package engine

import (
	"crypto/sha256"
	"fmt"
	"io"

	"golang.org/x/crypto/hkdf"
)

// deriveKey derives a symmetric key from two shared secrets using HKDF-SHA256
func deriveKey(ss1, ss2, salt []byte) ([]byte, error) {
	ikm := append(ss1, ss2...)
	kdf := hkdf.New(sha256.New, ikm, salt, []byte(HKDFInfo))
	symmetricKey := make([]byte, KeySize)
	if _, err := io.ReadFull(kdf, symmetricKey); err != nil {
		return nil, fmt.Errorf("key derivation failed: %w", err)
	}
	return symmetricKey, nil
}

// buildAAD constructs the associated authenticated data from public keys
func buildAAD(ephemeralPubBytes, senderPubBytes []byte) []byte {
	aad := make([]byte, 0, len(ephemeralPubBytes)+len(senderPubBytes))
	aad = append(aad, ephemeralPubBytes...)
	aad = append(aad, senderPubBytes...)
	return aad
}