"""
码枪堂 AES-256-CBC 解密工具

加密密钥: maqt-delta-force-2024-secret-key-32
流程: KEY -> SHA-256 -> 32-byte AES key -> AES-CBC decrypt(iv, data)
"""
import hashlib
import json
from typing import Any
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad

KEY_STR = "maqt-delta-force-2024-secret-key-32"
AES_KEY = hashlib.sha256(KEY_STR.encode("utf-8")).digest()


def decrypt(encrypted_obj: dict) -> dict:
    """
    解密 API 响应

    encrypted_obj 格式: {"encrypted": true, "iv": "hex_string", "data": "hex_string"}
    返回解密后的 JSON 对象
    """
    iv = bytes.fromhex(encrypted_obj["iv"])
    data = bytes.fromhex(encrypted_obj["data"])
    cipher = AES.new(AES_KEY, AES.MODE_CBC, iv=iv)
    decrypted = unpad(cipher.decrypt(data), AES.block_size)
    return json.loads(decrypted.decode("utf-8"))


def try_decrypt(response: dict) -> dict:
    """如果响应已加密则解密，否则原样返回"""
    if response.get("encrypted") is True:
        return decrypt(response)
    return response


def encrypt(payload: dict) -> dict:
    """
    加密数据（用于复刻服务端）
    返回: {"encrypted": true, "iv": "hex", "data": "hex"}
    """
    from Crypto.Random import get_random_bytes

    plaintext = json.dumps(payload, ensure_ascii=False, separators=(",", ":")).encode("utf-8")
    iv = get_random_bytes(16)
    cipher = AES.new(AES_KEY, AES.MODE_CBC, iv=iv)
    from Crypto.Util.Padding import pad

    ciphertext = cipher.encrypt(pad(plaintext, AES.block_size))
    return {"encrypted": True, "iv": iv.hex(), "data": ciphertext.hex()}


if __name__ == "__main__":
    # 测试解密
    from client import MaqtClient

    c = MaqtClient()
    resp = c.get_schemes(page=1)
    print(f"encrypted={resp.get('encrypted')}")
    if resp.get("encrypted"):
        result = decrypt(resp)
        print(json.dumps(result, ensure_ascii=False, indent=2))