import {PrivateBox, PrivateWrap, SecretBox, SecretWrap, signature} from '..'
import {beforeAll, expect, test} from 'bun:test'

let wrap_key!: CryptoKey

beforeAll(async () => {
  wrap_key = await SecretWrap.gen(true)
})

async function seal(key: CryptoKey): Promise<CryptoKey> {
  const box = await SecretWrap.wrap(key, wrap_key)
  expect(box).not.toBeNull()
  const unboxed = await box!.unwrap(wrap_key)
  expect(unboxed).not.toBeNull()
  return unboxed!
}
async function cant_seal(key: CryptoKey): Promise<void> {
  expect(key.extractable).toBeFalse()
  const box = await SecretWrap.wrap(key, wrap_key)
  expect(box).toBeNull()
}

test('Signature', async () => {
  const k = await signature.gen(true)
  const privk = await seal(k.privateKey)

  const message = new Uint8Array(8)
  const signed = await signature.sign(message, privk)
  expect(signed).not.toBeNull()
  const verification = await signature.verify(message, k.publicKey, signed!)
  expect(verification).toBeTrue()
})
test('SecretWrap', async () => {
  let k = await SecretWrap.gen(true)
  const box = await SecretWrap.wrap(k, k) // Please kids, never do this for real !
  expect(box).not.toBeNull()
  k = await seal(k)

  const unbox = await box!.unwrap(k)
  expect(unbox).not.toBeNull()
  expect(unbox).toEqual(k)
})
test('SecretBox', async () => {
  const message = crypto.getRandomValues(new Uint8Array(8))
  let k = await SecretBox.gen(true)
  const box = await SecretBox.encrypt(message, k)
  expect(box).not.toBeNull()
  k = await seal(k)

  const unbox = await box!.decrypt(k)
  expect(unbox).not.toBeNull()
  expect(unbox).toEqual(message)
})
test('PrivateWrap', async () => {
  const k = await PrivateWrap.gen(true)
  const box = await PrivateWrap.wrap(wrap_key, k.publicKey)
  expect(box).not.toBeNull()
  const privk = await seal(k.privateKey)

  const unbox = await box!.unwrap(privk)
  expect(unbox).not.toBeNull()
  expect(unbox).toEqual(wrap_key)
})
test('PrivateBox', async () => {
  const message = crypto.getRandomValues(new Uint8Array(8))
  let k = await PrivateBox.gen(true)
  const box = await PrivateBox.encrypt(message, k.publicKey)
  expect(box).not.toBeNull()
  const privk = await seal(k.privateKey)

  const unbox = await box!.decrypt(privk)
  expect(unbox).not.toBeNull()
  expect(unbox).toEqual(message)
})
test("Can't unwrap with a different key", async () => {
  const wrap_k2 = await SecretWrap.gen(false)
  const box = await SecretWrap.wrap(wrap_key, wrap_key) // Never do this kids !
  expect(box).not.toBeNull()
  const unbox = await box!.unwrap(wrap_k2)
  expect(unbox).toBeNull()
})
test("Can't wrap non-extractable", async () => {
  const k_sb = await SecretBox.gen(false)
  const k_sw = await SecretWrap.gen(false)
  const k_pb = await PrivateBox.gen(false)
  const k_pw = await PrivateWrap.gen(false)
  const sig = await signature.gen(false)

  await cant_seal(k_sb)
  await cant_seal(k_sw)
  await cant_seal(k_pb.privateKey)
  await cant_seal(k_pw.privateKey)
  await cant_seal(sig.privateKey)
})