/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#include "createcertlisttest.h"
#include "sslhelp.h"
#include "createcertlistdialog.h"
#include "certificatelist.h"

#include <polarssl/pk.h>

#include <QDateTime>
#include <QTemporaryFile>
#include <QTest>

void CreateCertListTest::testListCreation() {
    QTemporaryFile tmpFile, outputFile, keyFile;

    /* Get a valid list */
    QFile res(":/list-valid-signed.txt");
    res.open(QIODevice::ReadOnly);
    tmpFile.open();
    tmpFile.write(res.readAll());
    tmpFile.close();
    CertificateList validList = CertificateList(tmpFile.fileName().toLocal8Bit().data());
    QVERIFY(validList.isValid());

    /* Get a key */
    QFile keyRes(":/testkey-priv.pem");
    keyRes.open(QIODevice::ReadOnly);
    keyFile.open();
    keyFile.write(keyRes.readAll());
    keyFile.close();
    pk_context * pk = new pk_context;
    pk_init(pk);
    int ret = pk_parse_keyfile(pk, keyFile.fileName().toLocal8Bit().constData(), "");
    QVERIFY(ret == 0);

    /* Write the certificates from that list to another file */
    outputFile.open();
    QDateTime current = QDateTime::currentDateTimeUtc();
    QVERIFY(CreateCertListDialog::writeList(validList.getCertificates(),
                outputFile.fileName(), current, pk));
    pk_free(pk);

    CertificateList outputList = CertificateList(outputFile.fileName().toLocal8Bit().data());
    QVERIFY(outputList.isValid());
    QVERIFY(outputList.getCertificates() == validList.getCertificates());
    QVERIFY(outputList.date().date() == current.date());
    QVERIFY(outputList.date().time().hour() == current.time().hour());
    QVERIFY(outputList.date().time().minute() == current.time().minute());
    QVERIFY(outputList.date().time().second() == current.time().second());
}

void CreateCertListTest::testSha256Sum()
{
    QByteArray input = "foo\n";
    QByteArray output = sha256sum(input);
    QVERIFY(output == QByteArray::fromHex("b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c"));
}

void CreateCertListTest::testSignature()
{
    QByteArray hash = QByteArray::fromHex("b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c");

    QTemporaryFile keyFile;
    QFile keyRes(":/testkey-priv.pem");
    keyRes.open(QIODevice::ReadOnly);
    keyFile.open();
    keyFile.write(keyRes.readAll());
    keyFile.close();
    pk_context * pk = new pk_context;
    pk_init(pk);
    int ret = pk_parse_keyfile(pk, keyFile.fileName().toLocal8Bit().constData(), "");
    QVERIFY(ret == 0);

    QByteArray signature = rsaSignSHA256Hash(hash, pk);
    pk_free(pk);

    QVERIFY(signature.size() == 3072 / 8);
    QVERIFY(signature.toBase64() == QByteArray("KMOni98NWbt6SWd13H0JlGA1B7hBlXWH84e883s7gMrWeCCj0fUyHmdsNCyY0rmosu+o9mo2K847S3CdnxFPPJcjbfcmILZWRw0hHMtUYta1i9jypHJbz4oznuDctgXz59L4SQzzliCNUzItNoe6UpUznkS5gja4ZHbzqIj3qDVX3H86Z+qOdLICw+LXKlTs5ghsq+SdhZRAFFpHnt+URICWHjEIQKRlmIGEUIh1NgEHInHB/teFLqNGJMu1khi0MTsWDzesAEF5LQTM7Fo3fKmVxEUSbHKupluZrX1XSfnp5w3MaxBQK/t5nFvkVVdFrdEWvb68FIkMt21XqCvjyCPG2oWNh9jjfx3/R+eQ8kFbXzgUIhlZNxbB7bOCVDe2fYNxlXhy+HAqfHsIDP8qegHU+ngLck7tJHScC5dZwTCBDL6sxAvaeGyb3m6FraqaipNI+SGLii63ou9H7PlH5xWOTY9JvJDXGpfjN9U0UrZ6X5hPutOa/llT7s0pmoQb"));
}

bool g_debug = true;

QTEST_GUILESS_MAIN (CreateCertListTest);