package encryption

import (
	"crypto/rand"
	"golang.org/x/crypto/scrypt"
	"io"
)

const (
	PW_SALT_BYTES = 32
	PW_HASH_BYTES = 64
)

func Encrypt(pw string) ([]byte, []byte, error) {

	salt := make([]byte, PW_SALT_BYTES)
	_, err := io.ReadFull(rand.Reader, salt)
	if err != nil {
		return nil, nil, err
	}

	hash, err := scrypt.Key([]byte(pw), salt, 16384, 8, 1, PW_HASH_BYTES)
	if err != nil {
		return nil, nil, err
	}

	return salt, hash, nil
}

func Check(pw, savedSalt, savedDigest string) bool {
	hash, err := scrypt.Key([]byte(pw), []byte(savedSalt), 16384, 8, 1, PW_HASH_BYTES)
	if err != nil {
		return false
	}
	if string(hash) == savedDigest {
		return true
	}
	return false
}