package at.gv.egiz.eaaf.core.test.credentials;

import static org.junit.Assert.assertFalse;

import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import javax.crypto.SecretKey;

import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

import at.asitplus.hsmfacade.provider.HsmFacadeProvider;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
import lombok.extern.slf4j.Slf4j;

@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration("/spring/test_eaaf_pvp_lazy.beans.xml")
@DirtiesContext(classMode = ClassMode.BEFORE_EACH_TEST_METHOD)
@Slf4j
public class KeyOperationPerformanceTest {

  private static final String HSM_FACASE_HOST = "eid.a-sit.at";
  private static final String HSM_FACASE_PORT = "9050";
  private static final String HSM_FACASE_SSL_TRUST = "src/test/resources/data/hsm_facade_trust_root.crt";
  private static final String HSM_FACASE_USERNAME = "authhandler-junit";
  private static final String HSM_FACASE_PASSWORD = "supersecret123";
  private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS_WITH_TRUSTED_CERTS =
      "src/test/resources/data/junit.jks";
  private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS =
      "src/test/resources/data/junit_without_trustcerts.jks";
  private static final String PATH_TO_SOFTWARE_KEYSTORE_PKCS12 =
      "src/test/resources/data/junit_without_trustcerts.p12";
  private static final String SOFTWARE_KEYSTORE_PASSWORD = "password";

  private static final String HSM_FACADE_KEY_ALIAS = "authhandler-sign";

  private static final String CIPHER_MODE = "AES/GCM/NoPadding";
  private static final int GCM_NONCE_LENGTH = 12; // in bytes
  private static final int GCM_TAG_LENGTH = 16; // in bytes

  protected static final String KEYNAME = "AES";

  
  private static final String AES_KEY_1 = "aes-key-1";
  private static final String AES_KEY_2 = "aes-key-2";
  
  private static final List<String> ALL_AES_KEYS = Arrays.asList(AES_KEY_1, AES_KEY_2);
  
  @Autowired
  private DummyAuthConfigMap mapConfig;
  @Autowired
  private ApplicationContext context;
  
  /**
   * jUnit test set-up.
   */
  @Before  
  public void testSetup() {
    mapConfig.clearAllConfig();
    Security.removeProvider(HsmFacadeProvider.getInstance().getName());
    
  }
  
  @Ignore
  @Test
  public void symmetricHsmFacadeKeyLoad() throws EaafException {
    Pair<SecretKey, Provider> key = loadSymmetricKey(AES_KEY_1);   
    Assert.assertNotNull("Key container is null", key);
    Assert.assertNotNull("Key is null", key.getFirst());
    Assert.assertNotNull("Provider is null", key.getFirst());
    
  }
  
  
  @Ignore
  @Test
  public void symmetricHsmFacadeKeyOperations() throws Exception {
    Pair<SecretKey, Provider> key = loadSymmetricKey(AES_KEY_1);   
    Assert.assertNotNull("Key container is null", key);    
    new EncryptionTask(context, mapConfig, AES_KEY_2, 15).run(AES_KEY_2, 15);
        
  }
  
  @Test
  public void symmetricHsmFacadeMultithreatKeyOperations() throws Exception {
    Pair<SecretKey, Provider> key = loadSymmetricKey(AES_KEY_1);   
    Assert.assertNotNull("Key container is null", key);
    
    int threads = 30;
    
    ArrayList<EncryptionTask> taskList = new ArrayList<EncryptionTask>();
    ArrayList<Thread> threadList = new ArrayList<Thread>();      
    for(int i=0; i < threads; i++){
      EncryptionTask task = new EncryptionTask(context, mapConfig, ALL_AES_KEYS.get(i % 2), 20);
      taskList.add(task);
      Thread t = new Thread(task);
      threadList.add(t);      
      t.start();      
    }

    // wait until they are all done
    log.trace("Wait for mandate sources .... ");
    for(int i=0; i<threadList.size(); i++){
      threadList.get(i).join();
    }
    log.trace("Mandate sources collection finished ");
        
    
    assertFalse("Find Thread with error", taskList.stream()
        .filter(el -> el.getError() != null)
        .findFirst()
        .isPresent());
    
    
  }
  
  private Pair<SecretKey, Provider> loadSymmetricKey(String keyName) throws EaafException {
    mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST, HSM_FACASE_HOST);
    mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT, HSM_FACASE_PORT);
    mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, HSM_FACASE_SSL_TRUST);
    mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME, HSM_FACASE_USERNAME);
    mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD, HSM_FACASE_PASSWORD);
    
    final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
    Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());

    SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
    keyConfig.setFriendlyName("jUnit test");
    keyConfig.setKeyType(SymmetricKeyType.HSMFACADE);
    keyConfig.setKeyStoreName("authhandler");
    keyConfig.setKeyAlias(keyName);

    return keyStoreFactory.buildNewSymmetricKey(keyConfig);
  }

}