using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;

namespace OversightService
{
    public class EncryptionHelper
    {
        private static readonly byte[] Key = Encoding.UTF8.GetBytes("HWJGbwmF2pWdXySDExMNEbJSrXn0YCBF"); // 32 bytes for AES-256
        private static readonly byte[] IV = Encoding.UTF8.GetBytes("VWYRtYCfch0sKs6k"); // 16 bytes

        public static string EncryptData(string plainText)
        {
            using (Aes aes = Aes.Create())
            {
                aes.Key = Key;
                aes.IV = IV;
                aes.Mode = CipherMode.CBC;
                aes.Padding = PaddingMode.PKCS7;

                using (MemoryStream ms = new MemoryStream())
                using (CryptoStream cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
                {
                    using (StreamWriter sw = new StreamWriter(cs, new UTF8Encoding(false))) // Disable BOM
                    {
                        sw.Write(plainText);
                    }
                    byte[] encryptedBytes = ms.ToArray();
                    string encryptedBase64 = Convert.ToBase64String(encryptedBytes);
                    return encryptedBase64;
                }
            }
        }
    }
}