package starcrypto

import (
	"os"
	"path/filepath"
	"testing"
)

func TestRootHmacVerifyWrappers(t *testing.T) {
	msg := []byte("hmac-verify-message")
	key := []byte("hmac-verify-key")

	sum := HmacSHA256(msg, key)
	if !VerifyHmacSHA256(msg, key, sum) {
		t.Fatalf("VerifyHmacSHA256 should pass for correct digest")
	}

	bad := make([]byte, len(sum))
	copy(bad, sum)
	bad[0] ^= 0xff
	if VerifyHmacSHA256(msg, key, bad) {
		t.Fatalf("VerifyHmacSHA256 should fail for wrong digest")
	}

	hexSum := HmacSHA256Str(msg, key)
	if !VerifyHmacSHA256Str(msg, key, hexSum) {
		t.Fatalf("VerifyHmacSHA256Str should pass for correct digest")
	}
	if VerifyHmacSHA256Str(msg, key, "not-hex") {
		t.Fatalf("VerifyHmacSHA256Str should fail for invalid hex")
	}
}

func TestRootFillWithCryptoRandomWrapper(t *testing.T) {
	dir := t.TempDir()
	path := filepath.Join(dir, "secure.bin")

	if err := FillWithCryptoRandom(path, 1024, 128, nil); err != nil {
		t.Fatalf("FillWithCryptoRandom failed: %v", err)
	}
	info, err := os.Stat(path)
	if err != nil {
		t.Fatalf("stat file failed: %v", err)
	}
	if info.Size() != 1024 {
		t.Fatalf("unexpected file size: %d", info.Size())
	}
}