package org.apache.qpid.server.security.encryption;

import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Random;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.qpid.test.utils.UnitTestBase;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Assumptions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:org/apache/qpid/server/security/encryption/AESKeyFileEncrypterTest.class */
public class AESKeyFileEncrypterTest extends UnitTestBase {
    private final SecureRandom _random = new SecureRandom();
    public static final String PLAINTEXT = "secret";
    private static SecretKeySpec secretKey;

    @BeforeEach
    public void setUp() throws Exception {
        Assumptions.assumeTrue(AbstractAESKeyFileEncrypterFactoryTest.isStrongEncryptionEnabled());
        byte[] bArr = new byte[32];
        this._random.nextBytes(bArr);
        secretKey = new SecretKeySpec(bArr, "AES");
    }

    @Test
    public void testSimpleEncryptDecrypt() {
        doTestSimpleEncryptDecrypt(PLAINTEXT);
    }

    @Test
    public void testRepeatedEncryptionsReturnDifferentValues() {
        AESKeyFileEncrypter aESKeyFileEncrypter = new AESKeyFileEncrypter(secretKey);
        HashSet hashSet = new HashSet();
        for (int i = 0; i < 10; i++) {
            hashSet.add(aESKeyFileEncrypter.encrypt(PLAINTEXT));
        }
        Assertions.assertEquals(10, hashSet.size(), "Not all encryptions were distinct");
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            Assertions.assertEquals(PLAINTEXT, aESKeyFileEncrypter.decrypt((String) it.next()), "Not all encryptions decrypt correctly");
        }
    }

    @Test
    public void testCreationFailsOnInvalidSecret() throws Exception {
        Assertions.assertThrows(NullPointerException.class, () -> {
            new AESKeyFileEncrypter((SecretKey) null);
        }, "An encrypter should not be creatable from a null key");
        PBEKeySpec pBEKeySpec = new PBEKeySpec("password".toCharArray());
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            new AESKeyFileEncrypter(secretKeyFactory.generateSecret(pBEKeySpec));
        }, "An encrypter should not be creatable from the wrong type of secret key");
    }

    @Test
    public void testEncryptionOfEmptyString() {
        doTestSimpleEncryptDecrypt("");
    }

    private void doTestSimpleEncryptDecrypt(String str) {
        AESKeyFileEncrypter aESKeyFileEncrypter = new AESKeyFileEncrypter(secretKey);
        String encrypt = aESKeyFileEncrypter.encrypt(str);
        Assertions.assertNotNull(encrypt, "Encrypter did not return a result from encryption");
        Assertions.assertNotEquals(str, encrypt, "Plain text and encrypted version are equal");
        String decrypt = aESKeyFileEncrypter.decrypt(encrypt);
        Assertions.assertNotNull(decrypt, "Encrypter did not return a result from decryption");
        Assertions.assertEquals(str, decrypt, "Encryption was not reversible");
    }

    @Test
    public void testEncryptingNullFails() {
        AESKeyFileEncrypter aESKeyFileEncrypter = new AESKeyFileEncrypter(secretKey);
        Assertions.assertThrows(NullPointerException.class, () -> {
            aESKeyFileEncrypter.encrypt((String) null);
        }, "Attempting to encrypt null should fail");
    }

    @Test
    public void testEncryptingVeryLargeSecret() {
        byte[] bArr = new byte[4096];
        new Random().nextBytes(bArr);
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) (bArr[i] & 239);
        }
        doTestSimpleEncryptDecrypt(new String(bArr, StandardCharsets.US_ASCII));
    }

    @Test
    public void testDecryptNonsense() {
        AESKeyFileEncrypter aESKeyFileEncrypter = new AESKeyFileEncrypter(secretKey);
        Assertions.assertThrows(NullPointerException.class, () -> {
            aESKeyFileEncrypter.decrypt((String) null);
        }, "Should not decrypt a null value");
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            aESKeyFileEncrypter.decrypt("");
        }, "Should not decrypt the empty String");
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            aESKeyFileEncrypter.decrypt("thisisnonsense");
        }, "Should not decrypt a small amount of nonsense");
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            aESKeyFileEncrypter.decrypt("thisisn'tvalidBase64!soitshouldfailwithanIllegalArgumentException");
        }, "Should not decrypt a larger amount of nonsense");
    }
}
