// SPDX-FileCopyrightText: 2024 eaon <eaon@posteo.net>
// SPDX-License-Identifier: AGPL-3.0-or-later

use ecdh_omr::*;

use reach_harness::*;

type HintX25519ChaCha20Poly1305 = Hint<X25519, chacha20poly1305::ChaCha20Poly1305>;

#[test]
fn hint_decoy_real_x25519_chacha20poly1305_message_ciphertext_length_equivalence() {
    let mut seeded_rng = seeded_rng(0);

    let decoy = HintX25519ChaCha20Poly1305::random_decoy(&mut seeded_rng);

    let secret = x25519_dalek::StaticSecret::from([42u8; 32]);
    let public = x25519_dalek::PublicKey::from(&secret);
    let blinded_public = public.blind(&mut seeded_rng);
    let real =
        HintX25519ChaCha20Poly1305::new(&blinded_public, &[0u8; 32], &mut seeded_rng).unwrap();

    assert_eq!(
        decoy.message_ciphertext.len(),
        real.message_ciphertext.len()
    );
}

type P256 = EllipticCurve<p256::NistP256>;
type Hint64P256Ocb3 = Hint<P256, ocb3::Ocb3<aes::Aes128>, 64>;

#[test]
fn hint_decoy_real_p256_aes128ocb3_message_ciphertext_length_equivalence() {
    let mut seeded_rng = seeded_rng(0);

    let decoy = Hint64P256Ocb3::random_decoy(&mut seeded_rng);

    let secret = p256::SecretKey::from_slice([42u8; 32].as_slice()).unwrap();
    let public = secret.public_key();
    let blinded_public = public.blind(&mut seeded_rng);
    let real = Hint64P256Ocb3::new(&blinded_public, &[0u8; 64], &mut seeded_rng).unwrap();

    assert_eq!(
        decoy.message_ciphertext.len(),
        real.message_ciphertext.len()
    );
}

#[test]
fn hint_x25519_chach20poly13_round_trip() {
    let mut seeded_rng = seeded_rng(0);

    let secret = x25519_dalek::StaticSecret::from([42u8; 32]);
    let public = x25519_dalek::PublicKey::from(&secret);
    let blinded_public = public.blind(&mut seeded_rng);
    let message_sent = [0u8; 32];
    let hint =
        HintX25519ChaCha20Poly1305::new(&blinded_public, &message_sent, &mut seeded_rng).unwrap();
    let message_received = secret.try_to_take_the(&hint).unwrap();

    assert_eq!(message_sent, message_received);
}

#[test]
fn hint_p256_aes128ocb3_round_trip() {
    let mut seeded_rng = seeded_rng(0);

    let secret = p256::SecretKey::from_slice([42u8; 32].as_slice()).unwrap();
    let public = secret.public_key();
    let blinded_public = public.blind(&mut seeded_rng);
    let message_sent = [0u8; 64];
    let hint = Hint64P256Ocb3::new(&blinded_public, &message_sent, &mut seeded_rng).unwrap();
    let message_received = secret.try_to_take_the(&hint).unwrap();

    assert_eq!(message_sent, message_received);
}

#[test]
fn blinded_public_key_encoding_x25519() {
    let mut seeded_rng = seeded_rng(0);

    let secret = x25519_dalek::StaticSecret::from([42u8; 32]);
    let public = x25519_dalek::PublicKey::from(&secret);
    let blinded_public = public.blind(&mut seeded_rng);
    let blinded_public_bytes = blinded_public.to_bytes();

    assert_eq!(blinded_public_bytes.len(), 64);
}

#[test]
fn blinded_public_key_encoding_p256() {
    let mut seeded_rng = seeded_rng(0);

    let secret = p256::SecretKey::from_slice(&[42u8; 32].as_slice()).unwrap();
    let public = secret.public_key();
    let blinded_public = public.blind(&mut seeded_rng);
    let blinded_public_bytes = blinded_public.to_bytes();

    assert_eq!(blinded_public_bytes.len(), 66);
}

#[test]
fn blinded_public_key_decoding_x25519() {
    let mut seeded_rng = seeded_rng(0);

    let secret = x25519_dalek::StaticSecret::from([42u8; 32]);
    let public = x25519_dalek::PublicKey::from(&secret);
    let blinded_public = public.blind(&mut seeded_rng);
    let blinded_public_bytes = blinded_public.to_bytes();

    let blinded_decoded = BlindedPublicKey::<X25519>::from_bytes(&blinded_public_bytes);
    let blinded_decoded_bytes = blinded_decoded.to_bytes();

    assert_eq!(blinded_public_bytes, blinded_decoded_bytes);
}

#[test]
fn blinded_public_key_decoding_p256() {
    let mut seeded_rng = seeded_rng(0);

    let secret = p256::SecretKey::from_slice([42u8; 32].as_slice()).unwrap();
    let public = secret.public_key();
    let blinded_public = public.blind(&mut seeded_rng);
    let blinded_public_bytes = blinded_public.to_bytes();

    let blinded_decoded = BlindedPublicKey::<P256>::from_bytes(&blinded_public_bytes).unwrap();
    let blinded_decoded_bytes = blinded_decoded.to_bytes();

    assert_eq!(blinded_public_bytes, blinded_decoded_bytes);
}

#[test]
fn hint_x25519_chach20poly13_encoding() {
    let mut seeded_rng = seeded_rng(0);

    let secret = x25519_dalek::StaticSecret::from([42u8; 32]);
    let public = x25519_dalek::PublicKey::from(&secret);
    let blinded_public = public.blind(&mut seeded_rng);
    let message_sent = [0u8; 32];
    let hint =
        HintX25519ChaCha20Poly1305::new(&blinded_public, &message_sent, &mut seeded_rng).unwrap();

    let hint_bytes = hint.to_bytes();

    // Public Key + Nonce + TagSize + Message Length
    assert_eq!(hint_bytes.len(), 32 + 12 + 16 + 32);
}

#[test]
fn hint_p256_aes128ocb3_encoding() {
    let mut seeded_rng = seeded_rng(0);

    let secret = p256::SecretKey::from_slice([42u8; 32].as_slice()).unwrap();
    let public = secret.public_key();
    let blinded_public = public.blind(&mut seeded_rng);
    let message_sent = [0u8; 64];
    let hint = Hint64P256Ocb3::new(&blinded_public, &message_sent, &mut seeded_rng).unwrap();

    let hint_bytes = hint.to_bytes();

    // Public Key (compressed sec1) + Nonce + TagSize + Message Length
    assert_eq!(hint_bytes.len(), 33 + 12 + 16 + 64);
}

#[test]
fn hint_x25519_chach20poly13_decoding() {
    let mut seeded_rng = seeded_rng(0);

    let secret = x25519_dalek::StaticSecret::from([42u8; 32]);
    let public = x25519_dalek::PublicKey::from(&secret);
    let blinded_public = public.blind(&mut seeded_rng);
    let message_sent = [0u8; 32];
    let hint =
        HintX25519ChaCha20Poly1305::new(&blinded_public, &message_sent, &mut seeded_rng).unwrap();

    let hint_bytes = hint.to_bytes();

    let hint_decoded = HintX25519ChaCha20Poly1305::from_bytes(hint_bytes.as_slice()).unwrap();
    let hint_decoded_bytes = hint_decoded.to_bytes();

    assert_eq!(hint_decoded_bytes, hint_bytes);
}

#[test]
fn hint_p256_aes128ocb3_decoding() {
    let mut seeded_rng = seeded_rng(0);

    let secret = p256::SecretKey::from_slice([42u8; 32].as_slice()).unwrap();
    let public = secret.public_key();
    let blinded_public = public.blind(&mut seeded_rng);
    let message_sent = [0u8; 64];
    let hint = Hint64P256Ocb3::new(&blinded_public, &message_sent, &mut seeded_rng).unwrap();

    let hint_bytes = hint.to_bytes();

    let hint_decoded = Hint64P256Ocb3::from_bytes(hint_bytes.as_slice()).unwrap();
    let hint_decoded_bytes = hint_decoded.to_bytes();

    assert_eq!(hint_decoded_bytes, hint_bytes);
}