const pbkdf2HashPattern = /^pbkdf2-sha256\$(\d+)\$([A-Za-z0-9+/=]+)\$([A-Za-z0-9+/=]+)$/;
const pbkdf2Iterations = 210_000;
const pbkdf2KeyLengthBits = 256;

const bytesToBase64 = (bytesArg: Uint8Array): string => {
  let binary = '';
  for (const byte of bytesArg) {
    binary += String.fromCharCode(byte);
  }
  return btoa(binary);
};

const base64ToBytes = (base64Arg: string): Uint8Array => {
  const binary = atob(base64Arg);
  const bytes = new Uint8Array(binary.length);
  for (let i = 0; i < binary.length; i++) {
    bytes[i] = binary.charCodeAt(i);
  }
  return bytes;
};

const timingSafeEqual = (aArg: Uint8Array, bArg: Uint8Array): boolean => {
  if (aArg.length !== bArg.length) {
    return false;
  }

  let diff = 0;
  for (let i = 0; i < aArg.length; i++) {
    diff |= aArg[i] ^ bArg[i];
  }
  return diff === 0;
};

const toArrayBuffer = (bytesArg: Uint8Array): ArrayBuffer => {
  return bytesArg.buffer.slice(
    bytesArg.byteOffset,
    bytesArg.byteOffset + bytesArg.byteLength,
  ) as ArrayBuffer;
};

const derivePasswordHash = async (
  passwordArg: string,
  saltArg: Uint8Array,
  iterationsArg: number,
): Promise<Uint8Array> => {
  const key = await crypto.subtle.importKey(
    'raw',
    new TextEncoder().encode(passwordArg),
    'PBKDF2',
    false,
    ['deriveBits'],
  );

  const bits = await crypto.subtle.deriveBits(
    {
      name: 'PBKDF2',
      hash: 'SHA-256',
      salt: toArrayBuffer(saltArg),
      iterations: iterationsArg,
    },
    key,
    pbkdf2KeyLengthBits,
  );

  return new Uint8Array(bits);
};

export function isPbkdf2Hash(passwordHash: string): boolean {
  return pbkdf2HashPattern.test(passwordHash);
}

export async function hashPassword(password: string): Promise<string> {
  // Use Web Crypto only so compiled binaries do not depend on external worker files.
  const salt = crypto.getRandomValues(new Uint8Array(16));
  const hash = await derivePasswordHash(password, salt, pbkdf2Iterations);
  return `pbkdf2-sha256$${pbkdf2Iterations}$${bytesToBase64(salt)}$${bytesToBase64(hash)}`;
}

export async function verifyPassword(password: string, passwordHash: string): Promise<boolean> {
  if (!passwordHash) {
    return false;
  }

  const pbkdf2Match = passwordHash.match(pbkdf2HashPattern);
  if (pbkdf2Match) {
    const iterations = Number(pbkdf2Match[1]);
    const salt = base64ToBytes(pbkdf2Match[2]);
    const expectedHash = base64ToBytes(pbkdf2Match[3]);
    const actualHash = await derivePasswordHash(password, salt, iterations);
    return timingSafeEqual(actualHash, expectedHash);
  }

  return false;
}