package go_pgp

import (
	"bytes"
	"crypto"
	"os"
	"path/filepath"
	"sync"
	"testing"

	"github.com/ProtonMail/go-crypto/openpgp"
	"github.com/ProtonMail/go-crypto/openpgp/packet"
)

var (
	initialised        bool
	initMutex          sync.Mutex
	testSenderEntity   *Entity
	testReceiverEntity *Entity
)

func readTestFile(name string) ([]byte, error) {
	folder, err := filepath.Abs("testdata")
	if err != nil {
		return nil, err
	}
	return os.ReadFile(filepath.Join(folder, name))
}

func initTest() {
	initMutex.Lock()
	defer initMutex.Unlock()

	if !initialised {
		armoredBinary, _ := readTestFile("testReceiverEntityArmored.pgp")
		list, _ := ReadArmoredKeyRingBinary(armoredBinary)
		receiverCfg := defaultConfig
		testReceiverEntity = &Entity{*list.EntityList[0], &receiverCfg}

		armoredBinary, _ = readTestFile("testSenderEntityArmored.pgp")
		list, _ = ReadArmoredKeyRingBinary(armoredBinary)
		senderCfg := defaultConfig
		testSenderEntity = &Entity{*list.EntityList[0], &senderCfg}

		initialised = true
	}
}

func TestEncryptData(t *testing.T) {
	initTest()
	decryptionPassword := testPassword
	testData := []byte("myTestData")
	encrypted, err := EncryptData(testData, testSenderEntity, testSenderEntity, nil)
	if err != nil || len(encrypted) == 0 {
		t.Errorf("TestEncryptData: test case 1: failed to encrypt data")
	}

	decrypted, err := DecryptData(encrypted, testSenderEntity, &decryptionPassword)
	if err != nil || len(decrypted) == 0 {
		t.Errorf("TestEncryptData: test case 2.1: failed to decrypt data")
	} else if !bytes.Equal(testData, decrypted) {
		t.Errorf("TestEncryptData: test case 2.2: expected decrypted data '%s' but got '%s'", string(testData), string(decrypted))
	}

	encrypted, err = EncryptData(testData, testSenderEntity, testReceiverEntity, nil)
	if err != nil || len(encrypted) == 0 {
		t.Errorf("TestEncryptData: test case 3: failed to encrypt data")
	}

	decrypted, err = DecryptData(encrypted, testReceiverEntity, &decryptionPassword)
	if err != nil || len(decrypted) == 0 {
		t.Errorf("TestEncryptData: test case 4.1: failed to decrypt data")
	} else if !bytes.Equal(testData, decrypted) {
		t.Errorf("TestEncryptData: test case 4.2: expected decrypted data '%s' but got '%s'", string(testData), string(decrypted))
	}

	decrypted, err = DecryptDataVerify(encrypted, testReceiverEntity, &EntityList{EntityList: openpgp.EntityList{&testSenderEntity.Entity}}, &decryptionPassword)
	if err != nil || len(decrypted) == 0 {
		t.Errorf("TestEncryptData: test case 5.1: failed to decrypt data")
	} else if !bytes.Equal(testData, decrypted) {
		t.Errorf("TestEncryptData: test case 5.2: expected decrypted data '%s' but got '%s'", string(testData), string(decrypted))
	}

	decrypted, err = DecryptData(encrypted, testSenderEntity, &decryptionPassword)
	if err == nil || len(decrypted) > 0 {
		t.Errorf("TestEncryptData: test case 6: unexpectedly succeeded to decrypt data")
	}

	decrypted, err = DecryptDataVerify(encrypted, testSenderEntity, &EntityList{EntityList: openpgp.EntityList{&testReceiverEntity.Entity}}, &decryptionPassword)
	if err == nil || len(decrypted) > 0 {
		t.Errorf("TestEncryptData: test case 7: unexpectedly succeeded to decrypt data")
	}

	encrypted, err = EncryptData(testData, nil, testReceiverEntity, nil)
	if err != nil || len(encrypted) == 0 {
		t.Errorf("TestEncryptData: test case 8: failed to encrypt data")
	}

	decrypted, err = DecryptData(encrypted, testReceiverEntity, &decryptionPassword)
	if err != nil || len(decrypted) == 0 {
		t.Errorf("TestEncryptData: test case 9.1: failed to decrypt data")
	} else if !bytes.Equal(testData, decrypted) {
		t.Errorf("TestEncryptData: test case 9.2: expected decrypted data '%s' but got '%s'", string(testData), string(decrypted))
	}

	decrypted, err = DecryptDataVerify(encrypted, testReceiverEntity, &EntityList{EntityList: openpgp.EntityList{&testSenderEntity.Entity}}, &decryptionPassword)
	if err != nil || len(decrypted) == 0 {
		t.Errorf("TestEncryptData: test case 10.1: failed to decrypt data")
	} else if !bytes.Equal(testData, decrypted) {
		t.Errorf("TestEncryptData: test case 10.2: expected decrypted data '%s' but got '%s'", string(testData), string(decrypted))
	}

	// Error cases
	_, err = EncryptData(testData, nil, nil, nil)
	if err == nil {
		t.Errorf("TestEncryptData: test case 11: should fail to encrypt data for undefined entity")
	}

	encrypted, err = EncryptData(nil, nil, testReceiverEntity, nil)
	if err != nil || encrypted != nil {
		t.Errorf("TestEncryptData: test case 12: should not encrypt nil data and return no error")
	}

	encrypted, err = EncryptData([]byte{}, nil, testReceiverEntity, nil)
	if err != nil || encrypted == nil || len(encrypted) != 0 {
		t.Errorf("TestEncryptData: test case 13: should return empty data and no error")
	}
}

func TestHashForSignature(t *testing.T) {
	testCases := []struct {
		hashID        crypto.Hash
		signatureType packet.SignatureType
		expectError   bool
	}{
		{
			hashID:        crypto.MD4,
			signatureType: 0,
			expectError:   true,
		},
		{
			hashID:        crypto.SHA256,
			signatureType: packet.SigTypeBinary,
			expectError:   false,
		},
		{
			hashID:        crypto.SHA256,
			signatureType: packet.SigTypeText,
			expectError:   false,
		},
		{
			hashID:        crypto.SHA256,
			signatureType: packet.SigTypeCasualCert,
			expectError:   true,
		},
	}

	for i, testCase := range testCases {
		_, _, err := hashForSignature(testCase.hashID, testCase.signatureType)
		if err != nil {
			if !testCase.expectError {
				t.Errorf("TestHashForSignature: test case %d: unexpected error '%s'", i+1, err)
			}
		} else if testCase.expectError {
			t.Errorf("TestHashForSignature: test case %d: expected error did not occur", i+1)
		}
	}
}