获取私钥文件中的数据

        if ($pub_key) {
            $this->public_key = $pub_key;
            $pub_id = openssl_pkey_get_public($this->public_key);
            $this->key_len = openssl_pkey_get_details($pub_id)['bits'];
        }

        if ($pri_key) {
            $this->private_key = $pri_key;
            $pri_id = openssl_pkey_get_private($this->private_key);
            $this->key_len = openssl_pkey_get_details($pri_id)['bits'];
        }
    }

    /**
     * 创建密钥对
     *
     * @param $key_size
     * @return array
     */
    public static function createKeys($key_size = 1024)
    {
        $config = array(
            "private_key_bits" => $key_size,
            "private_key_type" => self::RSA_ALGORITHM_KEY_TYPE,
        );
        $res = openssl_pkey_new($config);
        openssl_pkey_export($res, $private_key);
        $public_key_detail = openssl_pkey_get_details($res);
        $public_key = $public_key_detail["key"];

        return array(
            "public_key" => $public_key,
            "private_key" => $private_key,
        );
    }

    /**
     * 私钥解密
     *
     * @param $encrypted
     * @return string
     */
    public function privateDecrypt($encrypted)
    {
        $decrypted = "";
        $part_len = $this->key_len / 8;
        //url  中的get传值默认会吧+号过滤成' '，替换回来就好了
        str_replace('% ', '+', $encrypted);
        $base64_decoded = base64_decode($encrypted);
        $parts = str_split($base64_decoded, $part_len);
        foreach ($parts as $part) {
            $decrypted_temp = '';
            openssl_private_decrypt($part, $decrypted_temp, $this->private_key);
            $decrypted .= $decrypted_temp;
        }
        return $decrypted;
    }

    /**
     * 私钥加密
     *
     * @param $data
     * @return string
     */
    public function privateEncrypt($data)
    {
        $encrypted = '';
        $part_len = $this->key_len / 8 - 11;
        $parts = str_split($data, $part_len);

        foreach ($parts as $part) {
            $encrypted_temp = '';
            openssl_private_encrypt($part, $encrypted_temp, $this->private_key);
            $encrypted .= $encrypted_temp;
        }
        return base64_encode($encrypted);
    }

    /**
     * 公钥解密
     *
     * @param $encrypted
     * @return string
     */
    public function publicDecrypt($encrypted)
    {
        $decrypted = "";
        $part_len = $this->key_len / 8;
        $base64_decoded = base64_decode($encrypted);
        $parts = str_split($base64_decoded, $part_len);

        foreach ($parts as $part) {
            $decrypted_temp = '';
            openssl_public_decrypt($part, $decrypted_temp, $this->public_key);
            $decrypted .= $decrypted_temp;
        }
        return $decrypted;
    }

    /**
     * 公钥加密
     *
     * @param $data
     * @return string
     */
    public function publicEncrypt($data)
    {
        $encrypted = '';
        $part_len = $this->key_len / 8 - 11;
        $parts = str_split($data, $part_len);

        foreach ($parts as $part) {
            $encrypted_temp = '';
            openssl_public_encrypt($part, $encrypted_temp, $this->public_key);
            $encrypted .= $encrypted_temp;
        }

        return base64_encode($encrypted);
    }

    /**
     * 数据加签
     *
     * @param $data
     * @return string
     */
    public function sign($data)
    {
        openssl_sign($data, $sign, $this->private_key, self::RSA_ALGORITHM_SIGN);
        return base64_encode($sign);
    }

    /**
     * 数据签名验证
     *
     * @param $data
     * @param $sign
     * @return false|int
     */
    public function verify($data, $sign)
    {
        $pub_id = openssl_get_publickey($this->public_key);
        $res = openssl_verify($data, base64_decode($sign), $pub_id, self::RSA_ALGORITHM_SIGN);
        return $res;
    }
}