package org.pgpainless.key.info;

import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.NoSuchElementException;
import org.bouncycastle.bcpg.sig.RevocationReason;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.key.TestKeys;
import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import org.pgpainless.key.generation.type.xdh.XDHCurve;
import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector;
import org.pgpainless.key.protection.UnprotectedKeysProtector;
import org.pgpainless.key.util.RevocationAttributes;
import org.pgpainless.signature.SignatureUtils;

/* loaded from: input_file:org/pgpainless/key/info/UserIdRevocationTest.class */
public class UserIdRevocationTest {
    @Test
    public void test() throws IOException, PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, InterruptedException {
        PGPSecretKeyRing build = PGPainless.generateKeyRing().withSubKey(KeySpec.getBuilder(KeyType.XDH(XDHCurve._X25519)).withKeyFlags(new KeyFlag[]{KeyFlag.ENCRYPT_COMMS}).withDefaultAlgorithms()).withPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519)).withKeyFlags(new KeyFlag[]{KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER}).withDefaultAlgorithms()).withPrimaryUserId("primary@key.id").withAdditionalUserId("secondary@key.id").withoutPassphrase().build();
        Thread.sleep(1000L);
        KeyRingInfo inspectKeyRing = PGPainless.inspectKeyRing(PGPainless.modifyKeyRing(build).revokeUserIdOnAllSubkeys("secondary@key.id", new UnprotectedKeysProtector()).done());
        Assertions.assertEquals(Arrays.asList("primary@key.id", "secondary@key.id"), inspectKeyRing.getUserIds());
        Assertions.assertTrue(inspectKeyRing.isUserIdValid("primary@key.id"));
        Assertions.assertFalse(inspectKeyRing.isUserIdValid("sedondary@key.id"));
        Assertions.assertFalse(inspectKeyRing.isUserIdValid("tertiary@key.id"));
        Assertions.assertTrue(PGPainless.inspectKeyRing(build).isUserIdValid("secondary@key.id"));
        KeyRingInfo inspectKeyRing2 = PGPainless.inspectKeyRing(PGPainless.modifyKeyRing(build).revokeUserId("secondary@key.id", build.getSecretKey().getKeyID(), new UnprotectedKeysProtector()).done());
        Assertions.assertEquals(Arrays.asList("primary@key.id", "secondary@key.id"), inspectKeyRing2.getUserIds());
        Assertions.assertTrue(inspectKeyRing2.isUserIdValid("primary@key.id"));
        Assertions.assertFalse(inspectKeyRing2.isUserIdValid("sedondary@key.id"));
        Assertions.assertFalse(inspectKeyRing2.isUserIdValid("tertiary@key.id"));
    }

    @Test
    public void testRevocationWithRevocationReason() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, InterruptedException {
        PGPSecretKeyRing build = PGPainless.generateKeyRing().withSubKey(KeySpec.getBuilder(KeyType.XDH(XDHCurve._X25519)).withKeyFlags(new KeyFlag[]{KeyFlag.ENCRYPT_COMMS}).withDefaultAlgorithms()).withPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519)).withKeyFlags(new KeyFlag[]{KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER}).withDefaultAlgorithms()).withPrimaryUserId("primary@key.id").withAdditionalUserId("secondary@key.id").withoutPassphrase().build();
        Thread.sleep(1000L);
        RevocationReason subpacket = SignatureUtils.getLatestSelfSignatureForUserId(PGPainless.modifyKeyRing(build).revokeUserIdOnAllSubkeys("secondary@key.id", new UnprotectedKeysProtector(), RevocationAttributes.createCertificateRevocation().withReason(RevocationAttributes.Reason.USER_ID_NO_LONGER_VALID).withDescription("I lost my mail password")).done().getPublicKey(), "secondary@key.id").getHashedSubPackets().getSubpacket(29);
        Assertions.assertNotNull(subpacket);
        Assertions.assertEquals("I lost my mail password", subpacket.getRevocationDescription());
    }

    @Test
    public void unknownKeyThrowsIllegalArgumentException() throws IOException, PGPException {
        PGPSecretKeyRing cryptieSecretKeyRing = TestKeys.getCryptieSecretKeyRing();
        PasswordBasedSecretKeyRingProtector forKey = PasswordBasedSecretKeyRingProtector.forKey(cryptieSecretKeyRing.getSecretKey(), TestKeys.CRYPTIE_PASSPHRASE);
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            PGPainless.modifyKeyRing(cryptieSecretKeyRing).revokeUserId(TestKeys.CRYPTIE_UID, 1L, forKey);
        });
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            PGPainless.modifyKeyRing(cryptieSecretKeyRing).revokeUserId(TestKeys.CRYPTIE_UID, TestKeys.EMIL_FINGERPRINT, forKey);
        });
    }

    @Test
    public void unknownUserIdThrowsNoSuchElementException() throws IOException, PGPException {
        PGPSecretKeyRing cryptieSecretKeyRing = TestKeys.getCryptieSecretKeyRing();
        PasswordBasedSecretKeyRingProtector forKey = PasswordBasedSecretKeyRingProtector.forKey(cryptieSecretKeyRing.getSecretKey(), TestKeys.CRYPTIE_PASSPHRASE);
        Assertions.assertThrows(NoSuchElementException.class, () -> {
            PGPainless.modifyKeyRing(cryptieSecretKeyRing).revokeUserId("invalid@user.id", TestKeys.CRYPTIE_FINGERPRINT, forKey);
        });
        Assertions.assertThrows(NoSuchElementException.class, () -> {
            PGPainless.modifyKeyRing(cryptieSecretKeyRing).revokeUserId("invalid@user.id", TestKeys.CRYPTIE_KEY_ID, forKey);
        });
    }

    @Test
    public void invalidRevocationReasonThrowsIllegalArgumentException() throws IOException, PGPException {
        PGPSecretKeyRing cryptieSecretKeyRing = TestKeys.getCryptieSecretKeyRing();
        PasswordBasedSecretKeyRingProtector forKey = PasswordBasedSecretKeyRingProtector.forKey(cryptieSecretKeyRing.getSecretKey(), TestKeys.CRYPTIE_PASSPHRASE);
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            PGPainless.modifyKeyRing(cryptieSecretKeyRing).revokeUserId(TestKeys.CRYPTIE_UID, cryptieSecretKeyRing.getSecretKey().getKeyID(), forKey, RevocationAttributes.createKeyRevocation().withReason(RevocationAttributes.Reason.KEY_RETIRED).withDescription("This is not a valid certification revocation reason."));
        });
    }
}
