"""Tests for AES-256-CTR recording encryption."""

import os
from pathlib import Path

from vigilar.storage.encryption import decrypt_stream, encrypt_file


def test_encrypt_file_creates_vge(tmp_path):
    plain = tmp_path / "test.mp4"
    plain.write_bytes(b"fake mp4 content here for testing")
    key_hex = os.urandom(32).hex()
    vge_path = encrypt_file(str(plain), key_hex)
    assert vge_path.endswith(".vge")
    assert Path(vge_path).exists()
    assert not plain.exists()


def test_encrypt_file_prepends_iv(tmp_path):
    plain = tmp_path / "test.mp4"
    plain.write_bytes(b"x" * 100)
    key_hex = os.urandom(32).hex()
    vge_path = encrypt_file(str(plain), key_hex)
    data = Path(vge_path).read_bytes()
    assert len(data) == 16 + 100


def test_decrypt_stream_roundtrip(tmp_path):
    original = b"Hello, this is a recording file with some content." * 100
    plain = tmp_path / "test.mp4"
    plain.write_bytes(original)
    key_hex = os.urandom(32).hex()
    vge_path = encrypt_file(str(plain), key_hex)
    chunks = list(decrypt_stream(vge_path, key_hex))
    decrypted = b"".join(chunks)
    assert decrypted == original


def test_decrypt_stream_yields_chunks(tmp_path):
    original = b"A" * 100_000
    plain = tmp_path / "test.mp4"
    plain.write_bytes(original)
    key_hex = os.urandom(32).hex()
    vge_path = encrypt_file(str(plain), key_hex)
    chunks = list(decrypt_stream(vge_path, key_hex))
    assert len(chunks) > 1
    assert b"".join(chunks) == original


def test_encrypt_file_wrong_key_produces_garbage(tmp_path):
    original = b"secret recording content" * 50
    plain = tmp_path / "test.mp4"
    plain.write_bytes(original)
    key1 = os.urandom(32).hex()
    key2 = os.urandom(32).hex()
    vge_path = encrypt_file(str(plain), key1)
    decrypted = b"".join(decrypt_stream(vge_path, key2))
    assert decrypted != original