package org.apache.xml.security.test.dom.signature;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathFactory;
import org.apache.xml.security.Init;
import org.apache.xml.security.algorithms.SignatureAlgorithm;
import org.apache.xml.security.signature.ObjectContainer;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.test.dom.DSNamespaceContext;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.transforms.params.XPath2FilterContainer;
import org.apache.xml.security.transforms.params.XPathContainer;
import org.apache.xml.security.utils.ElementProxy;
import org.apache.xml.security.utils.XMLUtils;
import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/apache/xml/security/test/dom/signature/CreateSignatureTest.class */
public class CreateSignatureTest extends Assert {
    static Logger log = LoggerFactory.getLogger(CreateSignatureTest.class);
    private static final String BASEDIR = System.getProperty("basedir");
    private static final String SEP = System.getProperty("file.separator");
    private KeyPair kp;
    private DocumentBuilder db = XMLUtils.createDocumentBuilder(false);

    public CreateSignatureTest() throws Exception {
        this.kp = null;
        Init.init();
        this.kp = KeyPairGenerator.getInstance("RSA").genKeyPair();
    }

    @Test
    public void testEmptyNodeSet() throws Exception {
        Document newDocument = this.db.newDocument();
        Element createElementNS = newDocument.createElementNS("http://www.usps.gov/", "Envelope");
        createElementNS.appendChild(newDocument.createTextNode("\n"));
        newDocument.appendChild(createElementNS);
        XMLSignature xMLSignature = new XMLSignature(newDocument, (String) null, "http://www.w3.org/2000/09/xmldsig#dsa-sha1");
        createElementNS.appendChild(xMLSignature.getElement());
        ObjectContainer objectContainer = new ObjectContainer(newDocument);
        objectContainer.setId("object-1");
        objectContainer.setMimeType("text/plain");
        xMLSignature.appendObject(objectContainer);
        ObjectContainer objectContainer2 = new ObjectContainer(newDocument);
        objectContainer2.setId("object-2");
        objectContainer2.setMimeType("text/plain");
        objectContainer2.setEncoding("http://www.w3.org/2000/09/xmldsig#base64");
        objectContainer2.appendChild(newDocument.createTextNode("SSBhbSB0aGUgdGV4dC4="));
        xMLSignature.appendObject(objectContainer2);
        Transforms transforms = new Transforms(newDocument);
        XPathContainer xPathContainer = new XPathContainer(newDocument);
        xPathContainer.setXPath("self::text()");
        transforms.addTransform("http://www.w3.org/TR/1999/REC-xpath-19991116", xPathContainer.getElementPlusReturns());
        xMLSignature.addDocument("#object-1", transforms, "http://www.w3.org/2000/09/xmldsig#sha1", (String) null, "http://www.w3.org/2000/09/xmldsig#Object");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load((BASEDIR == null || "".equals(BASEDIR)) ? new FileInputStream("src/test/resources/org/apache/xml/security/samples/input/keystore.jks") : new FileInputStream(BASEDIR + SEP + "src/test/resources/org/apache/xml/security/samples/input/keystore.jks"), "xmlsecurity".toCharArray());
        xMLSignature.sign((PrivateKey) keyStore.getKey("test", "xmlsecurity".toCharArray()));
    }

    @Test
    public void testOne() throws Exception {
        doVerify(doSign());
        doVerify(doSign());
    }

    @Test
    public void testTwo() throws Exception {
        doSignWithCert();
    }

    @Test
    public void testWithNSPrefixDisabled() throws Exception {
        String defaultPrefix = ElementProxy.getDefaultPrefix("http://www.w3.org/2000/09/xmldsig#");
        try {
            ElementProxy.setDefaultPrefix("http://www.w3.org/2000/09/xmldsig#", "");
            doSign();
            ElementProxy.setDefaultPrefix("http://www.w3.org/2000/09/xmldsig#", defaultPrefix);
        } catch (Exception e) {
            ElementProxy.setDefaultPrefix("http://www.w3.org/2000/09/xmldsig#", defaultPrefix);
            throw e;
        }
    }

    @Test
    public void testXFilter2Signature() throws Exception {
        Document newDocument = this.db.newDocument();
        newDocument.appendChild(newDocument.createComment(" Comment before "));
        Element createElementNS = newDocument.createElementNS("", "RootElement");
        newDocument.appendChild(createElementNS);
        createElementNS.appendChild(newDocument.createTextNode("Some simple text\n"));
        XMLSignature xMLSignature = new XMLSignature(newDocument, (String) null, "http://www.w3.org/2000/09/xmldsig#dsa-sha1");
        createElementNS.appendChild(xMLSignature.getElement());
        Transforms transforms = new Transforms(newDocument);
        XPath2FilterContainer newInstanceIntersect = XPath2FilterContainer.newInstanceIntersect(newDocument, "here()/ancestor::ds.Signature/parent::node()/descendant-or-self::*");
        newInstanceIntersect.setXPathNamespaceContext("dsig-xpath", "http://www.w3.org/2002/06/xmldsig-filter2");
        transforms.addTransform("http://www.w3.org/2002/06/xmldsig-filter2", newInstanceIntersect.getElement());
        xMLSignature.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load((BASEDIR == null || "".equals(BASEDIR)) ? new FileInputStream("src/test/resources/org/apache/xml/security/samples/input/keystore.jks") : new FileInputStream(BASEDIR + SEP + "src/test/resources/org/apache/xml/security/samples/input/keystore.jks"), "xmlsecurity".toCharArray());
        xMLSignature.sign((PrivateKey) keyStore.getKey("test", "xmlsecurity".toCharArray()));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        XMLUtils.outputDOMc14nWithComments(newDocument, byteArrayOutputStream);
        Document parse = this.db.parse(new ByteArrayInputStream(new String(byteArrayOutputStream.toByteArray()).getBytes()));
        XPath newXPath = XPathFactory.newInstance().newXPath();
        newXPath.setNamespaceContext(new DSNamespaceContext());
        assertTrue(new XMLSignature((Element) newXPath.evaluate("//ds:Signature[1]", parse, XPathConstants.NODE), "").checkSignatureValue(keyStore.getCertificate("test").getPublicKey()));
    }

    private String doSign() throws Exception {
        PrivateKey privateKey = this.kp.getPrivate();
        Document newDocument = this.db.newDocument();
        newDocument.appendChild(newDocument.createComment(" Comment before "));
        Element createElementNS = newDocument.createElementNS("", "RootElement");
        newDocument.appendChild(createElementNS);
        createElementNS.appendChild(newDocument.createTextNode("Some simple text\n"));
        Element createElementInSignatureSpace = XMLUtils.createElementInSignatureSpace(newDocument, "CanonicalizationMethod");
        createElementInSignatureSpace.setAttributeNS(null, "Algorithm", "http://www.w3.org/2001/10/xml-exc-c14n#");
        XMLSignature xMLSignature = new XMLSignature(newDocument, (String) null, new SignatureAlgorithm(newDocument, "http://www.w3.org/2000/09/xmldsig#rsa-sha1").getElement(), createElementInSignatureSpace);
        createElementNS.appendChild(xMLSignature.getElement());
        newDocument.appendChild(newDocument.createComment(" Comment after "));
        Transforms transforms = new Transforms(newDocument);
        transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
        transforms.addTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
        xMLSignature.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
        xMLSignature.addKeyInfo(this.kp.getPublic());
        xMLSignature.sign(privateKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        XMLUtils.outputDOMc14nWithComments(newDocument, byteArrayOutputStream);
        return new String(byteArrayOutputStream.toByteArray());
    }

    private String doSignWithCert() throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load((BASEDIR == null || "".equals(BASEDIR)) ? new FileInputStream("src/test/resources/test.jks") : new FileInputStream(BASEDIR + SEP + "src/test/resources/test.jks"), "changeit".toCharArray());
        PrivateKey privateKey = (PrivateKey) keyStore.getKey("mullan", "changeit".toCharArray());
        Document newDocument = this.db.newDocument();
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate("mullan");
        newDocument.appendChild(newDocument.createComment(" Comment before "));
        Element createElementNS = newDocument.createElementNS("", "RootElement");
        newDocument.appendChild(createElementNS);
        createElementNS.appendChild(newDocument.createTextNode("Some simple text\n"));
        Element createElementInSignatureSpace = XMLUtils.createElementInSignatureSpace(newDocument, "CanonicalizationMethod");
        createElementInSignatureSpace.setAttributeNS(null, "Algorithm", "http://www.w3.org/2001/10/xml-exc-c14n#");
        XMLSignature xMLSignature = new XMLSignature(newDocument, (String) null, new SignatureAlgorithm(newDocument, "http://www.w3.org/2000/09/xmldsig#dsa-sha1").getElement(), createElementInSignatureSpace);
        createElementNS.appendChild(xMLSignature.getElement());
        newDocument.appendChild(newDocument.createComment(" Comment after "));
        Transforms transforms = new Transforms(newDocument);
        transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
        transforms.addTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
        xMLSignature.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
        xMLSignature.addKeyInfo(x509Certificate);
        xMLSignature.sign(privateKey);
        xMLSignature.checkSignatureValue(xMLSignature.getKeyInfo().getX509Certificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        XMLUtils.outputDOMc14nWithComments(newDocument, byteArrayOutputStream);
        return new String(byteArrayOutputStream.toByteArray());
    }

    private void doVerify(String str) throws Exception {
        Document parse = this.db.parse(new ByteArrayInputStream(str.getBytes()));
        XPath newXPath = XPathFactory.newInstance().newXPath();
        newXPath.setNamespaceContext(new DSNamespaceContext());
        XMLSignature xMLSignature = new XMLSignature((Element) newXPath.evaluate("//ds:Signature[1]", parse, XPathConstants.NODE), "");
        if (xMLSignature.getKeyInfo() == null) {
            throw new RuntimeException("No keyinfo");
        }
        PublicKey publicKey = xMLSignature.getKeyInfo().getPublicKey();
        if (publicKey == null) {
            throw new RuntimeException("No public key");
        }
        assertTrue(xMLSignature.checkSignatureValue(publicKey));
    }
}
