# Copyright (C) 2018  Lars Wirzenius
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.


import unittest


import qvisqve_secrets


class SecretHasherTests(unittest.TestCase):

    def test_byte_string_survives_hex_roundtrip(self):
        byte_string = b'\x00\x02\x03'
        sh = qvisqve_secrets.SecretHasher()
        encoded = sh.hex_encode(byte_string)
        self.assertEqual(byte_string, sh.hex_decode(encoded))

    def test_returns_sufficiently_long_salt(self):
        sh = qvisqve_secrets.SecretHasher()
        salt = sh.get_salt()
        self.assertTrue(len(salt) >= 8)

    def test_produces_a_hash(self):
        cleartext = 'hunter2'
        salt = b'nacl'
        sh = qvisqve_secrets.SecretHasher()
        hashed = sh.hash(cleartext, salt)
        self.assertTrue(isinstance(hashed, dict))

    def test_produces_a_hash_with_salt(self):
        cleartext = 'hunter2'
        sh = qvisqve_secrets.SecretHasher()
        hashed = sh.hash(cleartext)
        self.assertTrue(isinstance(hashed, dict))

    def test_produces_same_hash_for_same_input(self):
        cleartext = 'hunter2'
        salt = b'nacl'
        sh = qvisqve_secrets.SecretHasher()
        hashed1 = sh.hash(cleartext, salt)
        hashed2 = sh.hash(cleartext, salt)
        self.assertEqual(hashed1, hashed2)

    def test_produces_different_hashes_for_different_cleartext(self):
        sh = qvisqve_secrets.SecretHasher()
        salt = b'nacl'
        hashed1 = sh.hash('hunter2', salt)
        hashed2 = sh.hash('swordfish', salt)
        self.assertNotEqual(hashed1, hashed2)

    def test_produces_different_hashes_for_same_cleartext(self):
        sh = qvisqve_secrets.SecretHasher()
        hashed1 = sh.hash('hunter2', b'nacl')
        hashed2 = sh.hash('hunter2', b'nh4cl')
        self.assertNotEqual(hashed1, hashed2)

    def test_accepts_correct_password(self):
        cleartext = 'hunter2'
        sh = qvisqve_secrets.SecretHasher()
        hashed = sh.hash(cleartext, b'nacl')
        self.assertTrue(sh.is_correct(hashed, cleartext))

    def test_rejects_incorrect_password(self):
        cleartext = 'swordfish'
        sh = qvisqve_secrets.SecretHasher()
        hashed = sh.hash(cleartext, b'nacl')
        self.assertTrue(sh.is_correct(hashed, cleartext))

    def test_handles_parameter_changes(self):
        cleartext = 'hunter2'
        salt = b'nacl'
        sh = qvisqve_secrets.SecretHasher()
        hashed = sh.hash(cleartext, salt)
        sh.set_n(2**1)
        self.assertTrue(sh.is_correct(hashed, cleartext))
        self.assertNotEqual(sh.hash(cleartext, salt), hashed)