rust-bottle 0.1.0

// Comprehensive tests for src/keys.rs
// This file tests all key types and their methods to maximize coverage

use rand::rngs::OsRng;
use rsa::traits::PublicKeyParts;
use rust_bottle::keychain::SignerKey;
use rust_bottle::keys::*;
use rust_bottle::signing::{Sign, Verify};
use rust_bottle::BottleError;

#[cfg(feature = "ml-kem")]
use ml_kem::EncodedSizeUser;

// ============================================================================
// ECDSA P-256 Key Tests
// ============================================================================

#[test]
fn test_ecdsa_p256_generate() {
    let rng = &mut OsRng;
    let key = EcdsaP256Key::generate(rng);

    // Verify key was generated
    let pub_key = key.public_key_bytes();
    assert_eq!(pub_key.len(), 65); // SEC1 uncompressed format

    let priv_key = key.private_key_bytes();
    assert_eq!(priv_key.len(), 32);
}

#[test]
fn test_ecdsa_p256_public_key_bytes() {
    let rng = &mut OsRng;
    let key1 = EcdsaP256Key::generate(rng);
    let key2 = EcdsaP256Key::generate(rng);

    // Different keys should have different public keys
    assert_ne!(key1.public_key_bytes(), key2.public_key_bytes());

    // Public key should be 65 bytes (SEC1 uncompressed)
    assert_eq!(key1.public_key_bytes().len(), 65);
    assert_eq!(key2.public_key_bytes().len(), 65);
}

#[test]
fn test_ecdsa_p256_private_key_bytes() {
    let rng = &mut OsRng;
    let key1 = EcdsaP256Key::generate(rng);
    let key2 = EcdsaP256Key::generate(rng);

    // Different keys should have different private keys
    assert_ne!(key1.private_key_bytes(), key2.private_key_bytes());

    // Private key should be 32 bytes
    assert_eq!(key1.private_key_bytes().len(), 32);
    assert_eq!(key2.private_key_bytes().len(), 32);
}

#[test]
fn test_ecdsa_p256_from_private_key_bytes() {
    let rng = &mut OsRng;
    let original = EcdsaP256Key::generate(rng);
    let priv_bytes = original.private_key_bytes();

    // Reconstruct from private key bytes
    let restored = EcdsaP256Key::from_private_key_bytes(&priv_bytes).unwrap();

    // Public keys should match
    assert_eq!(original.public_key_bytes(), restored.public_key_bytes());

    // Private keys should match
    assert_eq!(original.private_key_bytes(), restored.private_key_bytes());
}

#[test]
fn test_ecdsa_p256_from_private_key_bytes_invalid() {
    // Test with wrong size - these will panic due to .into() conversion
    // So we use should_panic or just test that valid sizes work
    // The implementation uses bytes.into() which requires exact size match

    // Test with correct size but potentially invalid key bytes
    // (The library may accept any 32-byte value as a valid key)
    let invalid_key = vec![0u8; 32];
    // This might succeed or fail depending on the library's validation
    // The important thing is it doesn't panic with correct size
    let result = EcdsaP256Key::from_private_key_bytes(&invalid_key);
    // Either succeeds (library accepts it) or fails with InvalidKeyType
    if result.is_ok() {
        // Library accepts zero bytes as valid key
    } else {
        // Library rejects invalid key bytes
        assert!(matches!(result, Err(BottleError::InvalidKeyType)));
    }
}

#[test]
fn test_ecdsa_p256_sign() {
    let rng = &mut OsRng;
    let key = EcdsaP256Key::generate(rng);
    let message = b"Test message for ECDSA P-256";

    let signature = key.sign(rng, message).unwrap();

    // ECDSA P-256 signatures are 64 bytes (r + s values)
    assert_eq!(signature.len(), 64);
}

#[test]
fn test_ecdsa_p256_sign_empty_message() {
    let rng = &mut OsRng;
    let key = EcdsaP256Key::generate(rng);

    let signature = key.sign(rng, b"").unwrap();
    assert_eq!(signature.len(), 64);
}

#[test]
fn test_ecdsa_p256_sign_large_message() {
    let rng = &mut OsRng;
    let key = EcdsaP256Key::generate(rng);
    let large_message = vec![0u8; 10000];

    let signature = key.sign(rng, &large_message).unwrap();
    assert_eq!(signature.len(), 64);
}

#[test]
fn test_ecdsa_p256_verify() {
    let rng = &mut OsRng;
    let key = EcdsaP256Key::generate(rng);
    let message = b"Test message for verification";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

#[test]
fn test_ecdsa_p256_verify_failure() {
    let rng = &mut OsRng;
    let key1 = EcdsaP256Key::generate(rng);
    let key2 = EcdsaP256Key::generate(rng);
    let message = b"Test message";

    // Sign with key1
    let signature = key1.sign(rng, message).unwrap();

    // Verify with wrong key
    assert!(key2.verify(message, &signature).is_err());

    // Verify with wrong message
    assert!(key1.verify(b"Wrong message", &signature).is_err());

    // Verify with corrupted signature
    let mut corrupted = signature.clone();
    corrupted[0] ^= 1;
    assert!(key1.verify(message, &corrupted).is_err());
}

#[test]
fn test_ecdsa_p256_verify_invalid_signature_length() {
    let rng = &mut OsRng;
    let key = EcdsaP256Key::generate(rng);
    let message = b"Test message";

    // The implementation uses signature.into() which requires exact 64 bytes
    // So wrong sizes will cause a panic in the conversion, not an error return
    // We can only test that the correct size works, and that wrong content fails

    // Test with correct size but wrong content (should fail verification)
    let wrong_sig = vec![0u8; 64];
    assert!(key.verify(message, &wrong_sig).is_err());

    // Test with a valid signature to ensure the test works
    let valid_sig = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &valid_sig).is_ok());
}

#[test]
fn test_ecdsa_p256_signer_key() {
    let rng = &mut OsRng;
    let key = EcdsaP256Key::generate(rng);

    // Test fingerprint
    let fingerprint = key.fingerprint();
    assert_eq!(fingerprint.len(), 32); // SHA-256 hash

    // Fingerprint should be consistent
    assert_eq!(key.fingerprint(), key.fingerprint());

    // Test public_key
    let pub_key = key.public_key();
    assert_eq!(pub_key.len(), 65);
    assert_eq!(pub_key, key.public_key_bytes());
}

#[test]
fn test_ecdsa_p256_different_keys_different_fingerprints() {
    let rng = &mut OsRng;
    let key1 = EcdsaP256Key::generate(rng);
    let key2 = EcdsaP256Key::generate(rng);

    assert_ne!(key1.fingerprint(), key2.fingerprint());
}

// ============================================================================
// Ed25519 Key Tests
// ============================================================================

#[test]
fn test_ed25519_generate() {
    let rng = &mut OsRng;
    let key = Ed25519Key::generate(rng);

    let pub_key = key.public_key_bytes();
    assert_eq!(pub_key.len(), 32);

    let priv_key = key.private_key_bytes();
    assert_eq!(priv_key.len(), 32);
}

#[test]
fn test_ed25519_public_key_bytes() {
    let rng = &mut OsRng;
    let key1 = Ed25519Key::generate(rng);
    let key2 = Ed25519Key::generate(rng);

    assert_ne!(key1.public_key_bytes(), key2.public_key_bytes());
    assert_eq!(key1.public_key_bytes().len(), 32);
}

#[test]
fn test_ed25519_private_key_bytes() {
    let rng = &mut OsRng;
    let key1 = Ed25519Key::generate(rng);
    let key2 = Ed25519Key::generate(rng);

    assert_ne!(key1.private_key_bytes(), key2.private_key_bytes());
    assert_eq!(key1.private_key_bytes().len(), 32);
}

#[test]
fn test_ed25519_from_private_key_bytes() {
    let rng = &mut OsRng;
    let original = Ed25519Key::generate(rng);
    let priv_bytes = original.private_key_bytes();

    let restored = Ed25519Key::from_private_key_bytes(&priv_bytes).unwrap();

    assert_eq!(original.public_key_bytes(), restored.public_key_bytes());
    assert_eq!(original.private_key_bytes(), restored.private_key_bytes());
}

#[test]
fn test_ed25519_from_private_key_bytes_invalid() {
    assert!(Ed25519Key::from_private_key_bytes(&[]).is_err());
    assert!(Ed25519Key::from_private_key_bytes(&[0u8; 16]).is_err());
    assert!(Ed25519Key::from_private_key_bytes(&[0u8; 64]).is_err());
}

#[test]
fn test_ed25519_sign() {
    let rng = &mut OsRng;
    let key = Ed25519Key::generate(rng);
    let message = b"Test message for Ed25519";

    let signature = key.sign(rng, message).unwrap();
    assert_eq!(signature.len(), 64);
}

#[test]
fn test_ed25519_sign_empty_message() {
    let rng = &mut OsRng;
    let key = Ed25519Key::generate(rng);

    let signature = key.sign(rng, b"").unwrap();
    assert_eq!(signature.len(), 64);
}

#[test]
fn test_ed25519_sign_large_message() {
    let rng = &mut OsRng;
    let key = Ed25519Key::generate(rng);
    let large_message = vec![0u8; 10000];

    let signature = key.sign(rng, &large_message).unwrap();
    assert_eq!(signature.len(), 64);
}

#[test]
fn test_ed25519_verify() {
    let rng = &mut OsRng;
    let key = Ed25519Key::generate(rng);
    let message = b"Test message for verification";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

#[test]
fn test_ed25519_verify_failure() {
    let rng = &mut OsRng;
    let key1 = Ed25519Key::generate(rng);
    let key2 = Ed25519Key::generate(rng);
    let message = b"Test message";

    let signature = key1.sign(rng, message).unwrap();

    // Wrong key
    assert!(key2.verify(message, &signature).is_err());

    // Wrong message
    assert!(key1.verify(b"Wrong message", &signature).is_err());

    // Corrupted signature
    let mut corrupted = signature.clone();
    corrupted[0] ^= 1;
    assert!(key1.verify(message, &corrupted).is_err());
}

#[test]
fn test_ed25519_verify_invalid_signature_length() {
    let rng = &mut OsRng;
    let key = Ed25519Key::generate(rng);
    let message = b"Test message";

    assert!(key.verify(message, &[]).is_err());
    assert!(key.verify(message, &[0u8; 32]).is_err());
    assert!(key.verify(message, &vec![0u8; 128]).is_err());
}

#[test]
fn test_ed25519_signer_key() {
    let rng = &mut OsRng;
    let key = Ed25519Key::generate(rng);

    let fingerprint = key.fingerprint();
    assert_eq!(fingerprint.len(), 32);
    assert_eq!(key.fingerprint(), key.fingerprint());

    let pub_key = key.public_key();
    assert_eq!(pub_key.len(), 32);
    assert_eq!(pub_key, key.public_key_bytes());
}

#[test]
fn test_ed25519_different_keys_different_fingerprints() {
    let rng = &mut OsRng;
    let key1 = Ed25519Key::generate(rng);
    let key2 = Ed25519Key::generate(rng);

    assert_ne!(key1.fingerprint(), key2.fingerprint());
}

// ============================================================================
// X25519 Key Tests
// ============================================================================

#[test]
fn test_x25519_generate() {
    let rng = &mut OsRng;
    let key = X25519Key::generate(rng);

    let pub_key = key.public_key_bytes();
    assert_eq!(pub_key.len(), 32);

    let priv_key = key.private_key_bytes();
    assert_eq!(priv_key.len(), 32);
}

#[test]
fn test_x25519_public_key_bytes() {
    let rng = &mut OsRng;
    let key1 = X25519Key::generate(rng);
    let key2 = X25519Key::generate(rng);

    assert_ne!(key1.public_key_bytes(), key2.public_key_bytes());
    assert_eq!(key1.public_key_bytes().len(), 32);
}

#[test]
fn test_x25519_private_key_bytes() {
    let rng = &mut OsRng;
    let key1 = X25519Key::generate(rng);
    let key2 = X25519Key::generate(rng);

    assert_ne!(key1.private_key_bytes(), key2.private_key_bytes());
    assert_eq!(key1.private_key_bytes().len(), 32);
}

#[test]
fn test_x25519_from_private_key_bytes() {
    let rng = &mut OsRng;
    let original = X25519Key::generate(rng);
    let priv_bytes = original.private_key_bytes();

    let restored = X25519Key::from_private_key_bytes(&priv_bytes).unwrap();

    assert_eq!(original.public_key_bytes(), restored.public_key_bytes());
    assert_eq!(original.private_key_bytes(), restored.private_key_bytes());
}

#[test]
fn test_x25519_from_private_key_bytes_invalid() {
    assert!(X25519Key::from_private_key_bytes(&[]).is_err());
    assert!(X25519Key::from_private_key_bytes(&[0u8; 16]).is_err());
    assert!(X25519Key::from_private_key_bytes(&[0u8; 64]).is_err());
}

#[test]
fn test_x25519_different_keys() {
    let rng = &mut OsRng;
    let key1 = X25519Key::generate(rng);
    let key2 = X25519Key::generate(rng);

    assert_ne!(key1.public_key_bytes(), key2.public_key_bytes());
    assert_ne!(key1.private_key_bytes(), key2.private_key_bytes());
}

// ============================================================================
// RSA Key Additional Tests (complementing rsa_test.rs)
// ============================================================================

#[test]
fn test_rsa_key_public_key_accessor() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();

    let pub_key = key.public_key();
    assert!(pub_key.size() >= 256);
}

#[test]
fn test_rsa_key_private_key_accessor() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();

    let priv_key = key.private_key();
    assert!(priv_key.size() >= 256);
}

#[test]
fn test_rsa_key_size_accessor() {
    let rng = &mut OsRng;
    let key2048 = RsaKey::generate(rng, 2048).unwrap();
    let key4096 = RsaKey::generate(rng, 4096).unwrap();

    assert_eq!(key2048.key_size(), 256); // 2048 / 8
    assert_eq!(key4096.key_size(), 512); // 4096 / 8
}

#[test]
fn test_rsa_key_encrypt_max_size() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();

    // RSA-OAEP with SHA-256: max message size is key_size - 2*hash_size - 2
    // For SHA-256 (32 bytes) and 2048-bit key (256 bytes): 256 - 2*32 - 2 = 190 bytes
    // Use a safe size that's known to work (190 bytes as tested in short_buffer_test.rs)
    let max_size = 190;
    let max_message = vec![0u8; max_size];

    let ciphertext = key.encrypt(rng, &max_message).unwrap();
    assert_eq!(ciphertext.len(), key.key_size());

    let decrypted = key.decrypt(&ciphertext).unwrap();
    assert_eq!(decrypted, max_message);
}

#[test]
fn test_rsa_key_encrypt_too_large() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();

    // Message too large for RSA-OAEP
    let too_large = vec![0u8; key.key_size()];
    assert!(key.encrypt(rng, &too_large).is_err());
}

#[test]
fn test_rsa_key_decrypt_invalid_ciphertext() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();

    // Wrong size
    assert!(key.decrypt(&[]).is_err());
    assert!(key.decrypt(&[0u8; 100]).is_err());

    // Wrong size for key
    let wrong_size = vec![0u8; key.key_size() - 1];
    assert!(key.decrypt(&wrong_size).is_err());
}

#[test]
fn test_rsa_key_decrypt_wrong_key() {
    let rng = &mut OsRng;
    let key1 = RsaKey::generate(rng, 2048).unwrap();
    let key2 = RsaKey::generate(rng, 2048).unwrap();
    let message = b"Test message";

    let ciphertext = key1.encrypt(rng, message).unwrap();

    // Try to decrypt with wrong key
    assert!(key2.decrypt(&ciphertext).is_err());
}

#[test]
fn test_rsa_key_sign_empty_message() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();

    let signature = key.sign(rng, b"").unwrap();
    assert!(key.verify(b"", &signature).is_ok());
}

#[test]
fn test_rsa_key_sign_large_message() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();
    let large_message = vec![0u8; 10000];

    let signature = key.sign(rng, &large_message).unwrap();
    assert!(key.verify(&large_message, &signature).is_ok());
}

#[test]
fn test_rsa_key_verify_failure() {
    let rng = &mut OsRng;
    let key1 = RsaKey::generate(rng, 2048).unwrap();
    let key2 = RsaKey::generate(rng, 2048).unwrap();
    let message = b"Test message";

    let signature = key1.sign(rng, message).unwrap();

    // Wrong key
    assert!(key2.verify(message, &signature).is_err());

    // Wrong message
    assert!(key1.verify(b"Wrong message", &signature).is_err());

    // Corrupted signature
    let mut corrupted = signature.clone();
    if !corrupted.is_empty() {
        corrupted[0] ^= 1;
        assert!(key1.verify(message, &corrupted).is_err());
    }
}

#[test]
fn test_rsa_key_signer_key() {
    let rng = &mut OsRng;
    let key = RsaKey::generate(rng, 2048).unwrap();

    let fingerprint = key.fingerprint();
    assert_eq!(fingerprint.len(), 32); // SHA-256 hash

    // Test that public_key() (from SignerKey trait) returns Vec<u8>
    let pub_key = SignerKey::public_key(&key);
    // Note: public_key_bytes() returns empty vec (placeholder)
    // So fingerprint is hash of empty vec
    assert_eq!(pub_key, key.public_key_bytes());
    assert_eq!(pub_key, vec![]); // Placeholder returns empty

    // Test direct public_key() method returns &RsaPublicKey
    let pub_key_ref = key.public_key();
    assert!(pub_key_ref.size() >= 256); // At least 2048 bits
}

#[test]
fn test_rsa_key_from_private_key_bytes_placeholder() {
    // This is a placeholder that returns an error
    assert!(RsaKey::from_private_key_bytes(&[]).is_err());
    assert!(RsaKey::from_private_key_bytes(&[0u8; 100]).is_err());
}

// ============================================================================
// ML-KEM Key Tests (complementing pqc_test.rs)
// ============================================================================

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem768_encapsulation_key() {
    let rng = &mut OsRng;
    let key = MlKem768Key::generate(rng);

    let ek = key.encapsulation_key();
    assert_eq!(ek.as_bytes().len(), 1184);
}

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem768_decapsulation_key() {
    let rng = &mut OsRng;
    let key = MlKem768Key::generate(rng);

    let dk = key.decapsulation_key();
    assert_eq!(dk.as_bytes().len(), 2400);
}

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem768_from_private_key_bytes_invalid_size() {
    assert!(MlKem768Key::from_private_key_bytes(&[]).is_err());
    assert!(MlKem768Key::from_private_key_bytes(&[0u8; 100]).is_err());
    assert!(MlKem768Key::from_private_key_bytes(&[0u8; 1184]).is_err());
    assert!(MlKem768Key::from_private_key_bytes(&[0u8; 2400]).is_err()); // Old format (decaps only)
    assert!(MlKem768Key::from_private_key_bytes(&[0u8; 2401]).is_err());
    assert!(MlKem768Key::from_private_key_bytes(&[0u8; 3583]).is_err());
    assert!(MlKem768Key::from_private_key_bytes(&[0u8; 3585]).is_err());
}

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem768_from_private_key_bytes_roundtrip() {
    let rng = &mut OsRng;
    let original = MlKem768Key::generate(rng);
    let priv_bytes = original.private_key_bytes();

    let restored = MlKem768Key::from_private_key_bytes(&priv_bytes).unwrap();

    assert_eq!(original.public_key_bytes(), restored.public_key_bytes());
    assert_eq!(original.private_key_bytes(), restored.private_key_bytes());
}

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem1024_encapsulation_key() {
    let rng = &mut OsRng;
    let key = MlKem1024Key::generate(rng);

    let ek = key.encapsulation_key();
    assert_eq!(ek.as_bytes().len(), 1568);
}

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem1024_decapsulation_key() {
    let rng = &mut OsRng;
    let key = MlKem1024Key::generate(rng);

    let dk = key.decapsulation_key();
    assert_eq!(dk.as_bytes().len(), 3168);
}

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem1024_from_private_key_bytes_invalid_size() {
    assert!(MlKem1024Key::from_private_key_bytes(&[]).is_err());
    assert!(MlKem1024Key::from_private_key_bytes(&[0u8; 100]).is_err());
    assert!(MlKem1024Key::from_private_key_bytes(&[0u8; 1568]).is_err());
    assert!(MlKem1024Key::from_private_key_bytes(&[0u8; 3168]).is_err()); // Old format (decaps only)
    assert!(MlKem1024Key::from_private_key_bytes(&[0u8; 3169]).is_err());
    assert!(MlKem1024Key::from_private_key_bytes(&[0u8; 4735]).is_err());
    assert!(MlKem1024Key::from_private_key_bytes(&[0u8; 4737]).is_err());
}

#[cfg(feature = "ml-kem")]
#[test]
fn test_mlkem1024_from_private_key_bytes_roundtrip() {
    let rng = &mut OsRng;
    let original = MlKem1024Key::generate(rng);
    let priv_bytes = original.private_key_bytes();

    let restored = MlKem1024Key::from_private_key_bytes(&priv_bytes).unwrap();

    assert_eq!(original.public_key_bytes(), restored.public_key_bytes());
    assert_eq!(original.private_key_bytes(), restored.private_key_bytes());
}

// ============================================================================
// ML-DSA Key Tests
// ============================================================================

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa44_generate() {
    let rng = &mut OsRng;
    let key = MlDsa44Key::generate(rng);

    let pub_key = key.public_key_bytes();
    assert!(!pub_key.is_empty());

    let priv_key = key.private_key_bytes();
    assert!(!priv_key.is_empty());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa44_sign_verify() {
    let rng = &mut OsRng;
    let key = MlDsa44Key::generate(rng);
    let message = b"Test message for ML-DSA-44";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa44_verify_failure() {
    let rng = &mut OsRng;
    let key1 = MlDsa44Key::generate(rng);
    let key2 = MlDsa44Key::generate(rng);
    let message = b"Test message";

    let signature = key1.sign(rng, message).unwrap();

    assert!(key2.verify(message, &signature).is_err());
    assert!(key1.verify(b"Wrong message", &signature).is_err());
}

#[cfg(feature = "post-quantum")]
#[test]
#[ignore] // pqcrypto-dilithium API doesn't support deriving public key from secret key
fn test_mldsa44_from_private_key_bytes() {
    let rng = &mut OsRng;
    let original = MlDsa44Key::generate(rng);
    let priv_bytes = original.private_key_bytes();

    // This test is ignored because pqcrypto-dilithium doesn't provide a way to
    // derive the public key from the secret key. The from_private_key_bytes
    // function currently returns InvalidKeyType for ML-DSA keys.
    let restored = MlDsa44Key::from_private_key_bytes(&priv_bytes).unwrap();

    assert_eq!(original.public_key_bytes(), restored.public_key_bytes());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa44_signer_key() {
    let rng = &mut OsRng;
    let key = MlDsa44Key::generate(rng);

    let fingerprint = key.fingerprint();
    assert_eq!(fingerprint.len(), 32);

    let pub_key = key.public_key();
    assert_eq!(pub_key, key.public_key_bytes());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa65_generate() {
    let rng = &mut OsRng;
    let key = MlDsa65Key::generate(rng);

    let pub_key = key.public_key_bytes();
    assert!(!pub_key.is_empty());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa65_sign_verify() {
    let rng = &mut OsRng;
    let key = MlDsa65Key::generate(rng);
    let message = b"Test message for ML-DSA-65";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa87_generate() {
    let rng = &mut OsRng;
    let key = MlDsa87Key::generate(rng);

    let pub_key = key.public_key_bytes();
    assert!(!pub_key.is_empty());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_mldsa87_sign_verify() {
    let rng = &mut OsRng;
    let key = MlDsa87Key::generate(rng);
    let message = b"Test message for ML-DSA-87";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

// ============================================================================
// SLH-DSA Key Tests
// ============================================================================

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa128s_generate() {
    let rng = &mut OsRng;
    let key = SlhDsa128sKey::generate(rng);

    let pub_key = key.public_key_bytes();
    assert!(!pub_key.is_empty());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa128s_sign_verify() {
    let rng = &mut OsRng;
    let key = SlhDsa128sKey::generate(rng);
    let message = b"Test message for SLH-DSA-128s";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa128s_verify_failure() {
    let rng = &mut OsRng;
    let key1 = SlhDsa128sKey::generate(rng);
    let key2 = SlhDsa128sKey::generate(rng);
    let message = b"Test message";

    let signature = key1.sign(rng, message).unwrap();

    assert!(key2.verify(message, &signature).is_err());
    assert!(key1.verify(b"Wrong message", &signature).is_err());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa192s_generate() {
    let rng = &mut OsRng;
    let key = SlhDsa192sKey::generate(rng);

    let pub_key = key.public_key_bytes();
    assert!(!pub_key.is_empty());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa192s_sign_verify() {
    let rng = &mut OsRng;
    let key = SlhDsa192sKey::generate(rng);
    let message = b"Test message for SLH-DSA-192s";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa256s_generate() {
    let rng = &mut OsRng;
    let key = SlhDsa256sKey::generate(rng);

    let pub_key = key.public_key_bytes();
    assert!(!pub_key.is_empty());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa256s_sign_verify() {
    let rng = &mut OsRng;
    let key = SlhDsa256sKey::generate(rng);
    let message = b"Test message for SLH-DSA-256s";

    let signature = key.sign(rng, message).unwrap();
    assert!(key.verify(message, &signature).is_ok());
}

#[cfg(feature = "post-quantum")]
#[test]
fn test_slhdsa256s_signer_key() {
    let rng = &mut OsRng;
    let key = SlhDsa256sKey::generate(rng);

    let fingerprint = key.fingerprint();
    assert_eq!(fingerprint.len(), 32);

    let pub_key = key.public_key();
    assert_eq!(pub_key, key.public_key_bytes());
}

// ============================================================================
// Edge Cases and Error Paths
// ============================================================================

#[test]
fn test_all_key_types_generate_unique_keys() {
    let rng = &mut OsRng;

    // Generate multiple keys of each type and verify they're unique
    let ecdsa1 = EcdsaP256Key::generate(rng);
    let ecdsa2 = EcdsaP256Key::generate(rng);
    assert_ne!(ecdsa1.public_key_bytes(), ecdsa2.public_key_bytes());

    let ed25519_1 = Ed25519Key::generate(rng);
    let ed25519_2 = Ed25519Key::generate(rng);
    assert_ne!(ed25519_1.public_key_bytes(), ed25519_2.public_key_bytes());

    let x25519_1 = X25519Key::generate(rng);
    let x25519_2 = X25519Key::generate(rng);
    assert_ne!(x25519_1.public_key_bytes(), x25519_2.public_key_bytes());
}

#[test]
fn test_key_serialization_roundtrip() {
    let rng = &mut OsRng;

    // Test ECDSA P-256
    let ecdsa_original = EcdsaP256Key::generate(rng);
    let ecdsa_restored =
        EcdsaP256Key::from_private_key_bytes(&ecdsa_original.private_key_bytes()).unwrap();
    assert_eq!(
        ecdsa_original.public_key_bytes(),
        ecdsa_restored.public_key_bytes()
    );

    // Test Ed25519
    let ed25519_original = Ed25519Key::generate(rng);
    let ed25519_restored =
        Ed25519Key::from_private_key_bytes(&ed25519_original.private_key_bytes()).unwrap();
    assert_eq!(
        ed25519_original.public_key_bytes(),
        ed25519_restored.public_key_bytes()
    );

    // Test X25519
    let x25519_original = X25519Key::generate(rng);
    let x25519_restored =
        X25519Key::from_private_key_bytes(&x25519_original.private_key_bytes()).unwrap();
    assert_eq!(
        x25519_original.public_key_bytes(),
        x25519_restored.public_key_bytes()
    );
}

#[test]
fn test_sign_verify_unicode_messages() {
    let rng = &mut OsRng;

    let ecdsa_key = EcdsaP256Key::generate(rng);
    let ed25519_key = Ed25519Key::generate(rng);
    let rsa_key = RsaKey::generate(rng, 2048).unwrap();

    let unicode_message = "Hello, 世界! 🌍".as_bytes();

    // ECDSA
    let ecdsa_sig = ecdsa_key.sign(rng, unicode_message).unwrap();
    assert!(ecdsa_key.verify(unicode_message, &ecdsa_sig).is_ok());

    // Ed25519
    let ed25519_sig = ed25519_key.sign(rng, unicode_message).unwrap();
    assert!(ed25519_key.verify(unicode_message, &ed25519_sig).is_ok());

    // RSA
    let rsa_sig = rsa_key.sign(rng, unicode_message).unwrap();
    assert!(rsa_key.verify(unicode_message, &rsa_sig).is_ok());
}