package org.apache.wss4j.dom.handler;

import java.util.ArrayList;
import java.util.Collections;
import java.util.TreeMap;
import javax.crypto.KeyGenerator;
import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.EncryptionActionToken;
import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.SignatureActionToken;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.WSSecurityEngine;
import org.apache.wss4j.dom.common.CombinedCallbackHandler;
import org.apache.wss4j.dom.common.CustomHandler;
import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
import org.apache.wss4j.dom.common.SOAPUtil;
import org.apache.wss4j.dom.common.SecretKeyCallbackHandler;
import org.apache.wss4j.dom.common.SecurityTestUtil;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.utils.Base64;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:org/apache/wss4j/dom/handler/SecurityActionTokenTest.class */
public class SecurityActionTokenTest extends Assert {
    private static final Logger LOG = LoggerFactory.getLogger(SecurityActionTokenTest.class);
    private WSSecurityEngine secEngine = new WSSecurityEngine();
    private Crypto crypto;
    private byte[] keyData;

    @AfterClass
    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    @Before
    public void setUp() throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128);
        this.keyData = keyGenerator.generateKey().getEncoded();
    }

    public SecurityActionTokenTest() throws WSSecurityException {
        this.crypto = null;
        WSSConfig.init();
        this.crypto = CryptoFactory.getInstance("wss40.properties");
    }

    @Test
    public void testAsymmetricSignature() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        SignatureActionToken signatureActionToken = new SignatureActionToken();
        signatureActionToken.setUser("wss40");
        signatureActionToken.setCryptoProperties("wss40.properties");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(2, signatureActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        verify(sOAPPart, null);
    }

    @Test
    public void testSymmetricSignature() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        SignatureActionToken signatureActionToken = new SignatureActionToken();
        signatureActionToken.setKeyIdentifierId(10);
        signatureActionToken.setKey(this.keyData);
        signatureActionToken.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(2, signatureActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
        secretKeyCallbackHandler.addSecretKey(Base64.encode(KeyUtils.generateDigest(this.keyData)), this.keyData);
        verify(sOAPPart, secretKeyCallbackHandler);
    }

    @Test
    public void testAsymmetricDoubleSignature() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        SignatureActionToken signatureActionToken = new SignatureActionToken();
        signatureActionToken.setUser("wss40");
        signatureActionToken.setCryptoProperties("wss40.properties");
        signatureActionToken.setKeyIdentifierId(1);
        SignatureActionToken signatureActionToken2 = new SignatureActionToken();
        signatureActionToken2.setUser("16c73ab6-b892-458f-abf5-2f875f74882e");
        signatureActionToken2.setCryptoProperties("crypto.properties");
        signatureActionToken2.setIncludeToken(false);
        signatureActionToken2.setParts(Collections.singletonList(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "")));
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(2, signatureActionToken));
        arrayList.add(new HandlerAction(2, signatureActionToken2));
        arrayList.add(new HandlerAction(32, (SecurityActionToken) null));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
    }

    @Test
    public void testMixedDoubleSignature() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        SignatureActionToken signatureActionToken = new SignatureActionToken();
        signatureActionToken.setUser("wss40");
        signatureActionToken.setCryptoProperties("wss40.properties");
        signatureActionToken.setKeyIdentifierId(1);
        SignatureActionToken signatureActionToken2 = new SignatureActionToken();
        signatureActionToken2.setKeyIdentifierId(10);
        signatureActionToken2.setKey(this.keyData);
        signatureActionToken2.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        signatureActionToken2.setParts(Collections.singletonList(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "")));
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(2, signatureActionToken));
        arrayList.add(new HandlerAction(2, signatureActionToken2));
        arrayList.add(new HandlerAction(32, (SecurityActionToken) null));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
        secretKeyCallbackHandler.addSecretKey(Base64.encode(KeyUtils.generateDigest(this.keyData)), this.keyData);
        verify(sOAPPart, secretKeyCallbackHandler);
    }

    @Test
    public void testAsymmetricEncryption() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setUser("wss40");
        encryptionActionToken.setCryptoProperties("wss40.properties");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        verify(sOAPPart, new KeystoreCallbackHandler());
    }

    @Test
    public void testAsymmetricEncryptionIncludeToken() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setUser("wss40");
        encryptionActionToken.setCryptoProperties("wss40.properties");
        encryptionActionToken.setIncludeToken(true);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        verify(sOAPPart, new KeystoreCallbackHandler());
    }

    @Test
    public void testSymmetricEncryption() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setKeyIdentifierId(10);
        encryptionActionToken.setKey(this.keyData);
        encryptionActionToken.setSymmetricAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        encryptionActionToken.setEncSymmetricEncryptionKey(false);
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
        secretKeyCallbackHandler.addSecretKey(Base64.encode(KeyUtils.generateDigest(this.keyData)), this.keyData);
        verify(sOAPPart, secretKeyCallbackHandler);
    }

    @Test
    public void testAsymmetricDoubleEncryption() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setUser("wss40");
        encryptionActionToken.setCryptoProperties("wss40.properties");
        EncryptionActionToken encryptionActionToken2 = new EncryptionActionToken();
        encryptionActionToken2.setUser("16c73ab6-b892-458f-abf5-2f875f74882e");
        encryptionActionToken2.setCryptoProperties("crypto.properties");
        encryptionActionToken2.setParts(Collections.singletonList(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "")));
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        arrayList.add(new HandlerAction(32, (SecurityActionToken) null));
        arrayList.add(new HandlerAction(4, encryptionActionToken2));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
    }

    @Test
    public void testMixedDoubleEncryption() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setUser("wss40");
        encryptionActionToken.setCryptoProperties("wss40.properties");
        EncryptionActionToken encryptionActionToken2 = new EncryptionActionToken();
        encryptionActionToken2.setKeyIdentifierId(10);
        encryptionActionToken2.setKey(this.keyData);
        encryptionActionToken2.setSymmetricAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        encryptionActionToken2.setEncSymmetricEncryptionKey(false);
        encryptionActionToken2.setParts(Collections.singletonList(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "")));
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        arrayList.add(new HandlerAction(32, (SecurityActionToken) null));
        arrayList.add(new HandlerAction(4, encryptionActionToken2));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
        secretKeyCallbackHandler.addSecretKey(Base64.encode(KeyUtils.generateDigest(this.keyData)), this.keyData);
        verify(sOAPPart, new CombinedCallbackHandler(secretKeyCallbackHandler, new KeystoreCallbackHandler()));
    }

    @Test
    public void testAsymmetricSignatureEncryption() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        SignatureActionToken signatureActionToken = new SignatureActionToken();
        signatureActionToken.setUser("wss40");
        signatureActionToken.setCryptoProperties("wss40.properties");
        signatureActionToken.setKeyIdentifierId(1);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setUser("wss40");
        encryptionActionToken.setCryptoProperties("wss40.properties");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(2, signatureActionToken));
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        verify(sOAPPart, new KeystoreCallbackHandler());
    }

    @Test
    public void testSymmetricSignatureEncryption() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setKey(this.keyData);
        encryptionActionToken.setSymmetricAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        encryptionActionToken.setKeyIdentifierId(4);
        encryptionActionToken.setUser("wss40");
        encryptionActionToken.setCryptoProperties("wss40.properties");
        encryptionActionToken.setTokenId(IDGenerator.generateID("EK-"));
        SignatureActionToken signatureActionToken = new SignatureActionToken();
        signatureActionToken.setKeyIdentifierId(9);
        signatureActionToken.setKey(this.keyData);
        signatureActionToken.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        signatureActionToken.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey");
        signatureActionToken.setTokenId(encryptionActionToken.getTokenId());
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(2, signatureActionToken));
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        verify(sOAPPart, new KeystoreCallbackHandler());
    }

    @Test
    public void testSymmetricSignatureEncryptionResponse() throws Exception {
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        TreeMap treeMap = new TreeMap();
        treeMap.put("passwordCallbackRef", new KeystoreCallbackHandler());
        requestData.setMsgContext(treeMap);
        EncryptionActionToken encryptionActionToken = new EncryptionActionToken();
        encryptionActionToken.setKey(this.keyData);
        encryptionActionToken.setSymmetricAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        encryptionActionToken.setKeyIdentifierId(10);
        encryptionActionToken.setEncSymmetricEncryptionKey(false);
        SignatureActionToken signatureActionToken = new SignatureActionToken();
        signatureActionToken.setKeyIdentifierId(10);
        signatureActionToken.setKey(this.keyData);
        signatureActionToken.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        CustomHandler customHandler = new CustomHandler();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HandlerAction(2, signatureActionToken));
        arrayList.add(new HandlerAction(4, encryptionActionToken));
        customHandler.send(sOAPPart, requestData, arrayList, true);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.PrettyDocumentToString(sOAPPart));
        }
        SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
        secretKeyCallbackHandler.addSecretKey(Base64.encode(KeyUtils.generateDigest(this.keyData)), this.keyData);
        verify(sOAPPart, secretKeyCallbackHandler);
    }

    private WSHandlerResult verify(Document document, CallbackHandler callbackHandler) throws Exception {
        return this.secEngine.processSecurityHeader(document, (String) null, callbackHandler, this.crypto);
    }
}
