package de.adorsys.datasafe.business.impl.e2e;

import de.adorsys.datasafe.privatestore.api.PasswordClearingInputStream;
import de.adorsys.datasafe.privatestore.api.PasswordClearingOutputStream;
import de.adorsys.datasafe.privatestore.api.PasswordClearingStream;
import de.adorsys.datasafe.storage.api.StorageService;
import de.adorsys.datasafe.teststorage.WithStorageProvider;
import de.adorsys.datasafe.types.api.actions.ListRequest;
import de.adorsys.datasafe.types.api.actions.ReadRequest;
import de.adorsys.datasafe.types.api.actions.WriteRequest;
import de.adorsys.datasafe.types.api.resource.AbsoluteLocation;
import de.adorsys.datasafe.types.api.resource.ResolvedResource;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.util.Collections;
import java.util.Set;
import java.util.concurrent.ThreadLocalRandom;
import javax.crypto.AEADBadTagException;
import lombok.Generated;
import org.assertj.core.api.Java6Assertions;
import org.bouncycastle.crypto.io.InvalidCipherTextIOException;
import org.cryptomator.siv.UnauthenticCiphertextException;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.ValueSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testcontainers.shaded.com.google.common.collect.ImmutableSet;
import org.testcontainers.shaded.com.google.common.io.ByteStreams;

/* loaded from: input_file:de/adorsys/datasafe/business/impl/e2e/DataTamperingResistanceTest.class */
class DataTamperingResistanceTest extends BaseE2ETest {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(DataTamperingResistanceTest.class);
    private static final Set<Character> NOT_TO_REPLACE_IN_PATH = ImmutableSet.of('=', '/');
    private static final String FILE_TEXT = "Tampering test!!Tampering test!!Tampering test!!Tampering test!!Tampering test!!";
    private static final String FILENAME = "my_file_with_quite_a__long_na.me_na.me_na.me_na.me_na.me_na.me_na.me_na.me";
    private static final String DIR_AND_FILENAME = "my_directory_with_quite_a__long_na.me_na.me_na.me_na.me_na.me_na.me_na.me_na.me/my_file";
    private static final String DIR_DIR_AND_FILENAME = "my_directory_with_quite_a__long_na.me_na.me_na.me_na.me_na.me_na.me_na.me_na.me/deeper/my_file";

    DataTamperingResistanceTest() {
    }

    @BeforeEach
    void prepare() {
        init();
        registerJohnAndJane();
    }

    @Test
    void testPrivateDocumentContentTamperResistance() {
        PasswordClearingOutputStream write = this.writeToPrivate.write(WriteRequest.forDefaultPrivate(this.jane, FILENAME));
        try {
            write.write(FILE_TEXT.getBytes(StandardCharsets.UTF_8));
            if (write != null) {
                write.close();
            }
            tamperFileByReplacingOneByteOfEncryptedMessage(getFirstFileInPrivate(this.jane));
            PasswordClearingInputStream read = this.readFromPrivate.read(ReadRequest.forDefaultPrivate(this.jane, FILENAME));
            try {
                Java6Assertions.assertThatThrownBy(() -> {
                    ByteStreams.copy(read, ByteStreams.nullOutputStream());
                }).isInstanceOf(InvalidCipherTextIOException.class).hasCauseInstanceOf(AEADBadTagException.class);
                if (read != null) {
                    read.close();
                }
            } finally {
            }
        } finally {
        }
    }

    @Test
    void testInboxDocumentContentTamperResistance() {
        OutputStream write = this.writeToInbox.write(WriteRequest.forDefaultPublic(Collections.singleton(this.john.getUserID()), FILENAME));
        try {
            write.write(FILE_TEXT.getBytes(StandardCharsets.UTF_8));
            if (write != null) {
                write.close();
            }
            tamperFileByReplacingOneByteOfEncryptedMessage(getFirstFileInInbox(this.john));
            InputStream read = this.readFromInbox.read(ReadRequest.forDefaultPrivate(this.john, FILENAME));
            try {
                Java6Assertions.assertThatThrownBy(() -> {
                    ByteStreams.copy(read, ByteStreams.nullOutputStream());
                }).isInstanceOf(InvalidCipherTextIOException.class).hasCauseInstanceOf(AEADBadTagException.class);
                if (read != null) {
                    read.close();
                }
            } finally {
            }
        } finally {
        }
    }

    @ValueSource(strings = {FILENAME, DIR_AND_FILENAME, DIR_DIR_AND_FILENAME})
    @ParameterizedTest(name = "{arguments}")
    void testPrivateDocumentPathTamperResistance(String str) {
        PasswordClearingOutputStream write = this.writeToPrivate.write(WriteRequest.forDefaultPrivate(this.jane, str));
        try {
            write.write(FILE_TEXT.getBytes(StandardCharsets.UTF_8));
            if (write != null) {
                write.close();
            }
            tamperFilenameByReplacingOneCharOfPath(getFirstFileInPrivate(this.jane), str);
            Assertions.assertThrows(UnauthenticCiphertextException.class, () -> {
                PasswordClearingStream list = this.listPrivate.list(ListRequest.forDefaultPrivate(this.jane, ""));
                try {
                    list.forEach(absoluteLocation -> {
                        log.info("{}", absoluteLocation.location());
                    });
                    if (list != null) {
                        list.close();
                    }
                } catch (Throwable th) {
                    if (list != null) {
                        try {
                            list.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            });
        } finally {
        }
    }

    private void init() {
        WithStorageProvider.StorageDescriptor fs = fs();
        initialize(DatasafeServicesProvider.dfsConfig(fs.getLocation()), DatasafeServicesProvider.defaultDatasafeServices((StorageService) fs.getStorageService().get(), fs.getLocation()));
    }

    private void tamperFilenameByReplacingOneCharOfPath(AbsoluteLocation<ResolvedResource> absoluteLocation, String str) {
        Path path = Paths.get(absoluteLocation.getResource().location().asURI());
        byte[] readAllBytes = Files.readAllBytes(path);
        String path2 = path.toAbsolutePath().toString();
        int length = path2.length() - (str.length() / 2);
        while (NOT_TO_REPLACE_IN_PATH.contains(Character.valueOf(path2.charAt(length)))) {
            length--;
        }
        log.info("About to tamper path `{}`", path2);
        String str2 = path2.substring(0, length - 1) + randomChar(path2.charAt(length)) + path2.substring(length);
        log.info("Tampered path as `{}`", str2);
        Files.createDirectories(Paths.get(str2, new String[0]).getParent(), new FileAttribute[0]);
        Files.write(Paths.get(str2, new String[0]), readAllBytes, StandardOpenOption.CREATE);
    }

    private void tamperFileByReplacingOneByteOfEncryptedMessage(AbsoluteLocation<ResolvedResource> absoluteLocation) {
        Path path = Paths.get(absoluteLocation.getResource().location().asURI());
        byte[] readAllBytes = Files.readAllBytes(path);
        int length = readAllBytes.length - (FILE_TEXT.length() / 2);
        readAllBytes[length] = randomByte(readAllBytes[length]);
        Files.write(path, readAllBytes, StandardOpenOption.TRUNCATE_EXISTING);
    }

    private char randomChar(char c) {
        char nextInt;
        do {
            nextInt = (char) (ThreadLocalRandom.current().nextInt(26) + 97);
        } while (nextInt == c);
        return nextInt;
    }

    private byte randomByte(byte b) {
        byte[] bArr = new byte[1];
        do {
            ThreadLocalRandom.current().nextBytes(bArr);
        } while (b == bArr[0]);
        return bArr[0];
    }
}
