using System;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using Developpez.Dotnet.Security;
using NUnit.Framework;

namespace Developpez.Dotnet.Tests.Security
{
    [TestFixture]
    public class DataProtectionProviderTests
    {
        private readonly Random _random = new Random();
        
        [Test]
        public void Test_UnprotectedBytesEqualsOriginal()
        {
            var provider = new DataProtectionProvider();

            byte[] original = new byte[100];
            _random.NextBytes(original);

            byte[] protectd = provider.ProtectBytes(original);
            Assert.AreNotEqual(original, protectd);
            byte[] expected = original;
            byte[] actual = provider.UnprotectBytes(protectd);
            CollectionAssert.AreEqual(expected, actual);
        }

        [Test]
        public void Test_UnprotectedBytesEqualsOriginal_WithEntropy()
        {
            var entropy = new byte[32];
            _random.NextBytes(entropy);
            var provider = new DataProtectionProvider(DataProtectionScope.CurrentUser, null, entropy);

            byte[] original = new byte[100];
            _random.NextBytes(original);

            byte[] protectd = provider.ProtectBytes(original);
            Assert.IsFalse(original.SequenceEqual(protectd));
            byte[] expected = original;
            byte[] actual = provider.UnprotectBytes(protectd);
            CollectionAssert.AreEqual(expected, actual);
        }

        [Test]
        public void Test_UnprotectedStringEqualsOriginal()
        {
            var provider = new DataProtectionProvider();
            const string original = "hello world!";
            string protectd = provider.ProtectString(original);
            string expected = original;
            string actual = provider.UnprotectString(protectd);
            Assert.AreEqual(expected, actual);
        }

        [Test]
        public void Test_UnprotectedStringEqualsOriginal_WithEntropy()
        {
            var entropy = new byte[32];
            _random.NextBytes(entropy);
            var provider = new DataProtectionProvider(DataProtectionScope.CurrentUser, null, entropy);
            const string original = "hello world!";
            string protectd = provider.ProtectString(original);
            string expected = original;
            string actual = provider.UnprotectString(protectd);
            Assert.AreEqual(expected, actual);
        }

        [Test]
        public void Test_UnprotectWithBadEntropyThrowsException()
        {
            var entropy = new byte[32];
            var badEntropy = new byte[32];
            _random.NextBytes(entropy);
            _random.NextBytes(badEntropy);
            var provider = new DataProtectionProvider(DataProtectionScope.CurrentUser, null, entropy);
            var badProvider = new DataProtectionProvider(DataProtectionScope.CurrentUser, null, badEntropy);
            const string original = "hello world!";
            string protectd = provider.ProtectString(original);
            Assert.Throws<CryptographicException>(() => badProvider.UnprotectString(protectd));
        }

        [Test]
        public void Test_UnprotectWithBadEncodingReturnsWrongText()
        {
            var entropy = new byte[32];
            _random.NextBytes(entropy);
            var provider = new DataProtectionProvider(DataProtectionScope.CurrentUser, Encoding.UTF8, entropy);
            var badProvider = new DataProtectionProvider(DataProtectionScope.CurrentUser, Encoding.Unicode, entropy);
            const string original = "hello world!";
            string protectd = provider.ProtectString(original);
            string expected = original;
            string actual = badProvider.UnprotectString(protectd);
            Assert.AreNotEqual(expected, actual);
        }
    }
}