<?php
/**
 * 验证 RSA 密钥对是否匹配
 */

require_once __DIR__ . '/../library/ccblife/CcbRSA.php';

use addons\shopro\library\ccblife\CcbRSA;

echo "========================================\n";
echo "   RSA 密钥对验证\n";
echo "========================================\n\n";

// 从 .env 读取密钥
$envFile = __DIR__ . '/../../../.env';
$envLines = file($envFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);

$privateKey = '';
$publicKey = '';

foreach ($envLines as $line) {
    if (stripos($line, 'private_key=') !== false) {
        $privateKey = trim(substr($line, strpos($line, '=') + 1));
    }
    if (stripos($line, 'public_key=') !== false) {
        $publicKey = trim(substr($line, strpos($line, '=') + 1));
    }
}

echo "1. 密钥信息\n";
echo "   私钥长度: " . strlen($privateKey) . "\n";
echo "   公钥长度: " . strlen($publicKey) . "\n\n";

// 验证密钥对
echo "2. 验证密钥对是否匹配\n";

try {
    // 测试数据
    $testData = "userid=test123&mobile=13800138000&openid=testOpenId";

    echo "   原始数据: {$testData}\n";

    // 用公钥加密
    $encrypted = CcbRSA::encrypt($testData, $publicKey);
    echo "   ✓ 公钥加密成功\n";
    echo "   加密后长度: " . strlen($encrypted) . "\n";

    // 用私钥解密
    $decrypted = CcbRSA::decrypt($encrypted, $privateKey);
    echo "   ✓ 私钥解密成功\n";
    echo "   解密结果: {$decrypted}\n";

    // 验证
    if ($decrypted === $testData) {
        echo "\n   ✅ 密钥对匹配！公钥和私钥配对正确。\n\n";
    } else {
        echo "\n   ❌ 密钥对不匹配！解密结果与原始数据不一致。\n\n";
    }

} catch (\Exception $e) {
    echo "   ❌ 错误: " . $e->getMessage() . "\n\n";
}

// 显示公钥信息（用于确认是否提交给建行）
echo "3. 你的公钥（BASE64格式，提交给建行的应该是这个）\n";
echo "----------------------------------------\n";
echo $publicKey . "\n";
echo "----------------------------------------\n\n";

echo "4. 你的公钥（PEM格式）\n";
echo "----------------------------------------\n";
$pemPublicKey = "-----BEGIN PUBLIC KEY-----\n";
$pemPublicKey .= chunk_split($publicKey, 64, "\n");
$pemPublicKey .= "-----END PUBLIC KEY-----\n";
echo $pemPublicKey;
echo "----------------------------------------\n\n";

echo "⚠️  重要提示：\n";
echo "1. 请确认建行那边配置的公钥是否和上面显示的公钥一致\n";
echo "2. 如果不一致，需要重新提交正确的公钥给建行\n";
echo "3. 如果一致但仍然解密失败，可能是建行加密方式有问题\n";