namespace Galaeth.Services.Interfaces;

/// <summary>
/// Cryptographic operations.
/// </summary>
public interface ICryptographyService
{
    /// <summary>
    /// Generate a random salt.
    /// </summary>
    /// <param name="size">Size of the salt to generate - if omitted, will use PwdHashSettings:HashSize config.</param>
    /// <returns>Byte array containing the generated salt.</returns>
    byte[] GenerateSalt(int? size = null);

    /// <summary>
    /// Hash a password string with the accompanying salt.
    /// </summary>
    /// <param name="password">The password to hash.</param>
    /// <param name="salt">The salt to use.</param>
    /// <returns>A byte array of PwdHashSettings:HashSize config size of the password.</returns>
    byte[] HashPassword(string password, byte[] salt);

    /// <summary>
    /// Verify that the given password matches the password hash and salt.
    /// </summary>
    /// <param name="password">The password to test.</param>
    /// <param name="salt">The password's accompanying salt.</param>
    /// <param name="passwordHash">The password hash to test again.</param>
    /// <returns>True if verified, false otherwise.</returns>
    bool VerifyPassword(string password, byte[] salt, byte[] passwordHash);

    /// <summary>
    /// Verify that the given password matches the password hash and salt.
    /// </summary>
    /// <param name="password">The password to test.</param>
    /// <param name="salt">The password's base64 encoded accompanying salt.</param>
    /// <param name="passwordHash">The password base64 hash to test again.</param>
    /// <returns>True if verified, false otherwise.</returns>
    bool VerifyPassword(string password, string salt, string passwordHash);

    /// <summary>
    /// Generate a cryptographically random string.
    /// </summary>
    /// <param name="length">Length of string to create.</param>
    /// <returns>A random string.</returns>
    string GenerateRandomString(int length);
}