package model.pki.cert;

import model.TestConstants;
import model.asn1.*;
import model.asn1.exceptions.ParseException;
import model.asn1.parsing.BytesReader;
import model.csr.CertificationRequest;
import model.csr.CertificationRequestInfo;
import model.csr.CertificationRequestInfoTest;
import model.pki.AlgorithmIdentifier;
import model.pki.SubjectPublicKeyInfo;
import org.junit.jupiter.api.Test;

import java.util.Arrays;
import java.util.Collection;
import java.util.stream.Stream;

import static model.TestConstants.mutate;
import static org.junit.jupiter.api.Assertions.*;

public class CertificateTest {
    @Test
    void testConstructor() {
        final Certificate certificate = new Certificate(ASN1Object.TAG_SEQUENCE, null,
                TestConstants.CERT_GENERATED,
                new AlgorithmIdentifier(ASN1Object.TAG_SEQUENCE, null,
                        new ObjectIdentifier(ObjectIdentifier.TAG, null, ObjectIdentifier.OID_RSA_ENCRYPTION),
                        new Null(Null.TAG, null)),
                new BitString(BitString.TAG, null, 0, new Byte[]{ 1, 2, 3 }));

        assertEquals(TbsCertificate.VERSION_V3,
                certificate.getCertificate().getVersion().getLong());
        assertArrayEquals(ObjectIdentifier.OID_RSA_ENCRYPTION,
                certificate.getSignatureAlgorithm().getType().getInts());
        assertArrayEquals(new Byte[]{ 1, 2, 3 },
                certificate.getSignature().getConvertedVal());
    }

    @Test
    void testParse() throws ParseException {
        Certificate parsed = new Certificate(new BytesReader(TestConstants.CERT_L2_RSA), false);
        assertEquals(TbsCertificate.VERSION_V3,
                parsed.getCertificate().getVersion().getLong());
        assertArrayEquals(ObjectIdentifier.OID_ECDSA_WITH_SHA512, parsed.getSignatureAlgorithm().getType().getInts());
        assertNull(parsed.getSignatureAlgorithm().getParameters());
        assertEquals(70, parsed.getSignature().getVal().length);

        parsed = new Certificate(new BytesReader(TestConstants.CERT_L1_ECC), false);
        assertEquals(TbsCertificate.VERSION_V3,
                parsed.getCertificate().getVersion().getLong());
        assertArrayEquals(ObjectIdentifier.OID_ECDSA_WITH_SHA256, parsed.getSignatureAlgorithm().getType().getInts());
        assertNull(parsed.getSignatureAlgorithm().getParameters());
        assertEquals(71, parsed.getSignature().getVal().length);
    }

    @Test
    void testParseFail() {
        // Incorrect certificate tag
        assertThrows(ParseException.class, () ->
            new Certificate(new BytesReader(mutate(TestConstants.CERT_L1_ECC, 4, 0x30, 0x31)), false)
        );
        // Incorrect signatureAlgorithm tag
        assertThrows(ParseException.class, () ->
                new Certificate(new BytesReader(mutate(TestConstants.CERT_L1_ECC, 349, 0x30, 0x31)), false)
        );
        // Incorrect signature tag
        assertThrows(ParseException.class, () ->
                new Certificate(new BytesReader(mutate(TestConstants.CERT_L1_ECC, 361, 0x3, 0x5)), false)
        );
    }

    @Test
    void testEncode() throws ParseException {
        assertArrayEquals(TestConstants.CERT_V1,
                new Certificate(new BytesReader(TestConstants.CERT_V1), false).encodeDER());
        assertArrayEquals(TestConstants.CERT_L1_ECC,
                new Certificate(new BytesReader(TestConstants.CERT_L1_ECC), false).encodeDER());
        assertArrayEquals(TestConstants.CERT_L2_RSA,
                new Certificate(new BytesReader(TestConstants.CERT_L2_RSA), false).encodeDER());
    }
}