package org.apache.xml.security.test.dom.encryption;

import java.io.File;
import java.io.FileInputStream;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.transform.TransformerException;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.apache.xml.security.Init;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.keys.content.KeyName;
import org.apache.xml.security.keys.keyresolver.KeyResolver;
import org.apache.xml.security.test.dom.DSNamespaceContext;
import org.apache.xml.security.utils.JavaUtils;
import org.apache.xml.security.utils.XMLUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Assumptions;
import org.junit.jupiter.api.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:org/apache/xml/security/test/dom/encryption/BaltimoreEncTest.class */
public class BaltimoreEncTest {
    private static String cardNumber;
    private static String rsaCertSerialNumber;
    private static String testDecryptString;
    private static byte[] jebBytes;
    private static byte[] jobBytes;
    private static byte[] jedBytes;
    private static PrivateKey rsaKey;
    private boolean haveISOPadding;
    private boolean haveKeyWraps;
    private boolean isIBMJdK = System.getProperty("java.vendor").contains("IBM");
    private static int nodeCount = 0;
    static Logger LOG = LoggerFactory.getLogger(BaltimoreEncTest.class);

    public BaltimoreEncTest() throws Exception {
        String str = "src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml";
        String property = System.getProperty("basedir");
        if (property != null && !"".equals(property)) {
            str = property + "/" + str;
        }
        Document read = XMLUtils.read(new FileInputStream(new File(str)), false);
        cardNumber = retrieveCCNumber(read);
        testDecryptString = "top secret message\n";
        nodeCount = countNodes(read);
        jebBytes = "abcdefghijklmnopqrstuvwx".getBytes(StandardCharsets.US_ASCII);
        jobBytes = "abcdefghijklmnop".getBytes(StandardCharsets.US_ASCII);
        jedBytes = "abcdefghijklmnopqrstuvwxyz012345".getBytes(StandardCharsets.US_ASCII);
        rsaCertSerialNumber = "1014918766910";
        String str2 = "src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/rsa.p8";
        if (property != null && !"".equals(property)) {
            str2 = property + "/" + str2;
        }
        rsaKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(JavaUtils.getBytesFromFile(str2)));
        Init.init();
        KeyResolver.register("org.apache.xml.security.test.dom.encryption.BobKeyResolver");
        this.haveISOPadding = false;
        String translateURItoJCEID = JCEMapper.translateURItoJCEID("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        if (translateURItoJCEID != null) {
            try {
                if (Cipher.getInstance(translateURItoJCEID) != null) {
                    this.haveISOPadding = true;
                }
            } catch (NoSuchAlgorithmException e) {
            } catch (NoSuchPaddingException e2) {
            }
        }
        this.haveKeyWraps = JCEMapper.translateURItoJCEID("http://www.w3.org/2001/04/xmlenc#kw-aes128") != null;
    }

    @Test
    public void test_five_content_3des_cbc() throws Exception {
        if (this.haveISOPadding) {
            checkDecryptedDoc(decryptElement("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml"), true);
        } else {
            LOG.warn("Skipping test test_five_content_3des_cbs as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_content_aes256_cbc() throws Exception {
        if (this.haveISOPadding) {
            checkDecryptedDoc(decryptElement("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml"), true);
        } else {
            LOG.warn("Skipping test test_five_content_aes256_cbc as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_content_aes128_cbc_kw_aes192() throws Exception {
        if (this.haveISOPadding && this.haveKeyWraps) {
            checkDecryptedDoc(decryptElement("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml"), true);
        } else {
            LOG.warn("Skipping test test_five_content_aes128_cbc_kw_aes192 as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_content_3des_cbc_kw_aes128() throws Exception {
        if (this.haveISOPadding && this.haveKeyWraps) {
            checkDecryptedDoc(decryptElement("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml"), true);
        } else {
            LOG.warn("Skipping test test_five_content_3des_cbc_kw_aes128 as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_content_aes128_cbc_rsa_15() throws Exception {
        if (this.haveISOPadding) {
            checkDecryptedDoc(decryptElement("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml"), true);
        } else {
            LOG.warn("Skipping test test_five_content_aes128_cbc_rsa_15 as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_element_aes192_cbc_ref() throws Exception {
        if (this.haveISOPadding) {
            checkDecryptedDoc(decryptElement("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml"), false);
        } else {
            LOG.warn("Skipping test test_five_element_aes192_cbc_ref as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_data_aes128_cbc() throws Exception {
        if (this.haveISOPadding) {
            checkDecryptedData(decryptData("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml"));
        } else {
            LOG.warn("Skipping test test_five_data_aes128_cbc as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_data_aes256_cbc_3des() throws Exception {
        Assumptions.assumeFalse(this.isIBMJdK);
        if (this.haveISOPadding && this.haveKeyWraps) {
            checkDecryptedData(decryptData("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml"));
        } else {
            LOG.warn("Skipping test test_five_data_aes256_cbc_3des as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_data_aes192_cbc_aes256() throws Exception {
        if (this.haveISOPadding && this.haveKeyWraps) {
            checkDecryptedData(decryptData("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml"));
        } else {
            LOG.warn("Skipping test test_five_data_aes192_cbc_aes256 as necessary crypto algorithms are not available");
        }
    }

    @Test
    public void test_five_data_3des_cbc_rsa_oaep() throws Exception {
        if (this.haveISOPadding) {
            checkDecryptedData(decryptData("src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml"));
        } else {
            LOG.warn("Skipping test test_five_data_3des_cbc_rsa_oaep as necessary crypto algorithms are not available");
        }
    }

    private Document decryptElement(String str) throws Exception {
        String property = System.getProperty("basedir");
        if (property != null && !"".equals(property)) {
            str = property + "/" + str;
        }
        Document read = XMLUtils.read(new FileInputStream(new File(str)), false);
        XMLCipher xMLCipher = XMLCipher.getInstance();
        Element element = (Element) read.getElementsByTagName("EncryptedData").item(0);
        xMLCipher.init(2, (Key) null);
        xMLCipher.init(2, findKey(xMLCipher.loadEncryptedData(read, element)));
        return xMLCipher.doFinal(read, element);
    }

    private byte[] decryptData(String str) throws Exception {
        String property = System.getProperty("basedir");
        if (property != null && !"".equals(property)) {
            str = property + "/" + str;
        }
        Document read = XMLUtils.read(new FileInputStream(new File(str)), false);
        XMLCipher xMLCipher = XMLCipher.getInstance();
        Element element = (Element) read.getElementsByTagName("EncryptedData").item(0);
        xMLCipher.init(2, (Key) null);
        xMLCipher.init(2, findKey(xMLCipher.loadEncryptedData(read, element)));
        return xMLCipher.decryptToByteArray(element);
    }

    private SecretKey mapKeyName(String str) throws Exception {
        if ("job".equals(str)) {
            return new SecretKeySpec(jobBytes, "AES");
        }
        if ("jeb".equals(str)) {
            return new SecretKeySpec(jebBytes, "AES");
        }
        if ("jed".equals(str)) {
            return new SecretKeySpec(jedBytes, "AES");
        }
        return null;
    }

    private Key findKey(EncryptedData encryptedData) throws Exception {
        KeyInfo keyInfo;
        KeyInfo keyInfo2 = encryptedData.getKeyInfo();
        Key key = null;
        Key key2 = null;
        if (keyInfo2 == null) {
            return null;
        }
        KeyName itemKeyName = keyInfo2.itemKeyName(0);
        if (itemKeyName != null) {
            return mapKeyName(itemKeyName.getKeyName());
        }
        EncryptedKey itemEncryptedKey = keyInfo2.itemEncryptedKey(0);
        if (itemEncryptedKey == null || (keyInfo = itemEncryptedKey.getKeyInfo()) == null) {
            return null;
        }
        KeyName itemKeyName2 = keyInfo.itemKeyName(0);
        if (itemKeyName2 != null) {
            key2 = mapKeyName(itemKeyName2.getKeyName());
        } else {
            X509Certificate x509Certificate = keyInfo.itemX509Data(0).itemCertificate(0).getX509Certificate();
            if (x509Certificate != null && x509Certificate.getSerialNumber().toString().equals(rsaCertSerialNumber)) {
                key2 = rsaKey;
            }
        }
        if (key2 != null) {
            XMLCipher xMLCipher = XMLCipher.getInstance();
            xMLCipher.init(4, key2);
            key = xMLCipher.decryptKey(itemEncryptedKey, encryptedData.getEncryptionMethod().getAlgorithm());
        }
        return key;
    }

    private static int countNodes(Node node) {
        if (node == null) {
            return 0;
        }
        int i = 1;
        Node firstChild = node.getFirstChild();
        while (true) {
            Node node2 = firstChild;
            if (node2 == null) {
                return i;
            }
            i += countNodes(node2);
            firstChild = node2.getNextSibling();
        }
    }

    private static String retrieveCCNumber(Document document) throws TransformerException, XPathExpressionException {
        XPath newXPath = XPathFactory.newInstance().newXPath();
        HashMap hashMap = new HashMap();
        hashMap.put("x", "urn:example:po");
        newXPath.setNamespaceContext(new DSNamespaceContext(hashMap));
        Node node = (Node) newXPath.evaluate("//x:Number/text()", document, XPathConstants.NODE);
        if (node != null) {
            return node.getNodeValue();
        }
        return null;
    }

    private void checkDecryptedDoc(Document document, boolean z) throws Exception {
        String retrieveCCNumber = retrieveCCNumber(document);
        LOG.debug("Retrieved Credit Card : " + retrieveCCNumber);
        Assertions.assertEquals(cardNumber, retrieveCCNumber);
        if (z) {
            int countNodes = countNodes(document);
            Assertions.assertTrue(countNodes > 0 && countNodes == nodeCount, "Node count mismatches");
        }
    }

    private void checkDecryptedData(byte[] bArr) throws Exception {
        Assertions.assertEquals(testDecryptString, new String(bArr, StandardCharsets.US_ASCII));
    }
}
