package org.apache.wss4j.dom.message;

import java.io.IOException;
import java.util.Collections;
import java.util.TreeMap;
import javax.crypto.KeyGenerator;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.WSSecurityEngine;
import org.apache.wss4j.dom.common.CustomHandler;
import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
import org.apache.wss4j.dom.common.SOAPUtil;
import org.apache.wss4j.dom.common.SecretKeyCallbackHandler;
import org.apache.wss4j.dom.common.SecurityTestUtil;
import org.apache.wss4j.dom.handler.HandlerAction;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.utils.Base64;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:org/apache/wss4j/dom/message/SymmetricSignatureTest.class */
public class SymmetricSignatureTest extends Assert implements CallbackHandler {
    private static final Logger LOG = LoggerFactory.getLogger(SymmetricSignatureTest.class);
    private WSSecurityEngine secEngine = new WSSecurityEngine();
    private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
    private SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
    private byte[] keyData;
    private Crypto crypto;

    @AfterClass
    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    public SymmetricSignatureTest() throws Exception {
        this.crypto = null;
        WSSConfig.init();
        this.crypto = CryptoFactory.getInstance("wss40.properties");
    }

    @Before
    public void setUp() throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128);
        this.keyData = keyGenerator.generateKey().getEncoded();
    }

    @Test
    public void testSymmetricSignatureSHA1() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecSignature.setKeyIdentifierType(10);
        wSSecSignature.setSecretKey(this.keyData);
        wSSecSignature.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        Document build = wSSecSignature.build(sOAPPart, this.crypto, wSSecHeader);
        this.secretKeyCallbackHandler.addSecretKey(Base64.encode(WSSecurityUtil.generateDigest(this.keyData)), this.keyData);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Signed symmetric message SHA1:");
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        this.secEngine.processSecurityHeader(sOAPPart, (String) null, this.secretKeyCallbackHandler, (Crypto) null, this.crypto);
    }

    @Test
    public void testSymmetricSignatureDR() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setKeyIdentifierType(2);
        wSSecEncryptedKey.setUserInfo("wss40", "security");
        wSSecEncryptedKey.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes192-cbc");
        wSSecEncryptedKey.prepare(sOAPPart, this.crypto);
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecSignature.setKeyIdentifierType(9);
        wSSecSignature.setCustomTokenId(wSSecEncryptedKey.getId());
        wSSecSignature.setSecretKey(wSSecEncryptedKey.getEphemeralKey());
        wSSecSignature.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        wSSecSignature.setCustomTokenValueType("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey");
        Document build = wSSecSignature.build(sOAPPart, this.crypto, wSSecHeader);
        wSSecEncryptedKey.prependToHeader(wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Signed symmetric message DR:");
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        verify(build);
    }

    @Test
    public void testEncryptedKeySignature() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        LOG.info("Before Sign/Encryption....");
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
        wSSecEncryptedKey.setKeyIdentifierType(2);
        wSSecEncryptedKey.setUserInfo("wss40", "security");
        wSSecEncryptedKey.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes192-cbc");
        wSSecEncryptedKey.prepare(sOAPPart, this.crypto);
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt();
        wSSecEncrypt.setEncKeyId(wSSecEncryptedKey.getId());
        wSSecEncrypt.setEphemeralKey(wSSecEncryptedKey.getEphemeralKey());
        wSSecEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        wSSecEncrypt.setEncryptSymmKey(false);
        wSSecEncrypt.setEncryptedKeyElement(wSSecEncryptedKey.getEncryptedKeyElement());
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecSignature.setKeyIdentifierType(9);
        wSSecSignature.setCustomTokenId(wSSecEncryptedKey.getId());
        wSSecSignature.setCustomTokenValueType("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey");
        wSSecSignature.setSecretKey(wSSecEncryptedKey.getEphemeralKey());
        wSSecSignature.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        Document build = wSSecEncrypt.build(wSSecSignature.build(sOAPPart, this.crypto, wSSecHeader), this.crypto, wSSecHeader);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Signed and encrypted message with IssuerSerial key identifier (both), 3DES:");
            LOG.debug(XMLUtils.PrettyDocumentToString(build));
        }
        LOG.info("After Sign/Encryption....");
        verify(build);
    }

    @Test
    public void testSymmetricSignatureSHA1Handler() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("signatureKeyIdentifier", "EncryptedKeySHA1");
        treeMap.put("signatureAlgorithm", "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        treeMap.put("passwordCallbackRef", this);
        requestData.setMsgContext(treeMap);
        requestData.setUsername("");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        customHandler.send(sOAPPart, requestData, Collections.singletonList(new HandlerAction(2)), true);
        String PrettyDocumentToString = XMLUtils.PrettyDocumentToString(sOAPPart);
        if (LOG.isDebugEnabled()) {
            LOG.debug(PrettyDocumentToString);
        }
        RequestData requestData2 = new RequestData();
        requestData2.setWssConfig(WSSConfig.getNewInstance());
        TreeMap treeMap2 = new TreeMap();
        treeMap2.put("passwordCallbackRef", this);
        requestData2.setMsgContext(treeMap2);
        requestData2.setUsername("");
        customHandler.receive(Collections.singletonList(2), requestData2);
        this.secEngine.processSecurityHeader(sOAPPart, (String) null, this, (Crypto) null, this.crypto);
    }

    private void verify(Document document) throws Exception {
        this.secEngine.processSecurityHeader(document, (String) null, this.callbackHandler, (Crypto) null, this.crypto);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Verfied and decrypted message:");
            LOG.debug(XMLUtils.PrettyDocumentToString(document));
        }
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        for (int i = 0; i < callbackArr.length; i++) {
            if (!(callbackArr[i] instanceof WSPasswordCallback)) {
                throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
            }
            WSPasswordCallback wSPasswordCallback = (WSPasswordCallback) callbackArr[i];
            wSPasswordCallback.setPassword("security");
            wSPasswordCallback.setKey(this.keyData);
        }
    }
}
