package org.graylog.security.certutil.privatekey;

import java.nio.file.Path;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import org.bouncycastle.pkcs.PKCSException;
import org.graylog2.rest.resources.users.UsersResourceTest;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.io.TempDir;

/* loaded from: input_file:org/graylog/security/certutil/privatekey/PrivateKeyEncryptedFileStorageTest.class */
class PrivateKeyEncryptedFileStorageTest {
    PrivateKeyEncryptedFileStorageTest() {
    }

    @Test
    void testKeyStorageSaveAndRetrieve(@TempDir Path path) throws Exception {
        PrivateKeyEncryptedFileStorage privateKeyEncryptedFileStorage = new PrivateKeyEncryptedFileStorage(path.resolve("temp.key"));
        char[] charArray = UsersResourceTest.PASSWORD.toCharArray();
        PrivateKey privateKey = KeyPairGenerator.getInstance("RSA").generateKeyPair().getPrivate();
        privateKeyEncryptedFileStorage.writeEncryptedKey(charArray, privateKey);
        Assertions.assertEquals(privateKey, privateKeyEncryptedFileStorage.readEncryptedKey(charArray));
    }

    @Test
    void testKeyStorageThrowsExceptionWhenUsingWrongPasswordDuringRead(@TempDir Path path) throws Exception {
        PrivateKeyEncryptedFileStorage privateKeyEncryptedFileStorage = new PrivateKeyEncryptedFileStorage(path.resolve("temp.key"));
        privateKeyEncryptedFileStorage.writeEncryptedKey(UsersResourceTest.PASSWORD.toCharArray(), KeyPairGenerator.getInstance("RSA").generateKeyPair().getPrivate());
        Assertions.assertThrows(PKCSException.class, () -> {
            privateKeyEncryptedFileStorage.readEncryptedKey("wrong password".toCharArray());
        });
    }
}
