package org.drasyl.node.handler.crypto;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufUtil;
import io.netty.buffer.Unpooled;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.embedded.EmbeddedChannel;
import io.netty.util.ReferenceCountUtil;
import java.time.Duration;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.function.Supplier;
import java.util.function.UnaryOperator;
import org.drasyl.channel.embedded.UserEventAwareEmbeddedChannel;
import org.drasyl.crypto.Crypto;
import org.drasyl.crypto.CryptoException;
import org.drasyl.crypto.sodium.SessionPair;
import org.drasyl.handler.remote.protocol.Nonce;
import org.drasyl.node.event.PerfectForwardSecrecyEncryptionEvent;
import org.drasyl.node.handler.crypto.ArmMessage;
import org.drasyl.node.handler.crypto.PFSArmHandler;
import org.drasyl.util.ConcurrentReference;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Answers;
import org.mockito.ArgumentMatchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;
import test.util.IdentityTestUtil;

@ExtendWith({MockitoExtension.class})
/* loaded from: input_file:org/drasyl/node/handler/crypto/PFSArmHandlerTest.class */
class PFSArmHandlerTest {
    private Agreement agreementSenderLongTime;
    private Duration sessionExpireTime;
    private Duration sessionRetryInterval;
    private int maxAgreements;

    @Nested
    /* loaded from: input_file:org/drasyl/node/handler/crypto/PFSArmHandlerTest$Decryption.class */
    class Decryption {
        Decryption() {
        }

        @Test
        void shouldDecryptInboundMessageWithLongTimeKey(@Mock Crypto crypto, @Mock Session session, @Mock Agreement agreement, @Mock(answer = Answers.RETURNS_DEEP_STUBS) PendingAgreement pendingAgreement, @Mock AgreementId agreementId, @Mock Nonce nonce, @Mock SessionPair sessionPair, @Mock ConcurrentReference<Agreement> concurrentReference, @Mock ConcurrentReference<PendingAgreement> concurrentReference2) throws CryptoException {
            ByteBuf writeByte = Unpooled.buffer().writeByte(ArmMessage.MessageType.APPLICATION.getByte());
            Mockito.when(session.getCurrentActiveAgreement()).thenReturn(concurrentReference);
            Mockito.when(concurrentReference.computeOnCondition((Predicate) ArgumentMatchers.any(), (UnaryOperator) ArgumentMatchers.any())).thenReturn(Optional.empty());
            Mockito.when(session.getCurrentInactiveAgreement()).thenReturn(concurrentReference2);
            Mockito.when(concurrentReference2.computeOnCondition((Predicate) ArgumentMatchers.any(), (UnaryOperator) ArgumentMatchers.any())).thenReturn(Optional.of(pendingAgreement));
            Mockito.when((PendingAgreement) concurrentReference2.computeIfAbsent((Supplier) ArgumentMatchers.any())).thenReturn(pendingAgreement);
            Mockito.when(pendingAgreement.getKeyPair().getPublicKey()).thenReturn(IdentityTestUtil.ID_1.getKeyAgreementPublicKey());
            Mockito.when(session.getLongTimeAgreement()).thenReturn(agreement);
            Mockito.when(agreement.getAgreementId()).thenReturn(agreementId);
            Mockito.when(agreement.getSessionPair()).thenReturn(sessionPair);
            Mockito.when(crypto.decrypt((byte[]) ArgumentMatchers.any(), (byte[]) ArgumentMatchers.any(), (Nonce) ArgumentMatchers.any(), (SessionPair) ArgumentMatchers.any())).thenReturn(ByteBufUtil.getBytes(writeByte));
            Mockito.when(crypto.encrypt((byte[]) ArgumentMatchers.any(), (byte[]) ArgumentMatchers.any(), (Nonce) ArgumentMatchers.any(), (SessionPair) ArgumentMatchers.any())).thenReturn(new byte[0]);
            EmbeddedChannel embeddedChannel = new EmbeddedChannel(new ChannelHandler[]{new PFSArmHandler(crypto, IdentityTestUtil.ID_1, IdentityTestUtil.ID_2.getIdentityPublicKey(), session, System::currentTimeMillis, PFSArmHandlerTest.this.sessionRetryInterval, PFSArmHandler.State.LONG_TIME)});
            try {
                embeddedChannel.writeInbound(new Object[]{ArmHeader.of(agreementId, nonce, writeByte)});
                Object readInbound = embeddedChannel.readInbound();
                MatcherAssert.assertThat(readInbound, Matchers.instanceOf(ByteBuf.class));
                ReferenceCountUtil.release(readInbound);
                ReferenceCountUtil.release(embeddedChannel.readOutbound());
                embeddedChannel.close();
            } catch (Throwable th) {
                embeddedChannel.close();
                throw th;
            }
        }

        @Test
        void shouldDecryptInboundMessageWithEphemeralKey(@Mock Crypto crypto, @Mock(answer = Answers.RETURNS_DEEP_STUBS) Session session, @Mock Agreement agreement, @Mock(answer = Answers.RETURNS_DEEP_STUBS) PendingAgreement pendingAgreement, @Mock AgreementId agreementId, @Mock Nonce nonce, @Mock SessionPair sessionPair, @Mock ConcurrentReference<Agreement> concurrentReference, @Mock ConcurrentReference<PendingAgreement> concurrentReference2) throws CryptoException {
            ByteBuf writeByte = Unpooled.buffer().writeByte(ArmMessage.MessageType.APPLICATION.getByte());
            Mockito.when(session.getCurrentActiveAgreement()).thenReturn(concurrentReference);
            Mockito.when(concurrentReference.computeOnCondition((Predicate) ArgumentMatchers.any(), (UnaryOperator) ArgumentMatchers.any())).thenReturn(Optional.empty());
            Mockito.when(session.getCurrentInactiveAgreement()).thenReturn(concurrentReference2);
            Mockito.when(concurrentReference2.computeOnCondition((Predicate) ArgumentMatchers.any(), (UnaryOperator) ArgumentMatchers.any())).thenReturn(Optional.of(pendingAgreement));
            Mockito.when((PendingAgreement) concurrentReference2.computeIfAbsent((Supplier) ArgumentMatchers.any())).thenReturn(pendingAgreement);
            Mockito.when(pendingAgreement.getKeyPair().getPublicKey()).thenReturn(IdentityTestUtil.ID_1.getKeyAgreementPublicKey());
            Mockito.when(session.getLongTimeAgreement()).thenReturn(agreement);
            Mockito.when((Agreement) session.getInitializedAgreements().get(ArgumentMatchers.any(AgreementId.class))).thenReturn(agreement);
            Mockito.when(agreement.getSessionPair()).thenReturn(sessionPair);
            Mockito.when(crypto.decrypt((byte[]) ArgumentMatchers.any(), (byte[]) ArgumentMatchers.any(), (Nonce) ArgumentMatchers.any(), (SessionPair) ArgumentMatchers.any())).thenReturn(ByteBufUtil.getBytes(writeByte));
            Mockito.when(crypto.encrypt((byte[]) ArgumentMatchers.any(), (byte[]) ArgumentMatchers.any(), (Nonce) ArgumentMatchers.any(), (SessionPair) ArgumentMatchers.any())).thenReturn(new byte[0]);
            EmbeddedChannel embeddedChannel = new EmbeddedChannel(new ChannelHandler[]{new PFSArmHandler(crypto, IdentityTestUtil.ID_1, IdentityTestUtil.ID_2.getIdentityPublicKey(), session, System::currentTimeMillis, PFSArmHandlerTest.this.sessionRetryInterval, PFSArmHandler.State.LONG_TIME)});
            try {
                embeddedChannel.writeInbound(new Object[]{ArmHeader.of(agreementId, nonce, writeByte)});
                Object readInbound = embeddedChannel.readInbound();
                MatcherAssert.assertThat(readInbound, Matchers.instanceOf(ByteBuf.class));
                ReferenceCountUtil.release(readInbound);
                ReferenceCountUtil.release(embeddedChannel.readOutbound());
                embeddedChannel.close();
            } catch (Throwable th) {
                embeddedChannel.close();
                throw th;
            }
        }
    }

    @Nested
    /* loaded from: input_file:org/drasyl/node/handler/crypto/PFSArmHandlerTest$Encryption.class */
    class Encryption {
        Encryption() {
        }

        @Test
        void shouldEncryptOutboundMessageWithLongTimeKey() throws CryptoException {
            EmbeddedChannel embeddedChannel = new EmbeddedChannel(new ChannelHandler[]{new PFSArmHandler(Crypto.INSTANCE, PFSArmHandlerTest.this.sessionExpireTime, PFSArmHandlerTest.this.sessionRetryInterval, PFSArmHandlerTest.this.maxAgreements, IdentityTestUtil.ID_1, IdentityTestUtil.ID_2.getIdentityPublicKey())});
            try {
                embeddedChannel.writeAndFlush(Unpooled.buffer());
                Object readOutbound = embeddedChannel.readOutbound();
                MatcherAssert.assertThat(readOutbound, Matchers.instanceOf(ArmHeader.class));
                ReferenceCountUtil.release(readOutbound);
                ReferenceCountUtil.release(embeddedChannel.readOutbound());
                embeddedChannel.close();
            } catch (Throwable th) {
                embeddedChannel.close();
                throw th;
            }
        }

        @Test
        void shouldEncryptOutboundMessageWithEphemeralKey(@Mock Crypto crypto, @Mock Session session, @Mock ConcurrentReference<Agreement> concurrentReference, @Mock Agreement agreement) throws CryptoException {
            byte[] bArr = {1, 2, 3};
            Mockito.when(session.getCurrentActiveAgreement()).thenReturn(concurrentReference);
            Mockito.when(concurrentReference.getValue()).thenReturn(Optional.of(agreement));
            Mockito.when(crypto.encrypt((byte[]) ArgumentMatchers.any(), (byte[]) ArgumentMatchers.any(), (Nonce) ArgumentMatchers.any(), (SessionPair) ArgumentMatchers.any())).thenReturn(bArr);
            EmbeddedChannel embeddedChannel = new EmbeddedChannel(new ChannelHandler[]{new PFSArmHandler(crypto, IdentityTestUtil.ID_1, IdentityTestUtil.ID_2.getIdentityPublicKey(), session, System::currentTimeMillis, PFSArmHandlerTest.this.sessionRetryInterval, PFSArmHandler.State.PFS)});
            try {
                embeddedChannel.writeAndFlush(Unpooled.buffer());
                ArmHeader armHeader = (ArmHeader) embeddedChannel.readOutbound();
                MatcherAssert.assertThat(armHeader, Matchers.instanceOf(ArmHeader.class));
                Assertions.assertArrayEquals(bArr, ByteBufUtil.getBytes(armHeader.content()));
                ((Session) Mockito.verify(session, Mockito.never())).getLongTimeAgreement();
                armHeader.release();
                embeddedChannel.close();
            } catch (Throwable th) {
                embeddedChannel.close();
                throw th;
            }
        }
    }

    @Nested
    /* loaded from: input_file:org/drasyl/node/handler/crypto/PFSArmHandlerTest$KeyExchange.class */
    class KeyExchange {
        KeyExchange() {
        }

        @Test
        void shouldDoKeyExchangeOnKeyExchangeMessage() throws CryptoException {
            KeyExchangeMessage of = KeyExchangeMessage.of(IdentityTestUtil.ID_3.getKeyAgreementPublicKey());
            ChannelHandler pFSArmHandler = new PFSArmHandler(Crypto.INSTANCE, PFSArmHandlerTest.this.sessionExpireTime, PFSArmHandlerTest.this.sessionRetryInterval, PFSArmHandlerTest.this.maxAgreements, IdentityTestUtil.ID_2, IdentityTestUtil.ID_1.getIdentityPublicKey());
            EmbeddedChannel embeddedChannel = new EmbeddedChannel(new ChannelHandler[]{pFSArmHandler});
            try {
                ChannelHandlerContext context = embeddedChannel.pipeline().context(pFSArmHandler);
                ByteBuf buffer = context.alloc().buffer();
                of.writeTo(buffer);
                embeddedChannel.writeInbound(new Object[]{pFSArmHandler.arm(context, PFSArmHandlerTest.this.agreementSenderLongTime, buffer)});
                buffer.release();
                ArmHeader armHeader = (ArmHeader) embeddedChannel.readOutbound();
                ArmHeader armHeader2 = (ArmHeader) embeddedChannel.readOutbound();
                MatcherAssert.assertThat(pFSArmHandler.unarm(context, PFSArmHandlerTest.this.agreementSenderLongTime, armHeader.getNonce(), armHeader.content()), Matchers.instanceOf(KeyExchangeMessage.class));
                MatcherAssert.assertThat(pFSArmHandler.unarm(context, PFSArmHandlerTest.this.agreementSenderLongTime, armHeader2.getNonce(), armHeader2.content()), Matchers.instanceOf(AcknowledgementMessage.class));
                armHeader.release();
                armHeader2.release();
                embeddedChannel.close();
            } catch (Throwable th) {
                embeddedChannel.close();
                throw th;
            }
        }

        @Test
        void shouldFireEventOnAck() throws CryptoException {
            KeyExchangeMessage of = KeyExchangeMessage.of(IdentityTestUtil.ID_3.getKeyAgreementPublicKey());
            ChannelHandler pFSArmHandler = new PFSArmHandler(Crypto.INSTANCE, PFSArmHandlerTest.this.sessionExpireTime, PFSArmHandlerTest.this.sessionRetryInterval, PFSArmHandlerTest.this.maxAgreements, IdentityTestUtil.ID_2, IdentityTestUtil.ID_1.getIdentityPublicKey());
            UserEventAwareEmbeddedChannel userEventAwareEmbeddedChannel = new UserEventAwareEmbeddedChannel(new ChannelHandler[]{pFSArmHandler});
            try {
                ChannelHandlerContext context = userEventAwareEmbeddedChannel.pipeline().context(pFSArmHandler);
                ByteBuf buffer = context.alloc().buffer();
                of.writeTo(buffer);
                userEventAwareEmbeddedChannel.writeInbound(new Object[]{pFSArmHandler.arm(context, PFSArmHandlerTest.this.agreementSenderLongTime, buffer)});
                buffer.release();
                ArmHeader armHeader = (ArmHeader) userEventAwareEmbeddedChannel.readOutbound();
                ArmHeader armHeader2 = (ArmHeader) userEventAwareEmbeddedChannel.readOutbound();
                Object unarm = pFSArmHandler.unarm(context, PFSArmHandlerTest.this.agreementSenderLongTime, armHeader2.getNonce(), armHeader2.content());
                MatcherAssert.assertThat(unarm, Matchers.instanceOf(AcknowledgementMessage.class));
                AcknowledgementMessage of2 = AcknowledgementMessage.of(AgreementId.of(IdentityTestUtil.ID_3.getKeyAgreementPublicKey(), ((KeyExchangeMessage) pFSArmHandler.unarm(context, PFSArmHandlerTest.this.agreementSenderLongTime, armHeader.getNonce(), armHeader.content())).getSessionKey()));
                ByteBuf buffer2 = context.alloc().buffer();
                of2.writeTo(buffer2);
                userEventAwareEmbeddedChannel.writeInbound(new Object[]{pFSArmHandler.arm(context, PFSArmHandlerTest.this.agreementSenderLongTime, buffer2)});
                MatcherAssert.assertThat(userEventAwareEmbeddedChannel.readEvent(), Matchers.instanceOf(PerfectForwardSecrecyEncryptionEvent.class));
                buffer2.release();
                armHeader.release();
                armHeader2.release();
                ReferenceCountUtil.release(unarm);
                System.out.println();
                userEventAwareEmbeddedChannel.close();
            } catch (Throwable th) {
                userEventAwareEmbeddedChannel.close();
                throw th;
            }
        }
    }

    PFSArmHandlerTest() {
    }

    @BeforeEach
    void setUp() throws CryptoException {
        this.agreementSenderLongTime = Agreement.of(AgreementId.of(IdentityTestUtil.ID_1.getKeyAgreementPublicKey(), IdentityTestUtil.ID_2.getKeyAgreementPublicKey()), Crypto.INSTANCE.generateSessionKeyPair(IdentityTestUtil.ID_1.getKeyAgreementKeyPair(), IdentityTestUtil.ID_2.getKeyAgreementPublicKey()), -1L);
        this.sessionExpireTime = Duration.ofSeconds(100000L);
        this.sessionRetryInterval = Duration.ofSeconds(1000L);
        this.maxAgreements = 2;
    }
}
