#pragma once

#include <string>
#include <cstdint>
#include <random>
#include <mutex>

struct lua_State;

namespace mosis {

// Per-app cryptographically secure RNG
class SecureRandom {
public:
    SecureRandom();

    // Get random bytes as binary string
    std::string GetBytes(size_t count);

    // Get random integer in range [min, max]
    int64_t GetInt(int64_t min, int64_t max);

    // Get random double in range [0.0, 1.0)
    double GetDouble();

private:
    std::random_device m_rd;
    std::mt19937_64 m_gen;
    std::mutex m_mutex;
};

// Hash algorithms supported
enum class HashAlgorithm {
    SHA256,
    SHA512,
    SHA1,
    MD5
};

// Compute hash of data
std::string ComputeHash(HashAlgorithm algo, const std::string& data);

// Compute HMAC of data with key
std::string ComputeHMAC(HashAlgorithm algo, const std::string& key, const std::string& data);

// Register crypto.* APIs as globals
void RegisterCryptoAPI(lua_State* L);

// Register secure math.random replacement (removes math.randomseed)
void RegisterSecureMathRandom(lua_State* L, SecureRandom* rng);

} // namespace mosis