package org.pgpainless.sop;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import org.bouncycastle.openpgp.PGPException;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.ecc.EllipticCurve;
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import org.pgpainless.util.ArmorUtils;
import sop.SOP;
import sop.exception.SOPGPException;

/* loaded from: input_file:org/pgpainless/sop/IncapableKeysTest.class */
public class IncapableKeysTest {
    private static byte[] nonSigningKey;
    private static byte[] nonEncryptionKey;
    private static byte[] nonSigningCert;
    private static byte[] nonEncryptionCert;

    /* renamed from: sop, reason: collision with root package name */
    private static final SOP f4sop = new SOPImpl();

    @BeforeAll
    public static void generateKeys() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
        nonSigningKey = ArmorUtils.toAsciiArmoredString(PGPainless.buildKeyRing().addSubkey(KeySpec.getBuilder(KeyType.ECDH(EllipticCurve._P256), KeyFlag.ENCRYPT_COMMS, new KeyFlag[]{KeyFlag.ENCRYPT_STORAGE})).setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, new KeyFlag[0])).addUserId("Non Signing <non@signing.key>").build()).getBytes(StandardCharsets.UTF_8);
        nonSigningCert = f4sop.extractCert().key(nonSigningKey).getBytes();
        nonEncryptionKey = ArmorUtils.toAsciiArmoredString(PGPainless.buildKeyRing().addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA, new KeyFlag[0])).setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, new KeyFlag[0])).addUserId("Non Encryption <non@encryption.key>").build()).getBytes(StandardCharsets.UTF_8);
        nonEncryptionCert = f4sop.extractCert().key(nonEncryptionKey).getBytes();
    }

    @Test
    public void encryptionToNonEncryptionKeyFails() {
        Assertions.assertThrows(SOPGPException.CertCannotEncrypt.class, () -> {
            f4sop.encrypt().withCert(nonEncryptionCert);
        });
    }

    @Test
    public void signingWithNonSigningKeyFails() {
        Assertions.assertThrows(SOPGPException.KeyCannotSign.class, () -> {
            f4sop.sign().key(nonSigningKey);
        });
        Assertions.assertThrows(SOPGPException.KeyCannotSign.class, () -> {
            f4sop.detachedSign().key(nonSigningKey);
        });
        Assertions.assertThrows(SOPGPException.KeyCannotSign.class, () -> {
            f4sop.inlineSign().key(nonSigningKey);
        });
    }

    @Test
    public void encryptAndSignWithNonSigningKeyFails() {
        Assertions.assertThrows(SOPGPException.KeyCannotSign.class, () -> {
            f4sop.encrypt().signWith(nonSigningKey);
        });
    }
}
